./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec4_product31.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version f4b24e32 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec4_product31.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 7fffab71bdab4f0e8e57248febe72260063a133a0cb2741fe9829d7065610e52 --- Real Ultimate output --- This is Ultimate 0.2.2-?-f4b24e3 [2022-07-13 17:59:55,230 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-07-13 17:59:55,232 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-07-13 17:59:55,250 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-07-13 17:59:55,250 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-07-13 17:59:55,251 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-07-13 17:59:55,252 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-07-13 17:59:55,253 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-07-13 17:59:55,254 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-07-13 17:59:55,254 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-07-13 17:59:55,255 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-07-13 17:59:55,256 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-07-13 17:59:55,256 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-07-13 17:59:55,257 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-07-13 17:59:55,258 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-07-13 17:59:55,258 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-07-13 17:59:55,259 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-07-13 17:59:55,263 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-07-13 17:59:55,266 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-07-13 17:59:55,269 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-07-13 17:59:55,271 INFO L181 SettingsManager]: Resetting HornVerifier preferences to default values [2022-07-13 17:59:55,272 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-07-13 17:59:55,273 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-07-13 17:59:55,273 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-07-13 17:59:55,274 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-07-13 17:59:55,279 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-07-13 17:59:55,280 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-07-13 17:59:55,281 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-07-13 17:59:55,282 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-07-13 17:59:55,282 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-07-13 17:59:55,283 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-07-13 17:59:55,283 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-07-13 17:59:55,284 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-07-13 17:59:55,284 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-07-13 17:59:55,285 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-07-13 17:59:55,286 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-07-13 17:59:55,286 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-07-13 17:59:55,286 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-07-13 17:59:55,286 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-07-13 17:59:55,287 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-07-13 17:59:55,287 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-07-13 17:59:55,288 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-07-13 17:59:55,289 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-07-13 17:59:55,311 INFO L113 SettingsManager]: Loading preferences was successful [2022-07-13 17:59:55,311 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-07-13 17:59:55,312 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-07-13 17:59:55,312 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-07-13 17:59:55,312 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-07-13 17:59:55,313 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-07-13 17:59:55,313 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-07-13 17:59:55,313 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-07-13 17:59:55,313 INFO L138 SettingsManager]: * Use SBE=true [2022-07-13 17:59:55,314 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-07-13 17:59:55,314 INFO L138 SettingsManager]: * sizeof long=4 [2022-07-13 17:59:55,314 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-07-13 17:59:55,314 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-07-13 17:59:55,314 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-07-13 17:59:55,315 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-07-13 17:59:55,315 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-07-13 17:59:55,315 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-07-13 17:59:55,315 INFO L138 SettingsManager]: * sizeof long double=12 [2022-07-13 17:59:55,315 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-07-13 17:59:55,316 INFO L138 SettingsManager]: * Use constant arrays=true [2022-07-13 17:59:55,316 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-07-13 17:59:55,316 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-07-13 17:59:55,316 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-07-13 17:59:55,317 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-07-13 17:59:55,317 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-13 17:59:55,317 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-07-13 17:59:55,317 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-07-13 17:59:55,317 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-07-13 17:59:55,317 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-07-13 17:59:55,317 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-07-13 17:59:55,318 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-07-13 17:59:55,318 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-07-13 17:59:55,318 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-07-13 17:59:55,318 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 7fffab71bdab4f0e8e57248febe72260063a133a0cb2741fe9829d7065610e52 [2022-07-13 17:59:55,497 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-07-13 17:59:55,526 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-07-13 17:59:55,528 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-07-13 17:59:55,529 INFO L271 PluginConnector]: Initializing CDTParser... [2022-07-13 17:59:55,531 INFO L275 PluginConnector]: CDTParser initialized [2022-07-13 17:59:55,532 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec4_product31.cil.c [2022-07-13 17:59:55,574 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/2da627762/f700bbf36a954ecb90e900f4b3da15d8/FLAG46344b0be [2022-07-13 17:59:55,967 INFO L306 CDTParser]: Found 1 translation units. [2022-07-13 17:59:55,967 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product31.cil.c [2022-07-13 17:59:55,995 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/2da627762/f700bbf36a954ecb90e900f4b3da15d8/FLAG46344b0be [2022-07-13 17:59:56,355 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/2da627762/f700bbf36a954ecb90e900f4b3da15d8 [2022-07-13 17:59:56,357 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-07-13 17:59:56,361 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-07-13 17:59:56,368 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-07-13 17:59:56,368 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-07-13 17:59:56,371 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-07-13 17:59:56,371 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 13.07 05:59:56" (1/1) ... [2022-07-13 17:59:56,372 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@5d0fea45 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.07 05:59:56, skipping insertion in model container [2022-07-13 17:59:56,375 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 13.07 05:59:56" (1/1) ... [2022-07-13 17:59:56,380 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-07-13 17:59:56,427 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-07-13 17:59:56,717 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product31.cil.c[18328,18341] [2022-07-13 17:59:56,726 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-13 17:59:56,734 INFO L203 MainTranslator]: Completed pre-run [2022-07-13 17:59:56,808 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product31.cil.c[18328,18341] [2022-07-13 17:59:56,813 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-13 17:59:56,824 INFO L208 MainTranslator]: Completed translation [2022-07-13 17:59:56,826 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.07 05:59:56 WrapperNode [2022-07-13 17:59:56,826 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-07-13 17:59:56,827 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-07-13 17:59:56,827 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-07-13 17:59:56,828 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-07-13 17:59:56,832 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.07 05:59:56" (1/1) ... [2022-07-13 17:59:56,851 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.07 05:59:56" (1/1) ... [2022-07-13 17:59:56,877 INFO L137 Inliner]: procedures = 55, calls = 157, calls flagged for inlining = 22, calls inlined = 18, statements flattened = 248 [2022-07-13 17:59:56,878 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-07-13 17:59:56,878 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-07-13 17:59:56,878 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-07-13 17:59:56,879 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-07-13 17:59:56,884 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.07 05:59:56" (1/1) ... [2022-07-13 17:59:56,884 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.07 05:59:56" (1/1) ... [2022-07-13 17:59:56,886 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.07 05:59:56" (1/1) ... [2022-07-13 17:59:56,886 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.07 05:59:56" (1/1) ... [2022-07-13 17:59:56,890 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.07 05:59:56" (1/1) ... [2022-07-13 17:59:56,893 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.07 05:59:56" (1/1) ... [2022-07-13 17:59:56,894 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.07 05:59:56" (1/1) ... [2022-07-13 17:59:56,895 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-07-13 17:59:56,896 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-07-13 17:59:56,896 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-07-13 17:59:56,897 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-07-13 17:59:56,898 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.07 05:59:56" (1/1) ... [2022-07-13 17:59:56,902 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-13 17:59:56,911 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-13 17:59:56,932 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-07-13 17:59:56,942 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-07-13 17:59:56,975 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-07-13 17:59:56,976 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-07-13 17:59:56,976 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-07-13 17:59:56,976 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-07-13 17:59:56,976 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-07-13 17:59:56,976 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-07-13 17:59:56,976 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-07-13 17:59:56,976 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-07-13 17:59:56,976 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-07-13 17:59:56,976 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2022-07-13 17:59:56,977 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2022-07-13 17:59:56,977 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2022-07-13 17:59:56,977 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2022-07-13 17:59:56,977 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-07-13 17:59:56,977 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-07-13 17:59:56,977 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-07-13 17:59:56,977 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-07-13 17:59:56,977 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-07-13 17:59:56,978 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-07-13 17:59:56,978 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-07-13 17:59:57,025 INFO L234 CfgBuilder]: Building ICFG [2022-07-13 17:59:57,026 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-07-13 17:59:57,295 INFO L275 CfgBuilder]: Performing block encoding [2022-07-13 17:59:57,300 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-07-13 17:59:57,301 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-07-13 17:59:57,308 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 13.07 05:59:57 BoogieIcfgContainer [2022-07-13 17:59:57,308 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-07-13 17:59:57,309 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-07-13 17:59:57,309 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-07-13 17:59:57,311 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-07-13 17:59:57,312 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 13.07 05:59:56" (1/3) ... [2022-07-13 17:59:57,312 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@72a80cda and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 13.07 05:59:57, skipping insertion in model container [2022-07-13 17:59:57,312 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.07 05:59:56" (2/3) ... [2022-07-13 17:59:57,313 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@72a80cda and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 13.07 05:59:57, skipping insertion in model container [2022-07-13 17:59:57,313 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 13.07 05:59:57" (3/3) ... [2022-07-13 17:59:57,314 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec4_product31.cil.c [2022-07-13 17:59:57,323 INFO L201 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-07-13 17:59:57,323 INFO L160 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-07-13 17:59:57,384 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-07-13 17:59:57,389 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@6a2b835c, mLbeIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@46335c2e [2022-07-13 17:59:57,389 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-07-13 17:59:57,392 INFO L276 IsEmpty]: Start isEmpty. Operand has 90 states, 66 states have (on average 1.378787878787879) internal successors, (91), 75 states have internal predecessors, (91), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 10 states have call predecessors, (14), 14 states have call successors, (14) [2022-07-13 17:59:57,397 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2022-07-13 17:59:57,397 INFO L187 NwaCegarLoop]: Found error trace [2022-07-13 17:59:57,401 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-13 17:59:57,402 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-13 17:59:57,405 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-13 17:59:57,407 INFO L85 PathProgramCache]: Analyzing trace with hash 751018144, now seen corresponding path program 1 times [2022-07-13 17:59:57,412 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-13 17:59:57,414 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [716294367] [2022-07-13 17:59:57,414 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-13 17:59:57,414 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-13 17:59:57,559 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-13 17:59:57,633 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-13 17:59:57,634 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-13 17:59:57,634 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [716294367] [2022-07-13 17:59:57,635 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [716294367] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-13 17:59:57,636 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-13 17:59:57,636 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-07-13 17:59:57,638 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [658772544] [2022-07-13 17:59:57,639 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-13 17:59:57,644 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-07-13 17:59:57,645 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-13 17:59:57,667 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-07-13 17:59:57,668 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-13 17:59:57,671 INFO L87 Difference]: Start difference. First operand has 90 states, 66 states have (on average 1.378787878787879) internal successors, (91), 75 states have internal predecessors, (91), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 10 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-13 17:59:57,702 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-13 17:59:57,702 INFO L93 Difference]: Finished difference Result 172 states and 233 transitions. [2022-07-13 17:59:57,703 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-07-13 17:59:57,704 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 19 [2022-07-13 17:59:57,704 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-13 17:59:57,710 INFO L225 Difference]: With dead ends: 172 [2022-07-13 17:59:57,710 INFO L226 Difference]: Without dead ends: 81 [2022-07-13 17:59:57,713 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-13 17:59:57,715 INFO L413 NwaCegarLoop]: 113 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 113 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-13 17:59:57,715 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 113 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-13 17:59:57,726 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 81 states. [2022-07-13 17:59:57,741 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 81 to 81. [2022-07-13 17:59:57,742 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 81 states, 59 states have (on average 1.305084745762712) internal successors, (77), 67 states have internal predecessors, (77), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) [2022-07-13 17:59:57,743 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 81 states to 81 states and 104 transitions. [2022-07-13 17:59:57,744 INFO L78 Accepts]: Start accepts. Automaton has 81 states and 104 transitions. Word has length 19 [2022-07-13 17:59:57,745 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-13 17:59:57,745 INFO L495 AbstractCegarLoop]: Abstraction has 81 states and 104 transitions. [2022-07-13 17:59:57,745 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-13 17:59:57,745 INFO L276 IsEmpty]: Start isEmpty. Operand 81 states and 104 transitions. [2022-07-13 17:59:57,747 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2022-07-13 17:59:57,747 INFO L187 NwaCegarLoop]: Found error trace [2022-07-13 17:59:57,747 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-13 17:59:57,747 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-07-13 17:59:57,747 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-13 17:59:57,748 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-13 17:59:57,748 INFO L85 PathProgramCache]: Analyzing trace with hash -950488096, now seen corresponding path program 1 times [2022-07-13 17:59:57,748 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-13 17:59:57,748 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [768330993] [2022-07-13 17:59:57,749 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-13 17:59:57,749 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-13 17:59:57,768 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-13 17:59:57,795 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-13 17:59:57,795 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-13 17:59:57,795 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [768330993] [2022-07-13 17:59:57,796 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [768330993] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-13 17:59:57,796 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-13 17:59:57,796 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-07-13 17:59:57,796 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1808335111] [2022-07-13 17:59:57,796 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-13 17:59:57,797 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-13 17:59:57,797 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-13 17:59:57,798 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-13 17:59:57,798 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-13 17:59:57,798 INFO L87 Difference]: Start difference. First operand 81 states and 104 transitions. Second operand has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-13 17:59:57,809 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-13 17:59:57,809 INFO L93 Difference]: Finished difference Result 124 states and 158 transitions. [2022-07-13 17:59:57,810 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-13 17:59:57,810 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 20 [2022-07-13 17:59:57,810 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-13 17:59:57,811 INFO L225 Difference]: With dead ends: 124 [2022-07-13 17:59:57,811 INFO L226 Difference]: Without dead ends: 72 [2022-07-13 17:59:57,812 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-13 17:59:57,813 INFO L413 NwaCegarLoop]: 91 mSDtfsCounter, 16 mSDsluCounter, 70 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 161 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-13 17:59:57,813 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [20 Valid, 161 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-13 17:59:57,814 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 72 states. [2022-07-13 17:59:57,820 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 72 to 72. [2022-07-13 17:59:57,820 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 72 states, 53 states have (on average 1.320754716981132) internal successors, (70), 61 states have internal predecessors, (70), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) [2022-07-13 17:59:57,821 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 72 states to 72 states and 92 transitions. [2022-07-13 17:59:57,821 INFO L78 Accepts]: Start accepts. Automaton has 72 states and 92 transitions. Word has length 20 [2022-07-13 17:59:57,822 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-13 17:59:57,822 INFO L495 AbstractCegarLoop]: Abstraction has 72 states and 92 transitions. [2022-07-13 17:59:57,822 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-13 17:59:57,822 INFO L276 IsEmpty]: Start isEmpty. Operand 72 states and 92 transitions. [2022-07-13 17:59:57,823 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2022-07-13 17:59:57,823 INFO L187 NwaCegarLoop]: Found error trace [2022-07-13 17:59:57,823 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-13 17:59:57,823 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-07-13 17:59:57,824 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-13 17:59:57,824 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-13 17:59:57,824 INFO L85 PathProgramCache]: Analyzing trace with hash -1341231340, now seen corresponding path program 1 times [2022-07-13 17:59:57,824 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-13 17:59:57,825 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [537102571] [2022-07-13 17:59:57,825 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-13 17:59:57,825 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-13 17:59:57,851 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-13 17:59:57,907 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-13 17:59:57,907 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-13 17:59:57,908 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [537102571] [2022-07-13 17:59:57,908 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [537102571] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-13 17:59:57,908 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-13 17:59:57,908 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-07-13 17:59:57,908 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1221252698] [2022-07-13 17:59:57,908 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-13 17:59:57,909 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-07-13 17:59:57,909 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-13 17:59:57,909 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-07-13 17:59:57,910 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-07-13 17:59:57,910 INFO L87 Difference]: Start difference. First operand 72 states and 92 transitions. Second operand has 6 states, 6 states have (on average 3.8333333333333335) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-13 17:59:58,083 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-13 17:59:58,084 INFO L93 Difference]: Finished difference Result 239 states and 313 transitions. [2022-07-13 17:59:58,084 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-07-13 17:59:58,084 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 3.8333333333333335) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 24 [2022-07-13 17:59:58,085 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-13 17:59:58,087 INFO L225 Difference]: With dead ends: 239 [2022-07-13 17:59:58,089 INFO L226 Difference]: Without dead ends: 174 [2022-07-13 17:59:58,090 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2022-07-13 17:59:58,092 INFO L413 NwaCegarLoop]: 111 mSDtfsCounter, 244 mSDsluCounter, 288 mSDsCounter, 0 mSdLazyCounter, 103 mSolverCounterSat, 35 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 244 SdHoareTripleChecker+Valid, 399 SdHoareTripleChecker+Invalid, 138 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 35 IncrementalHoareTripleChecker+Valid, 103 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-13 17:59:58,092 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [244 Valid, 399 Invalid, 138 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [35 Valid, 103 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-13 17:59:58,093 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 174 states. [2022-07-13 17:59:58,108 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 174 to 168. [2022-07-13 17:59:58,108 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 168 states, 123 states have (on average 1.3577235772357723) internal successors, (167), 141 states have internal predecessors, (167), 26 states have call successors, (26), 18 states have call predecessors, (26), 18 states have return successors, (27), 16 states have call predecessors, (27), 26 states have call successors, (27) [2022-07-13 17:59:58,110 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 168 states to 168 states and 220 transitions. [2022-07-13 17:59:58,110 INFO L78 Accepts]: Start accepts. Automaton has 168 states and 220 transitions. Word has length 24 [2022-07-13 17:59:58,110 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-13 17:59:58,110 INFO L495 AbstractCegarLoop]: Abstraction has 168 states and 220 transitions. [2022-07-13 17:59:58,111 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 3.8333333333333335) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-13 17:59:58,111 INFO L276 IsEmpty]: Start isEmpty. Operand 168 states and 220 transitions. [2022-07-13 17:59:58,112 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2022-07-13 17:59:58,112 INFO L187 NwaCegarLoop]: Found error trace [2022-07-13 17:59:58,112 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-13 17:59:58,112 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-07-13 17:59:58,113 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-13 17:59:58,113 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-13 17:59:58,113 INFO L85 PathProgramCache]: Analyzing trace with hash -1307370678, now seen corresponding path program 1 times [2022-07-13 17:59:58,113 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-13 17:59:58,113 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1349944353] [2022-07-13 17:59:58,114 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-13 17:59:58,114 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-13 17:59:58,137 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-13 17:59:58,207 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-13 17:59:58,208 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-13 17:59:58,208 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1349944353] [2022-07-13 17:59:58,208 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1349944353] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-13 17:59:58,209 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-13 17:59:58,209 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-07-13 17:59:58,210 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [904017963] [2022-07-13 17:59:58,210 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-13 17:59:58,211 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-07-13 17:59:58,211 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-13 17:59:58,212 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-07-13 17:59:58,212 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2022-07-13 17:59:58,213 INFO L87 Difference]: Start difference. First operand 168 states and 220 transitions. Second operand has 8 states, 8 states have (on average 3.375) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-13 17:59:58,391 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-13 17:59:58,391 INFO L93 Difference]: Finished difference Result 635 states and 876 transitions. [2022-07-13 17:59:58,391 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-07-13 17:59:58,392 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 3.375) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 28 [2022-07-13 17:59:58,392 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-13 17:59:58,396 INFO L225 Difference]: With dead ends: 635 [2022-07-13 17:59:58,396 INFO L226 Difference]: Without dead ends: 474 [2022-07-13 17:59:58,398 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=51, Invalid=131, Unknown=0, NotChecked=0, Total=182 [2022-07-13 17:59:58,399 INFO L413 NwaCegarLoop]: 105 mSDtfsCounter, 189 mSDsluCounter, 547 mSDsCounter, 0 mSdLazyCounter, 161 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 189 SdHoareTripleChecker+Valid, 652 SdHoareTripleChecker+Invalid, 179 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 161 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-13 17:59:58,399 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [189 Valid, 652 Invalid, 179 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 161 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-13 17:59:58,400 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 474 states. [2022-07-13 17:59:58,487 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 474 to 459. [2022-07-13 17:59:58,488 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 459 states, 332 states have (on average 1.3343373493975903) internal successors, (443), 381 states have internal predecessors, (443), 75 states have call successors, (75), 51 states have call predecessors, (75), 51 states have return successors, (89), 45 states have call predecessors, (89), 75 states have call successors, (89) [2022-07-13 17:59:58,491 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 459 states to 459 states and 607 transitions. [2022-07-13 17:59:58,491 INFO L78 Accepts]: Start accepts. Automaton has 459 states and 607 transitions. Word has length 28 [2022-07-13 17:59:58,491 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-13 17:59:58,491 INFO L495 AbstractCegarLoop]: Abstraction has 459 states and 607 transitions. [2022-07-13 17:59:58,491 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 3.375) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-13 17:59:58,491 INFO L276 IsEmpty]: Start isEmpty. Operand 459 states and 607 transitions. [2022-07-13 17:59:58,493 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-07-13 17:59:58,493 INFO L187 NwaCegarLoop]: Found error trace [2022-07-13 17:59:58,493 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-13 17:59:58,493 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-07-13 17:59:58,493 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-13 17:59:58,494 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-13 17:59:58,494 INFO L85 PathProgramCache]: Analyzing trace with hash -983490225, now seen corresponding path program 1 times [2022-07-13 17:59:58,494 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-13 17:59:58,502 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1948399350] [2022-07-13 17:59:58,502 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-13 17:59:58,503 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-13 17:59:58,532 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-13 17:59:58,565 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-13 17:59:58,565 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-13 17:59:58,565 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1948399350] [2022-07-13 17:59:58,565 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1948399350] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-13 17:59:58,565 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-13 17:59:58,565 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-07-13 17:59:58,565 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [482693984] [2022-07-13 17:59:58,565 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-13 17:59:58,566 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-13 17:59:58,566 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-13 17:59:58,566 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-13 17:59:58,566 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-13 17:59:58,566 INFO L87 Difference]: Start difference. First operand 459 states and 607 transitions. Second operand has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 2 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-13 17:59:58,599 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-13 17:59:58,599 INFO L93 Difference]: Finished difference Result 764 states and 1029 transitions. [2022-07-13 17:59:58,600 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-13 17:59:58,600 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 2 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 30 [2022-07-13 17:59:58,600 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-13 17:59:58,601 INFO L225 Difference]: With dead ends: 764 [2022-07-13 17:59:58,601 INFO L226 Difference]: Without dead ends: 312 [2022-07-13 17:59:58,603 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-13 17:59:58,604 INFO L413 NwaCegarLoop]: 53 mSDtfsCounter, 38 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 5 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 38 SdHoareTripleChecker+Valid, 53 SdHoareTripleChecker+Invalid, 8 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 5 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-13 17:59:58,604 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [38 Valid, 53 Invalid, 8 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 5 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-13 17:59:58,605 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 312 states. [2022-07-13 17:59:58,614 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 312 to 306. [2022-07-13 17:59:58,615 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 306 states, 233 states have (on average 1.2446351931330473) internal successors, (290), 249 states have internal predecessors, (290), 36 states have call successors, (36), 36 states have call predecessors, (36), 36 states have return successors, (42), 36 states have call predecessors, (42), 36 states have call successors, (42) [2022-07-13 17:59:58,616 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 306 states to 306 states and 368 transitions. [2022-07-13 17:59:58,616 INFO L78 Accepts]: Start accepts. Automaton has 306 states and 368 transitions. Word has length 30 [2022-07-13 17:59:58,616 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-13 17:59:58,617 INFO L495 AbstractCegarLoop]: Abstraction has 306 states and 368 transitions. [2022-07-13 17:59:58,617 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 2 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-13 17:59:58,617 INFO L276 IsEmpty]: Start isEmpty. Operand 306 states and 368 transitions. [2022-07-13 17:59:58,618 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 54 [2022-07-13 17:59:58,618 INFO L187 NwaCegarLoop]: Found error trace [2022-07-13 17:59:58,618 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-13 17:59:58,618 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-07-13 17:59:58,618 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-13 17:59:58,619 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-13 17:59:58,635 INFO L85 PathProgramCache]: Analyzing trace with hash 1206380235, now seen corresponding path program 1 times [2022-07-13 17:59:58,635 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-13 17:59:58,635 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1629087472] [2022-07-13 17:59:58,636 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-13 17:59:58,636 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-13 17:59:58,664 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-13 17:59:58,720 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2022-07-13 17:59:58,722 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-13 17:59:58,739 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-07-13 17:59:58,741 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-13 17:59:58,744 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2022-07-13 17:59:58,745 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-13 17:59:58,746 INFO L134 CoverageAnalysis]: Checked inductivity of 18 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 17 trivial. 0 not checked. [2022-07-13 17:59:58,747 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-13 17:59:58,747 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1629087472] [2022-07-13 17:59:58,747 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1629087472] provided 0 perfect and 1 imperfect interpolant sequences [2022-07-13 17:59:58,747 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [495497270] [2022-07-13 17:59:58,747 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-13 17:59:58,748 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-07-13 17:59:58,748 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-13 17:59:58,759 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-07-13 17:59:58,763 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-07-13 17:59:58,855 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-13 17:59:58,858 INFO L263 TraceCheckSpWp]: Trace formula consists of 363 conjuncts, 9 conjunts are in the unsatisfiable core [2022-07-13 17:59:58,865 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-07-13 17:59:59,025 INFO L134 CoverageAnalysis]: Checked inductivity of 18 backedges. 15 proven. 2 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-07-13 17:59:59,025 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-07-13 17:59:59,197 INFO L134 CoverageAnalysis]: Checked inductivity of 18 backedges. 15 proven. 3 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-13 17:59:59,197 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [495497270] provided 0 perfect and 2 imperfect interpolant sequences [2022-07-13 17:59:59,197 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-07-13 17:59:59,197 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 6, 7] total 15 [2022-07-13 17:59:59,198 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [288516453] [2022-07-13 17:59:59,198 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-07-13 17:59:59,198 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2022-07-13 17:59:59,198 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-13 17:59:59,198 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2022-07-13 17:59:59,199 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=48, Invalid=162, Unknown=0, NotChecked=0, Total=210 [2022-07-13 17:59:59,199 INFO L87 Difference]: Start difference. First operand 306 states and 368 transitions. Second operand has 15 states, 15 states have (on average 5.933333333333334) internal successors, (89), 12 states have internal predecessors, (89), 4 states have call successors, (10), 7 states have call predecessors, (10), 7 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) [2022-07-13 17:59:59,359 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-13 17:59:59,359 INFO L93 Difference]: Finished difference Result 413 states and 495 transitions. [2022-07-13 17:59:59,360 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-07-13 17:59:59,360 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 5.933333333333334) internal successors, (89), 12 states have internal predecessors, (89), 4 states have call successors, (10), 7 states have call predecessors, (10), 7 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) Word has length 53 [2022-07-13 17:59:59,360 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-13 17:59:59,360 INFO L225 Difference]: With dead ends: 413 [2022-07-13 17:59:59,360 INFO L226 Difference]: Without dead ends: 0 [2022-07-13 17:59:59,361 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 122 GetRequests, 103 SyntacticMatches, 1 SemanticMatches, 18 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 45 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=99, Invalid=281, Unknown=0, NotChecked=0, Total=380 [2022-07-13 17:59:59,362 INFO L413 NwaCegarLoop]: 75 mSDtfsCounter, 136 mSDsluCounter, 272 mSDsCounter, 0 mSdLazyCounter, 203 mSolverCounterSat, 61 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 136 SdHoareTripleChecker+Valid, 347 SdHoareTripleChecker+Invalid, 264 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 61 IncrementalHoareTripleChecker+Valid, 203 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-13 17:59:59,362 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [136 Valid, 347 Invalid, 264 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [61 Valid, 203 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-13 17:59:59,362 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-07-13 17:59:59,362 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-07-13 17:59:59,363 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-13 17:59:59,363 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-07-13 17:59:59,363 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 53 [2022-07-13 17:59:59,363 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-13 17:59:59,363 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-07-13 17:59:59,363 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 5.933333333333334) internal successors, (89), 12 states have internal predecessors, (89), 4 states have call successors, (10), 7 states have call predecessors, (10), 7 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) [2022-07-13 17:59:59,363 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-07-13 17:59:59,363 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-07-13 17:59:59,365 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-07-13 17:59:59,399 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-07-13 17:59:59,602 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable5 [2022-07-13 17:59:59,604 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-07-13 18:00:00,447 INFO L902 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 832 839) the Hoare annotation is: true [2022-07-13 18:00:00,447 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 832 839) no Hoare annotation was computed. [2022-07-13 18:00:00,447 INFO L899 garLoopResultBuilder]: For program point deactivatePumpFINAL(lines 832 839) no Hoare annotation was computed. [2022-07-13 18:00:00,447 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 748 754) no Hoare annotation was computed. [2022-07-13 18:00:00,447 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 748 754) the Hoare annotation is: true [2022-07-13 18:00:00,447 INFO L899 garLoopResultBuilder]: For program point L590-1(lines 586 597) no Hoare annotation was computed. [2022-07-13 18:00:00,448 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 586 597) the Hoare annotation is: true [2022-07-13 18:00:00,448 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 586 597) no Hoare annotation was computed. [2022-07-13 18:00:00,448 INFO L899 garLoopResultBuilder]: For program point L944(lines 944 950) no Hoare annotation was computed. [2022-07-13 18:00:00,448 INFO L899 garLoopResultBuilder]: For program point L940(lines 940 953) no Hoare annotation was computed. [2022-07-13 18:00:00,448 INFO L895 garLoopResultBuilder]: At program point L940-1(lines 932 956) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= |timeShift_getWaterLevel_#res#1| 0))) (.cse3 (not (= |timeShift___utac_acc__Specification4_spec__1_~tmp~9#1| 0)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 .cse2 .cse3 (= ~waterLevel~0 1))) (or .cse0 (and .cse1 .cse2 .cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-13 18:00:00,448 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 724 747) no Hoare annotation was computed. [2022-07-13 18:00:00,448 INFO L895 garLoopResultBuilder]: At program point L796(line 796) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-13 18:00:00,448 INFO L895 garLoopResultBuilder]: At program point L635(lines 630 638) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= |timeShift_getWaterLevel_#res#1| 0)))) (and (or .cse0 (and .cse1 .cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 .cse2 (= ~waterLevel~0 1))))) [2022-07-13 18:00:00,448 INFO L895 garLoopResultBuilder]: At program point L792(line 792) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-13 18:00:00,448 INFO L895 garLoopResultBuilder]: At program point L788(line 788) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-13 18:00:00,448 INFO L899 garLoopResultBuilder]: For program point L788-1(line 788) no Hoare annotation was computed. [2022-07-13 18:00:00,448 INFO L899 garLoopResultBuilder]: For program point L962(line 962) no Hoare annotation was computed. [2022-07-13 18:00:00,449 INFO L895 garLoopResultBuilder]: At program point L801(line 801) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (not (= 0 ~systemActive~0)))) (and (or (and .cse0 (= ~waterLevel~0 1) .cse1) .cse2 (not (= |old(~waterLevel~0)| 1))) (or .cse2 (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-13 18:00:00,449 INFO L895 garLoopResultBuilder]: At program point L801-1(lines 782 806) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (not (= 0 ~systemActive~0)))) (and (or (and .cse0 (= ~waterLevel~0 1) .cse1) .cse2 (not (= |old(~waterLevel~0)| 1))) (or .cse2 (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-13 18:00:00,449 INFO L899 garLoopResultBuilder]: For program point L735-1(lines 735 741) no Hoare annotation was computed. [2022-07-13 18:00:00,449 INFO L899 garLoopResultBuilder]: For program point L566(lines 566 570) no Hoare annotation was computed. [2022-07-13 18:00:00,449 INFO L895 garLoopResultBuilder]: At program point L566-2(lines 562 573) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-13 18:00:00,449 INFO L895 garLoopResultBuilder]: At program point L963(lines 958 965) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-13 18:00:00,449 INFO L895 garLoopResultBuilder]: At program point L856(lines 851 859) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|))) [2022-07-13 18:00:00,449 INFO L899 garLoopResultBuilder]: For program point L728-1(lines 727 746) no Hoare annotation was computed. [2022-07-13 18:00:00,449 INFO L899 garLoopResultBuilder]: For program point L790(lines 790 798) no Hoare annotation was computed. [2022-07-13 18:00:00,449 INFO L899 garLoopResultBuilder]: For program point L786(lines 786 803) no Hoare annotation was computed. [2022-07-13 18:00:00,449 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 724 747) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 (= ~waterLevel~0 1))) (or .cse0 (and .cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-13 18:00:00,449 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 724 747) no Hoare annotation was computed. [2022-07-13 18:00:00,450 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 962) no Hoare annotation was computed. [2022-07-13 18:00:00,450 INFO L902 garLoopResultBuilder]: At program point L66-1(lines 66 70) the Hoare annotation is: true [2022-07-13 18:00:00,450 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 52 81) no Hoare annotation was computed. [2022-07-13 18:00:00,450 INFO L899 garLoopResultBuilder]: For program point L63(line 63) no Hoare annotation was computed. [2022-07-13 18:00:00,450 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 52 81) the Hoare annotation is: true [2022-07-13 18:00:00,450 INFO L902 garLoopResultBuilder]: At program point L62-2(lines 62 76) the Hoare annotation is: true [2022-07-13 18:00:00,450 INFO L902 garLoopResultBuilder]: At program point L58(line 58) the Hoare annotation is: true [2022-07-13 18:00:00,450 INFO L899 garLoopResultBuilder]: For program point L58-1(line 58) no Hoare annotation was computed. [2022-07-13 18:00:00,450 INFO L902 garLoopResultBuilder]: At program point L77(lines 52 81) the Hoare annotation is: true [2022-07-13 18:00:00,450 INFO L899 garLoopResultBuilder]: For program point L73(line 73) no Hoare annotation was computed. [2022-07-13 18:00:00,450 INFO L899 garLoopResultBuilder]: For program point L66(lines 66 70) no Hoare annotation was computed. [2022-07-13 18:00:00,450 INFO L895 garLoopResultBuilder]: At program point L927(lines 915 929) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 (= ~waterLevel~0 1)) (and .cse0 (<= 2 ~waterLevel~0) .cse1))) [2022-07-13 18:00:00,450 INFO L895 garLoopResultBuilder]: At program point L184(lines 179 187) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-13 18:00:00,451 INFO L899 garLoopResultBuilder]: For program point L696(lines 696 702) no Hoare annotation was computed. [2022-07-13 18:00:00,451 INFO L899 garLoopResultBuilder]: For program point L919(lines 919 925) no Hoare annotation was computed. [2022-07-13 18:00:00,451 INFO L899 garLoopResultBuilder]: For program point L919-1(lines 919 925) no Hoare annotation was computed. [2022-07-13 18:00:00,451 INFO L895 garLoopResultBuilder]: At program point L696-2(lines 690 703) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 (= ~waterLevel~0 1)) (and .cse0 (<= 2 ~waterLevel~0) .cse1))) [2022-07-13 18:00:00,451 INFO L895 garLoopResultBuilder]: At program point L176(lines 172 178) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-13 18:00:00,451 INFO L899 garLoopResultBuilder]: For program point L680(lines 680 686) no Hoare annotation was computed. [2022-07-13 18:00:00,451 INFO L899 garLoopResultBuilder]: For program point L680-1(lines 680 686) no Hoare annotation was computed. [2022-07-13 18:00:00,451 INFO L895 garLoopResultBuilder]: At program point L705(lines 660 707) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 (= ~waterLevel~0 1)) (and .cse0 (<= 2 ~waterLevel~0) .cse1))) [2022-07-13 18:00:00,451 INFO L895 garLoopResultBuilder]: At program point L672(line 672) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 (= ~waterLevel~0 1)) (and .cse0 (<= 2 ~waterLevel~0) .cse1))) [2022-07-13 18:00:00,451 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-07-13 18:00:00,451 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-07-13 18:00:00,451 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-07-13 18:00:00,451 INFO L899 garLoopResultBuilder]: For program point L140(lines 140 147) no Hoare annotation was computed. [2022-07-13 18:00:00,451 INFO L899 garLoopResultBuilder]: For program point L140-2(lines 140 147) no Hoare annotation was computed. [2022-07-13 18:00:00,452 INFO L895 garLoopResultBuilder]: At program point L169(lines 165 171) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-13 18:00:00,452 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-07-13 18:00:00,452 INFO L902 garLoopResultBuilder]: At program point L124(lines 117 126) the Hoare annotation is: true [2022-07-13 18:00:00,452 INFO L895 garLoopResultBuilder]: At program point L921(line 921) the Hoare annotation is: false [2022-07-13 18:00:00,452 INFO L899 garLoopResultBuilder]: For program point L661(lines 660 707) no Hoare annotation was computed. [2022-07-13 18:00:00,452 INFO L902 garLoopResultBuilder]: At program point L149(lines 130 152) the Hoare annotation is: true [2022-07-13 18:00:00,452 INFO L899 garLoopResultBuilder]: For program point L690(lines 690 703) no Hoare annotation was computed. [2022-07-13 18:00:00,452 INFO L895 garLoopResultBuilder]: At program point L682(line 682) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~waterLevel~0 |ULTIMATE.start_main_~tmp~0#1|) .cse0 (= |ULTIMATE.start_valid_product_#res#1| ~waterLevel~0) .cse1 (= ~waterLevel~0 1)) (and .cse0 (<= 2 ~waterLevel~0) .cse1))) [2022-07-13 18:00:00,452 INFO L902 garLoopResultBuilder]: At program point L711(lines 650 715) the Hoare annotation is: true [2022-07-13 18:00:00,452 INFO L899 garLoopResultBuilder]: For program point L670(lines 670 676) no Hoare annotation was computed. [2022-07-13 18:00:00,452 INFO L899 garLoopResultBuilder]: For program point L670-1(lines 670 676) no Hoare annotation was computed. [2022-07-13 18:00:00,452 INFO L899 garLoopResultBuilder]: For program point L662(lines 662 666) no Hoare annotation was computed. [2022-07-13 18:00:00,452 INFO L895 garLoopResultBuilder]: At program point L113(lines 109 115) the Hoare annotation is: (and (= |ULTIMATE.start_main_~tmp~0#1| ~systemActive~0) (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-13 18:00:00,452 INFO L895 garLoopResultBuilder]: At program point L708(lines 659 709) the Hoare annotation is: false [2022-07-13 18:00:00,453 INFO L899 garLoopResultBuilder]: For program point L578-1(lines 574 585) no Hoare annotation was computed. [2022-07-13 18:00:00,453 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 574 585) no Hoare annotation was computed. [2022-07-13 18:00:00,453 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 574 585) the Hoare annotation is: (let ((.cse0 (not (= ~pumpRunning~0 0)))) (and (or .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1)))) [2022-07-13 18:00:00,453 INFO L895 garLoopResultBuilder]: At program point L766(line 766) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 ~waterLevel~0)) (= 0 ~systemActive~0)) [2022-07-13 18:00:00,453 INFO L899 garLoopResultBuilder]: For program point L764(lines 764 772) no Hoare annotation was computed. [2022-07-13 18:00:00,453 INFO L899 garLoopResultBuilder]: For program point L760(lines 760 777) no Hoare annotation was computed. [2022-07-13 18:00:00,453 INFO L895 garLoopResultBuilder]: At program point L911(lines 896 914) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 ~waterLevel~0)) (= 0 ~systemActive~0)) [2022-07-13 18:00:00,453 INFO L899 garLoopResultBuilder]: For program point L905(lines 905 909) no Hoare annotation was computed. [2022-07-13 18:00:00,453 INFO L899 garLoopResultBuilder]: For program point L905-2(lines 905 909) no Hoare annotation was computed. [2022-07-13 18:00:00,453 INFO L895 garLoopResultBuilder]: At program point L775(line 775) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 (not (<= 2 ~waterLevel~0)) .cse2) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2))) [2022-07-13 18:00:00,453 INFO L899 garLoopResultBuilder]: For program point L775-1(lines 756 780) no Hoare annotation was computed. [2022-07-13 18:00:00,453 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__methaneQueryENTRY(lines 756 780) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 (not (<= 2 ~waterLevel~0)) .cse2) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2))) [2022-07-13 18:00:00,454 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__methaneQueryEXIT(lines 756 780) no Hoare annotation was computed. [2022-07-13 18:00:00,454 INFO L895 garLoopResultBuilder]: At program point L644(lines 639 647) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 ~waterLevel~0)) (= 0 ~systemActive~0)) [2022-07-13 18:00:00,454 INFO L895 garLoopResultBuilder]: At program point L770(line 770) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 ~waterLevel~0)) (= 0 ~systemActive~0)) [2022-07-13 18:00:00,454 INFO L902 garLoopResultBuilder]: At program point isMethaneAlarmENTRY(lines 840 850) the Hoare annotation is: true [2022-07-13 18:00:00,454 INFO L902 garLoopResultBuilder]: At program point L603(lines 598 606) the Hoare annotation is: true [2022-07-13 18:00:00,454 INFO L899 garLoopResultBuilder]: For program point isMethaneAlarmEXIT(lines 840 850) no Hoare annotation was computed. [2022-07-13 18:00:00,454 INFO L899 garLoopResultBuilder]: For program point isMethaneAlarmFINAL(lines 840 850) no Hoare annotation was computed. [2022-07-13 18:00:00,456 INFO L356 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1] [2022-07-13 18:00:00,458 INFO L176 ceAbstractionStarter]: Computing trace abstraction results [2022-07-13 18:00:00,487 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 13.07 06:00:00 BoogieIcfgContainer [2022-07-13 18:00:00,487 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-07-13 18:00:00,488 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-07-13 18:00:00,488 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-07-13 18:00:00,488 INFO L275 PluginConnector]: Witness Printer initialized [2022-07-13 18:00:00,488 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 13.07 05:59:57" (3/4) ... [2022-07-13 18:00:00,490 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-07-13 18:00:00,494 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-07-13 18:00:00,494 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-07-13 18:00:00,494 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-07-13 18:00:00,494 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-07-13 18:00:00,494 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-07-13 18:00:00,495 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-07-13 18:00:00,495 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2022-07-13 18:00:00,495 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2022-07-13 18:00:00,506 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 52 nodes and edges [2022-07-13 18:00:00,506 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-07-13 18:00:00,507 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-07-13 18:00:00,507 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-07-13 18:00:00,507 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-07-13 18:00:00,507 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-13 18:00:00,508 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-13 18:00:00,526 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((pumpRunning == 0 && 1 == systemActive) && \result == systemActive) && waterLevel == 1 [2022-07-13 18:00:00,526 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((tmp == systemActive && pumpRunning == 0) && 1 == systemActive) && \result == systemActive) && waterLevel == 1 [2022-07-13 18:00:00,526 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && splverifierCounter == 0) && waterLevel == 1) || ((pumpRunning == 0 && 2 <= waterLevel) && splverifierCounter == 0) [2022-07-13 18:00:00,527 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-13 18:00:00,528 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) && ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && !(0 == systemActive))) || !(2 <= \old(waterLevel))) [2022-07-13 18:00:00,529 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && !(\result == 0)) && \old(waterLevel) == waterLevel)) || !(2 <= \old(waterLevel))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == 0 && !(\result == 0)) && waterLevel == 1)) [2022-07-13 18:00:00,529 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && splverifierCounter == 0) && waterLevel == 1) || ((pumpRunning == 0 && 2 <= waterLevel) && splverifierCounter == 0) [2022-07-13 18:00:00,529 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (((pumpRunning == 0 && !(\result == 0)) && !(tmp == 0)) && waterLevel == 1)) && ((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && !(\result == 0)) && !(tmp == 0)) && \old(waterLevel) == waterLevel)) || !(2 <= \old(waterLevel))) [2022-07-13 18:00:00,529 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(\old(pumpRunning) == 0) || !(1 <= waterLevel)) || 0 == systemActive [2022-07-13 18:00:00,529 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-13 18:00:00,529 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(\old(pumpRunning) == 0) || !(1 <= waterLevel)) || 0 == systemActive [2022-07-13 18:00:00,530 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) [2022-07-13 18:00:00,555 INFO L141 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2022-07-13 18:00:00,555 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-07-13 18:00:00,556 INFO L158 Benchmark]: Toolchain (without parser) took 4195.09ms. Allocated memory was 148.9MB in the beginning and 224.4MB in the end (delta: 75.5MB). Free memory was 113.3MB in the beginning and 166.5MB in the end (delta: -53.2MB). Peak memory consumption was 21.1MB. Max. memory is 16.1GB. [2022-07-13 18:00:00,556 INFO L158 Benchmark]: CDTParser took 0.35ms. Allocated memory is still 79.7MB. Free memory was 36.3MB in the beginning and 36.2MB in the end (delta: 44.2kB). There was no memory consumed. Max. memory is 16.1GB. [2022-07-13 18:00:00,557 INFO L158 Benchmark]: CACSL2BoogieTranslator took 458.37ms. Allocated memory is still 148.9MB. Free memory was 113.3MB in the beginning and 112.4MB in the end (delta: 849.3kB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2022-07-13 18:00:00,557 INFO L158 Benchmark]: Boogie Procedure Inliner took 50.60ms. Allocated memory is still 148.9MB. Free memory was 112.4MB in the beginning and 109.9MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-07-13 18:00:00,557 INFO L158 Benchmark]: Boogie Preprocessor took 17.25ms. Allocated memory is still 148.9MB. Free memory was 109.9MB in the beginning and 108.3MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-07-13 18:00:00,557 INFO L158 Benchmark]: RCFGBuilder took 411.75ms. Allocated memory is still 148.9MB. Free memory was 108.3MB in the beginning and 91.9MB in the end (delta: 16.3MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. [2022-07-13 18:00:00,558 INFO L158 Benchmark]: TraceAbstraction took 3178.29ms. Allocated memory was 148.9MB in the beginning and 224.4MB in the end (delta: 75.5MB). Free memory was 91.0MB in the beginning and 171.7MB in the end (delta: -80.7MB). Peak memory consumption was 103.7MB. Max. memory is 16.1GB. [2022-07-13 18:00:00,558 INFO L158 Benchmark]: Witness Printer took 67.75ms. Allocated memory is still 224.4MB. Free memory was 171.7MB in the beginning and 166.5MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-07-13 18:00:00,560 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.35ms. Allocated memory is still 79.7MB. Free memory was 36.3MB in the beginning and 36.2MB in the end (delta: 44.2kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 458.37ms. Allocated memory is still 148.9MB. Free memory was 113.3MB in the beginning and 112.4MB in the end (delta: 849.3kB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 50.60ms. Allocated memory is still 148.9MB. Free memory was 112.4MB in the beginning and 109.9MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 17.25ms. Allocated memory is still 148.9MB. Free memory was 109.9MB in the beginning and 108.3MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 411.75ms. Allocated memory is still 148.9MB. Free memory was 108.3MB in the beginning and 91.9MB in the end (delta: 16.3MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. * TraceAbstraction took 3178.29ms. Allocated memory was 148.9MB in the beginning and 224.4MB in the end (delta: 75.5MB). Free memory was 91.0MB in the beginning and 171.7MB in the end (delta: -80.7MB). Peak memory consumption was 103.7MB. Max. memory is 16.1GB. * Witness Printer took 67.75ms. Allocated memory is still 224.4MB. Free memory was 171.7MB in the beginning and 166.5MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 962]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 90 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 3.1s, OverallIterations: 6, TraceHistogramMax: 2, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.7s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.8s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 627 SdHoareTripleChecker+Valid, 0.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 623 mSDsluCounter, 1725 SdHoareTripleChecker+Invalid, 0.3s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1177 mSDsCounter, 117 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 473 IncrementalHoareTripleChecker+Invalid, 590 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 117 mSolverCounterUnsat, 548 mSDtfsCounter, 473 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 151 GetRequests, 112 SyntacticMatches, 1 SemanticMatches, 38 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 60 ImplicationChecksByTransitivity, 0.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=459occurred in iteration=4, InterpolantAutomatonStates: 32, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.1s AutomataMinimizationTime, 6 MinimizatonAttempts, 27 StatesRemovedByMinimization, 3 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 42 LocationsWithAnnotation, 668 PreInvPairs, 726 NumberOfFragments, 593 HoareAnnotationTreeSize, 668 FomulaSimplifications, 310 FormulaSimplificationTreeSizeReduction, 0.1s HoareSimplificationTime, 42 FomulaSimplificationsInter, 2511 FormulaSimplificationTreeSizeReductionInter, 0.7s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 0.7s InterpolantComputationTime, 227 NumberOfCodeBlocks, 227 NumberOfCodeBlocksAsserted, 7 NumberOfCheckSat, 272 ConstructedInterpolants, 0 QuantifiedInterpolants, 744 SizeOfPredicates, 0 NumberOfNonLiveVariables, 363 ConjunctsInSsa, 9 ConjunctsInUnsatCore, 8 InterpolantComputations, 5 PerfectInterpolantSequences, 48/54 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 630]: Loop Invariant Derived loop invariant: ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && !(\result == 0)) && \old(waterLevel) == waterLevel)) || !(2 <= \old(waterLevel))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == 0 && !(\result == 0)) && waterLevel == 1)) - InvariantResult [Line: 52]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 639]: Loop Invariant Derived loop invariant: (!(\old(pumpRunning) == 0) || !(1 <= waterLevel)) || 0 == systemActive - InvariantResult [Line: 660]: Loop Invariant Derived loop invariant: ((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && splverifierCounter == 0) && waterLevel == 1) || ((pumpRunning == 0 && 2 <= waterLevel) && splverifierCounter == 0) - InvariantResult [Line: 130]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 165]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 650]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 659]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 562]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 172]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 109]: Loop Invariant Derived loop invariant: (((tmp == systemActive && pumpRunning == 0) && 1 == systemActive) && \result == systemActive) && waterLevel == 1 - InvariantResult [Line: 598]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 958]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 896]: Loop Invariant Derived loop invariant: (!(\old(pumpRunning) == 0) || !(1 <= waterLevel)) || 0 == systemActive - InvariantResult [Line: 915]: Loop Invariant Derived loop invariant: ((((waterLevel == tmp && pumpRunning == 0) && \result == waterLevel) && splverifierCounter == 0) && waterLevel == 1) || ((pumpRunning == 0 && 2 <= waterLevel) && splverifierCounter == 0) - InvariantResult [Line: 62]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 117]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 851]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 932]: Loop Invariant Derived loop invariant: ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (((pumpRunning == 0 && !(\result == 0)) && !(tmp == 0)) && waterLevel == 1)) && ((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && !(\result == 0)) && !(tmp == 0)) && \old(waterLevel) == waterLevel)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 179]: Loop Invariant Derived loop invariant: ((pumpRunning == 0 && 1 == systemActive) && \result == systemActive) && waterLevel == 1 - InvariantResult [Line: 782]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) && ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && !(0 == systemActive))) || !(2 <= \old(waterLevel))) RESULT: Ultimate proved your program to be correct! [2022-07-13 18:00:00,600 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE