./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec1_product05.cil.c --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 03d7b7b3 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec1_product05.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 89d79330893ddcb40b29f516de4dd8a28301af3358fb85b9aef9deff219c3c1d --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 18:05:35,524 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 18:05:35,525 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 18:05:35,551 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 18:05:35,551 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 18:05:35,555 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 18:05:35,558 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 18:05:35,564 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 18:05:35,566 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 18:05:35,572 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 18:05:35,573 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 18:05:35,574 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 18:05:35,575 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 18:05:35,577 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 18:05:35,578 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 18:05:35,580 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 18:05:35,582 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 18:05:35,582 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 18:05:35,587 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 18:05:35,589 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 18:05:35,593 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 18:05:35,594 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 18:05:35,595 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 18:05:35,597 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 18:05:35,600 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 18:05:35,600 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 18:05:35,601 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 18:05:35,602 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 18:05:35,603 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 18:05:35,603 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 18:05:35,604 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 18:05:35,605 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 18:05:35,606 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 18:05:35,607 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 18:05:35,608 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 18:05:35,609 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 18:05:35,609 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 18:05:35,610 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 18:05:35,610 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 18:05:35,611 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 18:05:35,611 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 18:05:35,613 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-02-20 18:05:35,649 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 18:05:35,649 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 18:05:35,649 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 18:05:35,651 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 18:05:35,652 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 18:05:35,652 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 18:05:35,653 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 18:05:35,653 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 18:05:35,653 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 18:05:35,654 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 18:05:35,654 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 18:05:35,655 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 18:05:35,656 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 18:05:35,656 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 18:05:35,657 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-02-20 18:05:35,657 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 18:05:35,657 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-02-20 18:05:35,657 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 18:05:35,657 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-02-20 18:05:35,658 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 18:05:35,658 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-02-20 18:05:35,658 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 18:05:35,658 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 18:05:35,659 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 18:05:35,659 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:05:35,659 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 18:05:35,660 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 18:05:35,660 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-02-20 18:05:35,660 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-02-20 18:05:35,660 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-02-20 18:05:35,660 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2022-02-20 18:05:35,661 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-02-20 18:05:35,661 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-02-20 18:05:35,661 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 89d79330893ddcb40b29f516de4dd8a28301af3358fb85b9aef9deff219c3c1d [2022-02-20 18:05:35,920 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 18:05:35,940 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 18:05:35,943 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 18:05:35,944 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 18:05:35,944 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 18:05:35,945 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec1_product05.cil.c [2022-02-20 18:05:36,001 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/76f91d2fc/98198e5340af419294eb92939cafb8b3/FLAGad5038a4e [2022-02-20 18:05:36,510 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 18:05:36,510 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product05.cil.c [2022-02-20 18:05:36,521 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/76f91d2fc/98198e5340af419294eb92939cafb8b3/FLAGad5038a4e [2022-02-20 18:05:36,849 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/76f91d2fc/98198e5340af419294eb92939cafb8b3 [2022-02-20 18:05:36,852 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 18:05:36,855 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 18:05:36,858 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 18:05:36,858 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 18:05:36,861 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 18:05:36,862 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:05:36" (1/1) ... [2022-02-20 18:05:36,864 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@60eef351 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:05:36, skipping insertion in model container [2022-02-20 18:05:36,864 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:05:36" (1/1) ... [2022-02-20 18:05:36,871 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 18:05:36,913 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:05:37,170 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product05.cil.c[4546,4559] [2022-02-20 18:05:37,277 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:05:37,294 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 18:05:37,332 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product05.cil.c[4546,4559] [2022-02-20 18:05:37,362 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:05:37,377 INFO L208 MainTranslator]: Completed translation [2022-02-20 18:05:37,378 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:05:37 WrapperNode [2022-02-20 18:05:37,378 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 18:05:37,379 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 18:05:37,379 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 18:05:37,379 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 18:05:37,385 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:05:37" (1/1) ... [2022-02-20 18:05:37,406 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:05:37" (1/1) ... [2022-02-20 18:05:37,448 INFO L137 Inliner]: procedures = 50, calls = 148, calls flagged for inlining = 18, calls inlined = 15, statements flattened = 201 [2022-02-20 18:05:37,449 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 18:05:37,450 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 18:05:37,450 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 18:05:37,450 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 18:05:37,459 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:05:37" (1/1) ... [2022-02-20 18:05:37,459 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:05:37" (1/1) ... [2022-02-20 18:05:37,472 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:05:37" (1/1) ... [2022-02-20 18:05:37,473 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:05:37" (1/1) ... [2022-02-20 18:05:37,482 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:05:37" (1/1) ... [2022-02-20 18:05:37,493 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:05:37" (1/1) ... [2022-02-20 18:05:37,498 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:05:37" (1/1) ... [2022-02-20 18:05:37,500 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 18:05:37,507 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 18:05:37,507 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 18:05:37,507 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 18:05:37,509 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:05:37" (1/1) ... [2022-02-20 18:05:37,516 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:05:37,526 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 18:05:37,546 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 18:05:37,576 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 18:05:37,594 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 18:05:37,594 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-02-20 18:05:37,594 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-02-20 18:05:37,595 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-02-20 18:05:37,595 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-02-20 18:05:37,595 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-02-20 18:05:37,595 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-02-20 18:05:37,595 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-02-20 18:05:37,595 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-02-20 18:05:37,596 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-02-20 18:05:37,596 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-02-20 18:05:37,597 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-02-20 18:05:37,597 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-02-20 18:05:37,597 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-02-20 18:05:37,597 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 18:05:37,597 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 18:05:37,683 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 18:05:37,685 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 18:05:37,972 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 18:05:37,989 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 18:05:37,990 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-02-20 18:05:37,991 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:05:37 BoogieIcfgContainer [2022-02-20 18:05:37,992 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 18:05:37,994 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 18:05:37,994 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 18:05:37,999 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 18:05:37,999 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 06:05:36" (1/3) ... [2022-02-20 18:05:38,000 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@79e11f4d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:05:37, skipping insertion in model container [2022-02-20 18:05:38,000 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:05:37" (2/3) ... [2022-02-20 18:05:38,001 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@79e11f4d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:05:38, skipping insertion in model container [2022-02-20 18:05:38,001 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:05:37" (3/3) ... [2022-02-20 18:05:38,002 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product05.cil.c [2022-02-20 18:05:38,007 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 18:05:38,007 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-02-20 18:05:38,061 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 18:05:38,077 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 18:05:38,077 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-02-20 18:05:38,107 INFO L276 IsEmpty]: Start isEmpty. Operand has 72 states, 54 states have (on average 1.3888888888888888) internal successors, (75), 60 states have internal predecessors, (75), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 18:05:38,114 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2022-02-20 18:05:38,115 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:05:38,115 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:05:38,116 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:05:38,122 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:05:38,123 INFO L85 PathProgramCache]: Analyzing trace with hash -603386107, now seen corresponding path program 1 times [2022-02-20 18:05:38,131 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:05:38,132 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2103530437] [2022-02-20 18:05:38,132 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:05:38,133 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:05:38,296 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:05:38,405 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-02-20 18:05:38,408 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:05:38,418 INFO L290 TraceCheckUtils]: 0: Hoare triple {75#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {75#true} is VALID [2022-02-20 18:05:38,419 INFO L290 TraceCheckUtils]: 1: Hoare triple {75#true} assume true; {75#true} is VALID [2022-02-20 18:05:38,420 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {75#true} {76#false} #195#return; {76#false} is VALID [2022-02-20 18:05:38,421 INFO L290 TraceCheckUtils]: 0: Hoare triple {75#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(13, 9);call #Ultimate.allocInit(3, 10);call write~init~int(79, 10, 0, 1);call write~init~int(110, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(4, 11);call write~init~int(79, 11, 0, 1);call write~init~int(102, 11, 1, 1);call write~init~int(102, 11, 2, 1);call write~init~int(0, 11, 3, 1);call #Ultimate.allocInit(7, 12);call write~init~int(44, 12, 0, 1);call write~init~int(80, 12, 1, 1);call write~init~int(117, 12, 2, 1);call write~init~int(109, 12, 3, 1);call write~init~int(112, 12, 4, 1);call write~init~int(58, 12, 5, 1);call write~init~int(0, 12, 6, 1);call #Ultimate.allocInit(3, 13);call write~init~int(79, 13, 0, 1);call write~init~int(110, 13, 1, 1);call write~init~int(0, 13, 2, 1);call #Ultimate.allocInit(4, 14);call write~init~int(79, 14, 0, 1);call write~init~int(102, 14, 1, 1);call write~init~int(102, 14, 2, 1);call write~init~int(0, 14, 3, 1);call #Ultimate.allocInit(3, 15);call write~init~int(41, 15, 0, 1);call write~init~int(32, 15, 1, 1);call write~init~int(0, 15, 2, 1);call #Ultimate.allocInit(2, 16);call write~init~int(10, 16, 0, 1);call write~init~int(0, 16, 1, 1);call #Ultimate.allocInit(30, 17);call #Ultimate.allocInit(9, 18);call #Ultimate.allocInit(21, 19);call #Ultimate.allocInit(30, 20);call #Ultimate.allocInit(9, 21);call #Ultimate.allocInit(21, 22);call #Ultimate.allocInit(30, 23);call #Ultimate.allocInit(9, 24);call #Ultimate.allocInit(25, 25);call #Ultimate.allocInit(30, 26);call #Ultimate.allocInit(9, 27);call #Ultimate.allocInit(25, 28);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~head~0.base, ~head~0.offset := 0, 0;~cleanupTimeShifts~0 := 4; {75#true} is VALID [2022-02-20 18:05:38,422 INFO L290 TraceCheckUtils]: 1: Hoare triple {75#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret48#1, main_~retValue_acc~7#1, main_~tmp~6#1;havoc main_~retValue_acc~7#1;havoc main_~tmp~6#1;assume { :begin_inline_select_helpers } true; {75#true} is VALID [2022-02-20 18:05:38,422 INFO L290 TraceCheckUtils]: 2: Hoare triple {75#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {75#true} is VALID [2022-02-20 18:05:38,423 INFO L290 TraceCheckUtils]: 3: Hoare triple {75#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~9#1;havoc valid_product_~retValue_acc~9#1;valid_product_~retValue_acc~9#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~9#1; {75#true} is VALID [2022-02-20 18:05:38,423 INFO L290 TraceCheckUtils]: 4: Hoare triple {75#true} main_#t~ret48#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret48#1 && main_#t~ret48#1 <= 2147483647;main_~tmp~6#1 := main_#t~ret48#1;havoc main_#t~ret48#1; {75#true} is VALID [2022-02-20 18:05:38,423 INFO L290 TraceCheckUtils]: 5: Hoare triple {75#true} assume 0 != main_~tmp~6#1;assume { :begin_inline_setup } true; {75#true} is VALID [2022-02-20 18:05:38,424 INFO L290 TraceCheckUtils]: 6: Hoare triple {75#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet19#1, test_#t~nondet20#1, test_#t~nondet21#1, test_#t~nondet22#1, test_~splverifierCounter~0#1, test_~tmp~1#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~1#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {75#true} is VALID [2022-02-20 18:05:38,425 INFO L290 TraceCheckUtils]: 7: Hoare triple {75#true} assume !true; {76#false} is VALID [2022-02-20 18:05:38,425 INFO L272 TraceCheckUtils]: 8: Hoare triple {76#false} call cleanup(); {76#false} is VALID [2022-02-20 18:05:38,425 INFO L290 TraceCheckUtils]: 9: Hoare triple {76#false} havoc ~i~0;havoc ~__cil_tmp2~0; {76#false} is VALID [2022-02-20 18:05:38,426 INFO L272 TraceCheckUtils]: 10: Hoare triple {76#false} call timeShift(); {76#false} is VALID [2022-02-20 18:05:38,426 INFO L290 TraceCheckUtils]: 11: Hoare triple {76#false} assume !(0 != ~pumpRunning~0); {76#false} is VALID [2022-02-20 18:05:38,426 INFO L290 TraceCheckUtils]: 12: Hoare triple {76#false} assume !(0 != ~systemActive~0); {76#false} is VALID [2022-02-20 18:05:38,427 INFO L290 TraceCheckUtils]: 13: Hoare triple {76#false} assume { :begin_inline___utac_acc__Specification1_spec__1 } true;havoc __utac_acc__Specification1_spec__1_#t~ret46#1, __utac_acc__Specification1_spec__1_#t~ret47#1, __utac_acc__Specification1_spec__1_~tmp~5#1, __utac_acc__Specification1_spec__1_~tmp___0~1#1;havoc __utac_acc__Specification1_spec__1_~tmp~5#1;havoc __utac_acc__Specification1_spec__1_~tmp___0~1#1; {76#false} is VALID [2022-02-20 18:05:38,427 INFO L272 TraceCheckUtils]: 14: Hoare triple {76#false} call __utac_acc__Specification1_spec__1_#t~ret46#1 := isMethaneLevelCritical(); {75#true} is VALID [2022-02-20 18:05:38,427 INFO L290 TraceCheckUtils]: 15: Hoare triple {75#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {75#true} is VALID [2022-02-20 18:05:38,428 INFO L290 TraceCheckUtils]: 16: Hoare triple {75#true} assume true; {75#true} is VALID [2022-02-20 18:05:38,428 INFO L284 TraceCheckUtils]: 17: Hoare quadruple {75#true} {76#false} #195#return; {76#false} is VALID [2022-02-20 18:05:38,428 INFO L290 TraceCheckUtils]: 18: Hoare triple {76#false} assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret46#1 && __utac_acc__Specification1_spec__1_#t~ret46#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp~5#1 := __utac_acc__Specification1_spec__1_#t~ret46#1;havoc __utac_acc__Specification1_spec__1_#t~ret46#1; {76#false} is VALID [2022-02-20 18:05:38,429 INFO L290 TraceCheckUtils]: 19: Hoare triple {76#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp~5#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~3#1;havoc isPumpRunning_~retValue_acc~3#1;isPumpRunning_~retValue_acc~3#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~3#1; {76#false} is VALID [2022-02-20 18:05:38,429 INFO L290 TraceCheckUtils]: 20: Hoare triple {76#false} __utac_acc__Specification1_spec__1_#t~ret47#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret47#1 && __utac_acc__Specification1_spec__1_#t~ret47#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp___0~1#1 := __utac_acc__Specification1_spec__1_#t~ret47#1;havoc __utac_acc__Specification1_spec__1_#t~ret47#1; {76#false} is VALID [2022-02-20 18:05:38,430 INFO L290 TraceCheckUtils]: 21: Hoare triple {76#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp___0~1#1;assume { :begin_inline___automaton_fail } true; {76#false} is VALID [2022-02-20 18:05:38,431 INFO L290 TraceCheckUtils]: 22: Hoare triple {76#false} assume !false; {76#false} is VALID [2022-02-20 18:05:38,432 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:05:38,433 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:05:38,433 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2103530437] [2022-02-20 18:05:38,434 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2103530437] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:05:38,434 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:05:38,435 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:05:38,438 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1879991783] [2022-02-20 18:05:38,439 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:05:38,455 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2022-02-20 18:05:38,457 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:05:38,460 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:05:38,527 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 23 edges. 23 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:05:38,528 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-02-20 18:05:38,528 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:05:38,548 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-02-20 18:05:38,549 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:05:38,555 INFO L87 Difference]: Start difference. First operand has 72 states, 54 states have (on average 1.3888888888888888) internal successors, (75), 60 states have internal predecessors, (75), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:05:38,663 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:05:38,679 INFO L93 Difference]: Finished difference Result 136 states and 185 transitions. [2022-02-20 18:05:38,680 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-02-20 18:05:38,680 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2022-02-20 18:05:38,681 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:05:38,682 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:05:38,714 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 185 transitions. [2022-02-20 18:05:38,715 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:05:38,753 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 185 transitions. [2022-02-20 18:05:38,753 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 185 transitions. [2022-02-20 18:05:38,958 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 185 edges. 185 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:05:38,977 INFO L225 Difference]: With dead ends: 136 [2022-02-20 18:05:38,978 INFO L226 Difference]: Without dead ends: 63 [2022-02-20 18:05:38,983 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:05:38,989 INFO L933 BasicCegarLoop]: 89 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 89 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:05:38,994 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 89 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:05:39,010 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 63 states. [2022-02-20 18:05:39,025 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 63 to 63. [2022-02-20 18:05:39,026 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:05:39,027 INFO L82 GeneralOperation]: Start isEquivalent. First operand 63 states. Second operand has 63 states, 47 states have (on average 1.297872340425532) internal successors, (61), 52 states have internal predecessors, (61), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:05:39,028 INFO L74 IsIncluded]: Start isIncluded. First operand 63 states. Second operand has 63 states, 47 states have (on average 1.297872340425532) internal successors, (61), 52 states have internal predecessors, (61), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:05:39,029 INFO L87 Difference]: Start difference. First operand 63 states. Second operand has 63 states, 47 states have (on average 1.297872340425532) internal successors, (61), 52 states have internal predecessors, (61), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:05:39,035 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:05:39,036 INFO L93 Difference]: Finished difference Result 63 states and 80 transitions. [2022-02-20 18:05:39,036 INFO L276 IsEmpty]: Start isEmpty. Operand 63 states and 80 transitions. [2022-02-20 18:05:39,037 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:05:39,037 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:05:39,038 INFO L74 IsIncluded]: Start isIncluded. First operand has 63 states, 47 states have (on average 1.297872340425532) internal successors, (61), 52 states have internal predecessors, (61), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) Second operand 63 states. [2022-02-20 18:05:39,039 INFO L87 Difference]: Start difference. First operand has 63 states, 47 states have (on average 1.297872340425532) internal successors, (61), 52 states have internal predecessors, (61), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) Second operand 63 states. [2022-02-20 18:05:39,044 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:05:39,045 INFO L93 Difference]: Finished difference Result 63 states and 80 transitions. [2022-02-20 18:05:39,045 INFO L276 IsEmpty]: Start isEmpty. Operand 63 states and 80 transitions. [2022-02-20 18:05:39,046 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:05:39,046 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:05:39,046 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:05:39,047 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:05:39,047 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 63 states, 47 states have (on average 1.297872340425532) internal successors, (61), 52 states have internal predecessors, (61), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:05:39,052 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 63 states to 63 states and 80 transitions. [2022-02-20 18:05:39,054 INFO L78 Accepts]: Start accepts. Automaton has 63 states and 80 transitions. Word has length 23 [2022-02-20 18:05:39,054 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:05:39,054 INFO L470 AbstractCegarLoop]: Abstraction has 63 states and 80 transitions. [2022-02-20 18:05:39,054 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:05:39,055 INFO L276 IsEmpty]: Start isEmpty. Operand 63 states and 80 transitions. [2022-02-20 18:05:39,056 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2022-02-20 18:05:39,056 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:05:39,056 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:05:39,057 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-02-20 18:05:39,057 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:05:39,058 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:05:39,058 INFO L85 PathProgramCache]: Analyzing trace with hash -392395766, now seen corresponding path program 1 times [2022-02-20 18:05:39,058 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:05:39,058 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [626917912] [2022-02-20 18:05:39,058 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:05:39,059 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:05:39,085 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:05:39,117 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2022-02-20 18:05:39,120 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:05:39,124 INFO L290 TraceCheckUtils]: 0: Hoare triple {496#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {496#true} is VALID [2022-02-20 18:05:39,124 INFO L290 TraceCheckUtils]: 1: Hoare triple {496#true} assume true; {496#true} is VALID [2022-02-20 18:05:39,124 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {496#true} {497#false} #195#return; {497#false} is VALID [2022-02-20 18:05:39,125 INFO L290 TraceCheckUtils]: 0: Hoare triple {496#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(13, 9);call #Ultimate.allocInit(3, 10);call write~init~int(79, 10, 0, 1);call write~init~int(110, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(4, 11);call write~init~int(79, 11, 0, 1);call write~init~int(102, 11, 1, 1);call write~init~int(102, 11, 2, 1);call write~init~int(0, 11, 3, 1);call #Ultimate.allocInit(7, 12);call write~init~int(44, 12, 0, 1);call write~init~int(80, 12, 1, 1);call write~init~int(117, 12, 2, 1);call write~init~int(109, 12, 3, 1);call write~init~int(112, 12, 4, 1);call write~init~int(58, 12, 5, 1);call write~init~int(0, 12, 6, 1);call #Ultimate.allocInit(3, 13);call write~init~int(79, 13, 0, 1);call write~init~int(110, 13, 1, 1);call write~init~int(0, 13, 2, 1);call #Ultimate.allocInit(4, 14);call write~init~int(79, 14, 0, 1);call write~init~int(102, 14, 1, 1);call write~init~int(102, 14, 2, 1);call write~init~int(0, 14, 3, 1);call #Ultimate.allocInit(3, 15);call write~init~int(41, 15, 0, 1);call write~init~int(32, 15, 1, 1);call write~init~int(0, 15, 2, 1);call #Ultimate.allocInit(2, 16);call write~init~int(10, 16, 0, 1);call write~init~int(0, 16, 1, 1);call #Ultimate.allocInit(30, 17);call #Ultimate.allocInit(9, 18);call #Ultimate.allocInit(21, 19);call #Ultimate.allocInit(30, 20);call #Ultimate.allocInit(9, 21);call #Ultimate.allocInit(21, 22);call #Ultimate.allocInit(30, 23);call #Ultimate.allocInit(9, 24);call #Ultimate.allocInit(25, 25);call #Ultimate.allocInit(30, 26);call #Ultimate.allocInit(9, 27);call #Ultimate.allocInit(25, 28);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~head~0.base, ~head~0.offset := 0, 0;~cleanupTimeShifts~0 := 4; {496#true} is VALID [2022-02-20 18:05:39,125 INFO L290 TraceCheckUtils]: 1: Hoare triple {496#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret48#1, main_~retValue_acc~7#1, main_~tmp~6#1;havoc main_~retValue_acc~7#1;havoc main_~tmp~6#1;assume { :begin_inline_select_helpers } true; {496#true} is VALID [2022-02-20 18:05:39,125 INFO L290 TraceCheckUtils]: 2: Hoare triple {496#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {496#true} is VALID [2022-02-20 18:05:39,125 INFO L290 TraceCheckUtils]: 3: Hoare triple {496#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~9#1;havoc valid_product_~retValue_acc~9#1;valid_product_~retValue_acc~9#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~9#1; {496#true} is VALID [2022-02-20 18:05:39,126 INFO L290 TraceCheckUtils]: 4: Hoare triple {496#true} main_#t~ret48#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret48#1 && main_#t~ret48#1 <= 2147483647;main_~tmp~6#1 := main_#t~ret48#1;havoc main_#t~ret48#1; {496#true} is VALID [2022-02-20 18:05:39,126 INFO L290 TraceCheckUtils]: 5: Hoare triple {496#true} assume 0 != main_~tmp~6#1;assume { :begin_inline_setup } true; {496#true} is VALID [2022-02-20 18:05:39,126 INFO L290 TraceCheckUtils]: 6: Hoare triple {496#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet19#1, test_#t~nondet20#1, test_#t~nondet21#1, test_#t~nondet22#1, test_~splverifierCounter~0#1, test_~tmp~1#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~1#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {498#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:05:39,127 INFO L290 TraceCheckUtils]: 7: Hoare triple {498#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !false; {498#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:05:39,128 INFO L290 TraceCheckUtils]: 8: Hoare triple {498#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !(test_~splverifierCounter~0#1 < 4); {497#false} is VALID [2022-02-20 18:05:39,128 INFO L272 TraceCheckUtils]: 9: Hoare triple {497#false} call cleanup(); {497#false} is VALID [2022-02-20 18:05:39,128 INFO L290 TraceCheckUtils]: 10: Hoare triple {497#false} havoc ~i~0;havoc ~__cil_tmp2~0; {497#false} is VALID [2022-02-20 18:05:39,128 INFO L272 TraceCheckUtils]: 11: Hoare triple {497#false} call timeShift(); {497#false} is VALID [2022-02-20 18:05:39,129 INFO L290 TraceCheckUtils]: 12: Hoare triple {497#false} assume !(0 != ~pumpRunning~0); {497#false} is VALID [2022-02-20 18:05:39,129 INFO L290 TraceCheckUtils]: 13: Hoare triple {497#false} assume !(0 != ~systemActive~0); {497#false} is VALID [2022-02-20 18:05:39,129 INFO L290 TraceCheckUtils]: 14: Hoare triple {497#false} assume { :begin_inline___utac_acc__Specification1_spec__1 } true;havoc __utac_acc__Specification1_spec__1_#t~ret46#1, __utac_acc__Specification1_spec__1_#t~ret47#1, __utac_acc__Specification1_spec__1_~tmp~5#1, __utac_acc__Specification1_spec__1_~tmp___0~1#1;havoc __utac_acc__Specification1_spec__1_~tmp~5#1;havoc __utac_acc__Specification1_spec__1_~tmp___0~1#1; {497#false} is VALID [2022-02-20 18:05:39,129 INFO L272 TraceCheckUtils]: 15: Hoare triple {497#false} call __utac_acc__Specification1_spec__1_#t~ret46#1 := isMethaneLevelCritical(); {496#true} is VALID [2022-02-20 18:05:39,130 INFO L290 TraceCheckUtils]: 16: Hoare triple {496#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {496#true} is VALID [2022-02-20 18:05:39,130 INFO L290 TraceCheckUtils]: 17: Hoare triple {496#true} assume true; {496#true} is VALID [2022-02-20 18:05:39,130 INFO L284 TraceCheckUtils]: 18: Hoare quadruple {496#true} {497#false} #195#return; {497#false} is VALID [2022-02-20 18:05:39,130 INFO L290 TraceCheckUtils]: 19: Hoare triple {497#false} assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret46#1 && __utac_acc__Specification1_spec__1_#t~ret46#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp~5#1 := __utac_acc__Specification1_spec__1_#t~ret46#1;havoc __utac_acc__Specification1_spec__1_#t~ret46#1; {497#false} is VALID [2022-02-20 18:05:39,131 INFO L290 TraceCheckUtils]: 20: Hoare triple {497#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp~5#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~3#1;havoc isPumpRunning_~retValue_acc~3#1;isPumpRunning_~retValue_acc~3#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~3#1; {497#false} is VALID [2022-02-20 18:05:39,131 INFO L290 TraceCheckUtils]: 21: Hoare triple {497#false} __utac_acc__Specification1_spec__1_#t~ret47#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret47#1 && __utac_acc__Specification1_spec__1_#t~ret47#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp___0~1#1 := __utac_acc__Specification1_spec__1_#t~ret47#1;havoc __utac_acc__Specification1_spec__1_#t~ret47#1; {497#false} is VALID [2022-02-20 18:05:39,134 INFO L290 TraceCheckUtils]: 22: Hoare triple {497#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp___0~1#1;assume { :begin_inline___automaton_fail } true; {497#false} is VALID [2022-02-20 18:05:39,134 INFO L290 TraceCheckUtils]: 23: Hoare triple {497#false} assume !false; {497#false} is VALID [2022-02-20 18:05:39,134 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:05:39,135 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:05:39,135 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [626917912] [2022-02-20 18:05:39,135 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [626917912] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:05:39,135 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:05:39,135 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:05:39,135 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [269742454] [2022-02-20 18:05:39,135 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:05:39,139 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2022-02-20 18:05:39,140 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:05:39,140 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:05:39,168 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 24 edges. 24 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:05:39,169 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:05:39,170 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:05:39,171 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:05:39,171 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:05:39,172 INFO L87 Difference]: Start difference. First operand 63 states and 80 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:05:39,254 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:05:39,255 INFO L93 Difference]: Finished difference Result 92 states and 116 transitions. [2022-02-20 18:05:39,255 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:05:39,255 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2022-02-20 18:05:39,256 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:05:39,256 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:05:39,261 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 116 transitions. [2022-02-20 18:05:39,265 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:05:39,268 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 116 transitions. [2022-02-20 18:05:39,271 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 116 transitions. [2022-02-20 18:05:39,367 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 116 edges. 116 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:05:39,369 INFO L225 Difference]: With dead ends: 92 [2022-02-20 18:05:39,371 INFO L226 Difference]: Without dead ends: 54 [2022-02-20 18:05:39,375 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:05:39,378 INFO L933 BasicCegarLoop]: 67 mSDtfsCounter, 12 mSDsluCounter, 51 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 118 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:05:39,379 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [15 Valid, 118 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:05:39,381 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 54 states. [2022-02-20 18:05:39,392 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 54 to 54. [2022-02-20 18:05:39,392 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:05:39,393 INFO L82 GeneralOperation]: Start isEquivalent. First operand 54 states. Second operand has 54 states, 41 states have (on average 1.3170731707317074) internal successors, (54), 46 states have internal predecessors, (54), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:05:39,395 INFO L74 IsIncluded]: Start isIncluded. First operand 54 states. Second operand has 54 states, 41 states have (on average 1.3170731707317074) internal successors, (54), 46 states have internal predecessors, (54), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:05:39,396 INFO L87 Difference]: Start difference. First operand 54 states. Second operand has 54 states, 41 states have (on average 1.3170731707317074) internal successors, (54), 46 states have internal predecessors, (54), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:05:39,402 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:05:39,403 INFO L93 Difference]: Finished difference Result 54 states and 68 transitions. [2022-02-20 18:05:39,403 INFO L276 IsEmpty]: Start isEmpty. Operand 54 states and 68 transitions. [2022-02-20 18:05:39,405 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:05:39,405 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:05:39,406 INFO L74 IsIncluded]: Start isIncluded. First operand has 54 states, 41 states have (on average 1.3170731707317074) internal successors, (54), 46 states have internal predecessors, (54), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) Second operand 54 states. [2022-02-20 18:05:39,407 INFO L87 Difference]: Start difference. First operand has 54 states, 41 states have (on average 1.3170731707317074) internal successors, (54), 46 states have internal predecessors, (54), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) Second operand 54 states. [2022-02-20 18:05:39,411 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:05:39,411 INFO L93 Difference]: Finished difference Result 54 states and 68 transitions. [2022-02-20 18:05:39,412 INFO L276 IsEmpty]: Start isEmpty. Operand 54 states and 68 transitions. [2022-02-20 18:05:39,413 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:05:39,413 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:05:39,414 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:05:39,414 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:05:39,414 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 54 states, 41 states have (on average 1.3170731707317074) internal successors, (54), 46 states have internal predecessors, (54), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:05:39,426 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 54 states to 54 states and 68 transitions. [2022-02-20 18:05:39,427 INFO L78 Accepts]: Start accepts. Automaton has 54 states and 68 transitions. Word has length 24 [2022-02-20 18:05:39,427 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:05:39,428 INFO L470 AbstractCegarLoop]: Abstraction has 54 states and 68 transitions. [2022-02-20 18:05:39,428 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:05:39,429 INFO L276 IsEmpty]: Start isEmpty. Operand 54 states and 68 transitions. [2022-02-20 18:05:39,433 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2022-02-20 18:05:39,433 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:05:39,433 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:05:39,433 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-02-20 18:05:39,434 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:05:39,439 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:05:39,443 INFO L85 PathProgramCache]: Analyzing trace with hash -1226018805, now seen corresponding path program 1 times [2022-02-20 18:05:39,443 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:05:39,443 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1511032417] [2022-02-20 18:05:39,444 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:05:39,444 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:05:39,487 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:05:39,542 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-02-20 18:05:39,544 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:05:39,548 INFO L290 TraceCheckUtils]: 0: Hoare triple {822#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {822#true} is VALID [2022-02-20 18:05:39,548 INFO L290 TraceCheckUtils]: 1: Hoare triple {822#true} assume true; {822#true} is VALID [2022-02-20 18:05:39,548 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {822#true} {823#false} #195#return; {823#false} is VALID [2022-02-20 18:05:39,551 INFO L290 TraceCheckUtils]: 0: Hoare triple {822#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(13, 9);call #Ultimate.allocInit(3, 10);call write~init~int(79, 10, 0, 1);call write~init~int(110, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(4, 11);call write~init~int(79, 11, 0, 1);call write~init~int(102, 11, 1, 1);call write~init~int(102, 11, 2, 1);call write~init~int(0, 11, 3, 1);call #Ultimate.allocInit(7, 12);call write~init~int(44, 12, 0, 1);call write~init~int(80, 12, 1, 1);call write~init~int(117, 12, 2, 1);call write~init~int(109, 12, 3, 1);call write~init~int(112, 12, 4, 1);call write~init~int(58, 12, 5, 1);call write~init~int(0, 12, 6, 1);call #Ultimate.allocInit(3, 13);call write~init~int(79, 13, 0, 1);call write~init~int(110, 13, 1, 1);call write~init~int(0, 13, 2, 1);call #Ultimate.allocInit(4, 14);call write~init~int(79, 14, 0, 1);call write~init~int(102, 14, 1, 1);call write~init~int(102, 14, 2, 1);call write~init~int(0, 14, 3, 1);call #Ultimate.allocInit(3, 15);call write~init~int(41, 15, 0, 1);call write~init~int(32, 15, 1, 1);call write~init~int(0, 15, 2, 1);call #Ultimate.allocInit(2, 16);call write~init~int(10, 16, 0, 1);call write~init~int(0, 16, 1, 1);call #Ultimate.allocInit(30, 17);call #Ultimate.allocInit(9, 18);call #Ultimate.allocInit(21, 19);call #Ultimate.allocInit(30, 20);call #Ultimate.allocInit(9, 21);call #Ultimate.allocInit(21, 22);call #Ultimate.allocInit(30, 23);call #Ultimate.allocInit(9, 24);call #Ultimate.allocInit(25, 25);call #Ultimate.allocInit(30, 26);call #Ultimate.allocInit(9, 27);call #Ultimate.allocInit(25, 28);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~head~0.base, ~head~0.offset := 0, 0;~cleanupTimeShifts~0 := 4; {824#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:05:39,552 INFO L290 TraceCheckUtils]: 1: Hoare triple {824#(= 1 ~systemActive~0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret48#1, main_~retValue_acc~7#1, main_~tmp~6#1;havoc main_~retValue_acc~7#1;havoc main_~tmp~6#1;assume { :begin_inline_select_helpers } true; {824#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:05:39,553 INFO L290 TraceCheckUtils]: 2: Hoare triple {824#(= 1 ~systemActive~0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {824#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:05:39,553 INFO L290 TraceCheckUtils]: 3: Hoare triple {824#(= 1 ~systemActive~0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~9#1;havoc valid_product_~retValue_acc~9#1;valid_product_~retValue_acc~9#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~9#1; {824#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:05:39,554 INFO L290 TraceCheckUtils]: 4: Hoare triple {824#(= 1 ~systemActive~0)} main_#t~ret48#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret48#1 && main_#t~ret48#1 <= 2147483647;main_~tmp~6#1 := main_#t~ret48#1;havoc main_#t~ret48#1; {824#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:05:39,554 INFO L290 TraceCheckUtils]: 5: Hoare triple {824#(= 1 ~systemActive~0)} assume 0 != main_~tmp~6#1;assume { :begin_inline_setup } true; {824#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:05:39,555 INFO L290 TraceCheckUtils]: 6: Hoare triple {824#(= 1 ~systemActive~0)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet19#1, test_#t~nondet20#1, test_#t~nondet21#1, test_#t~nondet22#1, test_~splverifierCounter~0#1, test_~tmp~1#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~1#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {824#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:05:39,555 INFO L290 TraceCheckUtils]: 7: Hoare triple {824#(= 1 ~systemActive~0)} assume !false; {824#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:05:39,556 INFO L290 TraceCheckUtils]: 8: Hoare triple {824#(= 1 ~systemActive~0)} assume test_~splverifierCounter~0#1 < 4; {824#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:05:39,556 INFO L290 TraceCheckUtils]: 9: Hoare triple {824#(= 1 ~systemActive~0)} assume -2147483648 <= test_#t~nondet19#1 && test_#t~nondet19#1 <= 2147483647;test_~tmp~1#1 := test_#t~nondet19#1;havoc test_#t~nondet19#1; {824#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:05:39,557 INFO L290 TraceCheckUtils]: 10: Hoare triple {824#(= 1 ~systemActive~0)} assume !(0 != test_~tmp~1#1); {824#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:05:39,558 INFO L290 TraceCheckUtils]: 11: Hoare triple {824#(= 1 ~systemActive~0)} assume -2147483648 <= test_#t~nondet20#1 && test_#t~nondet20#1 <= 2147483647;test_~tmp___0~0#1 := test_#t~nondet20#1;havoc test_#t~nondet20#1; {824#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:05:39,558 INFO L290 TraceCheckUtils]: 12: Hoare triple {824#(= 1 ~systemActive~0)} assume !(0 != test_~tmp___0~0#1); {824#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:05:39,559 INFO L290 TraceCheckUtils]: 13: Hoare triple {824#(= 1 ~systemActive~0)} assume -2147483648 <= test_#t~nondet21#1 && test_#t~nondet21#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet21#1;havoc test_#t~nondet21#1; {824#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:05:39,559 INFO L290 TraceCheckUtils]: 14: Hoare triple {824#(= 1 ~systemActive~0)} assume 0 != test_~tmp___2~0#1; {824#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:05:39,560 INFO L272 TraceCheckUtils]: 15: Hoare triple {824#(= 1 ~systemActive~0)} call timeShift(); {824#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:05:39,560 INFO L290 TraceCheckUtils]: 16: Hoare triple {824#(= 1 ~systemActive~0)} assume !(0 != ~pumpRunning~0); {824#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:05:39,561 INFO L290 TraceCheckUtils]: 17: Hoare triple {824#(= 1 ~systemActive~0)} assume !(0 != ~systemActive~0); {823#false} is VALID [2022-02-20 18:05:39,561 INFO L290 TraceCheckUtils]: 18: Hoare triple {823#false} assume { :begin_inline___utac_acc__Specification1_spec__1 } true;havoc __utac_acc__Specification1_spec__1_#t~ret46#1, __utac_acc__Specification1_spec__1_#t~ret47#1, __utac_acc__Specification1_spec__1_~tmp~5#1, __utac_acc__Specification1_spec__1_~tmp___0~1#1;havoc __utac_acc__Specification1_spec__1_~tmp~5#1;havoc __utac_acc__Specification1_spec__1_~tmp___0~1#1; {823#false} is VALID [2022-02-20 18:05:39,561 INFO L272 TraceCheckUtils]: 19: Hoare triple {823#false} call __utac_acc__Specification1_spec__1_#t~ret46#1 := isMethaneLevelCritical(); {822#true} is VALID [2022-02-20 18:05:39,562 INFO L290 TraceCheckUtils]: 20: Hoare triple {822#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {822#true} is VALID [2022-02-20 18:05:39,562 INFO L290 TraceCheckUtils]: 21: Hoare triple {822#true} assume true; {822#true} is VALID [2022-02-20 18:05:39,562 INFO L284 TraceCheckUtils]: 22: Hoare quadruple {822#true} {823#false} #195#return; {823#false} is VALID [2022-02-20 18:05:39,562 INFO L290 TraceCheckUtils]: 23: Hoare triple {823#false} assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret46#1 && __utac_acc__Specification1_spec__1_#t~ret46#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp~5#1 := __utac_acc__Specification1_spec__1_#t~ret46#1;havoc __utac_acc__Specification1_spec__1_#t~ret46#1; {823#false} is VALID [2022-02-20 18:05:39,562 INFO L290 TraceCheckUtils]: 24: Hoare triple {823#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp~5#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~3#1;havoc isPumpRunning_~retValue_acc~3#1;isPumpRunning_~retValue_acc~3#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~3#1; {823#false} is VALID [2022-02-20 18:05:39,563 INFO L290 TraceCheckUtils]: 25: Hoare triple {823#false} __utac_acc__Specification1_spec__1_#t~ret47#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret47#1 && __utac_acc__Specification1_spec__1_#t~ret47#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp___0~1#1 := __utac_acc__Specification1_spec__1_#t~ret47#1;havoc __utac_acc__Specification1_spec__1_#t~ret47#1; {823#false} is VALID [2022-02-20 18:05:39,563 INFO L290 TraceCheckUtils]: 26: Hoare triple {823#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp___0~1#1;assume { :begin_inline___automaton_fail } true; {823#false} is VALID [2022-02-20 18:05:39,563 INFO L290 TraceCheckUtils]: 27: Hoare triple {823#false} assume !false; {823#false} is VALID [2022-02-20 18:05:39,564 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:05:39,564 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:05:39,564 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1511032417] [2022-02-20 18:05:39,564 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1511032417] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:05:39,564 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:05:39,565 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:05:39,565 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [89143474] [2022-02-20 18:05:39,565 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:05:39,566 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 28 [2022-02-20 18:05:39,566 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:05:39,566 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:05:39,591 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 28 edges. 28 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:05:39,591 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:05:39,591 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:05:39,592 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:05:39,592 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:05:39,592 INFO L87 Difference]: Start difference. First operand 54 states and 68 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:05:39,654 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:05:39,654 INFO L93 Difference]: Finished difference Result 101 states and 130 transitions. [2022-02-20 18:05:39,654 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:05:39,655 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 28 [2022-02-20 18:05:39,655 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:05:39,655 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:05:39,658 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 130 transitions. [2022-02-20 18:05:39,658 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:05:39,661 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 130 transitions. [2022-02-20 18:05:39,661 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 130 transitions. [2022-02-20 18:05:39,776 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 130 edges. 130 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:05:39,779 INFO L225 Difference]: With dead ends: 101 [2022-02-20 18:05:39,780 INFO L226 Difference]: Without dead ends: 54 [2022-02-20 18:05:39,783 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:05:39,789 INFO L933 BasicCegarLoop]: 66 mSDtfsCounter, 50 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 50 SdHoareTripleChecker+Valid, 66 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:05:39,791 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [50 Valid, 66 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:05:39,792 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 54 states. [2022-02-20 18:05:39,801 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 54 to 54. [2022-02-20 18:05:39,802 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:05:39,802 INFO L82 GeneralOperation]: Start isEquivalent. First operand 54 states. Second operand has 54 states, 41 states have (on average 1.2926829268292683) internal successors, (53), 46 states have internal predecessors, (53), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:05:39,803 INFO L74 IsIncluded]: Start isIncluded. First operand 54 states. Second operand has 54 states, 41 states have (on average 1.2926829268292683) internal successors, (53), 46 states have internal predecessors, (53), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:05:39,803 INFO L87 Difference]: Start difference. First operand 54 states. Second operand has 54 states, 41 states have (on average 1.2926829268292683) internal successors, (53), 46 states have internal predecessors, (53), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:05:39,807 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:05:39,808 INFO L93 Difference]: Finished difference Result 54 states and 67 transitions. [2022-02-20 18:05:39,808 INFO L276 IsEmpty]: Start isEmpty. Operand 54 states and 67 transitions. [2022-02-20 18:05:39,808 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:05:39,808 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:05:39,809 INFO L74 IsIncluded]: Start isIncluded. First operand has 54 states, 41 states have (on average 1.2926829268292683) internal successors, (53), 46 states have internal predecessors, (53), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) Second operand 54 states. [2022-02-20 18:05:39,809 INFO L87 Difference]: Start difference. First operand has 54 states, 41 states have (on average 1.2926829268292683) internal successors, (53), 46 states have internal predecessors, (53), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) Second operand 54 states. [2022-02-20 18:05:39,812 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:05:39,812 INFO L93 Difference]: Finished difference Result 54 states and 67 transitions. [2022-02-20 18:05:39,812 INFO L276 IsEmpty]: Start isEmpty. Operand 54 states and 67 transitions. [2022-02-20 18:05:39,813 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:05:39,813 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:05:39,813 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:05:39,813 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:05:39,813 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 54 states, 41 states have (on average 1.2926829268292683) internal successors, (53), 46 states have internal predecessors, (53), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:05:39,815 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 54 states to 54 states and 67 transitions. [2022-02-20 18:05:39,815 INFO L78 Accepts]: Start accepts. Automaton has 54 states and 67 transitions. Word has length 28 [2022-02-20 18:05:39,816 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:05:39,816 INFO L470 AbstractCegarLoop]: Abstraction has 54 states and 67 transitions. [2022-02-20 18:05:39,816 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:05:39,816 INFO L276 IsEmpty]: Start isEmpty. Operand 54 states and 67 transitions. [2022-02-20 18:05:39,817 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-02-20 18:05:39,817 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:05:39,817 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:05:39,817 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-02-20 18:05:39,818 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:05:39,818 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:05:39,818 INFO L85 PathProgramCache]: Analyzing trace with hash 793789156, now seen corresponding path program 1 times [2022-02-20 18:05:39,819 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:05:39,819 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1069111765] [2022-02-20 18:05:39,819 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:05:39,819 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:05:39,877 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:05:39,920 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-02-20 18:05:39,921 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:05:39,924 INFO L290 TraceCheckUtils]: 0: Hoare triple {1158#true} assume true; {1158#true} is VALID [2022-02-20 18:05:39,924 INFO L284 TraceCheckUtils]: 1: Hoare quadruple {1158#true} {1160#(= ~methaneLevelCritical~0 0)} #193#return; {1160#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:05:39,925 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-02-20 18:05:39,926 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:05:39,934 INFO L290 TraceCheckUtils]: 0: Hoare triple {1158#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {1168#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} is VALID [2022-02-20 18:05:39,935 INFO L290 TraceCheckUtils]: 1: Hoare triple {1168#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} assume true; {1168#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} is VALID [2022-02-20 18:05:39,936 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1168#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} {1160#(= ~methaneLevelCritical~0 0)} #195#return; {1166#(= |timeShift___utac_acc__Specification1_spec__1_#t~ret46#1| 0)} is VALID [2022-02-20 18:05:39,936 INFO L290 TraceCheckUtils]: 0: Hoare triple {1158#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(13, 9);call #Ultimate.allocInit(3, 10);call write~init~int(79, 10, 0, 1);call write~init~int(110, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(4, 11);call write~init~int(79, 11, 0, 1);call write~init~int(102, 11, 1, 1);call write~init~int(102, 11, 2, 1);call write~init~int(0, 11, 3, 1);call #Ultimate.allocInit(7, 12);call write~init~int(44, 12, 0, 1);call write~init~int(80, 12, 1, 1);call write~init~int(117, 12, 2, 1);call write~init~int(109, 12, 3, 1);call write~init~int(112, 12, 4, 1);call write~init~int(58, 12, 5, 1);call write~init~int(0, 12, 6, 1);call #Ultimate.allocInit(3, 13);call write~init~int(79, 13, 0, 1);call write~init~int(110, 13, 1, 1);call write~init~int(0, 13, 2, 1);call #Ultimate.allocInit(4, 14);call write~init~int(79, 14, 0, 1);call write~init~int(102, 14, 1, 1);call write~init~int(102, 14, 2, 1);call write~init~int(0, 14, 3, 1);call #Ultimate.allocInit(3, 15);call write~init~int(41, 15, 0, 1);call write~init~int(32, 15, 1, 1);call write~init~int(0, 15, 2, 1);call #Ultimate.allocInit(2, 16);call write~init~int(10, 16, 0, 1);call write~init~int(0, 16, 1, 1);call #Ultimate.allocInit(30, 17);call #Ultimate.allocInit(9, 18);call #Ultimate.allocInit(21, 19);call #Ultimate.allocInit(30, 20);call #Ultimate.allocInit(9, 21);call #Ultimate.allocInit(21, 22);call #Ultimate.allocInit(30, 23);call #Ultimate.allocInit(9, 24);call #Ultimate.allocInit(25, 25);call #Ultimate.allocInit(30, 26);call #Ultimate.allocInit(9, 27);call #Ultimate.allocInit(25, 28);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~head~0.base, ~head~0.offset := 0, 0;~cleanupTimeShifts~0 := 4; {1160#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:05:39,937 INFO L290 TraceCheckUtils]: 1: Hoare triple {1160#(= ~methaneLevelCritical~0 0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret48#1, main_~retValue_acc~7#1, main_~tmp~6#1;havoc main_~retValue_acc~7#1;havoc main_~tmp~6#1;assume { :begin_inline_select_helpers } true; {1160#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:05:39,937 INFO L290 TraceCheckUtils]: 2: Hoare triple {1160#(= ~methaneLevelCritical~0 0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1160#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:05:39,938 INFO L290 TraceCheckUtils]: 3: Hoare triple {1160#(= ~methaneLevelCritical~0 0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~9#1;havoc valid_product_~retValue_acc~9#1;valid_product_~retValue_acc~9#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~9#1; {1160#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:05:39,938 INFO L290 TraceCheckUtils]: 4: Hoare triple {1160#(= ~methaneLevelCritical~0 0)} main_#t~ret48#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret48#1 && main_#t~ret48#1 <= 2147483647;main_~tmp~6#1 := main_#t~ret48#1;havoc main_#t~ret48#1; {1160#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:05:39,939 INFO L290 TraceCheckUtils]: 5: Hoare triple {1160#(= ~methaneLevelCritical~0 0)} assume 0 != main_~tmp~6#1;assume { :begin_inline_setup } true; {1160#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:05:39,939 INFO L290 TraceCheckUtils]: 6: Hoare triple {1160#(= ~methaneLevelCritical~0 0)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet19#1, test_#t~nondet20#1, test_#t~nondet21#1, test_#t~nondet22#1, test_~splverifierCounter~0#1, test_~tmp~1#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~1#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {1160#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:05:39,939 INFO L290 TraceCheckUtils]: 7: Hoare triple {1160#(= ~methaneLevelCritical~0 0)} assume !false; {1160#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:05:39,940 INFO L290 TraceCheckUtils]: 8: Hoare triple {1160#(= ~methaneLevelCritical~0 0)} assume test_~splverifierCounter~0#1 < 4; {1160#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:05:39,940 INFO L290 TraceCheckUtils]: 9: Hoare triple {1160#(= ~methaneLevelCritical~0 0)} assume -2147483648 <= test_#t~nondet19#1 && test_#t~nondet19#1 <= 2147483647;test_~tmp~1#1 := test_#t~nondet19#1;havoc test_#t~nondet19#1; {1160#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:05:39,941 INFO L290 TraceCheckUtils]: 10: Hoare triple {1160#(= ~methaneLevelCritical~0 0)} assume !(0 != test_~tmp~1#1); {1160#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:05:39,941 INFO L290 TraceCheckUtils]: 11: Hoare triple {1160#(= ~methaneLevelCritical~0 0)} assume -2147483648 <= test_#t~nondet20#1 && test_#t~nondet20#1 <= 2147483647;test_~tmp___0~0#1 := test_#t~nondet20#1;havoc test_#t~nondet20#1; {1160#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:05:39,942 INFO L290 TraceCheckUtils]: 12: Hoare triple {1160#(= ~methaneLevelCritical~0 0)} assume !(0 != test_~tmp___0~0#1); {1160#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:05:39,942 INFO L290 TraceCheckUtils]: 13: Hoare triple {1160#(= ~methaneLevelCritical~0 0)} assume -2147483648 <= test_#t~nondet21#1 && test_#t~nondet21#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet21#1;havoc test_#t~nondet21#1; {1160#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:05:39,943 INFO L290 TraceCheckUtils]: 14: Hoare triple {1160#(= ~methaneLevelCritical~0 0)} assume 0 != test_~tmp___2~0#1; {1160#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:05:39,943 INFO L272 TraceCheckUtils]: 15: Hoare triple {1160#(= ~methaneLevelCritical~0 0)} call timeShift(); {1160#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:05:39,944 INFO L290 TraceCheckUtils]: 16: Hoare triple {1160#(= ~methaneLevelCritical~0 0)} assume !(0 != ~pumpRunning~0); {1160#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:05:39,944 INFO L290 TraceCheckUtils]: 17: Hoare triple {1160#(= ~methaneLevelCritical~0 0)} assume 0 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret9#1, processEnvironment_~tmp~0#1;havoc processEnvironment_~tmp~0#1; {1160#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:05:39,945 INFO L290 TraceCheckUtils]: 18: Hoare triple {1160#(= ~methaneLevelCritical~0 0)} assume !(0 != ~pumpRunning~0); {1160#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:05:39,945 INFO L272 TraceCheckUtils]: 19: Hoare triple {1160#(= ~methaneLevelCritical~0 0)} call processEnvironment__wrappee__base(); {1158#true} is VALID [2022-02-20 18:05:39,945 INFO L290 TraceCheckUtils]: 20: Hoare triple {1158#true} assume true; {1158#true} is VALID [2022-02-20 18:05:39,945 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {1158#true} {1160#(= ~methaneLevelCritical~0 0)} #193#return; {1160#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:05:39,946 INFO L290 TraceCheckUtils]: 22: Hoare triple {1160#(= ~methaneLevelCritical~0 0)} assume { :end_inline_processEnvironment } true; {1160#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:05:39,946 INFO L290 TraceCheckUtils]: 23: Hoare triple {1160#(= ~methaneLevelCritical~0 0)} assume { :begin_inline___utac_acc__Specification1_spec__1 } true;havoc __utac_acc__Specification1_spec__1_#t~ret46#1, __utac_acc__Specification1_spec__1_#t~ret47#1, __utac_acc__Specification1_spec__1_~tmp~5#1, __utac_acc__Specification1_spec__1_~tmp___0~1#1;havoc __utac_acc__Specification1_spec__1_~tmp~5#1;havoc __utac_acc__Specification1_spec__1_~tmp___0~1#1; {1160#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:05:39,947 INFO L272 TraceCheckUtils]: 24: Hoare triple {1160#(= ~methaneLevelCritical~0 0)} call __utac_acc__Specification1_spec__1_#t~ret46#1 := isMethaneLevelCritical(); {1158#true} is VALID [2022-02-20 18:05:39,947 INFO L290 TraceCheckUtils]: 25: Hoare triple {1158#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {1168#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} is VALID [2022-02-20 18:05:39,948 INFO L290 TraceCheckUtils]: 26: Hoare triple {1168#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} assume true; {1168#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} is VALID [2022-02-20 18:05:39,948 INFO L284 TraceCheckUtils]: 27: Hoare quadruple {1168#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} {1160#(= ~methaneLevelCritical~0 0)} #195#return; {1166#(= |timeShift___utac_acc__Specification1_spec__1_#t~ret46#1| 0)} is VALID [2022-02-20 18:05:39,949 INFO L290 TraceCheckUtils]: 28: Hoare triple {1166#(= |timeShift___utac_acc__Specification1_spec__1_#t~ret46#1| 0)} assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret46#1 && __utac_acc__Specification1_spec__1_#t~ret46#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp~5#1 := __utac_acc__Specification1_spec__1_#t~ret46#1;havoc __utac_acc__Specification1_spec__1_#t~ret46#1; {1167#(= |timeShift___utac_acc__Specification1_spec__1_~tmp~5#1| 0)} is VALID [2022-02-20 18:05:39,949 INFO L290 TraceCheckUtils]: 29: Hoare triple {1167#(= |timeShift___utac_acc__Specification1_spec__1_~tmp~5#1| 0)} assume 0 != __utac_acc__Specification1_spec__1_~tmp~5#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~3#1;havoc isPumpRunning_~retValue_acc~3#1;isPumpRunning_~retValue_acc~3#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~3#1; {1159#false} is VALID [2022-02-20 18:05:39,950 INFO L290 TraceCheckUtils]: 30: Hoare triple {1159#false} __utac_acc__Specification1_spec__1_#t~ret47#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret47#1 && __utac_acc__Specification1_spec__1_#t~ret47#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp___0~1#1 := __utac_acc__Specification1_spec__1_#t~ret47#1;havoc __utac_acc__Specification1_spec__1_#t~ret47#1; {1159#false} is VALID [2022-02-20 18:05:39,950 INFO L290 TraceCheckUtils]: 31: Hoare triple {1159#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp___0~1#1;assume { :begin_inline___automaton_fail } true; {1159#false} is VALID [2022-02-20 18:05:39,950 INFO L290 TraceCheckUtils]: 32: Hoare triple {1159#false} assume !false; {1159#false} is VALID [2022-02-20 18:05:39,951 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:05:39,951 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:05:39,951 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1069111765] [2022-02-20 18:05:39,952 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1069111765] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:05:39,952 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:05:39,952 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 18:05:39,952 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1095780499] [2022-02-20 18:05:39,952 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:05:39,953 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2022-02-20 18:05:39,954 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:05:39,954 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:05:39,981 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 33 edges. 33 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:05:39,982 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 18:05:39,982 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:05:39,983 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 18:05:39,983 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 18:05:39,984 INFO L87 Difference]: Start difference. First operand 54 states and 67 transitions. Second operand has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:05:40,300 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:05:40,301 INFO L93 Difference]: Finished difference Result 147 states and 189 transitions. [2022-02-20 18:05:40,301 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-20 18:05:40,301 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2022-02-20 18:05:40,302 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:05:40,302 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:05:40,306 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 189 transitions. [2022-02-20 18:05:40,307 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:05:40,310 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 189 transitions. [2022-02-20 18:05:40,310 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 189 transitions. [2022-02-20 18:05:40,469 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 189 edges. 189 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:05:40,471 INFO L225 Difference]: With dead ends: 147 [2022-02-20 18:05:40,472 INFO L226 Difference]: Without dead ends: 100 [2022-02-20 18:05:40,472 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-02-20 18:05:40,473 INFO L933 BasicCegarLoop]: 71 mSDtfsCounter, 39 mSDsluCounter, 245 mSDsCounter, 0 mSdLazyCounter, 40 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 42 SdHoareTripleChecker+Valid, 316 SdHoareTripleChecker+Invalid, 44 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 40 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:05:40,473 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [42 Valid, 316 Invalid, 44 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 40 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:05:40,474 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 100 states. [2022-02-20 18:05:40,482 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 100 to 97. [2022-02-20 18:05:40,482 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:05:40,483 INFO L82 GeneralOperation]: Start isEquivalent. First operand 100 states. Second operand has 97 states, 72 states have (on average 1.2916666666666667) internal successors, (93), 81 states have internal predecessors, (93), 14 states have call successors, (14), 10 states have call predecessors, (14), 10 states have return successors, (15), 12 states have call predecessors, (15), 14 states have call successors, (15) [2022-02-20 18:05:40,484 INFO L74 IsIncluded]: Start isIncluded. First operand 100 states. Second operand has 97 states, 72 states have (on average 1.2916666666666667) internal successors, (93), 81 states have internal predecessors, (93), 14 states have call successors, (14), 10 states have call predecessors, (14), 10 states have return successors, (15), 12 states have call predecessors, (15), 14 states have call successors, (15) [2022-02-20 18:05:40,484 INFO L87 Difference]: Start difference. First operand 100 states. Second operand has 97 states, 72 states have (on average 1.2916666666666667) internal successors, (93), 81 states have internal predecessors, (93), 14 states have call successors, (14), 10 states have call predecessors, (14), 10 states have return successors, (15), 12 states have call predecessors, (15), 14 states have call successors, (15) [2022-02-20 18:05:40,488 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:05:40,488 INFO L93 Difference]: Finished difference Result 100 states and 125 transitions. [2022-02-20 18:05:40,489 INFO L276 IsEmpty]: Start isEmpty. Operand 100 states and 125 transitions. [2022-02-20 18:05:40,489 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:05:40,489 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:05:40,490 INFO L74 IsIncluded]: Start isIncluded. First operand has 97 states, 72 states have (on average 1.2916666666666667) internal successors, (93), 81 states have internal predecessors, (93), 14 states have call successors, (14), 10 states have call predecessors, (14), 10 states have return successors, (15), 12 states have call predecessors, (15), 14 states have call successors, (15) Second operand 100 states. [2022-02-20 18:05:40,490 INFO L87 Difference]: Start difference. First operand has 97 states, 72 states have (on average 1.2916666666666667) internal successors, (93), 81 states have internal predecessors, (93), 14 states have call successors, (14), 10 states have call predecessors, (14), 10 states have return successors, (15), 12 states have call predecessors, (15), 14 states have call successors, (15) Second operand 100 states. [2022-02-20 18:05:40,494 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:05:40,494 INFO L93 Difference]: Finished difference Result 100 states and 125 transitions. [2022-02-20 18:05:40,495 INFO L276 IsEmpty]: Start isEmpty. Operand 100 states and 125 transitions. [2022-02-20 18:05:40,495 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:05:40,495 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:05:40,495 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:05:40,496 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:05:40,496 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 97 states, 72 states have (on average 1.2916666666666667) internal successors, (93), 81 states have internal predecessors, (93), 14 states have call successors, (14), 10 states have call predecessors, (14), 10 states have return successors, (15), 12 states have call predecessors, (15), 14 states have call successors, (15) [2022-02-20 18:05:40,499 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 97 states to 97 states and 122 transitions. [2022-02-20 18:05:40,500 INFO L78 Accepts]: Start accepts. Automaton has 97 states and 122 transitions. Word has length 33 [2022-02-20 18:05:40,500 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:05:40,501 INFO L470 AbstractCegarLoop]: Abstraction has 97 states and 122 transitions. [2022-02-20 18:05:40,501 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:05:40,501 INFO L276 IsEmpty]: Start isEmpty. Operand 97 states and 122 transitions. [2022-02-20 18:05:40,502 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2022-02-20 18:05:40,502 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:05:40,502 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:05:40,502 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-02-20 18:05:40,503 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:05:40,503 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:05:40,503 INFO L85 PathProgramCache]: Analyzing trace with hash -2116751808, now seen corresponding path program 1 times [2022-02-20 18:05:40,503 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:05:40,504 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [845974532] [2022-02-20 18:05:40,504 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:05:40,504 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:05:40,531 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:05:40,573 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-02-20 18:05:40,575 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:05:40,579 INFO L290 TraceCheckUtils]: 0: Hoare triple {1736#(= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)} assume !(0 != ~methaneLevelCritical~0);~methaneLevelCritical~0 := 1; {1723#true} is VALID [2022-02-20 18:05:40,579 INFO L290 TraceCheckUtils]: 1: Hoare triple {1723#true} assume true; {1723#true} is VALID [2022-02-20 18:05:40,584 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1723#true} {1725#(= ~pumpRunning~0 0)} #199#return; {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,585 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-02-20 18:05:40,586 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:05:40,589 INFO L290 TraceCheckUtils]: 0: Hoare triple {1723#true} assume true; {1723#true} is VALID [2022-02-20 18:05:40,590 INFO L284 TraceCheckUtils]: 1: Hoare quadruple {1723#true} {1725#(= ~pumpRunning~0 0)} #193#return; {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,590 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-02-20 18:05:40,592 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:05:40,595 INFO L290 TraceCheckUtils]: 0: Hoare triple {1723#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {1723#true} is VALID [2022-02-20 18:05:40,595 INFO L290 TraceCheckUtils]: 1: Hoare triple {1723#true} assume true; {1723#true} is VALID [2022-02-20 18:05:40,596 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1723#true} {1725#(= ~pumpRunning~0 0)} #195#return; {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,596 INFO L290 TraceCheckUtils]: 0: Hoare triple {1723#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(13, 9);call #Ultimate.allocInit(3, 10);call write~init~int(79, 10, 0, 1);call write~init~int(110, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(4, 11);call write~init~int(79, 11, 0, 1);call write~init~int(102, 11, 1, 1);call write~init~int(102, 11, 2, 1);call write~init~int(0, 11, 3, 1);call #Ultimate.allocInit(7, 12);call write~init~int(44, 12, 0, 1);call write~init~int(80, 12, 1, 1);call write~init~int(117, 12, 2, 1);call write~init~int(109, 12, 3, 1);call write~init~int(112, 12, 4, 1);call write~init~int(58, 12, 5, 1);call write~init~int(0, 12, 6, 1);call #Ultimate.allocInit(3, 13);call write~init~int(79, 13, 0, 1);call write~init~int(110, 13, 1, 1);call write~init~int(0, 13, 2, 1);call #Ultimate.allocInit(4, 14);call write~init~int(79, 14, 0, 1);call write~init~int(102, 14, 1, 1);call write~init~int(102, 14, 2, 1);call write~init~int(0, 14, 3, 1);call #Ultimate.allocInit(3, 15);call write~init~int(41, 15, 0, 1);call write~init~int(32, 15, 1, 1);call write~init~int(0, 15, 2, 1);call #Ultimate.allocInit(2, 16);call write~init~int(10, 16, 0, 1);call write~init~int(0, 16, 1, 1);call #Ultimate.allocInit(30, 17);call #Ultimate.allocInit(9, 18);call #Ultimate.allocInit(21, 19);call #Ultimate.allocInit(30, 20);call #Ultimate.allocInit(9, 21);call #Ultimate.allocInit(21, 22);call #Ultimate.allocInit(30, 23);call #Ultimate.allocInit(9, 24);call #Ultimate.allocInit(25, 25);call #Ultimate.allocInit(30, 26);call #Ultimate.allocInit(9, 27);call #Ultimate.allocInit(25, 28);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~head~0.base, ~head~0.offset := 0, 0;~cleanupTimeShifts~0 := 4; {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,597 INFO L290 TraceCheckUtils]: 1: Hoare triple {1725#(= ~pumpRunning~0 0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret48#1, main_~retValue_acc~7#1, main_~tmp~6#1;havoc main_~retValue_acc~7#1;havoc main_~tmp~6#1;assume { :begin_inline_select_helpers } true; {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,597 INFO L290 TraceCheckUtils]: 2: Hoare triple {1725#(= ~pumpRunning~0 0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,598 INFO L290 TraceCheckUtils]: 3: Hoare triple {1725#(= ~pumpRunning~0 0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~9#1;havoc valid_product_~retValue_acc~9#1;valid_product_~retValue_acc~9#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~9#1; {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,598 INFO L290 TraceCheckUtils]: 4: Hoare triple {1725#(= ~pumpRunning~0 0)} main_#t~ret48#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret48#1 && main_#t~ret48#1 <= 2147483647;main_~tmp~6#1 := main_#t~ret48#1;havoc main_#t~ret48#1; {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,599 INFO L290 TraceCheckUtils]: 5: Hoare triple {1725#(= ~pumpRunning~0 0)} assume 0 != main_~tmp~6#1;assume { :begin_inline_setup } true; {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,599 INFO L290 TraceCheckUtils]: 6: Hoare triple {1725#(= ~pumpRunning~0 0)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet19#1, test_#t~nondet20#1, test_#t~nondet21#1, test_#t~nondet22#1, test_~splverifierCounter~0#1, test_~tmp~1#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~1#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,599 INFO L290 TraceCheckUtils]: 7: Hoare triple {1725#(= ~pumpRunning~0 0)} assume !false; {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,600 INFO L290 TraceCheckUtils]: 8: Hoare triple {1725#(= ~pumpRunning~0 0)} assume test_~splverifierCounter~0#1 < 4; {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,600 INFO L290 TraceCheckUtils]: 9: Hoare triple {1725#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet19#1 && test_#t~nondet19#1 <= 2147483647;test_~tmp~1#1 := test_#t~nondet19#1;havoc test_#t~nondet19#1; {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,601 INFO L290 TraceCheckUtils]: 10: Hoare triple {1725#(= ~pumpRunning~0 0)} assume !(0 != test_~tmp~1#1); {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,601 INFO L290 TraceCheckUtils]: 11: Hoare triple {1725#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet20#1 && test_#t~nondet20#1 <= 2147483647;test_~tmp___0~0#1 := test_#t~nondet20#1;havoc test_#t~nondet20#1; {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,602 INFO L290 TraceCheckUtils]: 12: Hoare triple {1725#(= ~pumpRunning~0 0)} assume 0 != test_~tmp___0~0#1; {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,602 INFO L272 TraceCheckUtils]: 13: Hoare triple {1725#(= ~pumpRunning~0 0)} call changeMethaneLevel(); {1736#(= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)} is VALID [2022-02-20 18:05:40,603 INFO L290 TraceCheckUtils]: 14: Hoare triple {1736#(= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)} assume !(0 != ~methaneLevelCritical~0);~methaneLevelCritical~0 := 1; {1723#true} is VALID [2022-02-20 18:05:40,603 INFO L290 TraceCheckUtils]: 15: Hoare triple {1723#true} assume true; {1723#true} is VALID [2022-02-20 18:05:40,603 INFO L284 TraceCheckUtils]: 16: Hoare quadruple {1723#true} {1725#(= ~pumpRunning~0 0)} #199#return; {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,604 INFO L290 TraceCheckUtils]: 17: Hoare triple {1725#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet21#1 && test_#t~nondet21#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet21#1;havoc test_#t~nondet21#1; {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,604 INFO L290 TraceCheckUtils]: 18: Hoare triple {1725#(= ~pumpRunning~0 0)} assume 0 != test_~tmp___2~0#1; {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,605 INFO L272 TraceCheckUtils]: 19: Hoare triple {1725#(= ~pumpRunning~0 0)} call timeShift(); {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,605 INFO L290 TraceCheckUtils]: 20: Hoare triple {1725#(= ~pumpRunning~0 0)} assume !(0 != ~pumpRunning~0); {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,605 INFO L290 TraceCheckUtils]: 21: Hoare triple {1725#(= ~pumpRunning~0 0)} assume 0 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret9#1, processEnvironment_~tmp~0#1;havoc processEnvironment_~tmp~0#1; {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,606 INFO L290 TraceCheckUtils]: 22: Hoare triple {1725#(= ~pumpRunning~0 0)} assume !(0 != ~pumpRunning~0); {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,606 INFO L272 TraceCheckUtils]: 23: Hoare triple {1725#(= ~pumpRunning~0 0)} call processEnvironment__wrappee__base(); {1723#true} is VALID [2022-02-20 18:05:40,606 INFO L290 TraceCheckUtils]: 24: Hoare triple {1723#true} assume true; {1723#true} is VALID [2022-02-20 18:05:40,607 INFO L284 TraceCheckUtils]: 25: Hoare quadruple {1723#true} {1725#(= ~pumpRunning~0 0)} #193#return; {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,607 INFO L290 TraceCheckUtils]: 26: Hoare triple {1725#(= ~pumpRunning~0 0)} assume { :end_inline_processEnvironment } true; {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,608 INFO L290 TraceCheckUtils]: 27: Hoare triple {1725#(= ~pumpRunning~0 0)} assume { :begin_inline___utac_acc__Specification1_spec__1 } true;havoc __utac_acc__Specification1_spec__1_#t~ret46#1, __utac_acc__Specification1_spec__1_#t~ret47#1, __utac_acc__Specification1_spec__1_~tmp~5#1, __utac_acc__Specification1_spec__1_~tmp___0~1#1;havoc __utac_acc__Specification1_spec__1_~tmp~5#1;havoc __utac_acc__Specification1_spec__1_~tmp___0~1#1; {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,608 INFO L272 TraceCheckUtils]: 28: Hoare triple {1725#(= ~pumpRunning~0 0)} call __utac_acc__Specification1_spec__1_#t~ret46#1 := isMethaneLevelCritical(); {1723#true} is VALID [2022-02-20 18:05:40,608 INFO L290 TraceCheckUtils]: 29: Hoare triple {1723#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {1723#true} is VALID [2022-02-20 18:05:40,608 INFO L290 TraceCheckUtils]: 30: Hoare triple {1723#true} assume true; {1723#true} is VALID [2022-02-20 18:05:40,609 INFO L284 TraceCheckUtils]: 31: Hoare quadruple {1723#true} {1725#(= ~pumpRunning~0 0)} #195#return; {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,609 INFO L290 TraceCheckUtils]: 32: Hoare triple {1725#(= ~pumpRunning~0 0)} assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret46#1 && __utac_acc__Specification1_spec__1_#t~ret46#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp~5#1 := __utac_acc__Specification1_spec__1_#t~ret46#1;havoc __utac_acc__Specification1_spec__1_#t~ret46#1; {1725#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:05:40,610 INFO L290 TraceCheckUtils]: 33: Hoare triple {1725#(= ~pumpRunning~0 0)} assume 0 != __utac_acc__Specification1_spec__1_~tmp~5#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~3#1;havoc isPumpRunning_~retValue_acc~3#1;isPumpRunning_~retValue_acc~3#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~3#1; {1734#(= |timeShift_isPumpRunning_#res#1| 0)} is VALID [2022-02-20 18:05:40,610 INFO L290 TraceCheckUtils]: 34: Hoare triple {1734#(= |timeShift_isPumpRunning_#res#1| 0)} __utac_acc__Specification1_spec__1_#t~ret47#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret47#1 && __utac_acc__Specification1_spec__1_#t~ret47#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp___0~1#1 := __utac_acc__Specification1_spec__1_#t~ret47#1;havoc __utac_acc__Specification1_spec__1_#t~ret47#1; {1735#(= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~1#1| 0)} is VALID [2022-02-20 18:05:40,611 INFO L290 TraceCheckUtils]: 35: Hoare triple {1735#(= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~1#1| 0)} assume 0 != __utac_acc__Specification1_spec__1_~tmp___0~1#1;assume { :begin_inline___automaton_fail } true; {1724#false} is VALID [2022-02-20 18:05:40,611 INFO L290 TraceCheckUtils]: 36: Hoare triple {1724#false} assume !false; {1724#false} is VALID [2022-02-20 18:05:40,611 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:05:40,612 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:05:40,612 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [845974532] [2022-02-20 18:05:40,612 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [845974532] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:05:40,612 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:05:40,612 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 18:05:40,613 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [496793173] [2022-02-20 18:05:40,613 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:05:40,613 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 37 [2022-02-20 18:05:40,614 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:05:40,614 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:05:40,645 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 37 edges. 37 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:05:40,645 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 18:05:40,646 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:05:40,646 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 18:05:40,646 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 18:05:40,647 INFO L87 Difference]: Start difference. First operand 97 states and 122 transitions. Second operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:05:40,903 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:05:40,904 INFO L93 Difference]: Finished difference Result 172 states and 217 transitions. [2022-02-20 18:05:40,904 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 18:05:40,904 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 37 [2022-02-20 18:05:40,905 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:05:40,905 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:05:40,907 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 118 transitions. [2022-02-20 18:05:40,907 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:05:40,909 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 118 transitions. [2022-02-20 18:05:40,910 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 118 transitions. [2022-02-20 18:05:41,006 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 118 edges. 118 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:05:41,007 INFO L225 Difference]: With dead ends: 172 [2022-02-20 18:05:41,007 INFO L226 Difference]: Without dead ends: 0 [2022-02-20 18:05:41,008 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=27, Invalid=45, Unknown=0, NotChecked=0, Total=72 [2022-02-20 18:05:41,008 INFO L933 BasicCegarLoop]: 44 mSDtfsCounter, 45 mSDsluCounter, 71 mSDsCounter, 0 mSdLazyCounter, 65 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 46 SdHoareTripleChecker+Valid, 115 SdHoareTripleChecker+Invalid, 78 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 65 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 18:05:41,009 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [46 Valid, 115 Invalid, 78 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 65 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 18:05:41,009 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-02-20 18:05:41,010 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-02-20 18:05:41,010 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:05:41,010 INFO L82 GeneralOperation]: Start isEquivalent. First operand 0 states. Second operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 18:05:41,010 INFO L74 IsIncluded]: Start isIncluded. First operand 0 states. Second operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 18:05:41,010 INFO L87 Difference]: Start difference. First operand 0 states. Second operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 18:05:41,011 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:05:41,011 INFO L93 Difference]: Finished difference Result 0 states and 0 transitions. [2022-02-20 18:05:41,011 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-02-20 18:05:41,011 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:05:41,011 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:05:41,011 INFO L74 IsIncluded]: Start isIncluded. First operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Second operand 0 states. [2022-02-20 18:05:41,012 INFO L87 Difference]: Start difference. First operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Second operand 0 states. [2022-02-20 18:05:41,012 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:05:41,012 INFO L93 Difference]: Finished difference Result 0 states and 0 transitions. [2022-02-20 18:05:41,012 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-02-20 18:05:41,012 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:05:41,013 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:05:41,013 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:05:41,013 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:05:41,013 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 18:05:41,013 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-02-20 18:05:41,013 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 37 [2022-02-20 18:05:41,014 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:05:41,014 INFO L470 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-02-20 18:05:41,014 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:05:41,014 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-02-20 18:05:41,014 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:05:41,017 INFO L764 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-02-20 18:05:41,017 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-02-20 18:05:41,019 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-02-20 18:05:41,470 INFO L858 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 169 175) no Hoare annotation was computed. [2022-02-20 18:05:41,470 INFO L861 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 169 175) the Hoare annotation is: true [2022-02-20 18:05:41,470 INFO L854 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 82 93) the Hoare annotation is: (or (not (= ~pumpRunning~0 0)) (not (= 1 ~systemActive~0)) (= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)) [2022-02-20 18:05:41,470 INFO L858 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 82 93) no Hoare annotation was computed. [2022-02-20 18:05:41,470 INFO L858 garLoopResultBuilder]: For program point L86-1(lines 82 93) no Hoare annotation was computed. [2022-02-20 18:05:41,470 INFO L861 garLoopResultBuilder]: At program point L768(lines 743 772) the Hoare annotation is: true [2022-02-20 18:05:41,471 INFO L858 garLoopResultBuilder]: For program point cleanupEXIT(lines 743 772) no Hoare annotation was computed. [2022-02-20 18:05:41,471 INFO L861 garLoopResultBuilder]: At program point cleanupENTRY(lines 743 772) the Hoare annotation is: true [2022-02-20 18:05:41,471 INFO L858 garLoopResultBuilder]: For program point L764(line 764) no Hoare annotation was computed. [2022-02-20 18:05:41,471 INFO L858 garLoopResultBuilder]: For program point L757(lines 757 761) no Hoare annotation was computed. [2022-02-20 18:05:41,471 INFO L861 garLoopResultBuilder]: At program point L757-1(lines 757 761) the Hoare annotation is: true [2022-02-20 18:05:41,471 INFO L858 garLoopResultBuilder]: For program point L754(line 754) no Hoare annotation was computed. [2022-02-20 18:05:41,471 INFO L861 garLoopResultBuilder]: At program point L753-2(lines 753 767) the Hoare annotation is: true [2022-02-20 18:05:41,471 INFO L861 garLoopResultBuilder]: At program point L749(line 749) the Hoare annotation is: true [2022-02-20 18:05:41,471 INFO L858 garLoopResultBuilder]: For program point L749-1(line 749) no Hoare annotation was computed. [2022-02-20 18:05:41,471 INFO L854 garLoopResultBuilder]: At program point L225(lines 218 228) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:05:41,472 INFO L858 garLoopResultBuilder]: For program point L279(line 279) no Hoare annotation was computed. [2022-02-20 18:05:41,472 INFO L854 garLoopResultBuilder]: At program point L234(lines 229 237) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or .cse0 .cse1 (and (= ~pumpRunning~0 0) (= |timeShift_isPumpRunning_#res#1| 0))) (or .cse0 .cse1 (not (= ~methaneLevelCritical~0 0))))) [2022-02-20 18:05:41,472 INFO L858 garLoopResultBuilder]: For program point timeShiftFINAL(lines 145 168) no Hoare annotation was computed. [2022-02-20 18:05:41,472 INFO L858 garLoopResultBuilder]: For program point L156-1(lines 156 162) no Hoare annotation was computed. [2022-02-20 18:05:41,472 INFO L858 garLoopResultBuilder]: For program point L185(lines 185 193) no Hoare annotation was computed. [2022-02-20 18:05:41,472 INFO L854 garLoopResultBuilder]: At program point L280(lines 275 282) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:05:41,472 INFO L858 garLoopResultBuilder]: For program point L181(lines 181 198) no Hoare annotation was computed. [2022-02-20 18:05:41,472 INFO L854 garLoopResultBuilder]: At program point L722(line 722) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) (not (= 1 ~systemActive~0))) [2022-02-20 18:05:41,472 INFO L858 garLoopResultBuilder]: For program point L722-1(line 722) no Hoare annotation was computed. [2022-02-20 18:05:41,472 INFO L854 garLoopResultBuilder]: At program point L223(line 223) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:05:41,472 INFO L858 garLoopResultBuilder]: For program point L62(lines 62 66) no Hoare annotation was computed. [2022-02-20 18:05:41,473 INFO L858 garLoopResultBuilder]: For program point L223-1(line 223) no Hoare annotation was computed. [2022-02-20 18:05:41,473 INFO L854 garLoopResultBuilder]: At program point L62-2(lines 58 69) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:05:41,473 INFO L854 garLoopResultBuilder]: At program point L215(lines 210 217) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:05:41,473 INFO L858 garLoopResultBuilder]: For program point L149-1(lines 148 167) no Hoare annotation was computed. [2022-02-20 18:05:41,473 INFO L854 garLoopResultBuilder]: At program point L191(line 191) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:05:41,473 INFO L858 garLoopResultBuilder]: For program point L728(lines 728 734) no Hoare annotation was computed. [2022-02-20 18:05:41,473 INFO L858 garLoopResultBuilder]: For program point L724(lines 724 737) no Hoare annotation was computed. [2022-02-20 18:05:41,473 INFO L854 garLoopResultBuilder]: At program point L724-1(lines 716 740) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or .cse0 .cse1 (not (= ~methaneLevelCritical~0 0)) (= |timeShift___utac_acc__Specification1_spec__1_~tmp~5#1| 0)) (or .cse0 (= ~pumpRunning~0 0) .cse1))) [2022-02-20 18:05:41,474 INFO L854 garLoopResultBuilder]: At program point timeShiftENTRY(lines 145 168) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) (not (= 1 ~systemActive~0))) [2022-02-20 18:05:41,474 INFO L858 garLoopResultBuilder]: For program point timeShiftEXIT(lines 145 168) no Hoare annotation was computed. [2022-02-20 18:05:41,474 INFO L858 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 279) no Hoare annotation was computed. [2022-02-20 18:05:41,474 INFO L854 garLoopResultBuilder]: At program point L196(line 196) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) (not (= 1 ~systemActive~0))) [2022-02-20 18:05:41,474 INFO L854 garLoopResultBuilder]: At program point L196-1(lines 177 201) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) (not (= 1 ~systemActive~0))) [2022-02-20 18:05:41,474 INFO L861 garLoopResultBuilder]: At program point isMethaneLevelCriticalENTRY(lines 94 102) the Hoare annotation is: true [2022-02-20 18:05:41,474 INFO L858 garLoopResultBuilder]: For program point isMethaneLevelCriticalFINAL(lines 94 102) no Hoare annotation was computed. [2022-02-20 18:05:41,475 INFO L858 garLoopResultBuilder]: For program point isMethaneLevelCriticalEXIT(lines 94 102) no Hoare annotation was computed. [2022-02-20 18:05:41,475 INFO L854 garLoopResultBuilder]: At program point L341(lines 294 342) the Hoare annotation is: false [2022-02-20 18:05:41,475 INFO L858 garLoopResultBuilder]: For program point L296(lines 295 340) no Hoare annotation was computed. [2022-02-20 18:05:41,475 INFO L858 garLoopResultBuilder]: For program point L325(lines 325 336) no Hoare annotation was computed. [2022-02-20 18:05:41,475 INFO L858 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-02-20 18:05:41,475 INFO L858 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-02-20 18:05:41,475 INFO L854 garLoopResultBuilder]: At program point L317(line 317) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-02-20 18:05:41,475 INFO L858 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-02-20 18:05:41,475 INFO L854 garLoopResultBuilder]: At program point L338(lines 295 340) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-02-20 18:05:41,475 INFO L858 garLoopResultBuilder]: For program point L305(lines 305 311) no Hoare annotation was computed. [2022-02-20 18:05:41,475 INFO L858 garLoopResultBuilder]: For program point L305-1(lines 305 311) no Hoare annotation was computed. [2022-02-20 18:05:41,476 INFO L858 garLoopResultBuilder]: For program point L297(lines 297 301) no Hoare annotation was computed. [2022-02-20 18:05:41,476 INFO L854 garLoopResultBuilder]: At program point L871(lines 866 874) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0)) [2022-02-20 18:05:41,476 INFO L854 garLoopResultBuilder]: At program point L801(lines 797 803) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0)) [2022-02-20 18:05:41,476 INFO L858 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-02-20 18:05:41,476 INFO L854 garLoopResultBuilder]: At program point L863(lines 859 865) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0)) [2022-02-20 18:05:41,476 INFO L858 garLoopResultBuilder]: For program point L331(lines 331 335) no Hoare annotation was computed. [2022-02-20 18:05:41,476 INFO L854 garLoopResultBuilder]: At program point L331-2(lines 325 336) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-02-20 18:05:41,476 INFO L858 garLoopResultBuilder]: For program point L827(lines 827 834) no Hoare annotation was computed. [2022-02-20 18:05:41,476 INFO L858 garLoopResultBuilder]: For program point L315(lines 315 321) no Hoare annotation was computed. [2022-02-20 18:05:41,476 INFO L858 garLoopResultBuilder]: For program point L315-1(lines 315 321) no Hoare annotation was computed. [2022-02-20 18:05:41,476 INFO L858 garLoopResultBuilder]: For program point L827-2(lines 827 834) no Hoare annotation was computed. [2022-02-20 18:05:41,477 INFO L854 garLoopResultBuilder]: At program point L856(lines 852 858) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0)) [2022-02-20 18:05:41,477 INFO L861 garLoopResultBuilder]: At program point L344(lines 285 348) the Hoare annotation is: true [2022-02-20 18:05:41,477 INFO L854 garLoopResultBuilder]: At program point L307(line 307) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-02-20 18:05:41,477 INFO L861 garLoopResultBuilder]: At program point L811(lines 804 813) the Hoare annotation is: true [2022-02-20 18:05:41,477 INFO L861 garLoopResultBuilder]: At program point L836(lines 817 839) the Hoare annotation is: true [2022-02-20 18:05:41,477 INFO L858 garLoopResultBuilder]: For program point waterRiseEXIT(lines 70 81) no Hoare annotation was computed. [2022-02-20 18:05:41,479 INFO L858 garLoopResultBuilder]: For program point L74-1(lines 70 81) no Hoare annotation was computed. [2022-02-20 18:05:41,479 INFO L861 garLoopResultBuilder]: At program point waterRiseENTRY(lines 70 81) the Hoare annotation is: true [2022-02-20 18:05:41,482 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1] [2022-02-20 18:05:41,484 INFO L180 ceAbstractionStarter]: Computing trace abstraction results [2022-02-20 18:05:41,487 WARN L170 areAnnotationChecker]: processEnvironment__wrappee__baseEXIT has no Hoare annotation [2022-02-20 18:05:41,487 WARN L170 areAnnotationChecker]: L86-1 has no Hoare annotation [2022-02-20 18:05:41,487 WARN L170 areAnnotationChecker]: L86-1 has no Hoare annotation [2022-02-20 18:05:41,487 WARN L170 areAnnotationChecker]: L62 has no Hoare annotation [2022-02-20 18:05:41,487 WARN L170 areAnnotationChecker]: L149-1 has no Hoare annotation [2022-02-20 18:05:41,487 WARN L170 areAnnotationChecker]: isMethaneLevelCriticalFINAL has no Hoare annotation [2022-02-20 18:05:41,487 WARN L170 areAnnotationChecker]: ULTIMATE.startENTRY has no Hoare annotation [2022-02-20 18:05:41,487 WARN L170 areAnnotationChecker]: L74-1 has no Hoare annotation [2022-02-20 18:05:41,487 WARN L170 areAnnotationChecker]: L74-1 has no Hoare annotation [2022-02-20 18:05:41,487 WARN L170 areAnnotationChecker]: processEnvironment__wrappee__baseEXIT has no Hoare annotation [2022-02-20 18:05:41,487 WARN L170 areAnnotationChecker]: processEnvironment__wrappee__baseEXIT has no Hoare annotation [2022-02-20 18:05:41,487 WARN L170 areAnnotationChecker]: L86-1 has no Hoare annotation [2022-02-20 18:05:41,488 WARN L170 areAnnotationChecker]: L749-1 has no Hoare annotation [2022-02-20 18:05:41,488 WARN L170 areAnnotationChecker]: L62 has no Hoare annotation [2022-02-20 18:05:41,488 WARN L170 areAnnotationChecker]: L62 has no Hoare annotation [2022-02-20 18:05:41,488 WARN L170 areAnnotationChecker]: L149-1 has no Hoare annotation [2022-02-20 18:05:41,489 WARN L170 areAnnotationChecker]: L149-1 has no Hoare annotation [2022-02-20 18:05:41,489 WARN L170 areAnnotationChecker]: isMethaneLevelCriticalFINAL has no Hoare annotation [2022-02-20 18:05:41,489 WARN L170 areAnnotationChecker]: L-1 has no Hoare annotation [2022-02-20 18:05:41,489 WARN L170 areAnnotationChecker]: L74-1 has no Hoare annotation [2022-02-20 18:05:41,489 WARN L170 areAnnotationChecker]: L156-1 has no Hoare annotation [2022-02-20 18:05:41,489 WARN L170 areAnnotationChecker]: changeMethaneLevelEXIT has no Hoare annotation [2022-02-20 18:05:41,489 WARN L170 areAnnotationChecker]: L749-1 has no Hoare annotation [2022-02-20 18:05:41,489 WARN L170 areAnnotationChecker]: L149-1 has no Hoare annotation [2022-02-20 18:05:41,489 WARN L170 areAnnotationChecker]: L181 has no Hoare annotation [2022-02-20 18:05:41,489 WARN L170 areAnnotationChecker]: L181 has no Hoare annotation [2022-02-20 18:05:41,489 WARN L170 areAnnotationChecker]: L156-1 has no Hoare annotation [2022-02-20 18:05:41,489 WARN L170 areAnnotationChecker]: isMethaneLevelCriticalEXIT has no Hoare annotation [2022-02-20 18:05:41,489 WARN L170 areAnnotationChecker]: isMethaneLevelCriticalEXIT has no Hoare annotation [2022-02-20 18:05:41,490 WARN L170 areAnnotationChecker]: waterRiseEXIT has no Hoare annotation [2022-02-20 18:05:41,490 WARN L170 areAnnotationChecker]: L315-1 has no Hoare annotation [2022-02-20 18:05:41,490 WARN L170 areAnnotationChecker]: L754 has no Hoare annotation [2022-02-20 18:05:41,490 WARN L170 areAnnotationChecker]: L223-1 has no Hoare annotation [2022-02-20 18:05:41,490 WARN L170 areAnnotationChecker]: L722-1 has no Hoare annotation [2022-02-20 18:05:41,490 WARN L170 areAnnotationChecker]: L223-1 has no Hoare annotation [2022-02-20 18:05:41,490 WARN L170 areAnnotationChecker]: L722-1 has no Hoare annotation [2022-02-20 18:05:41,491 WARN L170 areAnnotationChecker]: L305-1 has no Hoare annotation [2022-02-20 18:05:41,491 WARN L170 areAnnotationChecker]: L325 has no Hoare annotation [2022-02-20 18:05:41,491 WARN L170 areAnnotationChecker]: L325 has no Hoare annotation [2022-02-20 18:05:41,491 WARN L170 areAnnotationChecker]: cleanupEXIT has no Hoare annotation [2022-02-20 18:05:41,491 WARN L170 areAnnotationChecker]: L754 has no Hoare annotation [2022-02-20 18:05:41,491 WARN L170 areAnnotationChecker]: L185 has no Hoare annotation [2022-02-20 18:05:41,491 WARN L170 areAnnotationChecker]: L724 has no Hoare annotation [2022-02-20 18:05:41,491 WARN L170 areAnnotationChecker]: L724 has no Hoare annotation [2022-02-20 18:05:41,491 WARN L170 areAnnotationChecker]: L827 has no Hoare annotation [2022-02-20 18:05:41,491 WARN L170 areAnnotationChecker]: L315 has no Hoare annotation [2022-02-20 18:05:41,491 WARN L170 areAnnotationChecker]: L315 has no Hoare annotation [2022-02-20 18:05:41,492 WARN L170 areAnnotationChecker]: L331 has no Hoare annotation [2022-02-20 18:05:41,492 WARN L170 areAnnotationChecker]: L331 has no Hoare annotation [2022-02-20 18:05:41,492 WARN L170 areAnnotationChecker]: cleanupEXIT has no Hoare annotation [2022-02-20 18:05:41,492 WARN L170 areAnnotationChecker]: L757 has no Hoare annotation [2022-02-20 18:05:41,492 WARN L170 areAnnotationChecker]: L757 has no Hoare annotation [2022-02-20 18:05:41,492 WARN L170 areAnnotationChecker]: L185 has no Hoare annotation [2022-02-20 18:05:41,493 WARN L170 areAnnotationChecker]: L185 has no Hoare annotation [2022-02-20 18:05:41,493 WARN L170 areAnnotationChecker]: L728 has no Hoare annotation [2022-02-20 18:05:41,493 WARN L170 areAnnotationChecker]: timeShiftFINAL has no Hoare annotation [2022-02-20 18:05:41,493 WARN L170 areAnnotationChecker]: L827 has no Hoare annotation [2022-02-20 18:05:41,493 WARN L170 areAnnotationChecker]: L827 has no Hoare annotation [2022-02-20 18:05:41,493 WARN L170 areAnnotationChecker]: L315-1 has no Hoare annotation [2022-02-20 18:05:41,494 WARN L170 areAnnotationChecker]: L296 has no Hoare annotation [2022-02-20 18:05:41,494 WARN L170 areAnnotationChecker]: L764 has no Hoare annotation [2022-02-20 18:05:41,495 WARN L170 areAnnotationChecker]: L728 has no Hoare annotation [2022-02-20 18:05:41,495 WARN L170 areAnnotationChecker]: L728 has no Hoare annotation [2022-02-20 18:05:41,495 WARN L170 areAnnotationChecker]: timeShiftFINAL has no Hoare annotation [2022-02-20 18:05:41,495 WARN L170 areAnnotationChecker]: L827-2 has no Hoare annotation [2022-02-20 18:05:41,496 WARN L170 areAnnotationChecker]: L296 has no Hoare annotation [2022-02-20 18:05:41,496 WARN L170 areAnnotationChecker]: L296 has no Hoare annotation [2022-02-20 18:05:41,496 WARN L170 areAnnotationChecker]: L827-2 has no Hoare annotation [2022-02-20 18:05:41,496 WARN L170 areAnnotationChecker]: L764 has no Hoare annotation [2022-02-20 18:05:41,496 WARN L170 areAnnotationChecker]: L279 has no Hoare annotation [2022-02-20 18:05:41,496 WARN L170 areAnnotationChecker]: L279 has no Hoare annotation [2022-02-20 18:05:41,496 WARN L170 areAnnotationChecker]: timeShiftEXIT has no Hoare annotation [2022-02-20 18:05:41,496 WARN L170 areAnnotationChecker]: timeShiftEXIT has no Hoare annotation [2022-02-20 18:05:41,496 WARN L170 areAnnotationChecker]: timeShiftEXIT has no Hoare annotation [2022-02-20 18:05:41,496 WARN L170 areAnnotationChecker]: ULTIMATE.startFINAL has no Hoare annotation [2022-02-20 18:05:41,496 WARN L170 areAnnotationChecker]: L297 has no Hoare annotation [2022-02-20 18:05:41,497 WARN L170 areAnnotationChecker]: ULTIMATE.startFINAL has no Hoare annotation [2022-02-20 18:05:41,497 WARN L170 areAnnotationChecker]: L305 has no Hoare annotation [2022-02-20 18:05:41,497 WARN L170 areAnnotationChecker]: L305 has no Hoare annotation [2022-02-20 18:05:41,497 WARN L170 areAnnotationChecker]: L305-1 has no Hoare annotation [2022-02-20 18:05:41,497 INFO L163 areAnnotationChecker]: CFG has 21 edges. 21 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. 0 times interpolants missing. [2022-02-20 18:05:41,521 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 20.02 06:05:41 BoogieIcfgContainer [2022-02-20 18:05:41,521 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-02-20 18:05:41,522 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-02-20 18:05:41,522 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-02-20 18:05:41,522 INFO L275 PluginConnector]: Witness Printer initialized [2022-02-20 18:05:41,523 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:05:37" (3/4) ... [2022-02-20 18:05:41,525 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-02-20 18:05:41,530 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-02-20 18:05:41,530 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-02-20 18:05:41,530 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-02-20 18:05:41,530 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-02-20 18:05:41,530 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2022-02-20 18:05:41,531 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-02-20 18:05:41,543 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 47 nodes and edges [2022-02-20 18:05:41,543 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-02-20 18:05:41,544 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-02-20 18:05:41,544 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-02-20 18:05:41,544 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-02-20 18:05:41,545 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-02-20 18:05:41,545 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-02-20 18:05:41,571 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 == systemActive) [2022-02-20 18:05:41,573 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive) [2022-02-20 18:05:41,574 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || tmp == 0) && ((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) [2022-02-20 18:05:41,574 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 == systemActive) [2022-02-20 18:05:41,574 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && \result == 0)) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) [2022-02-20 18:05:41,575 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 == systemActive) [2022-02-20 18:05:41,575 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 == systemActive) [2022-02-20 18:05:41,604 INFO L141 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2022-02-20 18:05:41,604 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-02-20 18:05:41,606 INFO L158 Benchmark]: Toolchain (without parser) took 4750.19ms. Allocated memory was 96.5MB in the beginning and 144.7MB in the end (delta: 48.2MB). Free memory was 62.6MB in the beginning and 68.8MB in the end (delta: -6.2MB). Peak memory consumption was 41.4MB. Max. memory is 16.1GB. [2022-02-20 18:05:41,606 INFO L158 Benchmark]: CDTParser took 0.21ms. Allocated memory is still 96.5MB. Free memory is still 50.4MB. There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:05:41,606 INFO L158 Benchmark]: CACSL2BoogieTranslator took 520.17ms. Allocated memory was 96.5MB in the beginning and 119.5MB in the end (delta: 23.1MB). Free memory was 62.4MB in the beginning and 83.1MB in the end (delta: -20.7MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2022-02-20 18:05:41,607 INFO L158 Benchmark]: Boogie Procedure Inliner took 69.94ms. Allocated memory is still 119.5MB. Free memory was 83.1MB in the beginning and 81.0MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:05:41,607 INFO L158 Benchmark]: Boogie Preprocessor took 55.74ms. Allocated memory is still 119.5MB. Free memory was 81.0MB in the beginning and 78.9MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:05:41,607 INFO L158 Benchmark]: RCFGBuilder took 486.03ms. Allocated memory is still 119.5MB. Free memory was 78.9MB in the beginning and 61.5MB in the end (delta: 17.4MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2022-02-20 18:05:41,608 INFO L158 Benchmark]: TraceAbstraction took 3527.55ms. Allocated memory was 119.5MB in the beginning and 144.7MB in the end (delta: 25.2MB). Free memory was 60.9MB in the beginning and 73.0MB in the end (delta: -12.1MB). Peak memory consumption was 14.9MB. Max. memory is 16.1GB. [2022-02-20 18:05:41,608 INFO L158 Benchmark]: Witness Printer took 82.05ms. Allocated memory is still 144.7MB. Free memory was 73.0MB in the beginning and 68.8MB in the end (delta: 4.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-02-20 18:05:41,612 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.21ms. Allocated memory is still 96.5MB. Free memory is still 50.4MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 520.17ms. Allocated memory was 96.5MB in the beginning and 119.5MB in the end (delta: 23.1MB). Free memory was 62.4MB in the beginning and 83.1MB in the end (delta: -20.7MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 69.94ms. Allocated memory is still 119.5MB. Free memory was 83.1MB in the beginning and 81.0MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 55.74ms. Allocated memory is still 119.5MB. Free memory was 81.0MB in the beginning and 78.9MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 486.03ms. Allocated memory is still 119.5MB. Free memory was 78.9MB in the beginning and 61.5MB in the end (delta: 17.4MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 3527.55ms. Allocated memory was 119.5MB in the beginning and 144.7MB in the end (delta: 25.2MB). Free memory was 60.9MB in the beginning and 73.0MB in the end (delta: -12.1MB). Peak memory consumption was 14.9MB. Max. memory is 16.1GB. * Witness Printer took 82.05ms. Allocated memory is still 144.7MB. Free memory was 73.0MB in the beginning and 68.8MB in the end (delta: 4.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 279]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 72 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 3.4s, OverallIterations: 5, TraceHistogramMax: 1, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 1.7s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.5s, InitialAbstractionConstructionTime: 0.0s, PartialOrderReductionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 153 SdHoareTripleChecker+Valid, 0.1s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 146 mSDsluCounter, 704 SdHoareTripleChecker+Invalid, 0.1s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 367 mSDsCounter, 17 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 107 IncrementalHoareTripleChecker+Invalid, 124 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 17 mSolverCounterUnsat, 337 mSDtfsCounter, 107 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 39 GetRequests, 23 SyntacticMatches, 0 SemanticMatches, 16 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=97occurred in iteration=4, InterpolantAutomatonStates: 22, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.1s AutomataMinimizationTime, 5 MinimizatonAttempts, 3 StatesRemovedByMinimization, 1 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 33 LocationsWithAnnotation, 196 PreInvPairs, 218 NumberOfFragments, 265 HoareAnnotationTreeSize, 196 FomulaSimplifications, 16 FormulaSimplificationTreeSizeReduction, 0.1s HoareSimplificationTime, 33 FomulaSimplificationsInter, 433 FormulaSimplificationTreeSizeReductionInter, 0.3s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 0.4s InterpolantComputationTime, 145 NumberOfCodeBlocks, 145 NumberOfCodeBlocksAsserted, 5 NumberOfCheckSat, 140 ConstructedInterpolants, 0 QuantifiedInterpolants, 286 SizeOfPredicates, 0 NumberOfNonLiveVariables, 0 ConjunctsInSsa, 0 ConjunctsInUnsatCore, 5 InterpolantComputations, 5 PerfectInterpolantSequences, 0/0 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 295]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && splverifierCounter == 0 - InvariantResult [Line: 859]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive - InvariantResult [Line: 294]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 804]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 229]: Loop Invariant Derived loop invariant: ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && \result == 0)) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) - InvariantResult [Line: 743]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 58]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 == systemActive) - InvariantResult [Line: 797]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive - InvariantResult [Line: 753]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 852]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive - InvariantResult [Line: 817]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 275]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 == systemActive) - InvariantResult [Line: 285]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 218]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 == systemActive) - InvariantResult [Line: 177]: Loop Invariant Derived loop invariant: (!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive) - InvariantResult [Line: 716]: Loop Invariant Derived loop invariant: (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || tmp == 0) && ((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) - InvariantResult [Line: 866]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive - InvariantResult [Line: 210]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 == systemActive) RESULT: Ultimate proved your program to be correct! [2022-02-20 18:05:41,669 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE