./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec4_product22.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version c3fed411 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec4_product22.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 0a7c3724e5ee5aec618285d48655e08e5160513f4f9a55965746ea75a93f68ad --- Real Ultimate output --- This is Ultimate 0.2.2-tmp.no-commuhash-c3fed41 [2021-12-16 01:00:20,489 INFO L177 SettingsManager]: Resetting all preferences to default values... [2021-12-16 01:00:20,491 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2021-12-16 01:00:20,524 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2021-12-16 01:00:20,525 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2021-12-16 01:00:20,528 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2021-12-16 01:00:20,529 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2021-12-16 01:00:20,535 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2021-12-16 01:00:20,536 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2021-12-16 01:00:20,542 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2021-12-16 01:00:20,542 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2021-12-16 01:00:20,543 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2021-12-16 01:00:20,544 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2021-12-16 01:00:20,546 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2021-12-16 01:00:20,547 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2021-12-16 01:00:20,548 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2021-12-16 01:00:20,549 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2021-12-16 01:00:20,550 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2021-12-16 01:00:20,551 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2021-12-16 01:00:20,553 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2021-12-16 01:00:20,554 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2021-12-16 01:00:20,558 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2021-12-16 01:00:20,559 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2021-12-16 01:00:20,559 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2021-12-16 01:00:20,562 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2021-12-16 01:00:20,562 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2021-12-16 01:00:20,562 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2021-12-16 01:00:20,563 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2021-12-16 01:00:20,563 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2021-12-16 01:00:20,564 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2021-12-16 01:00:20,566 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2021-12-16 01:00:20,567 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2021-12-16 01:00:20,568 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2021-12-16 01:00:20,568 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2021-12-16 01:00:20,569 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2021-12-16 01:00:20,569 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2021-12-16 01:00:20,570 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2021-12-16 01:00:20,570 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2021-12-16 01:00:20,570 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2021-12-16 01:00:20,571 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2021-12-16 01:00:20,571 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2021-12-16 01:00:20,572 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2021-12-16 01:00:20,620 INFO L113 SettingsManager]: Loading preferences was successful [2021-12-16 01:00:20,620 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2021-12-16 01:00:20,621 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2021-12-16 01:00:20,621 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2021-12-16 01:00:20,622 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2021-12-16 01:00:20,622 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2021-12-16 01:00:20,622 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2021-12-16 01:00:20,622 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2021-12-16 01:00:20,622 INFO L138 SettingsManager]: * Use SBE=true [2021-12-16 01:00:20,622 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2021-12-16 01:00:20,623 INFO L138 SettingsManager]: * sizeof long=4 [2021-12-16 01:00:20,623 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2021-12-16 01:00:20,623 INFO L138 SettingsManager]: * sizeof POINTER=4 [2021-12-16 01:00:20,623 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2021-12-16 01:00:20,623 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2021-12-16 01:00:20,623 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2021-12-16 01:00:20,623 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2021-12-16 01:00:20,623 INFO L138 SettingsManager]: * sizeof long double=12 [2021-12-16 01:00:20,624 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2021-12-16 01:00:20,624 INFO L138 SettingsManager]: * Use constant arrays=true [2021-12-16 01:00:20,624 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2021-12-16 01:00:20,624 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2021-12-16 01:00:20,624 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2021-12-16 01:00:20,624 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2021-12-16 01:00:20,624 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2021-12-16 01:00:20,624 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2021-12-16 01:00:20,624 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2021-12-16 01:00:20,625 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2021-12-16 01:00:20,625 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2021-12-16 01:00:20,625 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2021-12-16 01:00:20,625 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2021-12-16 01:00:20,625 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2021-12-16 01:00:20,625 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2021-12-16 01:00:20,625 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2021-12-16 01:00:20,625 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 0a7c3724e5ee5aec618285d48655e08e5160513f4f9a55965746ea75a93f68ad [2021-12-16 01:00:20,827 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2021-12-16 01:00:20,851 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2021-12-16 01:00:20,853 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2021-12-16 01:00:20,853 INFO L271 PluginConnector]: Initializing CDTParser... [2021-12-16 01:00:20,854 INFO L275 PluginConnector]: CDTParser initialized [2021-12-16 01:00:20,855 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec4_product22.cil.c [2021-12-16 01:00:20,913 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/dcf2ecd66/7b5de69e269d44f7890dd8be4fc62c49/FLAGd97ca8a00 [2021-12-16 01:00:21,377 INFO L306 CDTParser]: Found 1 translation units. [2021-12-16 01:00:21,378 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product22.cil.c [2021-12-16 01:00:21,396 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/dcf2ecd66/7b5de69e269d44f7890dd8be4fc62c49/FLAGd97ca8a00 [2021-12-16 01:00:21,882 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/dcf2ecd66/7b5de69e269d44f7890dd8be4fc62c49 [2021-12-16 01:00:21,884 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2021-12-16 01:00:21,885 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2021-12-16 01:00:21,886 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2021-12-16 01:00:21,886 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2021-12-16 01:00:21,893 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2021-12-16 01:00:21,894 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.12 01:00:21" (1/1) ... [2021-12-16 01:00:21,895 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@7647c862 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.12 01:00:21, skipping insertion in model container [2021-12-16 01:00:21,896 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.12 01:00:21" (1/1) ... [2021-12-16 01:00:21,901 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2021-12-16 01:00:21,932 INFO L178 MainTranslator]: Built tables and reachable declarations [2021-12-16 01:00:22,092 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product22.cil.c[8015,8028] [2021-12-16 01:00:22,166 INFO L209 PostProcessor]: Analyzing one entry point: main [2021-12-16 01:00:22,184 INFO L203 MainTranslator]: Completed pre-run [2021-12-16 01:00:22,241 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product22.cil.c[8015,8028] [2021-12-16 01:00:22,271 INFO L209 PostProcessor]: Analyzing one entry point: main [2021-12-16 01:00:22,286 INFO L208 MainTranslator]: Completed translation [2021-12-16 01:00:22,286 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.12 01:00:22 WrapperNode [2021-12-16 01:00:22,286 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2021-12-16 01:00:22,287 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2021-12-16 01:00:22,288 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2021-12-16 01:00:22,288 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2021-12-16 01:00:22,295 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.12 01:00:22" (1/1) ... [2021-12-16 01:00:22,310 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.12 01:00:22" (1/1) ... [2021-12-16 01:00:22,332 INFO L137 Inliner]: procedures = 54, calls = 154, calls flagged for inlining = 22, calls inlined = 19, statements flattened = 246 [2021-12-16 01:00:22,332 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2021-12-16 01:00:22,333 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2021-12-16 01:00:22,333 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2021-12-16 01:00:22,333 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2021-12-16 01:00:22,348 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.12 01:00:22" (1/1) ... [2021-12-16 01:00:22,349 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.12 01:00:22" (1/1) ... [2021-12-16 01:00:22,351 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.12 01:00:22" (1/1) ... [2021-12-16 01:00:22,354 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.12 01:00:22" (1/1) ... [2021-12-16 01:00:22,361 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.12 01:00:22" (1/1) ... [2021-12-16 01:00:22,378 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.12 01:00:22" (1/1) ... [2021-12-16 01:00:22,379 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.12 01:00:22" (1/1) ... [2021-12-16 01:00:22,381 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2021-12-16 01:00:22,383 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2021-12-16 01:00:22,389 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2021-12-16 01:00:22,389 INFO L275 PluginConnector]: RCFGBuilder initialized [2021-12-16 01:00:22,390 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.12 01:00:22" (1/1) ... [2021-12-16 01:00:22,396 INFO L168 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2021-12-16 01:00:22,405 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2021-12-16 01:00:22,421 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2021-12-16 01:00:22,433 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2021-12-16 01:00:22,460 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2021-12-16 01:00:22,460 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2021-12-16 01:00:22,460 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2021-12-16 01:00:22,460 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2021-12-16 01:00:22,461 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2021-12-16 01:00:22,461 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2021-12-16 01:00:22,461 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2021-12-16 01:00:22,461 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2021-12-16 01:00:22,462 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2021-12-16 01:00:22,462 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2021-12-16 01:00:22,462 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2021-12-16 01:00:22,462 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2021-12-16 01:00:22,462 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2021-12-16 01:00:22,462 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2021-12-16 01:00:22,463 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2021-12-16 01:00:22,463 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2021-12-16 01:00:22,463 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2021-12-16 01:00:22,463 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2021-12-16 01:00:22,529 INFO L236 CfgBuilder]: Building ICFG [2021-12-16 01:00:22,530 INFO L262 CfgBuilder]: Building CFG for each procedure with an implementation [2021-12-16 01:00:22,770 INFO L277 CfgBuilder]: Performing block encoding [2021-12-16 01:00:22,777 INFO L296 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2021-12-16 01:00:22,779 INFO L301 CfgBuilder]: Removed 2 assume(true) statements. [2021-12-16 01:00:22,780 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 16.12 01:00:22 BoogieIcfgContainer [2021-12-16 01:00:22,781 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2021-12-16 01:00:22,782 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2021-12-16 01:00:22,782 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2021-12-16 01:00:22,785 INFO L275 PluginConnector]: TraceAbstraction initialized [2021-12-16 01:00:22,786 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 16.12 01:00:21" (1/3) ... [2021-12-16 01:00:22,787 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1e0ceef4 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.12 01:00:22, skipping insertion in model container [2021-12-16 01:00:22,787 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.12 01:00:22" (2/3) ... [2021-12-16 01:00:22,787 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1e0ceef4 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.12 01:00:22, skipping insertion in model container [2021-12-16 01:00:22,787 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 16.12 01:00:22" (3/3) ... [2021-12-16 01:00:22,791 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec4_product22.cil.c [2021-12-16 01:00:22,796 INFO L204 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2021-12-16 01:00:22,798 INFO L163 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2021-12-16 01:00:22,837 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2021-12-16 01:00:22,842 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2021-12-16 01:00:22,842 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2021-12-16 01:00:22,859 INFO L276 IsEmpty]: Start isEmpty. Operand has 83 states, 62 states have (on average 1.3870967741935485) internal successors, (86), 70 states have internal predecessors, (86), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 8 states have call predecessors, (12), 12 states have call successors, (12) [2021-12-16 01:00:22,866 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2021-12-16 01:00:22,866 INFO L506 BasicCegarLoop]: Found error trace [2021-12-16 01:00:22,867 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-16 01:00:22,867 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2021-12-16 01:00:22,872 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-12-16 01:00:22,872 INFO L85 PathProgramCache]: Analyzing trace with hash 1081284888, now seen corresponding path program 1 times [2021-12-16 01:00:22,883 INFO L121 FreeRefinementEngine]: Executing refinement strategy CAMEL [2021-12-16 01:00:22,883 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1873500497] [2021-12-16 01:00:22,883 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-16 01:00:22,884 INFO L126 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2021-12-16 01:00:23,013 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 01:00:23,076 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-12-16 01:00:23,077 INFO L139 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2021-12-16 01:00:23,077 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1873500497] [2021-12-16 01:00:23,078 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1873500497] provided 1 perfect and 0 imperfect interpolant sequences [2021-12-16 01:00:23,078 INFO L186 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2021-12-16 01:00:23,079 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2021-12-16 01:00:23,081 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [953703640] [2021-12-16 01:00:23,082 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2021-12-16 01:00:23,085 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2021-12-16 01:00:23,085 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2021-12-16 01:00:23,106 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2021-12-16 01:00:23,107 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2021-12-16 01:00:23,109 INFO L87 Difference]: Start difference. First operand has 83 states, 62 states have (on average 1.3870967741935485) internal successors, (86), 70 states have internal predecessors, (86), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 8 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2021-12-16 01:00:23,140 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-12-16 01:00:23,140 INFO L93 Difference]: Finished difference Result 158 states and 215 transitions. [2021-12-16 01:00:23,141 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2021-12-16 01:00:23,144 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 19 [2021-12-16 01:00:23,144 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-12-16 01:00:23,151 INFO L225 Difference]: With dead ends: 158 [2021-12-16 01:00:23,152 INFO L226 Difference]: Without dead ends: 74 [2021-12-16 01:00:23,157 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2021-12-16 01:00:23,162 INFO L933 BasicCegarLoop]: 104 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 104 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2021-12-16 01:00:23,163 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 104 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2021-12-16 01:00:23,175 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 74 states. [2021-12-16 01:00:23,192 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 74 to 74. [2021-12-16 01:00:23,196 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 74 states, 55 states have (on average 1.309090909090909) internal successors, (72), 62 states have internal predecessors, (72), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) [2021-12-16 01:00:23,198 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 74 states to 74 states and 95 transitions. [2021-12-16 01:00:23,199 INFO L78 Accepts]: Start accepts. Automaton has 74 states and 95 transitions. Word has length 19 [2021-12-16 01:00:23,199 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-12-16 01:00:23,200 INFO L470 AbstractCegarLoop]: Abstraction has 74 states and 95 transitions. [2021-12-16 01:00:23,200 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2021-12-16 01:00:23,200 INFO L276 IsEmpty]: Start isEmpty. Operand 74 states and 95 transitions. [2021-12-16 01:00:23,202 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2021-12-16 01:00:23,202 INFO L506 BasicCegarLoop]: Found error trace [2021-12-16 01:00:23,202 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-16 01:00:23,203 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2021-12-16 01:00:23,203 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2021-12-16 01:00:23,204 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-12-16 01:00:23,204 INFO L85 PathProgramCache]: Analyzing trace with hash 1730590592, now seen corresponding path program 1 times [2021-12-16 01:00:23,204 INFO L121 FreeRefinementEngine]: Executing refinement strategy CAMEL [2021-12-16 01:00:23,204 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1498807275] [2021-12-16 01:00:23,204 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-16 01:00:23,205 INFO L126 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2021-12-16 01:00:23,228 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 01:00:23,281 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-12-16 01:00:23,282 INFO L139 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2021-12-16 01:00:23,282 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1498807275] [2021-12-16 01:00:23,282 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1498807275] provided 1 perfect and 0 imperfect interpolant sequences [2021-12-16 01:00:23,283 INFO L186 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2021-12-16 01:00:23,283 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2021-12-16 01:00:23,283 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1618327051] [2021-12-16 01:00:23,283 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2021-12-16 01:00:23,284 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2021-12-16 01:00:23,285 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2021-12-16 01:00:23,285 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2021-12-16 01:00:23,286 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2021-12-16 01:00:23,286 INFO L87 Difference]: Start difference. First operand 74 states and 95 transitions. Second operand has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2021-12-16 01:00:23,303 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-12-16 01:00:23,303 INFO L93 Difference]: Finished difference Result 113 states and 145 transitions. [2021-12-16 01:00:23,304 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2021-12-16 01:00:23,304 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 20 [2021-12-16 01:00:23,304 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-12-16 01:00:23,305 INFO L225 Difference]: With dead ends: 113 [2021-12-16 01:00:23,305 INFO L226 Difference]: Without dead ends: 65 [2021-12-16 01:00:23,306 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2021-12-16 01:00:23,307 INFO L933 BasicCegarLoop]: 82 mSDtfsCounter, 13 mSDsluCounter, 65 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 147 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2021-12-16 01:00:23,308 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [16 Valid, 147 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2021-12-16 01:00:23,309 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 65 states. [2021-12-16 01:00:23,316 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 65 to 65. [2021-12-16 01:00:23,316 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 65 states, 49 states have (on average 1.3265306122448979) internal successors, (65), 56 states have internal predecessors, (65), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 5 states have call predecessors, (9), 9 states have call successors, (9) [2021-12-16 01:00:23,321 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 65 states to 65 states and 83 transitions. [2021-12-16 01:00:23,321 INFO L78 Accepts]: Start accepts. Automaton has 65 states and 83 transitions. Word has length 20 [2021-12-16 01:00:23,321 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-12-16 01:00:23,323 INFO L470 AbstractCegarLoop]: Abstraction has 65 states and 83 transitions. [2021-12-16 01:00:23,324 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2021-12-16 01:00:23,324 INFO L276 IsEmpty]: Start isEmpty. Operand 65 states and 83 transitions. [2021-12-16 01:00:23,325 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2021-12-16 01:00:23,325 INFO L506 BasicCegarLoop]: Found error trace [2021-12-16 01:00:23,325 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-16 01:00:23,325 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2021-12-16 01:00:23,326 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2021-12-16 01:00:23,326 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-12-16 01:00:23,326 INFO L85 PathProgramCache]: Analyzing trace with hash -1455931255, now seen corresponding path program 1 times [2021-12-16 01:00:23,327 INFO L121 FreeRefinementEngine]: Executing refinement strategy CAMEL [2021-12-16 01:00:23,327 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1757164896] [2021-12-16 01:00:23,327 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-16 01:00:23,327 INFO L126 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2021-12-16 01:00:23,360 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 01:00:23,411 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-12-16 01:00:23,411 INFO L139 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2021-12-16 01:00:23,412 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1757164896] [2021-12-16 01:00:23,412 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1757164896] provided 1 perfect and 0 imperfect interpolant sequences [2021-12-16 01:00:23,412 INFO L186 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2021-12-16 01:00:23,412 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2021-12-16 01:00:23,412 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1576726903] [2021-12-16 01:00:23,413 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2021-12-16 01:00:23,413 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2021-12-16 01:00:23,413 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2021-12-16 01:00:23,414 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2021-12-16 01:00:23,414 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2021-12-16 01:00:23,414 INFO L87 Difference]: Start difference. First operand 65 states and 83 transitions. Second operand has 3 states, 3 states have (on average 8.0) internal successors, (24), 3 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2021-12-16 01:00:23,433 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-12-16 01:00:23,433 INFO L93 Difference]: Finished difference Result 123 states and 160 transitions. [2021-12-16 01:00:23,433 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2021-12-16 01:00:23,434 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.0) internal successors, (24), 3 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 25 [2021-12-16 01:00:23,434 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-12-16 01:00:23,435 INFO L225 Difference]: With dead ends: 123 [2021-12-16 01:00:23,435 INFO L226 Difference]: Without dead ends: 65 [2021-12-16 01:00:23,436 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2021-12-16 01:00:23,437 INFO L933 BasicCegarLoop]: 81 mSDtfsCounter, 77 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 77 SdHoareTripleChecker+Valid, 81 SdHoareTripleChecker+Invalid, 2 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2021-12-16 01:00:23,438 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [77 Valid, 81 Invalid, 2 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2021-12-16 01:00:23,438 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 65 states. [2021-12-16 01:00:23,445 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 65 to 65. [2021-12-16 01:00:23,445 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 65 states, 49 states have (on average 1.3061224489795917) internal successors, (64), 56 states have internal predecessors, (64), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 5 states have call predecessors, (9), 9 states have call successors, (9) [2021-12-16 01:00:23,447 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 65 states to 65 states and 82 transitions. [2021-12-16 01:00:23,447 INFO L78 Accepts]: Start accepts. Automaton has 65 states and 82 transitions. Word has length 25 [2021-12-16 01:00:23,447 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-12-16 01:00:23,447 INFO L470 AbstractCegarLoop]: Abstraction has 65 states and 82 transitions. [2021-12-16 01:00:23,448 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.0) internal successors, (24), 3 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2021-12-16 01:00:23,448 INFO L276 IsEmpty]: Start isEmpty. Operand 65 states and 82 transitions. [2021-12-16 01:00:23,449 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2021-12-16 01:00:23,449 INFO L506 BasicCegarLoop]: Found error trace [2021-12-16 01:00:23,449 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-16 01:00:23,449 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2021-12-16 01:00:23,450 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2021-12-16 01:00:23,450 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-12-16 01:00:23,451 INFO L85 PathProgramCache]: Analyzing trace with hash -930014932, now seen corresponding path program 1 times [2021-12-16 01:00:23,451 INFO L121 FreeRefinementEngine]: Executing refinement strategy CAMEL [2021-12-16 01:00:23,451 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1657102192] [2021-12-16 01:00:23,452 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-16 01:00:23,452 INFO L126 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2021-12-16 01:00:23,485 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 01:00:23,574 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2021-12-16 01:00:23,586 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 01:00:23,591 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2021-12-16 01:00:23,592 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 01:00:23,594 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-12-16 01:00:23,595 INFO L139 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2021-12-16 01:00:23,595 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1657102192] [2021-12-16 01:00:23,595 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1657102192] provided 1 perfect and 0 imperfect interpolant sequences [2021-12-16 01:00:23,595 INFO L186 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2021-12-16 01:00:23,596 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2021-12-16 01:00:23,596 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1831282287] [2021-12-16 01:00:23,596 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2021-12-16 01:00:23,596 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2021-12-16 01:00:23,597 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2021-12-16 01:00:23,597 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2021-12-16 01:00:23,597 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2021-12-16 01:00:23,598 INFO L87 Difference]: Start difference. First operand 65 states and 82 transitions. Second operand has 8 states, 8 states have (on average 3.75) internal successors, (30), 7 states have internal predecessors, (30), 3 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2021-12-16 01:00:24,073 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-12-16 01:00:24,074 INFO L93 Difference]: Finished difference Result 265 states and 353 transitions. [2021-12-16 01:00:24,074 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2021-12-16 01:00:24,074 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 3.75) internal successors, (30), 7 states have internal predecessors, (30), 3 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 35 [2021-12-16 01:00:24,075 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-12-16 01:00:24,085 INFO L225 Difference]: With dead ends: 265 [2021-12-16 01:00:24,086 INFO L226 Difference]: Without dead ends: 207 [2021-12-16 01:00:24,090 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 26 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 18 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 54 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=114, Invalid=266, Unknown=0, NotChecked=0, Total=380 [2021-12-16 01:00:24,093 INFO L933 BasicCegarLoop]: 83 mSDtfsCounter, 250 mSDsluCounter, 438 mSDsCounter, 0 mSdLazyCounter, 276 mSolverCounterSat, 89 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 253 SdHoareTripleChecker+Valid, 521 SdHoareTripleChecker+Invalid, 365 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 89 IncrementalHoareTripleChecker+Valid, 276 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2021-12-16 01:00:24,094 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [253 Valid, 521 Invalid, 365 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [89 Valid, 276 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2021-12-16 01:00:24,095 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 207 states. [2021-12-16 01:00:24,133 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 207 to 168. [2021-12-16 01:00:24,134 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 168 states, 124 states have (on average 1.3064516129032258) internal successors, (162), 142 states have internal predecessors, (162), 26 states have call successors, (26), 17 states have call predecessors, (26), 17 states have return successors, (29), 14 states have call predecessors, (29), 26 states have call successors, (29) [2021-12-16 01:00:24,136 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 168 states to 168 states and 217 transitions. [2021-12-16 01:00:24,136 INFO L78 Accepts]: Start accepts. Automaton has 168 states and 217 transitions. Word has length 35 [2021-12-16 01:00:24,136 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-12-16 01:00:24,136 INFO L470 AbstractCegarLoop]: Abstraction has 168 states and 217 transitions. [2021-12-16 01:00:24,137 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 3.75) internal successors, (30), 7 states have internal predecessors, (30), 3 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2021-12-16 01:00:24,137 INFO L276 IsEmpty]: Start isEmpty. Operand 168 states and 217 transitions. [2021-12-16 01:00:24,139 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2021-12-16 01:00:24,139 INFO L506 BasicCegarLoop]: Found error trace [2021-12-16 01:00:24,139 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-16 01:00:24,139 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2021-12-16 01:00:24,139 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2021-12-16 01:00:24,139 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-12-16 01:00:24,140 INFO L85 PathProgramCache]: Analyzing trace with hash 97761547, now seen corresponding path program 1 times [2021-12-16 01:00:24,140 INFO L121 FreeRefinementEngine]: Executing refinement strategy CAMEL [2021-12-16 01:00:24,140 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [422617506] [2021-12-16 01:00:24,140 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-16 01:00:24,140 INFO L126 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2021-12-16 01:00:24,153 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 01:00:24,176 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2021-12-16 01:00:24,178 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 01:00:24,183 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 26 [2021-12-16 01:00:24,184 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 01:00:24,187 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2021-12-16 01:00:24,187 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 01:00:24,189 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-12-16 01:00:24,189 INFO L139 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2021-12-16 01:00:24,189 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [422617506] [2021-12-16 01:00:24,189 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [422617506] provided 1 perfect and 0 imperfect interpolant sequences [2021-12-16 01:00:24,189 INFO L186 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2021-12-16 01:00:24,190 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2021-12-16 01:00:24,190 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1229929156] [2021-12-16 01:00:24,190 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2021-12-16 01:00:24,190 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2021-12-16 01:00:24,190 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2021-12-16 01:00:24,191 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2021-12-16 01:00:24,191 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2021-12-16 01:00:24,191 INFO L87 Difference]: Start difference. First operand 168 states and 217 transitions. Second operand has 5 states, 5 states have (on average 6.8) internal successors, (34), 3 states have internal predecessors, (34), 3 states have call successors, (4), 4 states have call predecessors, (4), 1 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2021-12-16 01:00:24,248 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-12-16 01:00:24,248 INFO L93 Difference]: Finished difference Result 281 states and 364 transitions. [2021-12-16 01:00:24,248 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2021-12-16 01:00:24,249 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.8) internal successors, (34), 3 states have internal predecessors, (34), 3 states have call successors, (4), 4 states have call predecessors, (4), 1 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) Word has length 41 [2021-12-16 01:00:24,249 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-12-16 01:00:24,250 INFO L225 Difference]: With dead ends: 281 [2021-12-16 01:00:24,250 INFO L226 Difference]: Without dead ends: 120 [2021-12-16 01:00:24,251 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2021-12-16 01:00:24,252 INFO L933 BasicCegarLoop]: 44 mSDtfsCounter, 76 mSDsluCounter, 40 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 22 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 77 SdHoareTripleChecker+Valid, 84 SdHoareTripleChecker+Invalid, 47 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 22 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2021-12-16 01:00:24,252 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [77 Valid, 84 Invalid, 47 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [22 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2021-12-16 01:00:24,253 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 120 states. [2021-12-16 01:00:24,262 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 120 to 120. [2021-12-16 01:00:24,262 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 120 states, 90 states have (on average 1.2) internal successors, (108), 97 states have internal predecessors, (108), 14 states have call successors, (14), 14 states have call predecessors, (14), 15 states have return successors, (15), 14 states have call predecessors, (15), 14 states have call successors, (15) [2021-12-16 01:00:24,263 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 120 states to 120 states and 137 transitions. [2021-12-16 01:00:24,264 INFO L78 Accepts]: Start accepts. Automaton has 120 states and 137 transitions. Word has length 41 [2021-12-16 01:00:24,264 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-12-16 01:00:24,264 INFO L470 AbstractCegarLoop]: Abstraction has 120 states and 137 transitions. [2021-12-16 01:00:24,264 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.8) internal successors, (34), 3 states have internal predecessors, (34), 3 states have call successors, (4), 4 states have call predecessors, (4), 1 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2021-12-16 01:00:24,264 INFO L276 IsEmpty]: Start isEmpty. Operand 120 states and 137 transitions. [2021-12-16 01:00:24,266 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 72 [2021-12-16 01:00:24,266 INFO L506 BasicCegarLoop]: Found error trace [2021-12-16 01:00:24,266 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-16 01:00:24,266 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2021-12-16 01:00:24,266 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2021-12-16 01:00:24,267 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-12-16 01:00:24,267 INFO L85 PathProgramCache]: Analyzing trace with hash 1850186623, now seen corresponding path program 1 times [2021-12-16 01:00:24,267 INFO L121 FreeRefinementEngine]: Executing refinement strategy CAMEL [2021-12-16 01:00:24,267 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [318282369] [2021-12-16 01:00:24,267 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-16 01:00:24,267 INFO L126 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2021-12-16 01:00:24,282 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 01:00:24,337 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2021-12-16 01:00:24,339 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 01:00:24,348 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2021-12-16 01:00:24,350 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 01:00:24,360 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2021-12-16 01:00:24,361 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 01:00:24,365 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2021-12-16 01:00:24,383 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 01:00:24,385 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2021-12-16 01:00:24,387 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 01:00:24,389 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 56 [2021-12-16 01:00:24,390 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 01:00:24,394 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2021-12-16 01:00:24,395 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 01:00:24,398 INFO L134 CoverageAnalysis]: Checked inductivity of 29 backedges. 3 proven. 1 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2021-12-16 01:00:24,399 INFO L139 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2021-12-16 01:00:24,399 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [318282369] [2021-12-16 01:00:24,399 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [318282369] provided 0 perfect and 1 imperfect interpolant sequences [2021-12-16 01:00:24,399 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [393619898] [2021-12-16 01:00:24,399 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-16 01:00:24,400 INFO L168 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2021-12-16 01:00:24,400 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2021-12-16 01:00:24,403 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2021-12-16 01:00:24,427 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2021-12-16 01:00:24,500 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 01:00:24,521 INFO L263 TraceCheckSpWp]: Trace formula consists of 392 conjuncts, 9 conjunts are in the unsatisfiable core [2021-12-16 01:00:24,527 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2021-12-16 01:00:24,752 INFO L134 CoverageAnalysis]: Checked inductivity of 29 backedges. 26 proven. 2 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2021-12-16 01:00:24,753 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2021-12-16 01:00:25,065 INFO L134 CoverageAnalysis]: Checked inductivity of 29 backedges. 19 proven. 3 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2021-12-16 01:00:25,066 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleZ3 [393619898] provided 0 perfect and 2 imperfect interpolant sequences [2021-12-16 01:00:25,066 INFO L186 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2021-12-16 01:00:25,066 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 7, 8] total 16 [2021-12-16 01:00:25,066 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1800063044] [2021-12-16 01:00:25,066 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2021-12-16 01:00:25,069 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 16 states [2021-12-16 01:00:25,069 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2021-12-16 01:00:25,069 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 16 interpolants. [2021-12-16 01:00:25,069 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=51, Invalid=189, Unknown=0, NotChecked=0, Total=240 [2021-12-16 01:00:25,070 INFO L87 Difference]: Start difference. First operand 120 states and 137 transitions. Second operand has 16 states, 16 states have (on average 6.5) internal successors, (104), 12 states have internal predecessors, (104), 7 states have call successors, (19), 9 states have call predecessors, (19), 8 states have return successors, (16), 6 states have call predecessors, (16), 7 states have call successors, (16) [2021-12-16 01:00:25,263 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-12-16 01:00:25,263 INFO L93 Difference]: Finished difference Result 157 states and 181 transitions. [2021-12-16 01:00:25,263 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2021-12-16 01:00:25,263 INFO L78 Accepts]: Start accepts. Automaton has has 16 states, 16 states have (on average 6.5) internal successors, (104), 12 states have internal predecessors, (104), 7 states have call successors, (19), 9 states have call predecessors, (19), 8 states have return successors, (16), 6 states have call predecessors, (16), 7 states have call successors, (16) Word has length 71 [2021-12-16 01:00:25,265 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-12-16 01:00:25,265 INFO L225 Difference]: With dead ends: 157 [2021-12-16 01:00:25,265 INFO L226 Difference]: Without dead ends: 0 [2021-12-16 01:00:25,267 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 171 GetRequests, 152 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 46 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=105, Invalid=315, Unknown=0, NotChecked=0, Total=420 [2021-12-16 01:00:25,275 INFO L933 BasicCegarLoop]: 71 mSDtfsCounter, 161 mSDsluCounter, 283 mSDsCounter, 0 mSdLazyCounter, 196 mSolverCounterSat, 71 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 161 SdHoareTripleChecker+Valid, 354 SdHoareTripleChecker+Invalid, 267 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 71 IncrementalHoareTripleChecker+Valid, 196 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2021-12-16 01:00:25,275 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [161 Valid, 354 Invalid, 267 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [71 Valid, 196 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2021-12-16 01:00:25,276 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2021-12-16 01:00:25,276 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2021-12-16 01:00:25,276 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2021-12-16 01:00:25,276 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2021-12-16 01:00:25,276 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 71 [2021-12-16 01:00:25,276 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-12-16 01:00:25,276 INFO L470 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2021-12-16 01:00:25,277 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 16 states, 16 states have (on average 6.5) internal successors, (104), 12 states have internal predecessors, (104), 7 states have call successors, (19), 9 states have call predecessors, (19), 8 states have return successors, (16), 6 states have call predecessors, (16), 7 states have call successors, (16) [2021-12-16 01:00:25,277 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2021-12-16 01:00:25,277 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2021-12-16 01:00:25,279 INFO L764 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2021-12-16 01:00:25,306 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2021-12-16 01:00:25,502 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable5 [2021-12-16 01:00:25,505 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2021-12-16 01:00:26,200 INFO L861 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 285 292) the Hoare annotation is: true [2021-12-16 01:00:26,200 INFO L858 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 285 292) no Hoare annotation was computed. [2021-12-16 01:00:26,201 INFO L858 garLoopResultBuilder]: For program point deactivatePumpFINAL(lines 285 292) no Hoare annotation was computed. [2021-12-16 01:00:26,201 INFO L858 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 218 224) no Hoare annotation was computed. [2021-12-16 01:00:26,202 INFO L861 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 218 224) the Hoare annotation is: true [2021-12-16 01:00:26,202 INFO L861 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 83 94) the Hoare annotation is: true [2021-12-16 01:00:26,202 INFO L858 garLoopResultBuilder]: For program point L87-1(lines 83 94) no Hoare annotation was computed. [2021-12-16 01:00:26,202 INFO L858 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 83 94) no Hoare annotation was computed. [2021-12-16 01:00:26,203 INFO L858 garLoopResultBuilder]: For program point cleanupEXIT(lines 446 475) no Hoare annotation was computed. [2021-12-16 01:00:26,203 INFO L861 garLoopResultBuilder]: At program point cleanupENTRY(lines 446 475) the Hoare annotation is: true [2021-12-16 01:00:26,203 INFO L861 garLoopResultBuilder]: At program point L471(lines 446 475) the Hoare annotation is: true [2021-12-16 01:00:26,204 INFO L858 garLoopResultBuilder]: For program point L467(line 467) no Hoare annotation was computed. [2021-12-16 01:00:26,204 INFO L858 garLoopResultBuilder]: For program point L460(lines 460 464) no Hoare annotation was computed. [2021-12-16 01:00:26,204 INFO L861 garLoopResultBuilder]: At program point L460-1(lines 460 464) the Hoare annotation is: true [2021-12-16 01:00:26,204 INFO L858 garLoopResultBuilder]: For program point L457(line 457) no Hoare annotation was computed. [2021-12-16 01:00:26,204 INFO L861 garLoopResultBuilder]: At program point L456-2(lines 456 470) the Hoare annotation is: true [2021-12-16 01:00:26,204 INFO L861 garLoopResultBuilder]: At program point L452(line 452) the Hoare annotation is: true [2021-12-16 01:00:26,205 INFO L858 garLoopResultBuilder]: For program point L452-1(line 452) no Hoare annotation was computed. [2021-12-16 01:00:26,206 INFO L854 garLoopResultBuilder]: At program point L271(line 271) the Hoare annotation is: (let ((.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= ~pumpRunning~0 0)) (.cse2 (not (= ~systemActive~0 1)))) (and (or (not (<= 2 |old(~waterLevel~0)|)) (and (= ~waterLevel~0 |old(~waterLevel~0)|) .cse0) .cse1 .cse2) (or .cse1 (and (= ~waterLevel~0 ~systemActive~0) .cse0) (not (= |old(~waterLevel~0)| ~systemActive~0)) .cse2))) [2021-12-16 01:00:26,206 INFO L854 garLoopResultBuilder]: At program point L271-1(lines 252 276) the Hoare annotation is: (or (and (= ~waterLevel~0 |old(~waterLevel~0)|) (= ~pumpRunning~0 0)) (not (= |old(~pumpRunning~0)| 0)) (not (= ~systemActive~0 1)) (not (<= 1 |old(~waterLevel~0)|))) [2021-12-16 01:00:26,206 INFO L854 garLoopResultBuilder]: At program point L300(lines 293 303) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= ~systemActive~0 1)) (not (<= 1 |old(~waterLevel~0)|))) [2021-12-16 01:00:26,206 INFO L858 garLoopResultBuilder]: For program point L205-1(lines 205 211) no Hoare annotation was computed. [2021-12-16 01:00:26,207 INFO L858 garLoopResultBuilder]: For program point timeShiftFINAL(lines 194 217) no Hoare annotation was computed. [2021-12-16 01:00:26,207 INFO L854 garLoopResultBuilder]: At program point L309(lines 304 312) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= ~systemActive~0 1)) (not (<= 1 |old(~waterLevel~0)|))) [2021-12-16 01:00:26,207 INFO L858 garLoopResultBuilder]: For program point L198-1(lines 197 216) no Hoare annotation was computed. [2021-12-16 01:00:26,207 INFO L858 garLoopResultBuilder]: For program point L260(lines 260 268) no Hoare annotation was computed. [2021-12-16 01:00:26,208 INFO L854 garLoopResultBuilder]: At program point L132(lines 127 135) the Hoare annotation is: (or (and (= ~waterLevel~0 |old(~waterLevel~0)|) (not (= 0 |timeShift_getWaterLevel_#res#1|)) (= ~pumpRunning~0 0)) (not (= |old(~pumpRunning~0)| 0)) (not (= ~systemActive~0 1)) (not (<= 1 |old(~waterLevel~0)|))) [2021-12-16 01:00:26,209 INFO L858 garLoopResultBuilder]: For program point L545(line 545) no Hoare annotation was computed. [2021-12-16 01:00:26,210 INFO L858 garLoopResultBuilder]: For program point L256(lines 256 273) no Hoare annotation was computed. [2021-12-16 01:00:26,210 INFO L858 garLoopResultBuilder]: For program point L562(lines 562 568) no Hoare annotation was computed. [2021-12-16 01:00:26,210 INFO L858 garLoopResultBuilder]: For program point L558(lines 558 571) no Hoare annotation was computed. [2021-12-16 01:00:26,210 INFO L854 garLoopResultBuilder]: At program point L558-1(lines 550 574) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not (= 0 |timeShift___utac_acc__Specification4_spec__1_~tmp~5#1|))) (.cse1 (= ~waterLevel~0 |old(~waterLevel~0)|)) (.cse3 (not (= 0 |timeShift_getWaterLevel_#res#1|))) (.cse4 (= ~pumpRunning~0 0)) (.cse5 (not (= ~systemActive~0 1)))) (and (or (not (<= 2 |old(~waterLevel~0)|)) .cse0 (and .cse1 .cse2 .cse3 .cse4) .cse5) (or .cse0 (not (= |old(~waterLevel~0)| ~systemActive~0)) (and .cse2 .cse1 .cse3 .cse4) .cse5))) [2021-12-16 01:00:26,211 INFO L854 garLoopResultBuilder]: At program point L100(lines 95 103) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= ~systemActive~0 1)) (not (<= 1 |old(~waterLevel~0)|))) [2021-12-16 01:00:26,211 INFO L854 garLoopResultBuilder]: At program point L546(lines 541 548) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= ~systemActive~0 1)) (not (<= 1 |old(~waterLevel~0)|))) [2021-12-16 01:00:26,211 INFO L858 garLoopResultBuilder]: For program point L63(lines 63 67) no Hoare annotation was computed. [2021-12-16 01:00:26,212 INFO L854 garLoopResultBuilder]: At program point L63-2(lines 59 70) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= ~systemActive~0 1)) (not (<= 1 |old(~waterLevel~0)|))) [2021-12-16 01:00:26,213 INFO L854 garLoopResultBuilder]: At program point timeShiftENTRY(lines 194 217) the Hoare annotation is: (let ((.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= ~pumpRunning~0 0)) (.cse2 (not (= ~systemActive~0 1)))) (and (or (not (<= 2 |old(~waterLevel~0)|)) (and (= ~waterLevel~0 |old(~waterLevel~0)|) .cse0) .cse1 .cse2) (or .cse1 (and (= ~waterLevel~0 ~systemActive~0) .cse0) (not (= |old(~waterLevel~0)| ~systemActive~0)) .cse2))) [2021-12-16 01:00:26,214 INFO L858 garLoopResultBuilder]: For program point timeShiftEXIT(lines 194 217) no Hoare annotation was computed. [2021-12-16 01:00:26,214 INFO L854 garLoopResultBuilder]: At program point L266(line 266) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= ~systemActive~0 1)) (not (<= 1 |old(~waterLevel~0)|))) [2021-12-16 01:00:26,214 INFO L858 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 545) no Hoare annotation was computed. [2021-12-16 01:00:26,214 INFO L854 garLoopResultBuilder]: At program point L262(line 262) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= ~systemActive~0 1)) (not (<= 1 |old(~waterLevel~0)|))) [2021-12-16 01:00:26,214 INFO L854 garLoopResultBuilder]: At program point L436(lines 387 437) the Hoare annotation is: false [2021-12-16 01:00:26,214 INFO L858 garLoopResultBuilder]: For program point L527(lines 527 534) no Hoare annotation was computed. [2021-12-16 01:00:26,215 INFO L858 garLoopResultBuilder]: For program point L527-2(lines 527 534) no Hoare annotation was computed. [2021-12-16 01:00:26,215 INFO L854 garLoopResultBuilder]: At program point L164(lines 160 166) the Hoare annotation is: (and (= ~waterLevel~0 ~systemActive~0) (= ~systemActive~0 1) (= ~pumpRunning~0 0)) [2021-12-16 01:00:26,215 INFO L858 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2021-12-16 01:00:26,216 INFO L858 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2021-12-16 01:00:26,216 INFO L858 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2021-12-16 01:00:26,216 INFO L858 garLoopResultBuilder]: For program point L408(lines 408 414) no Hoare annotation was computed. [2021-12-16 01:00:26,216 INFO L861 garLoopResultBuilder]: At program point L536(lines 517 539) the Hoare annotation is: true [2021-12-16 01:00:26,216 INFO L858 garLoopResultBuilder]: For program point L408-1(lines 408 414) no Hoare annotation was computed. [2021-12-16 01:00:26,216 INFO L854 garLoopResultBuilder]: At program point L433(lines 388 435) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse1 (= ~systemActive~0 1)) (.cse2 (= ~pumpRunning~0 0))) (or (and .cse0 (= ~waterLevel~0 ~systemActive~0) .cse1 .cse2) (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2))) [2021-12-16 01:00:26,217 INFO L854 garLoopResultBuilder]: At program point L400(line 400) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse1 (= ~systemActive~0 1)) (.cse2 (= ~pumpRunning~0 0))) (or (and .cse0 (= ~waterLevel~0 ~systemActive~0) .cse1 .cse2) (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2))) [2021-12-16 01:00:26,217 INFO L858 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2021-12-16 01:00:26,217 INFO L854 garLoopResultBuilder]: At program point L504(lines 500 506) the Hoare annotation is: (and (= ~waterLevel~0 ~systemActive~0) (= ~systemActive~0 1) (= ~pumpRunning~0 0)) [2021-12-16 01:00:26,217 INFO L858 garLoopResultBuilder]: For program point L426(lines 426 430) no Hoare annotation was computed. [2021-12-16 01:00:26,217 INFO L854 garLoopResultBuilder]: At program point L426-2(lines 418 431) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse1 (= ~systemActive~0 1)) (.cse2 (= ~pumpRunning~0 0))) (or (and .cse0 (= ~waterLevel~0 ~systemActive~0) .cse1 .cse2) (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2))) [2021-12-16 01:00:26,217 INFO L858 garLoopResultBuilder]: For program point L389(lines 388 435) no Hoare annotation was computed. [2021-12-16 01:00:26,218 INFO L858 garLoopResultBuilder]: For program point L418(lines 418 431) no Hoare annotation was computed. [2021-12-16 01:00:26,218 INFO L854 garLoopResultBuilder]: At program point L410(line 410) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse1 (= ~systemActive~0 1)) (.cse2 (= ~pumpRunning~0 0))) (or (and .cse0 (= ~waterLevel~0 ~systemActive~0) .cse1 .cse2) (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2))) [2021-12-16 01:00:26,218 INFO L861 garLoopResultBuilder]: At program point L439(lines 378 443) the Hoare annotation is: true [2021-12-16 01:00:26,219 INFO L854 garLoopResultBuilder]: At program point L373(lines 368 375) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse1 (= ~systemActive~0 1)) (.cse2 (= ~pumpRunning~0 0))) (or (and .cse0 (= ~waterLevel~0 ~systemActive~0) .cse1 .cse2) (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2))) [2021-12-16 01:00:26,219 INFO L854 garLoopResultBuilder]: At program point L179(lines 174 182) the Hoare annotation is: (and (= ~waterLevel~0 ~systemActive~0) (= ~systemActive~0 1) (= ~pumpRunning~0 0)) [2021-12-16 01:00:26,222 INFO L858 garLoopResultBuilder]: For program point L398(lines 398 404) no Hoare annotation was computed. [2021-12-16 01:00:26,222 INFO L858 garLoopResultBuilder]: For program point L398-1(lines 398 404) no Hoare annotation was computed. [2021-12-16 01:00:26,222 INFO L854 garLoopResultBuilder]: At program point L171(lines 167 173) the Hoare annotation is: (and (= ~waterLevel~0 ~systemActive~0) (= ~systemActive~0 1) (= ~pumpRunning~0 0)) [2021-12-16 01:00:26,223 INFO L858 garLoopResultBuilder]: For program point L390(lines 390 394) no Hoare annotation was computed. [2021-12-16 01:00:26,223 INFO L861 garLoopResultBuilder]: At program point L514(lines 507 516) the Hoare annotation is: true [2021-12-16 01:00:26,223 INFO L858 garLoopResultBuilder]: For program point waterRiseEXIT(lines 71 82) no Hoare annotation was computed. [2021-12-16 01:00:26,223 INFO L858 garLoopResultBuilder]: For program point L75-1(lines 71 82) no Hoare annotation was computed. [2021-12-16 01:00:26,223 INFO L854 garLoopResultBuilder]: At program point waterRiseENTRY(lines 71 82) the Hoare annotation is: (let ((.cse0 (not (= ~pumpRunning~0 0))) (.cse1 (not (= ~systemActive~0 1)))) (and (or .cse0 (= ~waterLevel~0 ~systemActive~0) (not (= |old(~waterLevel~0)| ~systemActive~0)) .cse1) (or (not (<= 2 |old(~waterLevel~0)|)) .cse0 (= ~waterLevel~0 |old(~waterLevel~0)|) .cse1))) [2021-12-16 01:00:26,223 INFO L854 garLoopResultBuilder]: At program point processEnvironment__wrappee__lowWaterSensorENTRY(lines 226 250) the Hoare annotation is: (or (not (<= 1 ~waterLevel~0)) (not (= |old(~pumpRunning~0)| 0)) (not (= ~systemActive~0 1)) (= ~pumpRunning~0 0)) [2021-12-16 01:00:26,224 INFO L854 garLoopResultBuilder]: At program point L240(line 240) the Hoare annotation is: (or (not (<= 1 ~waterLevel~0)) (not (= |old(~pumpRunning~0)| 0)) (not (= ~systemActive~0 1))) [2021-12-16 01:00:26,224 INFO L854 garLoopResultBuilder]: At program point L141(lines 136 144) the Hoare annotation is: (or (not (<= 1 ~waterLevel~0)) (not (= |old(~pumpRunning~0)| 0)) (not (= ~systemActive~0 1))) [2021-12-16 01:00:26,224 INFO L854 garLoopResultBuilder]: At program point L364(lines 349 367) the Hoare annotation is: (or (not (<= 1 ~waterLevel~0)) (not (= |old(~pumpRunning~0)| 0)) (not (= ~systemActive~0 1))) [2021-12-16 01:00:26,224 INFO L854 garLoopResultBuilder]: At program point L236(line 236) the Hoare annotation is: (or (not (<= 1 ~waterLevel~0)) (not (= |old(~pumpRunning~0)| 0)) (not (= ~systemActive~0 1))) [2021-12-16 01:00:26,225 INFO L858 garLoopResultBuilder]: For program point L234(lines 234 242) no Hoare annotation was computed. [2021-12-16 01:00:26,225 INFO L858 garLoopResultBuilder]: For program point L230(lines 230 247) no Hoare annotation was computed. [2021-12-16 01:00:26,225 INFO L858 garLoopResultBuilder]: For program point L358(lines 358 362) no Hoare annotation was computed. [2021-12-16 01:00:26,225 INFO L858 garLoopResultBuilder]: For program point L358-2(lines 358 362) no Hoare annotation was computed. [2021-12-16 01:00:26,225 INFO L858 garLoopResultBuilder]: For program point processEnvironment__wrappee__lowWaterSensorEXIT(lines 226 250) no Hoare annotation was computed. [2021-12-16 01:00:26,226 INFO L854 garLoopResultBuilder]: At program point L245(line 245) the Hoare annotation is: (or (not (<= 1 ~waterLevel~0)) (not (= |old(~pumpRunning~0)| 0)) (not (= ~systemActive~0 1)) (= ~pumpRunning~0 0)) [2021-12-16 01:00:26,226 INFO L858 garLoopResultBuilder]: For program point L245-1(lines 226 250) no Hoare annotation was computed. [2021-12-16 01:00:26,229 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1] [2021-12-16 01:00:26,231 INFO L179 ceAbstractionStarter]: Computing trace abstraction results [2021-12-16 01:00:26,260 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 16.12 01:00:26 BoogieIcfgContainer [2021-12-16 01:00:26,262 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2021-12-16 01:00:26,263 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2021-12-16 01:00:26,263 INFO L271 PluginConnector]: Initializing Witness Printer... [2021-12-16 01:00:26,264 INFO L275 PluginConnector]: Witness Printer initialized [2021-12-16 01:00:26,264 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 16.12 01:00:22" (3/4) ... [2021-12-16 01:00:26,266 INFO L137 WitnessPrinter]: Generating witness for correct program [2021-12-16 01:00:26,273 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2021-12-16 01:00:26,273 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2021-12-16 01:00:26,273 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2021-12-16 01:00:26,273 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2021-12-16 01:00:26,274 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2021-12-16 01:00:26,274 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2021-12-16 01:00:26,274 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__lowWaterSensor [2021-12-16 01:00:26,286 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 52 nodes and edges [2021-12-16 01:00:26,287 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2021-12-16 01:00:26,287 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2021-12-16 01:00:26,288 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2021-12-16 01:00:26,288 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2021-12-16 01:00:26,289 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2021-12-16 01:00:26,289 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2021-12-16 01:00:26,306 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(\old(pumpRunning) == 0) || !(systemActive == 1)) || !(1 <= \old(waterLevel)) [2021-12-16 01:00:26,306 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((waterLevel == \old(waterLevel) && pumpRunning == 0) || !(\old(pumpRunning) == 0)) || !(systemActive == 1)) || !(1 <= \old(waterLevel)) [2021-12-16 01:00:26,307 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((waterLevel == \old(waterLevel) && !(0 == \result)) && pumpRunning == 0) || !(\old(pumpRunning) == 0)) || !(systemActive == 1)) || !(1 <= \old(waterLevel)) [2021-12-16 01:00:26,307 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(\old(pumpRunning) == 0) || !(systemActive == 1)) || !(1 <= \old(waterLevel)) [2021-12-16 01:00:26,307 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(2 <= \old(waterLevel)) || !(\old(pumpRunning) == 0)) || (((waterLevel == \old(waterLevel) && !(0 == tmp)) && !(0 == \result)) && pumpRunning == 0)) || !(systemActive == 1)) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == systemActive)) || (((!(0 == tmp) && waterLevel == \old(waterLevel)) && !(0 == \result)) && pumpRunning == 0)) || !(systemActive == 1)) [2021-12-16 01:00:26,308 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(\old(pumpRunning) == 0) || !(systemActive == 1)) || !(1 <= \old(waterLevel)) [2021-12-16 01:00:26,308 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(1 <= waterLevel) || !(\old(pumpRunning) == 0)) || !(systemActive == 1) [2021-12-16 01:00:26,308 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(\old(pumpRunning) == 0) || !(systemActive == 1)) || !(1 <= \old(waterLevel)) [2021-12-16 01:00:26,308 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(1 <= waterLevel) || !(\old(pumpRunning) == 0)) || !(systemActive == 1) [2021-12-16 01:00:26,308 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(\old(pumpRunning) == 0) || !(systemActive == 1)) || !(1 <= \old(waterLevel)) [2021-12-16 01:00:26,326 INFO L141 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2021-12-16 01:00:26,327 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2021-12-16 01:00:26,327 INFO L158 Benchmark]: Toolchain (without parser) took 4442.20ms. Allocated memory was 100.7MB in the beginning and 125.8MB in the end (delta: 25.2MB). Free memory was 79.4MB in the beginning and 49.2MB in the end (delta: 30.3MB). Peak memory consumption was 57.1MB. Max. memory is 16.1GB. [2021-12-16 01:00:26,327 INFO L158 Benchmark]: CDTParser took 0.12ms. Allocated memory is still 75.5MB. Free memory is still 51.0MB. There was no memory consumed. Max. memory is 16.1GB. [2021-12-16 01:00:26,328 INFO L158 Benchmark]: CACSL2BoogieTranslator took 400.82ms. Allocated memory is still 100.7MB. Free memory was 79.4MB in the beginning and 60.9MB in the end (delta: 18.6MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2021-12-16 01:00:26,328 INFO L158 Benchmark]: Boogie Procedure Inliner took 45.22ms. Allocated memory is still 100.7MB. Free memory was 60.9MB in the beginning and 58.5MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2021-12-16 01:00:26,328 INFO L158 Benchmark]: Boogie Preprocessor took 49.48ms. Allocated memory is still 100.7MB. Free memory was 58.5MB in the beginning and 57.0MB in the end (delta: 1.5MB). There was no memory consumed. Max. memory is 16.1GB. [2021-12-16 01:00:26,329 INFO L158 Benchmark]: RCFGBuilder took 397.68ms. Allocated memory is still 100.7MB. Free memory was 57.0MB in the beginning and 41.1MB in the end (delta: 15.9MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2021-12-16 01:00:26,329 INFO L158 Benchmark]: TraceAbstraction took 3480.49ms. Allocated memory was 100.7MB in the beginning and 125.8MB in the end (delta: 25.2MB). Free memory was 40.6MB in the beginning and 55.5MB in the end (delta: -14.9MB). Peak memory consumption was 28.3MB. Max. memory is 16.1GB. [2021-12-16 01:00:26,329 INFO L158 Benchmark]: Witness Printer took 63.66ms. Allocated memory is still 125.8MB. Free memory was 55.5MB in the beginning and 49.2MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2021-12-16 01:00:26,331 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.12ms. Allocated memory is still 75.5MB. Free memory is still 51.0MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 400.82ms. Allocated memory is still 100.7MB. Free memory was 79.4MB in the beginning and 60.9MB in the end (delta: 18.6MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 45.22ms. Allocated memory is still 100.7MB. Free memory was 60.9MB in the beginning and 58.5MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 49.48ms. Allocated memory is still 100.7MB. Free memory was 58.5MB in the beginning and 57.0MB in the end (delta: 1.5MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 397.68ms. Allocated memory is still 100.7MB. Free memory was 57.0MB in the beginning and 41.1MB in the end (delta: 15.9MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 3480.49ms. Allocated memory was 100.7MB in the beginning and 125.8MB in the end (delta: 25.2MB). Free memory was 40.6MB in the beginning and 55.5MB in the end (delta: -14.9MB). Peak memory consumption was 28.3MB. Max. memory is 16.1GB. * Witness Printer took 63.66ms. Allocated memory is still 125.8MB. Free memory was 55.5MB in the beginning and 49.2MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 545]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 83 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 3.4s, OverallIterations: 6, TraceHistogramMax: 2, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.9s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.7s, InitialAbstractionConstructionTime: 0.0s, PartialOrderReductionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 584 SdHoareTripleChecker+Valid, 0.5s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 577 mSDsluCounter, 1291 SdHoareTripleChecker+Invalid, 0.4s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 826 mSDsCounter, 183 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 499 IncrementalHoareTripleChecker+Invalid, 682 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 183 mSolverCounterUnsat, 465 mSDtfsCounter, 499 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 217 GetRequests, 173 SyntacticMatches, 0 SemanticMatches, 44 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 101 ImplicationChecksByTransitivity, 0.3s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=168occurred in iteration=4, InterpolantAutomatonStates: 37, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.1s AutomataMinimizationTime, 6 MinimizatonAttempts, 39 StatesRemovedByMinimization, 1 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 40 LocationsWithAnnotation, 349 PreInvPairs, 371 NumberOfFragments, 578 HoareAnnotationTreeSize, 349 FomulaSimplifications, 88 FormulaSimplificationTreeSizeReduction, 0.1s HoareSimplificationTime, 40 FomulaSimplificationsInter, 970 FormulaSimplificationTreeSizeReductionInter, 0.6s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.0s InterpolantComputationTime, 282 NumberOfCodeBlocks, 282 NumberOfCodeBlocksAsserted, 7 NumberOfCheckSat, 345 ConstructedInterpolants, 0 QuantifiedInterpolants, 789 SizeOfPredicates, 0 NumberOfNonLiveVariables, 392 ConjunctsInSsa, 9 ConjunctsInUnsatCore, 8 InterpolantComputations, 5 PerfectInterpolantSequences, 81/87 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 550]: Loop Invariant Derived loop invariant: (((!(2 <= \old(waterLevel)) || !(\old(pumpRunning) == 0)) || (((waterLevel == \old(waterLevel) && !(0 == tmp)) && !(0 == \result)) && pumpRunning == 0)) || !(systemActive == 1)) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == systemActive)) || (((!(0 == tmp) && waterLevel == \old(waterLevel)) && !(0 == \result)) && pumpRunning == 0)) || !(systemActive == 1)) - InvariantResult [Line: 388]: Loop Invariant Derived loop invariant: (((splverifierCounter == 0 && waterLevel == systemActive) && systemActive == 1) && pumpRunning == 0) || (((splverifierCounter == 0 && 2 <= waterLevel) && systemActive == 1) && pumpRunning == 0) - InvariantResult [Line: 160]: Loop Invariant Derived loop invariant: (waterLevel == systemActive && systemActive == 1) && pumpRunning == 0 - InvariantResult [Line: 456]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 446]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 541]: Loop Invariant Derived loop invariant: (!(\old(pumpRunning) == 0) || !(systemActive == 1)) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 387]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 95]: Loop Invariant Derived loop invariant: (!(\old(pumpRunning) == 0) || !(systemActive == 1)) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 378]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 304]: Loop Invariant Derived loop invariant: (!(\old(pumpRunning) == 0) || !(systemActive == 1)) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 174]: Loop Invariant Derived loop invariant: (waterLevel == systemActive && systemActive == 1) && pumpRunning == 0 - InvariantResult [Line: 349]: Loop Invariant Derived loop invariant: (!(1 <= waterLevel) || !(\old(pumpRunning) == 0)) || !(systemActive == 1) - InvariantResult [Line: 167]: Loop Invariant Derived loop invariant: (waterLevel == systemActive && systemActive == 1) && pumpRunning == 0 - InvariantResult [Line: 252]: Loop Invariant Derived loop invariant: (((waterLevel == \old(waterLevel) && pumpRunning == 0) || !(\old(pumpRunning) == 0)) || !(systemActive == 1)) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 127]: Loop Invariant Derived loop invariant: ((((waterLevel == \old(waterLevel) && !(0 == \result)) && pumpRunning == 0) || !(\old(pumpRunning) == 0)) || !(systemActive == 1)) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 293]: Loop Invariant Derived loop invariant: (!(\old(pumpRunning) == 0) || !(systemActive == 1)) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 500]: Loop Invariant Derived loop invariant: (waterLevel == systemActive && systemActive == 1) && pumpRunning == 0 - InvariantResult [Line: 136]: Loop Invariant Derived loop invariant: (!(1 <= waterLevel) || !(\old(pumpRunning) == 0)) || !(systemActive == 1) - InvariantResult [Line: 507]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 59]: Loop Invariant Derived loop invariant: (!(\old(pumpRunning) == 0) || !(systemActive == 1)) || !(1 <= \old(waterLevel)) - InvariantResult [Line: 517]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 368]: Loop Invariant Derived loop invariant: (((splverifierCounter == 0 && waterLevel == systemActive) && systemActive == 1) && pumpRunning == 0) || (((splverifierCounter == 0 && 2 <= waterLevel) && systemActive == 1) && pumpRunning == 0) RESULT: Ultimate proved your program to be correct! [2021-12-16 01:00:26,374 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE