./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec1_product17.cil.c --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 03d7b7b3 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec1_product17.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash aad3ab8030ba6efc9aa26d5b15397d543c60fbb947c2251c044256001907063f --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 18:05:58,197 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 18:05:58,200 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 18:05:58,243 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 18:05:58,244 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 18:05:58,247 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 18:05:58,249 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 18:05:58,251 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 18:05:58,253 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 18:05:58,257 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 18:05:58,258 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 18:05:58,259 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 18:05:58,260 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 18:05:58,262 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 18:05:58,264 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 18:05:58,267 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 18:05:58,268 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 18:05:58,268 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 18:05:58,271 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 18:05:58,276 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 18:05:58,277 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 18:05:58,278 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 18:05:58,280 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 18:05:58,280 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 18:05:58,286 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 18:05:58,287 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 18:05:58,287 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 18:05:58,288 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 18:05:58,289 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 18:05:58,290 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 18:05:58,290 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 18:05:58,291 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 18:05:58,292 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 18:05:58,293 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 18:05:58,294 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 18:05:58,295 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 18:05:58,295 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 18:05:58,295 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 18:05:58,296 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 18:05:58,297 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 18:05:58,298 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 18:05:58,298 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-02-20 18:05:58,328 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 18:05:58,328 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 18:05:58,329 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 18:05:58,329 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 18:05:58,330 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 18:05:58,330 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 18:05:58,331 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 18:05:58,331 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 18:05:58,331 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 18:05:58,332 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 18:05:58,332 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 18:05:58,333 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 18:05:58,333 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 18:05:58,333 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 18:05:58,333 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-02-20 18:05:58,333 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 18:05:58,334 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-02-20 18:05:58,334 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 18:05:58,334 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-02-20 18:05:58,334 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 18:05:58,334 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-02-20 18:05:58,335 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 18:05:58,335 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 18:05:58,335 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 18:05:58,335 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:05:58,335 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 18:05:58,336 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 18:05:58,337 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-02-20 18:05:58,337 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-02-20 18:05:58,337 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-02-20 18:05:58,337 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2022-02-20 18:05:58,338 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-02-20 18:05:58,338 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-02-20 18:05:58,338 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> aad3ab8030ba6efc9aa26d5b15397d543c60fbb947c2251c044256001907063f [2022-02-20 18:05:58,557 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 18:05:58,580 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 18:05:58,583 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 18:05:58,584 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 18:05:58,584 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 18:05:58,586 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec1_product17.cil.c [2022-02-20 18:05:58,660 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/1fc46a6d7/5ac38e4f3cc44342b892e6fd6528c86f/FLAG9cdefb7c4 [2022-02-20 18:05:59,119 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 18:05:59,122 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product17.cil.c [2022-02-20 18:05:59,141 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/1fc46a6d7/5ac38e4f3cc44342b892e6fd6528c86f/FLAG9cdefb7c4 [2022-02-20 18:05:59,451 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/1fc46a6d7/5ac38e4f3cc44342b892e6fd6528c86f [2022-02-20 18:05:59,453 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 18:05:59,454 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 18:05:59,459 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 18:05:59,460 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 18:05:59,463 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 18:05:59,464 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:05:59" (1/1) ... [2022-02-20 18:05:59,466 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@75239119 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:05:59, skipping insertion in model container [2022-02-20 18:05:59,466 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:05:59" (1/1) ... [2022-02-20 18:05:59,472 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 18:05:59,517 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:05:59,769 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product17.cil.c[13023,13036] [2022-02-20 18:05:59,815 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:05:59,838 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 18:05:59,915 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product17.cil.c[13023,13036] [2022-02-20 18:05:59,948 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:05:59,966 INFO L208 MainTranslator]: Completed translation [2022-02-20 18:05:59,969 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:05:59 WrapperNode [2022-02-20 18:05:59,969 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 18:05:59,970 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 18:05:59,970 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 18:05:59,971 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 18:05:59,977 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:05:59" (1/1) ... [2022-02-20 18:05:59,989 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:05:59" (1/1) ... [2022-02-20 18:06:00,017 INFO L137 Inliner]: procedures = 52, calls = 149, calls flagged for inlining = 19, calls inlined = 16, statements flattened = 213 [2022-02-20 18:06:00,018 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 18:06:00,018 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 18:06:00,018 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 18:06:00,019 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 18:06:00,025 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:05:59" (1/1) ... [2022-02-20 18:06:00,026 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:05:59" (1/1) ... [2022-02-20 18:06:00,028 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:05:59" (1/1) ... [2022-02-20 18:06:00,028 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:05:59" (1/1) ... [2022-02-20 18:06:00,033 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:05:59" (1/1) ... [2022-02-20 18:06:00,038 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:05:59" (1/1) ... [2022-02-20 18:06:00,039 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:05:59" (1/1) ... [2022-02-20 18:06:00,041 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 18:06:00,042 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 18:06:00,042 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 18:06:00,042 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 18:06:00,056 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:05:59" (1/1) ... [2022-02-20 18:06:00,071 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:06:00,080 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 18:06:00,091 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 18:06:00,093 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 18:06:00,131 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 18:06:00,131 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-02-20 18:06:00,131 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-02-20 18:06:00,131 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-02-20 18:06:00,132 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-02-20 18:06:00,132 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-02-20 18:06:00,132 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-02-20 18:06:00,132 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-02-20 18:06:00,132 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-02-20 18:06:00,133 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-02-20 18:06:00,134 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-02-20 18:06:00,134 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-02-20 18:06:00,134 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-02-20 18:06:00,134 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-02-20 18:06:00,134 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 18:06:00,135 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 18:06:00,251 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 18:06:00,254 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 18:06:00,614 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 18:06:00,621 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 18:06:00,621 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-02-20 18:06:00,623 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:06:00 BoogieIcfgContainer [2022-02-20 18:06:00,623 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 18:06:00,624 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 18:06:00,625 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 18:06:00,634 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 18:06:00,635 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 06:05:59" (1/3) ... [2022-02-20 18:06:00,635 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2c4a7af1 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:06:00, skipping insertion in model container [2022-02-20 18:06:00,636 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:05:59" (2/3) ... [2022-02-20 18:06:00,636 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2c4a7af1 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:06:00, skipping insertion in model container [2022-02-20 18:06:00,636 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:06:00" (3/3) ... [2022-02-20 18:06:00,637 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product17.cil.c [2022-02-20 18:06:00,645 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 18:06:00,647 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-02-20 18:06:00,682 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 18:06:00,689 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 18:06:00,689 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-02-20 18:06:00,709 INFO L276 IsEmpty]: Start isEmpty. Operand has 73 states, 56 states have (on average 1.3928571428571428) internal successors, (78), 62 states have internal predecessors, (78), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:06:00,714 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2022-02-20 18:06:00,715 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:06:00,715 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:06:00,716 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:06:00,720 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:06:00,720 INFO L85 PathProgramCache]: Analyzing trace with hash 1863512156, now seen corresponding path program 1 times [2022-02-20 18:06:00,727 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:06:00,727 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2079343249] [2022-02-20 18:06:00,727 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:06:00,728 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:06:00,899 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:00,975 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-02-20 18:06:00,978 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:00,994 INFO L290 TraceCheckUtils]: 0: Hoare triple {76#true} havoc ~retValue_acc~7;~retValue_acc~7 := ~methaneLevelCritical~0;#res := ~retValue_acc~7; {76#true} is VALID [2022-02-20 18:06:00,995 INFO L290 TraceCheckUtils]: 1: Hoare triple {76#true} assume true; {76#true} is VALID [2022-02-20 18:06:00,995 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {76#true} {77#false} #196#return; {77#false} is VALID [2022-02-20 18:06:00,996 INFO L290 TraceCheckUtils]: 0: Hoare triple {76#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(30, 4);call #Ultimate.allocInit(9, 5);call #Ultimate.allocInit(21, 6);call #Ultimate.allocInit(30, 7);call #Ultimate.allocInit(9, 8);call #Ultimate.allocInit(21, 9);call #Ultimate.allocInit(30, 10);call #Ultimate.allocInit(9, 11);call #Ultimate.allocInit(25, 12);call #Ultimate.allocInit(30, 13);call #Ultimate.allocInit(9, 14);call #Ultimate.allocInit(25, 15);call #Ultimate.allocInit(13, 16);call #Ultimate.allocInit(3, 17);call write~init~int(79, 17, 0, 1);call write~init~int(110, 17, 1, 1);call write~init~int(0, 17, 2, 1);call #Ultimate.allocInit(4, 18);call write~init~int(79, 18, 0, 1);call write~init~int(102, 18, 1, 1);call write~init~int(102, 18, 2, 1);call write~init~int(0, 18, 3, 1);call #Ultimate.allocInit(7, 19);call write~init~int(44, 19, 0, 1);call write~init~int(80, 19, 1, 1);call write~init~int(117, 19, 2, 1);call write~init~int(109, 19, 3, 1);call write~init~int(112, 19, 4, 1);call write~init~int(58, 19, 5, 1);call write~init~int(0, 19, 6, 1);call #Ultimate.allocInit(3, 20);call write~init~int(79, 20, 0, 1);call write~init~int(110, 20, 1, 1);call write~init~int(0, 20, 2, 1);call #Ultimate.allocInit(4, 21);call write~init~int(79, 21, 0, 1);call write~init~int(102, 21, 1, 1);call write~init~int(102, 21, 2, 1);call write~init~int(0, 21, 3, 1);call #Ultimate.allocInit(3, 22);call write~init~int(41, 22, 0, 1);call write~init~int(32, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(2, 23);call write~init~int(10, 23, 0, 1);call write~init~int(0, 23, 1, 1);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~head~0.base, ~head~0.offset := 0, 0;~cleanupTimeShifts~0 := 4;~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0; {76#true} is VALID [2022-02-20 18:06:00,996 INFO L290 TraceCheckUtils]: 1: Hoare triple {76#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret29#1, main_~retValue_acc~3#1, main_~tmp~4#1;havoc main_~retValue_acc~3#1;havoc main_~tmp~4#1;assume { :begin_inline_select_helpers } true; {76#true} is VALID [2022-02-20 18:06:00,997 INFO L290 TraceCheckUtils]: 2: Hoare triple {76#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {76#true} is VALID [2022-02-20 18:06:00,997 INFO L290 TraceCheckUtils]: 3: Hoare triple {76#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~11#1;havoc valid_product_~retValue_acc~11#1;valid_product_~retValue_acc~11#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~11#1; {76#true} is VALID [2022-02-20 18:06:00,997 INFO L290 TraceCheckUtils]: 4: Hoare triple {76#true} main_#t~ret29#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret29#1 && main_#t~ret29#1 <= 2147483647;main_~tmp~4#1 := main_#t~ret29#1;havoc main_#t~ret29#1; {76#true} is VALID [2022-02-20 18:06:00,997 INFO L290 TraceCheckUtils]: 5: Hoare triple {76#true} assume 0 != main_~tmp~4#1;assume { :begin_inline_setup } true; {76#true} is VALID [2022-02-20 18:06:00,997 INFO L290 TraceCheckUtils]: 6: Hoare triple {76#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet46#1, test_#t~nondet47#1, test_#t~nondet48#1, test_#t~nondet49#1, test_~splverifierCounter~0#1, test_~tmp~7#1, test_~tmp___0~2#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~7#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {76#true} is VALID [2022-02-20 18:06:01,003 INFO L290 TraceCheckUtils]: 7: Hoare triple {76#true} assume false; {77#false} is VALID [2022-02-20 18:06:01,004 INFO L272 TraceCheckUtils]: 8: Hoare triple {77#false} call cleanup(); {77#false} is VALID [2022-02-20 18:06:01,004 INFO L290 TraceCheckUtils]: 9: Hoare triple {77#false} havoc ~i~0;havoc ~__cil_tmp2~0; {77#false} is VALID [2022-02-20 18:06:01,004 INFO L272 TraceCheckUtils]: 10: Hoare triple {77#false} call timeShift(); {77#false} is VALID [2022-02-20 18:06:01,007 INFO L290 TraceCheckUtils]: 11: Hoare triple {77#false} assume !(0 != ~pumpRunning~0); {77#false} is VALID [2022-02-20 18:06:01,008 INFO L290 TraceCheckUtils]: 12: Hoare triple {77#false} assume !(0 != ~systemActive~0); {77#false} is VALID [2022-02-20 18:06:01,008 INFO L290 TraceCheckUtils]: 13: Hoare triple {77#false} assume { :begin_inline___utac_acc__Specification1_spec__1 } true;havoc __utac_acc__Specification1_spec__1_#t~ret4#1, __utac_acc__Specification1_spec__1_#t~ret5#1, __utac_acc__Specification1_spec__1_~tmp~0#1, __utac_acc__Specification1_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification1_spec__1_~tmp~0#1;havoc __utac_acc__Specification1_spec__1_~tmp___0~0#1; {77#false} is VALID [2022-02-20 18:06:01,008 INFO L272 TraceCheckUtils]: 14: Hoare triple {77#false} call __utac_acc__Specification1_spec__1_#t~ret4#1 := isMethaneLevelCritical(); {76#true} is VALID [2022-02-20 18:06:01,009 INFO L290 TraceCheckUtils]: 15: Hoare triple {76#true} havoc ~retValue_acc~7;~retValue_acc~7 := ~methaneLevelCritical~0;#res := ~retValue_acc~7; {76#true} is VALID [2022-02-20 18:06:01,009 INFO L290 TraceCheckUtils]: 16: Hoare triple {76#true} assume true; {76#true} is VALID [2022-02-20 18:06:01,010 INFO L284 TraceCheckUtils]: 17: Hoare quadruple {76#true} {77#false} #196#return; {77#false} is VALID [2022-02-20 18:06:01,011 INFO L290 TraceCheckUtils]: 18: Hoare triple {77#false} assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret4#1 && __utac_acc__Specification1_spec__1_#t~ret4#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp~0#1 := __utac_acc__Specification1_spec__1_#t~ret4#1;havoc __utac_acc__Specification1_spec__1_#t~ret4#1; {77#false} is VALID [2022-02-20 18:06:01,013 INFO L290 TraceCheckUtils]: 19: Hoare triple {77#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~5#1;havoc isPumpRunning_~retValue_acc~5#1;isPumpRunning_~retValue_acc~5#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~5#1; {77#false} is VALID [2022-02-20 18:06:01,014 INFO L290 TraceCheckUtils]: 20: Hoare triple {77#false} __utac_acc__Specification1_spec__1_#t~ret5#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret5#1 && __utac_acc__Specification1_spec__1_#t~ret5#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp___0~0#1 := __utac_acc__Specification1_spec__1_#t~ret5#1;havoc __utac_acc__Specification1_spec__1_#t~ret5#1; {77#false} is VALID [2022-02-20 18:06:01,014 INFO L290 TraceCheckUtils]: 21: Hoare triple {77#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp___0~0#1;assume { :begin_inline___automaton_fail } true; {77#false} is VALID [2022-02-20 18:06:01,015 INFO L290 TraceCheckUtils]: 22: Hoare triple {77#false} assume !false; {77#false} is VALID [2022-02-20 18:06:01,015 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:06:01,016 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:06:01,016 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2079343249] [2022-02-20 18:06:01,017 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2079343249] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:06:01,017 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:06:01,018 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:06:01,019 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1366875913] [2022-02-20 18:06:01,020 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:06:01,026 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2022-02-20 18:06:01,028 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:06:01,030 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:01,082 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 23 edges. 23 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:01,083 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-02-20 18:06:01,083 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:06:01,101 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-02-20 18:06:01,103 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:06:01,107 INFO L87 Difference]: Start difference. First operand has 73 states, 56 states have (on average 1.3928571428571428) internal successors, (78), 62 states have internal predecessors, (78), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) Second operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:01,219 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:01,220 INFO L93 Difference]: Finished difference Result 138 states and 187 transitions. [2022-02-20 18:06:01,220 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-02-20 18:06:01,220 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2022-02-20 18:06:01,221 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:06:01,222 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:01,232 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 187 transitions. [2022-02-20 18:06:01,240 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:01,252 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 187 transitions. [2022-02-20 18:06:01,258 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 187 transitions. [2022-02-20 18:06:01,437 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 187 edges. 187 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:01,450 INFO L225 Difference]: With dead ends: 138 [2022-02-20 18:06:01,451 INFO L226 Difference]: Without dead ends: 64 [2022-02-20 18:06:01,455 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:06:01,460 INFO L933 BasicCegarLoop]: 90 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 90 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:06:01,462 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 90 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:06:01,477 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 64 states. [2022-02-20 18:06:01,498 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 64 to 64. [2022-02-20 18:06:01,498 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:06:01,500 INFO L82 GeneralOperation]: Start isEquivalent. First operand 64 states. Second operand has 64 states, 49 states have (on average 1.3061224489795917) internal successors, (64), 54 states have internal predecessors, (64), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:06:01,503 INFO L74 IsIncluded]: Start isIncluded. First operand 64 states. Second operand has 64 states, 49 states have (on average 1.3061224489795917) internal successors, (64), 54 states have internal predecessors, (64), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:06:01,506 INFO L87 Difference]: Start difference. First operand 64 states. Second operand has 64 states, 49 states have (on average 1.3061224489795917) internal successors, (64), 54 states have internal predecessors, (64), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:06:01,518 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:01,521 INFO L93 Difference]: Finished difference Result 64 states and 81 transitions. [2022-02-20 18:06:01,521 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 81 transitions. [2022-02-20 18:06:01,522 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:01,523 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:01,524 INFO L74 IsIncluded]: Start isIncluded. First operand has 64 states, 49 states have (on average 1.3061224489795917) internal successors, (64), 54 states have internal predecessors, (64), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) Second operand 64 states. [2022-02-20 18:06:01,525 INFO L87 Difference]: Start difference. First operand has 64 states, 49 states have (on average 1.3061224489795917) internal successors, (64), 54 states have internal predecessors, (64), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) Second operand 64 states. [2022-02-20 18:06:01,537 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:01,538 INFO L93 Difference]: Finished difference Result 64 states and 81 transitions. [2022-02-20 18:06:01,539 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 81 transitions. [2022-02-20 18:06:01,540 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:01,541 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:01,541 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:06:01,541 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:06:01,542 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 64 states, 49 states have (on average 1.3061224489795917) internal successors, (64), 54 states have internal predecessors, (64), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:06:01,545 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 64 states to 64 states and 81 transitions. [2022-02-20 18:06:01,550 INFO L78 Accepts]: Start accepts. Automaton has 64 states and 81 transitions. Word has length 23 [2022-02-20 18:06:01,550 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:06:01,550 INFO L470 AbstractCegarLoop]: Abstraction has 64 states and 81 transitions. [2022-02-20 18:06:01,551 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:01,551 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 81 transitions. [2022-02-20 18:06:01,553 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2022-02-20 18:06:01,555 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:06:01,555 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:06:01,556 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-02-20 18:06:01,556 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:06:01,557 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:06:01,558 INFO L85 PathProgramCache]: Analyzing trace with hash -1636042670, now seen corresponding path program 1 times [2022-02-20 18:06:01,559 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:06:01,559 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1507411782] [2022-02-20 18:06:01,559 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:06:01,559 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:06:01,592 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:01,622 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2022-02-20 18:06:01,624 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:01,627 INFO L290 TraceCheckUtils]: 0: Hoare triple {502#true} havoc ~retValue_acc~7;~retValue_acc~7 := ~methaneLevelCritical~0;#res := ~retValue_acc~7; {502#true} is VALID [2022-02-20 18:06:01,628 INFO L290 TraceCheckUtils]: 1: Hoare triple {502#true} assume true; {502#true} is VALID [2022-02-20 18:06:01,628 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {502#true} {503#false} #196#return; {503#false} is VALID [2022-02-20 18:06:01,628 INFO L290 TraceCheckUtils]: 0: Hoare triple {502#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(30, 4);call #Ultimate.allocInit(9, 5);call #Ultimate.allocInit(21, 6);call #Ultimate.allocInit(30, 7);call #Ultimate.allocInit(9, 8);call #Ultimate.allocInit(21, 9);call #Ultimate.allocInit(30, 10);call #Ultimate.allocInit(9, 11);call #Ultimate.allocInit(25, 12);call #Ultimate.allocInit(30, 13);call #Ultimate.allocInit(9, 14);call #Ultimate.allocInit(25, 15);call #Ultimate.allocInit(13, 16);call #Ultimate.allocInit(3, 17);call write~init~int(79, 17, 0, 1);call write~init~int(110, 17, 1, 1);call write~init~int(0, 17, 2, 1);call #Ultimate.allocInit(4, 18);call write~init~int(79, 18, 0, 1);call write~init~int(102, 18, 1, 1);call write~init~int(102, 18, 2, 1);call write~init~int(0, 18, 3, 1);call #Ultimate.allocInit(7, 19);call write~init~int(44, 19, 0, 1);call write~init~int(80, 19, 1, 1);call write~init~int(117, 19, 2, 1);call write~init~int(109, 19, 3, 1);call write~init~int(112, 19, 4, 1);call write~init~int(58, 19, 5, 1);call write~init~int(0, 19, 6, 1);call #Ultimate.allocInit(3, 20);call write~init~int(79, 20, 0, 1);call write~init~int(110, 20, 1, 1);call write~init~int(0, 20, 2, 1);call #Ultimate.allocInit(4, 21);call write~init~int(79, 21, 0, 1);call write~init~int(102, 21, 1, 1);call write~init~int(102, 21, 2, 1);call write~init~int(0, 21, 3, 1);call #Ultimate.allocInit(3, 22);call write~init~int(41, 22, 0, 1);call write~init~int(32, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(2, 23);call write~init~int(10, 23, 0, 1);call write~init~int(0, 23, 1, 1);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~head~0.base, ~head~0.offset := 0, 0;~cleanupTimeShifts~0 := 4;~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0; {502#true} is VALID [2022-02-20 18:06:01,628 INFO L290 TraceCheckUtils]: 1: Hoare triple {502#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret29#1, main_~retValue_acc~3#1, main_~tmp~4#1;havoc main_~retValue_acc~3#1;havoc main_~tmp~4#1;assume { :begin_inline_select_helpers } true; {502#true} is VALID [2022-02-20 18:06:01,629 INFO L290 TraceCheckUtils]: 2: Hoare triple {502#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {502#true} is VALID [2022-02-20 18:06:01,629 INFO L290 TraceCheckUtils]: 3: Hoare triple {502#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~11#1;havoc valid_product_~retValue_acc~11#1;valid_product_~retValue_acc~11#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~11#1; {502#true} is VALID [2022-02-20 18:06:01,629 INFO L290 TraceCheckUtils]: 4: Hoare triple {502#true} main_#t~ret29#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret29#1 && main_#t~ret29#1 <= 2147483647;main_~tmp~4#1 := main_#t~ret29#1;havoc main_#t~ret29#1; {502#true} is VALID [2022-02-20 18:06:01,629 INFO L290 TraceCheckUtils]: 5: Hoare triple {502#true} assume 0 != main_~tmp~4#1;assume { :begin_inline_setup } true; {502#true} is VALID [2022-02-20 18:06:01,630 INFO L290 TraceCheckUtils]: 6: Hoare triple {502#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet46#1, test_#t~nondet47#1, test_#t~nondet48#1, test_#t~nondet49#1, test_~splverifierCounter~0#1, test_~tmp~7#1, test_~tmp___0~2#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~7#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {504#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:06:01,631 INFO L290 TraceCheckUtils]: 7: Hoare triple {504#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !false; {504#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:06:01,631 INFO L290 TraceCheckUtils]: 8: Hoare triple {504#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !(test_~splverifierCounter~0#1 < 4); {503#false} is VALID [2022-02-20 18:06:01,631 INFO L272 TraceCheckUtils]: 9: Hoare triple {503#false} call cleanup(); {503#false} is VALID [2022-02-20 18:06:01,632 INFO L290 TraceCheckUtils]: 10: Hoare triple {503#false} havoc ~i~0;havoc ~__cil_tmp2~0; {503#false} is VALID [2022-02-20 18:06:01,632 INFO L272 TraceCheckUtils]: 11: Hoare triple {503#false} call timeShift(); {503#false} is VALID [2022-02-20 18:06:01,632 INFO L290 TraceCheckUtils]: 12: Hoare triple {503#false} assume !(0 != ~pumpRunning~0); {503#false} is VALID [2022-02-20 18:06:01,632 INFO L290 TraceCheckUtils]: 13: Hoare triple {503#false} assume !(0 != ~systemActive~0); {503#false} is VALID [2022-02-20 18:06:01,633 INFO L290 TraceCheckUtils]: 14: Hoare triple {503#false} assume { :begin_inline___utac_acc__Specification1_spec__1 } true;havoc __utac_acc__Specification1_spec__1_#t~ret4#1, __utac_acc__Specification1_spec__1_#t~ret5#1, __utac_acc__Specification1_spec__1_~tmp~0#1, __utac_acc__Specification1_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification1_spec__1_~tmp~0#1;havoc __utac_acc__Specification1_spec__1_~tmp___0~0#1; {503#false} is VALID [2022-02-20 18:06:01,633 INFO L272 TraceCheckUtils]: 15: Hoare triple {503#false} call __utac_acc__Specification1_spec__1_#t~ret4#1 := isMethaneLevelCritical(); {502#true} is VALID [2022-02-20 18:06:01,633 INFO L290 TraceCheckUtils]: 16: Hoare triple {502#true} havoc ~retValue_acc~7;~retValue_acc~7 := ~methaneLevelCritical~0;#res := ~retValue_acc~7; {502#true} is VALID [2022-02-20 18:06:01,633 INFO L290 TraceCheckUtils]: 17: Hoare triple {502#true} assume true; {502#true} is VALID [2022-02-20 18:06:01,634 INFO L284 TraceCheckUtils]: 18: Hoare quadruple {502#true} {503#false} #196#return; {503#false} is VALID [2022-02-20 18:06:01,634 INFO L290 TraceCheckUtils]: 19: Hoare triple {503#false} assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret4#1 && __utac_acc__Specification1_spec__1_#t~ret4#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp~0#1 := __utac_acc__Specification1_spec__1_#t~ret4#1;havoc __utac_acc__Specification1_spec__1_#t~ret4#1; {503#false} is VALID [2022-02-20 18:06:01,634 INFO L290 TraceCheckUtils]: 20: Hoare triple {503#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~5#1;havoc isPumpRunning_~retValue_acc~5#1;isPumpRunning_~retValue_acc~5#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~5#1; {503#false} is VALID [2022-02-20 18:06:01,634 INFO L290 TraceCheckUtils]: 21: Hoare triple {503#false} __utac_acc__Specification1_spec__1_#t~ret5#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret5#1 && __utac_acc__Specification1_spec__1_#t~ret5#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp___0~0#1 := __utac_acc__Specification1_spec__1_#t~ret5#1;havoc __utac_acc__Specification1_spec__1_#t~ret5#1; {503#false} is VALID [2022-02-20 18:06:01,635 INFO L290 TraceCheckUtils]: 22: Hoare triple {503#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp___0~0#1;assume { :begin_inline___automaton_fail } true; {503#false} is VALID [2022-02-20 18:06:01,635 INFO L290 TraceCheckUtils]: 23: Hoare triple {503#false} assume !false; {503#false} is VALID [2022-02-20 18:06:01,635 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:06:01,635 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:06:01,636 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1507411782] [2022-02-20 18:06:01,636 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1507411782] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:06:01,636 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:06:01,636 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:06:01,636 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [763145609] [2022-02-20 18:06:01,637 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:06:01,638 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2022-02-20 18:06:01,639 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:06:01,640 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:01,661 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 24 edges. 24 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:01,661 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:06:01,661 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:06:01,662 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:06:01,662 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:06:01,662 INFO L87 Difference]: Start difference. First operand 64 states and 81 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:01,733 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:01,733 INFO L93 Difference]: Finished difference Result 94 states and 118 transitions. [2022-02-20 18:06:01,733 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:06:01,734 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2022-02-20 18:06:01,734 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:06:01,734 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:01,737 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 118 transitions. [2022-02-20 18:06:01,737 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:01,739 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 118 transitions. [2022-02-20 18:06:01,740 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 118 transitions. [2022-02-20 18:06:01,844 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 118 edges. 118 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:01,846 INFO L225 Difference]: With dead ends: 94 [2022-02-20 18:06:01,846 INFO L226 Difference]: Without dead ends: 55 [2022-02-20 18:06:01,847 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:06:01,848 INFO L933 BasicCegarLoop]: 68 mSDtfsCounter, 12 mSDsluCounter, 52 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 120 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:06:01,849 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [15 Valid, 120 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:06:01,850 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 55 states. [2022-02-20 18:06:01,854 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 55 to 55. [2022-02-20 18:06:01,854 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:06:01,854 INFO L82 GeneralOperation]: Start isEquivalent. First operand 55 states. Second operand has 55 states, 43 states have (on average 1.3255813953488371) internal successors, (57), 48 states have internal predecessors, (57), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 18:06:01,855 INFO L74 IsIncluded]: Start isIncluded. First operand 55 states. Second operand has 55 states, 43 states have (on average 1.3255813953488371) internal successors, (57), 48 states have internal predecessors, (57), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 18:06:01,855 INFO L87 Difference]: Start difference. First operand 55 states. Second operand has 55 states, 43 states have (on average 1.3255813953488371) internal successors, (57), 48 states have internal predecessors, (57), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 18:06:01,858 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:01,858 INFO L93 Difference]: Finished difference Result 55 states and 69 transitions. [2022-02-20 18:06:01,858 INFO L276 IsEmpty]: Start isEmpty. Operand 55 states and 69 transitions. [2022-02-20 18:06:01,858 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:01,859 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:01,859 INFO L74 IsIncluded]: Start isIncluded. First operand has 55 states, 43 states have (on average 1.3255813953488371) internal successors, (57), 48 states have internal predecessors, (57), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) Second operand 55 states. [2022-02-20 18:06:01,859 INFO L87 Difference]: Start difference. First operand has 55 states, 43 states have (on average 1.3255813953488371) internal successors, (57), 48 states have internal predecessors, (57), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) Second operand 55 states. [2022-02-20 18:06:01,861 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:01,862 INFO L93 Difference]: Finished difference Result 55 states and 69 transitions. [2022-02-20 18:06:01,862 INFO L276 IsEmpty]: Start isEmpty. Operand 55 states and 69 transitions. [2022-02-20 18:06:01,862 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:01,862 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:01,863 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:06:01,863 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:06:01,863 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 55 states, 43 states have (on average 1.3255813953488371) internal successors, (57), 48 states have internal predecessors, (57), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 18:06:01,865 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 55 states to 55 states and 69 transitions. [2022-02-20 18:06:01,865 INFO L78 Accepts]: Start accepts. Automaton has 55 states and 69 transitions. Word has length 24 [2022-02-20 18:06:01,865 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:06:01,866 INFO L470 AbstractCegarLoop]: Abstraction has 55 states and 69 transitions. [2022-02-20 18:06:01,866 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:01,866 INFO L276 IsEmpty]: Start isEmpty. Operand 55 states and 69 transitions. [2022-02-20 18:06:01,867 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2022-02-20 18:06:01,867 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:06:01,867 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:06:01,867 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-02-20 18:06:01,868 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:06:01,868 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:06:01,868 INFO L85 PathProgramCache]: Analyzing trace with hash 1620101616, now seen corresponding path program 1 times [2022-02-20 18:06:01,868 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:06:01,869 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1281505657] [2022-02-20 18:06:01,869 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:06:01,869 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:06:01,897 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:01,943 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-02-20 18:06:01,945 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:01,948 INFO L290 TraceCheckUtils]: 0: Hoare triple {833#true} havoc ~retValue_acc~7;~retValue_acc~7 := ~methaneLevelCritical~0;#res := ~retValue_acc~7; {833#true} is VALID [2022-02-20 18:06:01,948 INFO L290 TraceCheckUtils]: 1: Hoare triple {833#true} assume true; {833#true} is VALID [2022-02-20 18:06:01,948 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {833#true} {834#false} #196#return; {834#false} is VALID [2022-02-20 18:06:01,961 INFO L290 TraceCheckUtils]: 0: Hoare triple {833#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(30, 4);call #Ultimate.allocInit(9, 5);call #Ultimate.allocInit(21, 6);call #Ultimate.allocInit(30, 7);call #Ultimate.allocInit(9, 8);call #Ultimate.allocInit(21, 9);call #Ultimate.allocInit(30, 10);call #Ultimate.allocInit(9, 11);call #Ultimate.allocInit(25, 12);call #Ultimate.allocInit(30, 13);call #Ultimate.allocInit(9, 14);call #Ultimate.allocInit(25, 15);call #Ultimate.allocInit(13, 16);call #Ultimate.allocInit(3, 17);call write~init~int(79, 17, 0, 1);call write~init~int(110, 17, 1, 1);call write~init~int(0, 17, 2, 1);call #Ultimate.allocInit(4, 18);call write~init~int(79, 18, 0, 1);call write~init~int(102, 18, 1, 1);call write~init~int(102, 18, 2, 1);call write~init~int(0, 18, 3, 1);call #Ultimate.allocInit(7, 19);call write~init~int(44, 19, 0, 1);call write~init~int(80, 19, 1, 1);call write~init~int(117, 19, 2, 1);call write~init~int(109, 19, 3, 1);call write~init~int(112, 19, 4, 1);call write~init~int(58, 19, 5, 1);call write~init~int(0, 19, 6, 1);call #Ultimate.allocInit(3, 20);call write~init~int(79, 20, 0, 1);call write~init~int(110, 20, 1, 1);call write~init~int(0, 20, 2, 1);call #Ultimate.allocInit(4, 21);call write~init~int(79, 21, 0, 1);call write~init~int(102, 21, 1, 1);call write~init~int(102, 21, 2, 1);call write~init~int(0, 21, 3, 1);call #Ultimate.allocInit(3, 22);call write~init~int(41, 22, 0, 1);call write~init~int(32, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(2, 23);call write~init~int(10, 23, 0, 1);call write~init~int(0, 23, 1, 1);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~head~0.base, ~head~0.offset := 0, 0;~cleanupTimeShifts~0 := 4;~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0; {835#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:01,962 INFO L290 TraceCheckUtils]: 1: Hoare triple {835#(= 1 ~systemActive~0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret29#1, main_~retValue_acc~3#1, main_~tmp~4#1;havoc main_~retValue_acc~3#1;havoc main_~tmp~4#1;assume { :begin_inline_select_helpers } true; {835#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:01,963 INFO L290 TraceCheckUtils]: 2: Hoare triple {835#(= 1 ~systemActive~0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {835#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:01,963 INFO L290 TraceCheckUtils]: 3: Hoare triple {835#(= 1 ~systemActive~0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~11#1;havoc valid_product_~retValue_acc~11#1;valid_product_~retValue_acc~11#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~11#1; {836#(= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)} is VALID [2022-02-20 18:06:01,964 INFO L290 TraceCheckUtils]: 4: Hoare triple {836#(= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)} main_#t~ret29#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret29#1 && main_#t~ret29#1 <= 2147483647;main_~tmp~4#1 := main_#t~ret29#1;havoc main_#t~ret29#1; {837#(= |ULTIMATE.start_main_~tmp~4#1| ~systemActive~0)} is VALID [2022-02-20 18:06:01,964 INFO L290 TraceCheckUtils]: 5: Hoare triple {837#(= |ULTIMATE.start_main_~tmp~4#1| ~systemActive~0)} assume 0 != main_~tmp~4#1;assume { :begin_inline_setup } true; {838#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:06:01,965 INFO L290 TraceCheckUtils]: 6: Hoare triple {838#(not (= 0 ~systemActive~0))} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet46#1, test_#t~nondet47#1, test_#t~nondet48#1, test_#t~nondet49#1, test_~splverifierCounter~0#1, test_~tmp~7#1, test_~tmp___0~2#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~7#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {838#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:06:01,966 INFO L290 TraceCheckUtils]: 7: Hoare triple {838#(not (= 0 ~systemActive~0))} assume !false; {838#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:06:01,966 INFO L290 TraceCheckUtils]: 8: Hoare triple {838#(not (= 0 ~systemActive~0))} assume test_~splverifierCounter~0#1 < 4; {838#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:06:01,967 INFO L290 TraceCheckUtils]: 9: Hoare triple {838#(not (= 0 ~systemActive~0))} assume -2147483648 <= test_#t~nondet46#1 && test_#t~nondet46#1 <= 2147483647;test_~tmp~7#1 := test_#t~nondet46#1;havoc test_#t~nondet46#1; {838#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:06:01,967 INFO L290 TraceCheckUtils]: 10: Hoare triple {838#(not (= 0 ~systemActive~0))} assume !(0 != test_~tmp~7#1); {838#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:06:01,968 INFO L290 TraceCheckUtils]: 11: Hoare triple {838#(not (= 0 ~systemActive~0))} assume -2147483648 <= test_#t~nondet47#1 && test_#t~nondet47#1 <= 2147483647;test_~tmp___0~2#1 := test_#t~nondet47#1;havoc test_#t~nondet47#1; {838#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:06:01,968 INFO L290 TraceCheckUtils]: 12: Hoare triple {838#(not (= 0 ~systemActive~0))} assume !(0 != test_~tmp___0~2#1); {838#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:06:01,969 INFO L290 TraceCheckUtils]: 13: Hoare triple {838#(not (= 0 ~systemActive~0))} assume -2147483648 <= test_#t~nondet48#1 && test_#t~nondet48#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet48#1;havoc test_#t~nondet48#1; {838#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:06:01,969 INFO L290 TraceCheckUtils]: 14: Hoare triple {838#(not (= 0 ~systemActive~0))} assume 0 != test_~tmp___2~0#1; {838#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:06:01,970 INFO L272 TraceCheckUtils]: 15: Hoare triple {838#(not (= 0 ~systemActive~0))} call timeShift(); {838#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:06:01,970 INFO L290 TraceCheckUtils]: 16: Hoare triple {838#(not (= 0 ~systemActive~0))} assume !(0 != ~pumpRunning~0); {838#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:06:01,971 INFO L290 TraceCheckUtils]: 17: Hoare triple {838#(not (= 0 ~systemActive~0))} assume !(0 != ~systemActive~0); {834#false} is VALID [2022-02-20 18:06:01,971 INFO L290 TraceCheckUtils]: 18: Hoare triple {834#false} assume { :begin_inline___utac_acc__Specification1_spec__1 } true;havoc __utac_acc__Specification1_spec__1_#t~ret4#1, __utac_acc__Specification1_spec__1_#t~ret5#1, __utac_acc__Specification1_spec__1_~tmp~0#1, __utac_acc__Specification1_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification1_spec__1_~tmp~0#1;havoc __utac_acc__Specification1_spec__1_~tmp___0~0#1; {834#false} is VALID [2022-02-20 18:06:01,971 INFO L272 TraceCheckUtils]: 19: Hoare triple {834#false} call __utac_acc__Specification1_spec__1_#t~ret4#1 := isMethaneLevelCritical(); {833#true} is VALID [2022-02-20 18:06:01,972 INFO L290 TraceCheckUtils]: 20: Hoare triple {833#true} havoc ~retValue_acc~7;~retValue_acc~7 := ~methaneLevelCritical~0;#res := ~retValue_acc~7; {833#true} is VALID [2022-02-20 18:06:01,972 INFO L290 TraceCheckUtils]: 21: Hoare triple {833#true} assume true; {833#true} is VALID [2022-02-20 18:06:01,972 INFO L284 TraceCheckUtils]: 22: Hoare quadruple {833#true} {834#false} #196#return; {834#false} is VALID [2022-02-20 18:06:01,972 INFO L290 TraceCheckUtils]: 23: Hoare triple {834#false} assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret4#1 && __utac_acc__Specification1_spec__1_#t~ret4#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp~0#1 := __utac_acc__Specification1_spec__1_#t~ret4#1;havoc __utac_acc__Specification1_spec__1_#t~ret4#1; {834#false} is VALID [2022-02-20 18:06:01,973 INFO L290 TraceCheckUtils]: 24: Hoare triple {834#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~5#1;havoc isPumpRunning_~retValue_acc~5#1;isPumpRunning_~retValue_acc~5#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~5#1; {834#false} is VALID [2022-02-20 18:06:01,973 INFO L290 TraceCheckUtils]: 25: Hoare triple {834#false} __utac_acc__Specification1_spec__1_#t~ret5#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret5#1 && __utac_acc__Specification1_spec__1_#t~ret5#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp___0~0#1 := __utac_acc__Specification1_spec__1_#t~ret5#1;havoc __utac_acc__Specification1_spec__1_#t~ret5#1; {834#false} is VALID [2022-02-20 18:06:01,973 INFO L290 TraceCheckUtils]: 26: Hoare triple {834#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp___0~0#1;assume { :begin_inline___automaton_fail } true; {834#false} is VALID [2022-02-20 18:06:01,973 INFO L290 TraceCheckUtils]: 27: Hoare triple {834#false} assume !false; {834#false} is VALID [2022-02-20 18:06:01,974 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:06:01,974 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:06:01,974 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1281505657] [2022-02-20 18:06:01,974 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1281505657] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:06:01,975 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:06:01,975 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 18:06:01,975 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1626366494] [2022-02-20 18:06:01,975 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:06:01,976 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 28 [2022-02-20 18:06:01,976 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:06:01,976 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:02,000 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 28 edges. 28 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:02,001 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 18:06:02,001 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:06:02,002 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 18:06:02,002 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-02-20 18:06:02,002 INFO L87 Difference]: Start difference. First operand 55 states and 69 transitions. Second operand has 6 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:02,244 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:02,244 INFO L93 Difference]: Finished difference Result 103 states and 132 transitions. [2022-02-20 18:06:02,244 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 18:06:02,244 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 28 [2022-02-20 18:06:02,245 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:06:02,245 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:02,247 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 132 transitions. [2022-02-20 18:06:02,248 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:02,252 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 132 transitions. [2022-02-20 18:06:02,252 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 132 transitions. [2022-02-20 18:06:02,368 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 132 edges. 132 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:02,372 INFO L225 Difference]: With dead ends: 103 [2022-02-20 18:06:02,372 INFO L226 Difference]: Without dead ends: 55 [2022-02-20 18:06:02,374 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2022-02-20 18:06:02,380 INFO L933 BasicCegarLoop]: 62 mSDtfsCounter, 137 mSDsluCounter, 74 mSDsCounter, 0 mSdLazyCounter, 29 mSolverCounterSat, 21 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 137 SdHoareTripleChecker+Valid, 136 SdHoareTripleChecker+Invalid, 50 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 21 IncrementalHoareTripleChecker+Valid, 29 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 18:06:02,382 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [137 Valid, 136 Invalid, 50 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [21 Valid, 29 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 18:06:02,383 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 55 states. [2022-02-20 18:06:02,391 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 55 to 55. [2022-02-20 18:06:02,391 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:06:02,391 INFO L82 GeneralOperation]: Start isEquivalent. First operand 55 states. Second operand has 55 states, 43 states have (on average 1.302325581395349) internal successors, (56), 48 states have internal predecessors, (56), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 18:06:02,392 INFO L74 IsIncluded]: Start isIncluded. First operand 55 states. Second operand has 55 states, 43 states have (on average 1.302325581395349) internal successors, (56), 48 states have internal predecessors, (56), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 18:06:02,392 INFO L87 Difference]: Start difference. First operand 55 states. Second operand has 55 states, 43 states have (on average 1.302325581395349) internal successors, (56), 48 states have internal predecessors, (56), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 18:06:02,395 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:02,395 INFO L93 Difference]: Finished difference Result 55 states and 68 transitions. [2022-02-20 18:06:02,395 INFO L276 IsEmpty]: Start isEmpty. Operand 55 states and 68 transitions. [2022-02-20 18:06:02,396 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:02,396 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:02,398 INFO L74 IsIncluded]: Start isIncluded. First operand has 55 states, 43 states have (on average 1.302325581395349) internal successors, (56), 48 states have internal predecessors, (56), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) Second operand 55 states. [2022-02-20 18:06:02,398 INFO L87 Difference]: Start difference. First operand has 55 states, 43 states have (on average 1.302325581395349) internal successors, (56), 48 states have internal predecessors, (56), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) Second operand 55 states. [2022-02-20 18:06:02,402 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:02,402 INFO L93 Difference]: Finished difference Result 55 states and 68 transitions. [2022-02-20 18:06:02,402 INFO L276 IsEmpty]: Start isEmpty. Operand 55 states and 68 transitions. [2022-02-20 18:06:02,403 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:02,403 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:02,403 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:06:02,403 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:06:02,403 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 55 states, 43 states have (on average 1.302325581395349) internal successors, (56), 48 states have internal predecessors, (56), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 18:06:02,405 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 55 states to 55 states and 68 transitions. [2022-02-20 18:06:02,405 INFO L78 Accepts]: Start accepts. Automaton has 55 states and 68 transitions. Word has length 28 [2022-02-20 18:06:02,405 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:06:02,406 INFO L470 AbstractCegarLoop]: Abstraction has 55 states and 68 transitions. [2022-02-20 18:06:02,406 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:02,406 INFO L276 IsEmpty]: Start isEmpty. Operand 55 states and 68 transitions. [2022-02-20 18:06:02,407 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-02-20 18:06:02,407 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:06:02,407 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:06:02,408 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-02-20 18:06:02,408 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:06:02,408 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:06:02,409 INFO L85 PathProgramCache]: Analyzing trace with hash 1951185566, now seen corresponding path program 1 times [2022-02-20 18:06:02,409 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:06:02,409 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [829709635] [2022-02-20 18:06:02,409 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:06:02,409 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:06:02,453 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:02,494 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-02-20 18:06:02,495 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:02,498 INFO L290 TraceCheckUtils]: 0: Hoare triple {1181#true} assume true; {1181#true} is VALID [2022-02-20 18:06:02,499 INFO L284 TraceCheckUtils]: 1: Hoare quadruple {1181#true} {1183#(= ~methaneLevelCritical~0 0)} #194#return; {1183#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:02,499 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-02-20 18:06:02,501 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:02,509 INFO L290 TraceCheckUtils]: 0: Hoare triple {1181#true} havoc ~retValue_acc~7;~retValue_acc~7 := ~methaneLevelCritical~0;#res := ~retValue_acc~7; {1191#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} is VALID [2022-02-20 18:06:02,510 INFO L290 TraceCheckUtils]: 1: Hoare triple {1191#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} assume true; {1191#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} is VALID [2022-02-20 18:06:02,511 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1191#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} {1183#(= ~methaneLevelCritical~0 0)} #196#return; {1189#(= |timeShift___utac_acc__Specification1_spec__1_#t~ret4#1| 0)} is VALID [2022-02-20 18:06:02,511 INFO L290 TraceCheckUtils]: 0: Hoare triple {1181#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(30, 4);call #Ultimate.allocInit(9, 5);call #Ultimate.allocInit(21, 6);call #Ultimate.allocInit(30, 7);call #Ultimate.allocInit(9, 8);call #Ultimate.allocInit(21, 9);call #Ultimate.allocInit(30, 10);call #Ultimate.allocInit(9, 11);call #Ultimate.allocInit(25, 12);call #Ultimate.allocInit(30, 13);call #Ultimate.allocInit(9, 14);call #Ultimate.allocInit(25, 15);call #Ultimate.allocInit(13, 16);call #Ultimate.allocInit(3, 17);call write~init~int(79, 17, 0, 1);call write~init~int(110, 17, 1, 1);call write~init~int(0, 17, 2, 1);call #Ultimate.allocInit(4, 18);call write~init~int(79, 18, 0, 1);call write~init~int(102, 18, 1, 1);call write~init~int(102, 18, 2, 1);call write~init~int(0, 18, 3, 1);call #Ultimate.allocInit(7, 19);call write~init~int(44, 19, 0, 1);call write~init~int(80, 19, 1, 1);call write~init~int(117, 19, 2, 1);call write~init~int(109, 19, 3, 1);call write~init~int(112, 19, 4, 1);call write~init~int(58, 19, 5, 1);call write~init~int(0, 19, 6, 1);call #Ultimate.allocInit(3, 20);call write~init~int(79, 20, 0, 1);call write~init~int(110, 20, 1, 1);call write~init~int(0, 20, 2, 1);call #Ultimate.allocInit(4, 21);call write~init~int(79, 21, 0, 1);call write~init~int(102, 21, 1, 1);call write~init~int(102, 21, 2, 1);call write~init~int(0, 21, 3, 1);call #Ultimate.allocInit(3, 22);call write~init~int(41, 22, 0, 1);call write~init~int(32, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(2, 23);call write~init~int(10, 23, 0, 1);call write~init~int(0, 23, 1, 1);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~head~0.base, ~head~0.offset := 0, 0;~cleanupTimeShifts~0 := 4;~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0; {1183#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:02,512 INFO L290 TraceCheckUtils]: 1: Hoare triple {1183#(= ~methaneLevelCritical~0 0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret29#1, main_~retValue_acc~3#1, main_~tmp~4#1;havoc main_~retValue_acc~3#1;havoc main_~tmp~4#1;assume { :begin_inline_select_helpers } true; {1183#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:02,512 INFO L290 TraceCheckUtils]: 2: Hoare triple {1183#(= ~methaneLevelCritical~0 0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1183#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:02,513 INFO L290 TraceCheckUtils]: 3: Hoare triple {1183#(= ~methaneLevelCritical~0 0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~11#1;havoc valid_product_~retValue_acc~11#1;valid_product_~retValue_acc~11#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~11#1; {1183#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:02,513 INFO L290 TraceCheckUtils]: 4: Hoare triple {1183#(= ~methaneLevelCritical~0 0)} main_#t~ret29#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret29#1 && main_#t~ret29#1 <= 2147483647;main_~tmp~4#1 := main_#t~ret29#1;havoc main_#t~ret29#1; {1183#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:02,514 INFO L290 TraceCheckUtils]: 5: Hoare triple {1183#(= ~methaneLevelCritical~0 0)} assume 0 != main_~tmp~4#1;assume { :begin_inline_setup } true; {1183#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:02,514 INFO L290 TraceCheckUtils]: 6: Hoare triple {1183#(= ~methaneLevelCritical~0 0)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet46#1, test_#t~nondet47#1, test_#t~nondet48#1, test_#t~nondet49#1, test_~splverifierCounter~0#1, test_~tmp~7#1, test_~tmp___0~2#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~7#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {1183#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:02,515 INFO L290 TraceCheckUtils]: 7: Hoare triple {1183#(= ~methaneLevelCritical~0 0)} assume !false; {1183#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:02,515 INFO L290 TraceCheckUtils]: 8: Hoare triple {1183#(= ~methaneLevelCritical~0 0)} assume test_~splverifierCounter~0#1 < 4; {1183#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:02,515 INFO L290 TraceCheckUtils]: 9: Hoare triple {1183#(= ~methaneLevelCritical~0 0)} assume -2147483648 <= test_#t~nondet46#1 && test_#t~nondet46#1 <= 2147483647;test_~tmp~7#1 := test_#t~nondet46#1;havoc test_#t~nondet46#1; {1183#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:02,516 INFO L290 TraceCheckUtils]: 10: Hoare triple {1183#(= ~methaneLevelCritical~0 0)} assume !(0 != test_~tmp~7#1); {1183#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:02,516 INFO L290 TraceCheckUtils]: 11: Hoare triple {1183#(= ~methaneLevelCritical~0 0)} assume -2147483648 <= test_#t~nondet47#1 && test_#t~nondet47#1 <= 2147483647;test_~tmp___0~2#1 := test_#t~nondet47#1;havoc test_#t~nondet47#1; {1183#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:02,517 INFO L290 TraceCheckUtils]: 12: Hoare triple {1183#(= ~methaneLevelCritical~0 0)} assume !(0 != test_~tmp___0~2#1); {1183#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:02,517 INFO L290 TraceCheckUtils]: 13: Hoare triple {1183#(= ~methaneLevelCritical~0 0)} assume -2147483648 <= test_#t~nondet48#1 && test_#t~nondet48#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet48#1;havoc test_#t~nondet48#1; {1183#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:02,518 INFO L290 TraceCheckUtils]: 14: Hoare triple {1183#(= ~methaneLevelCritical~0 0)} assume 0 != test_~tmp___2~0#1; {1183#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:02,518 INFO L272 TraceCheckUtils]: 15: Hoare triple {1183#(= ~methaneLevelCritical~0 0)} call timeShift(); {1183#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:02,519 INFO L290 TraceCheckUtils]: 16: Hoare triple {1183#(= ~methaneLevelCritical~0 0)} assume !(0 != ~pumpRunning~0); {1183#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:02,519 INFO L290 TraceCheckUtils]: 17: Hoare triple {1183#(= ~methaneLevelCritical~0 0)} assume 0 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret30#1, processEnvironment_~tmp~5#1;havoc processEnvironment_~tmp~5#1; {1183#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:02,520 INFO L290 TraceCheckUtils]: 18: Hoare triple {1183#(= ~methaneLevelCritical~0 0)} assume !(0 != ~pumpRunning~0); {1183#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:02,520 INFO L272 TraceCheckUtils]: 19: Hoare triple {1183#(= ~methaneLevelCritical~0 0)} call processEnvironment__wrappee__base(); {1181#true} is VALID [2022-02-20 18:06:02,520 INFO L290 TraceCheckUtils]: 20: Hoare triple {1181#true} assume true; {1181#true} is VALID [2022-02-20 18:06:02,520 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {1181#true} {1183#(= ~methaneLevelCritical~0 0)} #194#return; {1183#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:02,521 INFO L290 TraceCheckUtils]: 22: Hoare triple {1183#(= ~methaneLevelCritical~0 0)} assume { :end_inline_processEnvironment } true; {1183#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:02,521 INFO L290 TraceCheckUtils]: 23: Hoare triple {1183#(= ~methaneLevelCritical~0 0)} assume { :begin_inline___utac_acc__Specification1_spec__1 } true;havoc __utac_acc__Specification1_spec__1_#t~ret4#1, __utac_acc__Specification1_spec__1_#t~ret5#1, __utac_acc__Specification1_spec__1_~tmp~0#1, __utac_acc__Specification1_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification1_spec__1_~tmp~0#1;havoc __utac_acc__Specification1_spec__1_~tmp___0~0#1; {1183#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:02,521 INFO L272 TraceCheckUtils]: 24: Hoare triple {1183#(= ~methaneLevelCritical~0 0)} call __utac_acc__Specification1_spec__1_#t~ret4#1 := isMethaneLevelCritical(); {1181#true} is VALID [2022-02-20 18:06:02,522 INFO L290 TraceCheckUtils]: 25: Hoare triple {1181#true} havoc ~retValue_acc~7;~retValue_acc~7 := ~methaneLevelCritical~0;#res := ~retValue_acc~7; {1191#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} is VALID [2022-02-20 18:06:02,522 INFO L290 TraceCheckUtils]: 26: Hoare triple {1191#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} assume true; {1191#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} is VALID [2022-02-20 18:06:02,523 INFO L284 TraceCheckUtils]: 27: Hoare quadruple {1191#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} {1183#(= ~methaneLevelCritical~0 0)} #196#return; {1189#(= |timeShift___utac_acc__Specification1_spec__1_#t~ret4#1| 0)} is VALID [2022-02-20 18:06:02,524 INFO L290 TraceCheckUtils]: 28: Hoare triple {1189#(= |timeShift___utac_acc__Specification1_spec__1_#t~ret4#1| 0)} assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret4#1 && __utac_acc__Specification1_spec__1_#t~ret4#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp~0#1 := __utac_acc__Specification1_spec__1_#t~ret4#1;havoc __utac_acc__Specification1_spec__1_#t~ret4#1; {1190#(= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 0)} is VALID [2022-02-20 18:06:02,524 INFO L290 TraceCheckUtils]: 29: Hoare triple {1190#(= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 0)} assume 0 != __utac_acc__Specification1_spec__1_~tmp~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~5#1;havoc isPumpRunning_~retValue_acc~5#1;isPumpRunning_~retValue_acc~5#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~5#1; {1182#false} is VALID [2022-02-20 18:06:02,524 INFO L290 TraceCheckUtils]: 30: Hoare triple {1182#false} __utac_acc__Specification1_spec__1_#t~ret5#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret5#1 && __utac_acc__Specification1_spec__1_#t~ret5#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp___0~0#1 := __utac_acc__Specification1_spec__1_#t~ret5#1;havoc __utac_acc__Specification1_spec__1_#t~ret5#1; {1182#false} is VALID [2022-02-20 18:06:02,525 INFO L290 TraceCheckUtils]: 31: Hoare triple {1182#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp___0~0#1;assume { :begin_inline___automaton_fail } true; {1182#false} is VALID [2022-02-20 18:06:02,525 INFO L290 TraceCheckUtils]: 32: Hoare triple {1182#false} assume !false; {1182#false} is VALID [2022-02-20 18:06:02,525 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:06:02,525 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:06:02,526 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [829709635] [2022-02-20 18:06:02,526 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [829709635] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:06:02,526 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:06:02,526 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 18:06:02,526 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1001058812] [2022-02-20 18:06:02,526 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:06:02,527 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2022-02-20 18:06:02,527 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:06:02,527 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:06:02,555 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 33 edges. 33 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:02,555 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 18:06:02,555 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:06:02,556 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 18:06:02,556 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 18:06:02,556 INFO L87 Difference]: Start difference. First operand 55 states and 68 transitions. Second operand has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:06:02,844 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:02,844 INFO L93 Difference]: Finished difference Result 150 states and 192 transitions. [2022-02-20 18:06:02,844 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-20 18:06:02,847 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2022-02-20 18:06:02,848 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:06:02,848 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:06:02,852 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 192 transitions. [2022-02-20 18:06:02,852 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:06:02,857 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 192 transitions. [2022-02-20 18:06:02,857 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 192 transitions. [2022-02-20 18:06:02,999 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 192 edges. 192 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:03,002 INFO L225 Difference]: With dead ends: 150 [2022-02-20 18:06:03,003 INFO L226 Difference]: Without dead ends: 102 [2022-02-20 18:06:03,003 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-02-20 18:06:03,004 INFO L933 BasicCegarLoop]: 71 mSDtfsCounter, 41 mSDsluCounter, 250 mSDsCounter, 0 mSdLazyCounter, 36 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 43 SdHoareTripleChecker+Valid, 321 SdHoareTripleChecker+Invalid, 40 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 36 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:06:03,005 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [43 Valid, 321 Invalid, 40 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 36 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:06:03,006 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 102 states. [2022-02-20 18:06:03,028 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 102 to 99. [2022-02-20 18:06:03,028 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:06:03,029 INFO L82 GeneralOperation]: Start isEquivalent. First operand 102 states. Second operand has 99 states, 76 states have (on average 1.3026315789473684) internal successors, (99), 85 states have internal predecessors, (99), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (13), 10 states have call predecessors, (13), 12 states have call successors, (13) [2022-02-20 18:06:03,029 INFO L74 IsIncluded]: Start isIncluded. First operand 102 states. Second operand has 99 states, 76 states have (on average 1.3026315789473684) internal successors, (99), 85 states have internal predecessors, (99), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (13), 10 states have call predecessors, (13), 12 states have call successors, (13) [2022-02-20 18:06:03,030 INFO L87 Difference]: Start difference. First operand 102 states. Second operand has 99 states, 76 states have (on average 1.3026315789473684) internal successors, (99), 85 states have internal predecessors, (99), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (13), 10 states have call predecessors, (13), 12 states have call successors, (13) [2022-02-20 18:06:03,036 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:03,036 INFO L93 Difference]: Finished difference Result 102 states and 127 transitions. [2022-02-20 18:06:03,036 INFO L276 IsEmpty]: Start isEmpty. Operand 102 states and 127 transitions. [2022-02-20 18:06:03,037 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:03,037 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:03,038 INFO L74 IsIncluded]: Start isIncluded. First operand has 99 states, 76 states have (on average 1.3026315789473684) internal successors, (99), 85 states have internal predecessors, (99), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (13), 10 states have call predecessors, (13), 12 states have call successors, (13) Second operand 102 states. [2022-02-20 18:06:03,039 INFO L87 Difference]: Start difference. First operand has 99 states, 76 states have (on average 1.3026315789473684) internal successors, (99), 85 states have internal predecessors, (99), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (13), 10 states have call predecessors, (13), 12 states have call successors, (13) Second operand 102 states. [2022-02-20 18:06:03,044 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:03,044 INFO L93 Difference]: Finished difference Result 102 states and 127 transitions. [2022-02-20 18:06:03,044 INFO L276 IsEmpty]: Start isEmpty. Operand 102 states and 127 transitions. [2022-02-20 18:06:03,045 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:03,045 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:03,045 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:06:03,045 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:06:03,046 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 99 states, 76 states have (on average 1.3026315789473684) internal successors, (99), 85 states have internal predecessors, (99), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (13), 10 states have call predecessors, (13), 12 states have call successors, (13) [2022-02-20 18:06:03,049 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 99 states to 99 states and 124 transitions. [2022-02-20 18:06:03,050 INFO L78 Accepts]: Start accepts. Automaton has 99 states and 124 transitions. Word has length 33 [2022-02-20 18:06:03,050 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:06:03,050 INFO L470 AbstractCegarLoop]: Abstraction has 99 states and 124 transitions. [2022-02-20 18:06:03,050 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:06:03,051 INFO L276 IsEmpty]: Start isEmpty. Operand 99 states and 124 transitions. [2022-02-20 18:06:03,053 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2022-02-20 18:06:03,053 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:06:03,053 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:06:03,054 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-02-20 18:06:03,054 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:06:03,054 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:06:03,054 INFO L85 PathProgramCache]: Analyzing trace with hash 867565658, now seen corresponding path program 1 times [2022-02-20 18:06:03,055 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:06:03,055 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1665324121] [2022-02-20 18:06:03,055 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:06:03,055 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:06:03,101 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:03,174 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-02-20 18:06:03,177 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:03,186 INFO L290 TraceCheckUtils]: 0: Hoare triple {1768#(= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)} assume !(0 != ~methaneLevelCritical~0);~methaneLevelCritical~0 := 1; {1755#true} is VALID [2022-02-20 18:06:03,186 INFO L290 TraceCheckUtils]: 1: Hoare triple {1755#true} assume true; {1755#true} is VALID [2022-02-20 18:06:03,196 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1755#true} {1757#(= ~pumpRunning~0 0)} #204#return; {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,196 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-02-20 18:06:03,197 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:03,200 INFO L290 TraceCheckUtils]: 0: Hoare triple {1755#true} assume true; {1755#true} is VALID [2022-02-20 18:06:03,201 INFO L284 TraceCheckUtils]: 1: Hoare quadruple {1755#true} {1757#(= ~pumpRunning~0 0)} #194#return; {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,201 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-02-20 18:06:03,203 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:03,206 INFO L290 TraceCheckUtils]: 0: Hoare triple {1755#true} havoc ~retValue_acc~7;~retValue_acc~7 := ~methaneLevelCritical~0;#res := ~retValue_acc~7; {1755#true} is VALID [2022-02-20 18:06:03,206 INFO L290 TraceCheckUtils]: 1: Hoare triple {1755#true} assume true; {1755#true} is VALID [2022-02-20 18:06:03,207 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1755#true} {1757#(= ~pumpRunning~0 0)} #196#return; {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,208 INFO L290 TraceCheckUtils]: 0: Hoare triple {1755#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(30, 4);call #Ultimate.allocInit(9, 5);call #Ultimate.allocInit(21, 6);call #Ultimate.allocInit(30, 7);call #Ultimate.allocInit(9, 8);call #Ultimate.allocInit(21, 9);call #Ultimate.allocInit(30, 10);call #Ultimate.allocInit(9, 11);call #Ultimate.allocInit(25, 12);call #Ultimate.allocInit(30, 13);call #Ultimate.allocInit(9, 14);call #Ultimate.allocInit(25, 15);call #Ultimate.allocInit(13, 16);call #Ultimate.allocInit(3, 17);call write~init~int(79, 17, 0, 1);call write~init~int(110, 17, 1, 1);call write~init~int(0, 17, 2, 1);call #Ultimate.allocInit(4, 18);call write~init~int(79, 18, 0, 1);call write~init~int(102, 18, 1, 1);call write~init~int(102, 18, 2, 1);call write~init~int(0, 18, 3, 1);call #Ultimate.allocInit(7, 19);call write~init~int(44, 19, 0, 1);call write~init~int(80, 19, 1, 1);call write~init~int(117, 19, 2, 1);call write~init~int(109, 19, 3, 1);call write~init~int(112, 19, 4, 1);call write~init~int(58, 19, 5, 1);call write~init~int(0, 19, 6, 1);call #Ultimate.allocInit(3, 20);call write~init~int(79, 20, 0, 1);call write~init~int(110, 20, 1, 1);call write~init~int(0, 20, 2, 1);call #Ultimate.allocInit(4, 21);call write~init~int(79, 21, 0, 1);call write~init~int(102, 21, 1, 1);call write~init~int(102, 21, 2, 1);call write~init~int(0, 21, 3, 1);call #Ultimate.allocInit(3, 22);call write~init~int(41, 22, 0, 1);call write~init~int(32, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(2, 23);call write~init~int(10, 23, 0, 1);call write~init~int(0, 23, 1, 1);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~head~0.base, ~head~0.offset := 0, 0;~cleanupTimeShifts~0 := 4;~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0; {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,208 INFO L290 TraceCheckUtils]: 1: Hoare triple {1757#(= ~pumpRunning~0 0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret29#1, main_~retValue_acc~3#1, main_~tmp~4#1;havoc main_~retValue_acc~3#1;havoc main_~tmp~4#1;assume { :begin_inline_select_helpers } true; {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,209 INFO L290 TraceCheckUtils]: 2: Hoare triple {1757#(= ~pumpRunning~0 0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,209 INFO L290 TraceCheckUtils]: 3: Hoare triple {1757#(= ~pumpRunning~0 0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~11#1;havoc valid_product_~retValue_acc~11#1;valid_product_~retValue_acc~11#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~11#1; {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,209 INFO L290 TraceCheckUtils]: 4: Hoare triple {1757#(= ~pumpRunning~0 0)} main_#t~ret29#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret29#1 && main_#t~ret29#1 <= 2147483647;main_~tmp~4#1 := main_#t~ret29#1;havoc main_#t~ret29#1; {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,210 INFO L290 TraceCheckUtils]: 5: Hoare triple {1757#(= ~pumpRunning~0 0)} assume 0 != main_~tmp~4#1;assume { :begin_inline_setup } true; {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,210 INFO L290 TraceCheckUtils]: 6: Hoare triple {1757#(= ~pumpRunning~0 0)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet46#1, test_#t~nondet47#1, test_#t~nondet48#1, test_#t~nondet49#1, test_~splverifierCounter~0#1, test_~tmp~7#1, test_~tmp___0~2#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~7#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,211 INFO L290 TraceCheckUtils]: 7: Hoare triple {1757#(= ~pumpRunning~0 0)} assume !false; {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,211 INFO L290 TraceCheckUtils]: 8: Hoare triple {1757#(= ~pumpRunning~0 0)} assume test_~splverifierCounter~0#1 < 4; {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,212 INFO L290 TraceCheckUtils]: 9: Hoare triple {1757#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet46#1 && test_#t~nondet46#1 <= 2147483647;test_~tmp~7#1 := test_#t~nondet46#1;havoc test_#t~nondet46#1; {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,212 INFO L290 TraceCheckUtils]: 10: Hoare triple {1757#(= ~pumpRunning~0 0)} assume !(0 != test_~tmp~7#1); {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,213 INFO L290 TraceCheckUtils]: 11: Hoare triple {1757#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet47#1 && test_#t~nondet47#1 <= 2147483647;test_~tmp___0~2#1 := test_#t~nondet47#1;havoc test_#t~nondet47#1; {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,213 INFO L290 TraceCheckUtils]: 12: Hoare triple {1757#(= ~pumpRunning~0 0)} assume 0 != test_~tmp___0~2#1; {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,214 INFO L272 TraceCheckUtils]: 13: Hoare triple {1757#(= ~pumpRunning~0 0)} call changeMethaneLevel(); {1768#(= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)} is VALID [2022-02-20 18:06:03,214 INFO L290 TraceCheckUtils]: 14: Hoare triple {1768#(= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)} assume !(0 != ~methaneLevelCritical~0);~methaneLevelCritical~0 := 1; {1755#true} is VALID [2022-02-20 18:06:03,214 INFO L290 TraceCheckUtils]: 15: Hoare triple {1755#true} assume true; {1755#true} is VALID [2022-02-20 18:06:03,215 INFO L284 TraceCheckUtils]: 16: Hoare quadruple {1755#true} {1757#(= ~pumpRunning~0 0)} #204#return; {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,215 INFO L290 TraceCheckUtils]: 17: Hoare triple {1757#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet48#1 && test_#t~nondet48#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet48#1;havoc test_#t~nondet48#1; {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,216 INFO L290 TraceCheckUtils]: 18: Hoare triple {1757#(= ~pumpRunning~0 0)} assume 0 != test_~tmp___2~0#1; {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,216 INFO L272 TraceCheckUtils]: 19: Hoare triple {1757#(= ~pumpRunning~0 0)} call timeShift(); {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,217 INFO L290 TraceCheckUtils]: 20: Hoare triple {1757#(= ~pumpRunning~0 0)} assume !(0 != ~pumpRunning~0); {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,217 INFO L290 TraceCheckUtils]: 21: Hoare triple {1757#(= ~pumpRunning~0 0)} assume 0 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret30#1, processEnvironment_~tmp~5#1;havoc processEnvironment_~tmp~5#1; {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,218 INFO L290 TraceCheckUtils]: 22: Hoare triple {1757#(= ~pumpRunning~0 0)} assume !(0 != ~pumpRunning~0); {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,218 INFO L272 TraceCheckUtils]: 23: Hoare triple {1757#(= ~pumpRunning~0 0)} call processEnvironment__wrappee__base(); {1755#true} is VALID [2022-02-20 18:06:03,218 INFO L290 TraceCheckUtils]: 24: Hoare triple {1755#true} assume true; {1755#true} is VALID [2022-02-20 18:06:03,219 INFO L284 TraceCheckUtils]: 25: Hoare quadruple {1755#true} {1757#(= ~pumpRunning~0 0)} #194#return; {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,219 INFO L290 TraceCheckUtils]: 26: Hoare triple {1757#(= ~pumpRunning~0 0)} assume { :end_inline_processEnvironment } true; {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,220 INFO L290 TraceCheckUtils]: 27: Hoare triple {1757#(= ~pumpRunning~0 0)} assume { :begin_inline___utac_acc__Specification1_spec__1 } true;havoc __utac_acc__Specification1_spec__1_#t~ret4#1, __utac_acc__Specification1_spec__1_#t~ret5#1, __utac_acc__Specification1_spec__1_~tmp~0#1, __utac_acc__Specification1_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification1_spec__1_~tmp~0#1;havoc __utac_acc__Specification1_spec__1_~tmp___0~0#1; {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,220 INFO L272 TraceCheckUtils]: 28: Hoare triple {1757#(= ~pumpRunning~0 0)} call __utac_acc__Specification1_spec__1_#t~ret4#1 := isMethaneLevelCritical(); {1755#true} is VALID [2022-02-20 18:06:03,220 INFO L290 TraceCheckUtils]: 29: Hoare triple {1755#true} havoc ~retValue_acc~7;~retValue_acc~7 := ~methaneLevelCritical~0;#res := ~retValue_acc~7; {1755#true} is VALID [2022-02-20 18:06:03,220 INFO L290 TraceCheckUtils]: 30: Hoare triple {1755#true} assume true; {1755#true} is VALID [2022-02-20 18:06:03,221 INFO L284 TraceCheckUtils]: 31: Hoare quadruple {1755#true} {1757#(= ~pumpRunning~0 0)} #196#return; {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,222 INFO L290 TraceCheckUtils]: 32: Hoare triple {1757#(= ~pumpRunning~0 0)} assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret4#1 && __utac_acc__Specification1_spec__1_#t~ret4#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp~0#1 := __utac_acc__Specification1_spec__1_#t~ret4#1;havoc __utac_acc__Specification1_spec__1_#t~ret4#1; {1757#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:03,222 INFO L290 TraceCheckUtils]: 33: Hoare triple {1757#(= ~pumpRunning~0 0)} assume 0 != __utac_acc__Specification1_spec__1_~tmp~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~5#1;havoc isPumpRunning_~retValue_acc~5#1;isPumpRunning_~retValue_acc~5#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~5#1; {1766#(= |timeShift_isPumpRunning_#res#1| 0)} is VALID [2022-02-20 18:06:03,223 INFO L290 TraceCheckUtils]: 34: Hoare triple {1766#(= |timeShift_isPumpRunning_#res#1| 0)} __utac_acc__Specification1_spec__1_#t~ret5#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret5#1 && __utac_acc__Specification1_spec__1_#t~ret5#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp___0~0#1 := __utac_acc__Specification1_spec__1_#t~ret5#1;havoc __utac_acc__Specification1_spec__1_#t~ret5#1; {1767#(= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 0)} is VALID [2022-02-20 18:06:03,223 INFO L290 TraceCheckUtils]: 35: Hoare triple {1767#(= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 0)} assume 0 != __utac_acc__Specification1_spec__1_~tmp___0~0#1;assume { :begin_inline___automaton_fail } true; {1756#false} is VALID [2022-02-20 18:06:03,223 INFO L290 TraceCheckUtils]: 36: Hoare triple {1756#false} assume !false; {1756#false} is VALID [2022-02-20 18:06:03,224 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:06:03,224 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:06:03,224 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1665324121] [2022-02-20 18:06:03,225 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1665324121] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:06:03,225 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:06:03,225 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 18:06:03,225 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [916066803] [2022-02-20 18:06:03,225 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:06:03,226 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 37 [2022-02-20 18:06:03,226 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:06:03,226 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:06:03,256 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 37 edges. 37 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:03,256 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 18:06:03,256 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:06:03,257 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 18:06:03,257 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 18:06:03,257 INFO L87 Difference]: Start difference. First operand 99 states and 124 transitions. Second operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:06:03,522 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:03,522 INFO L93 Difference]: Finished difference Result 174 states and 219 transitions. [2022-02-20 18:06:03,522 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 18:06:03,523 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 37 [2022-02-20 18:06:03,523 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:06:03,523 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:06:03,525 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 119 transitions. [2022-02-20 18:06:03,525 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:06:03,527 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 119 transitions. [2022-02-20 18:06:03,527 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 119 transitions. [2022-02-20 18:06:03,639 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 119 edges. 119 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:03,639 INFO L225 Difference]: With dead ends: 174 [2022-02-20 18:06:03,640 INFO L226 Difference]: Without dead ends: 0 [2022-02-20 18:06:03,642 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=27, Invalid=45, Unknown=0, NotChecked=0, Total=72 [2022-02-20 18:06:03,643 INFO L933 BasicCegarLoop]: 44 mSDtfsCounter, 45 mSDsluCounter, 71 mSDsCounter, 0 mSdLazyCounter, 65 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 46 SdHoareTripleChecker+Valid, 115 SdHoareTripleChecker+Invalid, 78 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 65 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 18:06:03,643 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [46 Valid, 115 Invalid, 78 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 65 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 18:06:03,644 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-02-20 18:06:03,644 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-02-20 18:06:03,644 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:06:03,645 INFO L82 GeneralOperation]: Start isEquivalent. First operand 0 states. Second operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 18:06:03,645 INFO L74 IsIncluded]: Start isIncluded. First operand 0 states. Second operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 18:06:03,645 INFO L87 Difference]: Start difference. First operand 0 states. Second operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 18:06:03,645 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:03,645 INFO L93 Difference]: Finished difference Result 0 states and 0 transitions. [2022-02-20 18:06:03,645 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-02-20 18:06:03,646 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:03,646 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:03,646 INFO L74 IsIncluded]: Start isIncluded. First operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Second operand 0 states. [2022-02-20 18:06:03,646 INFO L87 Difference]: Start difference. First operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Second operand 0 states. [2022-02-20 18:06:03,646 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:03,646 INFO L93 Difference]: Finished difference Result 0 states and 0 transitions. [2022-02-20 18:06:03,647 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-02-20 18:06:03,647 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:03,647 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:03,647 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:06:03,647 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:06:03,647 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 18:06:03,647 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-02-20 18:06:03,648 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 37 [2022-02-20 18:06:03,648 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:06:03,648 INFO L470 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-02-20 18:06:03,648 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:06:03,648 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-02-20 18:06:03,648 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:03,651 INFO L764 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-02-20 18:06:03,651 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-02-20 18:06:03,654 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-02-20 18:06:04,043 INFO L858 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 590 596) no Hoare annotation was computed. [2022-02-20 18:06:04,044 INFO L861 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 590 596) the Hoare annotation is: true [2022-02-20 18:06:04,044 INFO L854 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 742 753) the Hoare annotation is: (or (not (= ~pumpRunning~0 0)) (not (= 1 ~systemActive~0)) (= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)) [2022-02-20 18:06:04,044 INFO L858 garLoopResultBuilder]: For program point L746-1(lines 742 753) no Hoare annotation was computed. [2022-02-20 18:06:04,044 INFO L858 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 742 753) no Hoare annotation was computed. [2022-02-20 18:06:04,045 INFO L858 garLoopResultBuilder]: For program point L704(lines 704 708) no Hoare annotation was computed. [2022-02-20 18:06:04,045 INFO L858 garLoopResultBuilder]: For program point L704-2(lines 704 708) no Hoare annotation was computed. [2022-02-20 18:06:04,045 INFO L854 garLoopResultBuilder]: At program point L655(lines 650 658) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or .cse0 .cse1 (and (= ~pumpRunning~0 0) (= |timeShift_isPumpRunning_#res#1| 0))) (or .cse0 .cse1 (not (= ~methaneLevelCritical~0 0))))) [2022-02-20 18:06:04,045 INFO L858 garLoopResultBuilder]: For program point timeShiftFINAL(lines 566 589) no Hoare annotation was computed. [2022-02-20 18:06:04,046 INFO L858 garLoopResultBuilder]: For program point L65(lines 65 71) no Hoare annotation was computed. [2022-02-20 18:06:04,046 INFO L854 garLoopResultBuilder]: At program point L800(lines 795 803) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:06:04,046 INFO L858 garLoopResultBuilder]: For program point L577-1(lines 577 583) no Hoare annotation was computed. [2022-02-20 18:06:04,046 INFO L858 garLoopResultBuilder]: For program point L606(lines 606 614) no Hoare annotation was computed. [2022-02-20 18:06:04,046 INFO L858 garLoopResultBuilder]: For program point L61(lines 61 74) no Hoare annotation was computed. [2022-02-20 18:06:04,047 INFO L854 garLoopResultBuilder]: At program point L61-1(lines 53 77) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or .cse0 (= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 0) .cse1 (not (= ~methaneLevelCritical~0 0))) (or .cse0 (= ~pumpRunning~0 0) .cse1))) [2022-02-20 18:06:04,047 INFO L858 garLoopResultBuilder]: For program point L602(lines 602 619) no Hoare annotation was computed. [2022-02-20 18:06:04,047 INFO L858 garLoopResultBuilder]: For program point L722(lines 722 726) no Hoare annotation was computed. [2022-02-20 18:06:04,047 INFO L854 garLoopResultBuilder]: At program point L722-2(lines 718 729) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:06:04,048 INFO L858 garLoopResultBuilder]: For program point L553(line 553) no Hoare annotation was computed. [2022-02-20 18:06:04,048 INFO L854 garLoopResultBuilder]: At program point L710(lines 695 713) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:06:04,048 INFO L854 garLoopResultBuilder]: At program point L636(lines 631 638) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:06:04,048 INFO L858 garLoopResultBuilder]: For program point L570-1(lines 569 588) no Hoare annotation was computed. [2022-02-20 18:06:04,048 INFO L854 garLoopResultBuilder]: At program point L554(lines 549 556) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:06:04,048 INFO L854 garLoopResultBuilder]: At program point L612(line 612) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:06:04,049 INFO L854 garLoopResultBuilder]: At program point L59(line 59) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) (not (= 1 ~systemActive~0))) [2022-02-20 18:06:04,049 INFO L858 garLoopResultBuilder]: For program point L59-1(line 59) no Hoare annotation was computed. [2022-02-20 18:06:04,049 INFO L854 garLoopResultBuilder]: At program point timeShiftENTRY(lines 566 589) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) (not (= 1 ~systemActive~0))) [2022-02-20 18:06:04,049 INFO L858 garLoopResultBuilder]: For program point timeShiftEXIT(lines 566 589) no Hoare annotation was computed. [2022-02-20 18:06:04,049 INFO L854 garLoopResultBuilder]: At program point L617(line 617) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) (not (= 1 ~systemActive~0))) [2022-02-20 18:06:04,049 INFO L858 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 553) no Hoare annotation was computed. [2022-02-20 18:06:04,050 INFO L854 garLoopResultBuilder]: At program point L617-1(lines 598 622) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) (not (= 1 ~systemActive~0))) [2022-02-20 18:06:04,050 INFO L858 garLoopResultBuilder]: For program point cleanupEXIT(lines 447 476) no Hoare annotation was computed. [2022-02-20 18:06:04,050 INFO L861 garLoopResultBuilder]: At program point cleanupENTRY(lines 447 476) the Hoare annotation is: true [2022-02-20 18:06:04,050 INFO L861 garLoopResultBuilder]: At program point L472(lines 447 476) the Hoare annotation is: true [2022-02-20 18:06:04,051 INFO L858 garLoopResultBuilder]: For program point L468(line 468) no Hoare annotation was computed. [2022-02-20 18:06:04,051 INFO L858 garLoopResultBuilder]: For program point L461(lines 461 465) no Hoare annotation was computed. [2022-02-20 18:06:04,051 INFO L861 garLoopResultBuilder]: At program point L461-1(lines 461 465) the Hoare annotation is: true [2022-02-20 18:06:04,052 INFO L858 garLoopResultBuilder]: For program point L458(line 458) no Hoare annotation was computed. [2022-02-20 18:06:04,052 INFO L861 garLoopResultBuilder]: At program point L457-2(lines 457 471) the Hoare annotation is: true [2022-02-20 18:06:04,052 INFO L861 garLoopResultBuilder]: At program point L453(line 453) the Hoare annotation is: true [2022-02-20 18:06:04,052 INFO L858 garLoopResultBuilder]: For program point L453-1(line 453) no Hoare annotation was computed. [2022-02-20 18:06:04,052 INFO L861 garLoopResultBuilder]: At program point isMethaneLevelCriticalENTRY(lines 754 762) the Hoare annotation is: true [2022-02-20 18:06:04,052 INFO L858 garLoopResultBuilder]: For program point isMethaneLevelCriticalFINAL(lines 754 762) no Hoare annotation was computed. [2022-02-20 18:06:04,053 INFO L858 garLoopResultBuilder]: For program point isMethaneLevelCriticalEXIT(lines 754 762) no Hoare annotation was computed. [2022-02-20 18:06:04,053 INFO L854 garLoopResultBuilder]: At program point L861(lines 814 862) the Hoare annotation is: false [2022-02-20 18:06:04,053 INFO L858 garLoopResultBuilder]: For program point L535(lines 535 542) no Hoare annotation was computed. [2022-02-20 18:06:04,055 INFO L858 garLoopResultBuilder]: For program point L535-2(lines 535 542) no Hoare annotation was computed. [2022-02-20 18:06:04,055 INFO L858 garLoopResultBuilder]: For program point L816(lines 815 860) no Hoare annotation was computed. [2022-02-20 18:06:04,055 INFO L858 garLoopResultBuilder]: For program point L845(lines 845 856) no Hoare annotation was computed. [2022-02-20 18:06:04,055 INFO L861 garLoopResultBuilder]: At program point L519(lines 512 521) the Hoare annotation is: true [2022-02-20 18:06:04,055 INFO L854 garLoopResultBuilder]: At program point L837(line 837) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0) (= |ULTIMATE.start_main_~tmp~4#1| ~systemActive~0)) [2022-02-20 18:06:04,055 INFO L861 garLoopResultBuilder]: At program point L544(lines 525 547) the Hoare annotation is: true [2022-02-20 18:06:04,056 INFO L858 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-02-20 18:06:04,056 INFO L858 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-02-20 18:06:04,056 INFO L858 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-02-20 18:06:04,056 INFO L854 garLoopResultBuilder]: At program point L858(lines 815 860) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0) (= |ULTIMATE.start_main_~tmp~4#1| ~systemActive~0)) [2022-02-20 18:06:04,056 INFO L858 garLoopResultBuilder]: For program point L825(lines 825 831) no Hoare annotation was computed. [2022-02-20 18:06:04,056 INFO L858 garLoopResultBuilder]: For program point L825-1(lines 825 831) no Hoare annotation was computed. [2022-02-20 18:06:04,056 INFO L858 garLoopResultBuilder]: For program point L817(lines 817 821) no Hoare annotation was computed. [2022-02-20 18:06:04,057 INFO L854 garLoopResultBuilder]: At program point L900(lines 895 903) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)) [2022-02-20 18:06:04,057 INFO L858 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-02-20 18:06:04,057 INFO L854 garLoopResultBuilder]: At program point L892(lines 888 894) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0)) [2022-02-20 18:06:04,057 INFO L854 garLoopResultBuilder]: At program point L508(lines 504 510) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0) (= |ULTIMATE.start_main_~tmp~4#1| ~systemActive~0)) [2022-02-20 18:06:04,057 INFO L858 garLoopResultBuilder]: For program point L851(lines 851 855) no Hoare annotation was computed. [2022-02-20 18:06:04,057 INFO L854 garLoopResultBuilder]: At program point L851-2(lines 845 856) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0) (= |ULTIMATE.start_main_~tmp~4#1| ~systemActive~0)) [2022-02-20 18:06:04,058 INFO L858 garLoopResultBuilder]: For program point L835(lines 835 841) no Hoare annotation was computed. [2022-02-20 18:06:04,058 INFO L858 garLoopResultBuilder]: For program point L835-1(lines 835 841) no Hoare annotation was computed. [2022-02-20 18:06:04,058 INFO L861 garLoopResultBuilder]: At program point L864(lines 805 868) the Hoare annotation is: true [2022-02-20 18:06:04,058 INFO L854 garLoopResultBuilder]: At program point L827(line 827) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0) (= |ULTIMATE.start_main_~tmp~4#1| ~systemActive~0)) [2022-02-20 18:06:04,058 INFO L854 garLoopResultBuilder]: At program point L885(lines 881 887) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0)) [2022-02-20 18:06:04,058 INFO L858 garLoopResultBuilder]: For program point waterRiseEXIT(lines 730 741) no Hoare annotation was computed. [2022-02-20 18:06:04,058 INFO L858 garLoopResultBuilder]: For program point L734-1(lines 730 741) no Hoare annotation was computed. [2022-02-20 18:06:04,059 INFO L861 garLoopResultBuilder]: At program point waterRiseENTRY(lines 730 741) the Hoare annotation is: true [2022-02-20 18:06:04,062 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1] [2022-02-20 18:06:04,063 INFO L180 ceAbstractionStarter]: Computing trace abstraction results [2022-02-20 18:06:04,068 WARN L170 areAnnotationChecker]: processEnvironment__wrappee__baseEXIT has no Hoare annotation [2022-02-20 18:06:04,068 WARN L170 areAnnotationChecker]: L746-1 has no Hoare annotation [2022-02-20 18:06:04,069 WARN L170 areAnnotationChecker]: L746-1 has no Hoare annotation [2022-02-20 18:06:04,069 WARN L170 areAnnotationChecker]: L722 has no Hoare annotation [2022-02-20 18:06:04,069 WARN L170 areAnnotationChecker]: L570-1 has no Hoare annotation [2022-02-20 18:06:04,069 WARN L170 areAnnotationChecker]: isMethaneLevelCriticalFINAL has no Hoare annotation [2022-02-20 18:06:04,069 WARN L170 areAnnotationChecker]: ULTIMATE.startENTRY has no Hoare annotation [2022-02-20 18:06:04,069 WARN L170 areAnnotationChecker]: L734-1 has no Hoare annotation [2022-02-20 18:06:04,069 WARN L170 areAnnotationChecker]: L734-1 has no Hoare annotation [2022-02-20 18:06:04,069 WARN L170 areAnnotationChecker]: processEnvironment__wrappee__baseEXIT has no Hoare annotation [2022-02-20 18:06:04,070 WARN L170 areAnnotationChecker]: processEnvironment__wrappee__baseEXIT has no Hoare annotation [2022-02-20 18:06:04,070 WARN L170 areAnnotationChecker]: L746-1 has no Hoare annotation [2022-02-20 18:06:04,070 WARN L170 areAnnotationChecker]: L722 has no Hoare annotation [2022-02-20 18:06:04,070 WARN L170 areAnnotationChecker]: L722 has no Hoare annotation [2022-02-20 18:06:04,070 WARN L170 areAnnotationChecker]: L570-1 has no Hoare annotation [2022-02-20 18:06:04,070 WARN L170 areAnnotationChecker]: L570-1 has no Hoare annotation [2022-02-20 18:06:04,070 WARN L170 areAnnotationChecker]: L453-1 has no Hoare annotation [2022-02-20 18:06:04,071 WARN L170 areAnnotationChecker]: isMethaneLevelCriticalFINAL has no Hoare annotation [2022-02-20 18:06:04,071 WARN L170 areAnnotationChecker]: L-1 has no Hoare annotation [2022-02-20 18:06:04,071 WARN L170 areAnnotationChecker]: L734-1 has no Hoare annotation [2022-02-20 18:06:04,071 WARN L170 areAnnotationChecker]: L577-1 has no Hoare annotation [2022-02-20 18:06:04,072 WARN L170 areAnnotationChecker]: changeMethaneLevelEXIT has no Hoare annotation [2022-02-20 18:06:04,072 WARN L170 areAnnotationChecker]: L570-1 has no Hoare annotation [2022-02-20 18:06:04,072 WARN L170 areAnnotationChecker]: L602 has no Hoare annotation [2022-02-20 18:06:04,072 WARN L170 areAnnotationChecker]: L602 has no Hoare annotation [2022-02-20 18:06:04,072 WARN L170 areAnnotationChecker]: L577-1 has no Hoare annotation [2022-02-20 18:06:04,072 WARN L170 areAnnotationChecker]: L453-1 has no Hoare annotation [2022-02-20 18:06:04,072 WARN L170 areAnnotationChecker]: isMethaneLevelCriticalEXIT has no Hoare annotation [2022-02-20 18:06:04,073 WARN L170 areAnnotationChecker]: waterRiseEXIT has no Hoare annotation [2022-02-20 18:06:04,073 WARN L170 areAnnotationChecker]: L835-1 has no Hoare annotation [2022-02-20 18:06:04,073 WARN L170 areAnnotationChecker]: L704 has no Hoare annotation [2022-02-20 18:06:04,073 WARN L170 areAnnotationChecker]: L59-1 has no Hoare annotation [2022-02-20 18:06:04,073 WARN L170 areAnnotationChecker]: L458 has no Hoare annotation [2022-02-20 18:06:04,073 WARN L170 areAnnotationChecker]: L59-1 has no Hoare annotation [2022-02-20 18:06:04,074 WARN L170 areAnnotationChecker]: L825-1 has no Hoare annotation [2022-02-20 18:06:04,074 WARN L170 areAnnotationChecker]: L845 has no Hoare annotation [2022-02-20 18:06:04,074 WARN L170 areAnnotationChecker]: L845 has no Hoare annotation [2022-02-20 18:06:04,074 WARN L170 areAnnotationChecker]: L704 has no Hoare annotation [2022-02-20 18:06:04,074 WARN L170 areAnnotationChecker]: L704 has no Hoare annotation [2022-02-20 18:06:04,075 WARN L170 areAnnotationChecker]: cleanupEXIT has no Hoare annotation [2022-02-20 18:06:04,075 WARN L170 areAnnotationChecker]: L458 has no Hoare annotation [2022-02-20 18:06:04,075 WARN L170 areAnnotationChecker]: L61 has no Hoare annotation [2022-02-20 18:06:04,075 WARN L170 areAnnotationChecker]: L61 has no Hoare annotation [2022-02-20 18:06:04,075 WARN L170 areAnnotationChecker]: L535 has no Hoare annotation [2022-02-20 18:06:04,075 WARN L170 areAnnotationChecker]: L835 has no Hoare annotation [2022-02-20 18:06:04,075 WARN L170 areAnnotationChecker]: L835 has no Hoare annotation [2022-02-20 18:06:04,076 WARN L170 areAnnotationChecker]: L851 has no Hoare annotation [2022-02-20 18:06:04,076 WARN L170 areAnnotationChecker]: L851 has no Hoare annotation [2022-02-20 18:06:04,076 WARN L170 areAnnotationChecker]: L704-2 has no Hoare annotation [2022-02-20 18:06:04,076 WARN L170 areAnnotationChecker]: cleanupEXIT has no Hoare annotation [2022-02-20 18:06:04,076 WARN L170 areAnnotationChecker]: L461 has no Hoare annotation [2022-02-20 18:06:04,077 WARN L170 areAnnotationChecker]: L461 has no Hoare annotation [2022-02-20 18:06:04,077 WARN L170 areAnnotationChecker]: L65 has no Hoare annotation [2022-02-20 18:06:04,077 WARN L170 areAnnotationChecker]: timeShiftFINAL has no Hoare annotation [2022-02-20 18:06:04,077 WARN L170 areAnnotationChecker]: L535 has no Hoare annotation [2022-02-20 18:06:04,077 WARN L170 areAnnotationChecker]: L535 has no Hoare annotation [2022-02-20 18:06:04,077 WARN L170 areAnnotationChecker]: L835-1 has no Hoare annotation [2022-02-20 18:06:04,078 WARN L170 areAnnotationChecker]: L816 has no Hoare annotation [2022-02-20 18:06:04,079 WARN L170 areAnnotationChecker]: L606 has no Hoare annotation [2022-02-20 18:06:04,079 WARN L170 areAnnotationChecker]: L468 has no Hoare annotation [2022-02-20 18:06:04,079 WARN L170 areAnnotationChecker]: L65 has no Hoare annotation [2022-02-20 18:06:04,079 WARN L170 areAnnotationChecker]: L65 has no Hoare annotation [2022-02-20 18:06:04,079 WARN L170 areAnnotationChecker]: timeShiftFINAL has no Hoare annotation [2022-02-20 18:06:04,080 WARN L170 areAnnotationChecker]: L535-2 has no Hoare annotation [2022-02-20 18:06:04,080 WARN L170 areAnnotationChecker]: L816 has no Hoare annotation [2022-02-20 18:06:04,080 WARN L170 areAnnotationChecker]: L816 has no Hoare annotation [2022-02-20 18:06:04,080 WARN L170 areAnnotationChecker]: L606 has no Hoare annotation [2022-02-20 18:06:04,080 WARN L170 areAnnotationChecker]: L606 has no Hoare annotation [2022-02-20 18:06:04,081 WARN L170 areAnnotationChecker]: L535-2 has no Hoare annotation [2022-02-20 18:06:04,081 WARN L170 areAnnotationChecker]: L468 has no Hoare annotation [2022-02-20 18:06:04,081 WARN L170 areAnnotationChecker]: L553 has no Hoare annotation [2022-02-20 18:06:04,081 WARN L170 areAnnotationChecker]: L553 has no Hoare annotation [2022-02-20 18:06:04,081 WARN L170 areAnnotationChecker]: timeShiftEXIT has no Hoare annotation [2022-02-20 18:06:04,081 WARN L170 areAnnotationChecker]: timeShiftEXIT has no Hoare annotation [2022-02-20 18:06:04,081 WARN L170 areAnnotationChecker]: timeShiftEXIT has no Hoare annotation [2022-02-20 18:06:04,081 WARN L170 areAnnotationChecker]: ULTIMATE.startFINAL has no Hoare annotation [2022-02-20 18:06:04,081 WARN L170 areAnnotationChecker]: L817 has no Hoare annotation [2022-02-20 18:06:04,082 WARN L170 areAnnotationChecker]: ULTIMATE.startFINAL has no Hoare annotation [2022-02-20 18:06:04,083 WARN L170 areAnnotationChecker]: L825 has no Hoare annotation [2022-02-20 18:06:04,083 WARN L170 areAnnotationChecker]: L825 has no Hoare annotation [2022-02-20 18:06:04,084 WARN L170 areAnnotationChecker]: L825-1 has no Hoare annotation [2022-02-20 18:06:04,084 INFO L163 areAnnotationChecker]: CFG has 20 edges. 20 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. 0 times interpolants missing. [2022-02-20 18:06:04,106 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 20.02 06:06:04 BoogieIcfgContainer [2022-02-20 18:06:04,107 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-02-20 18:06:04,108 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-02-20 18:06:04,108 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-02-20 18:06:04,108 INFO L275 PluginConnector]: Witness Printer initialized [2022-02-20 18:06:04,109 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:06:00" (3/4) ... [2022-02-20 18:06:04,111 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-02-20 18:06:04,116 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-02-20 18:06:04,116 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-02-20 18:06:04,116 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-02-20 18:06:04,116 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-02-20 18:06:04,116 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2022-02-20 18:06:04,117 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-02-20 18:06:04,128 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 49 nodes and edges [2022-02-20 18:06:04,128 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-02-20 18:06:04,129 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-02-20 18:06:04,129 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-02-20 18:06:04,130 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-02-20 18:06:04,130 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-02-20 18:06:04,130 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-02-20 18:06:04,151 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive) && \result == systemActive [2022-02-20 18:06:04,152 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive) && \result == systemActive) && tmp == systemActive [2022-02-20 18:06:04,153 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((pumpRunning == 0 && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0) && tmp == systemActive [2022-02-20 18:06:04,154 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 == systemActive) [2022-02-20 18:06:04,155 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive) [2022-02-20 18:06:04,156 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(\old(pumpRunning) == 0) || tmp == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) && ((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) [2022-02-20 18:06:04,157 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && \result == 0)) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) [2022-02-20 18:06:04,157 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 == systemActive) [2022-02-20 18:06:04,157 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 == systemActive) [2022-02-20 18:06:04,157 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 == systemActive) [2022-02-20 18:06:04,158 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 == systemActive) [2022-02-20 18:06:04,186 INFO L141 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2022-02-20 18:06:04,186 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-02-20 18:06:04,187 INFO L158 Benchmark]: Toolchain (without parser) took 4733.30ms. Allocated memory was 94.4MB in the beginning and 172.0MB in the end (delta: 77.6MB). Free memory was 60.6MB in the beginning and 104.4MB in the end (delta: -43.9MB). Peak memory consumption was 32.9MB. Max. memory is 16.1GB. [2022-02-20 18:06:04,188 INFO L158 Benchmark]: CDTParser took 0.21ms. Allocated memory is still 94.4MB. Free memory was 49.5MB in the beginning and 49.4MB in the end (delta: 83.9kB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:06:04,188 INFO L158 Benchmark]: CACSL2BoogieTranslator took 510.31ms. Allocated memory is still 94.4MB. Free memory was 60.4MB in the beginning and 58.5MB in the end (delta: 1.9MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-02-20 18:06:04,189 INFO L158 Benchmark]: Boogie Procedure Inliner took 47.33ms. Allocated memory is still 94.4MB. Free memory was 58.5MB in the beginning and 55.8MB in the end (delta: 2.7MB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:06:04,189 INFO L158 Benchmark]: Boogie Preprocessor took 23.23ms. Allocated memory is still 94.4MB. Free memory was 55.8MB in the beginning and 54.3MB in the end (delta: 1.5MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-02-20 18:06:04,189 INFO L158 Benchmark]: RCFGBuilder took 580.98ms. Allocated memory was 94.4MB in the beginning and 127.9MB in the end (delta: 33.6MB). Free memory was 54.3MB in the beginning and 94.6MB in the end (delta: -40.2MB). Peak memory consumption was 13.0MB. Max. memory is 16.1GB. [2022-02-20 18:06:04,190 INFO L158 Benchmark]: TraceAbstraction took 3482.36ms. Allocated memory was 127.9MB in the beginning and 172.0MB in the end (delta: 44.0MB). Free memory was 94.0MB in the beginning and 109.7MB in the end (delta: -15.7MB). Peak memory consumption was 28.9MB. Max. memory is 16.1GB. [2022-02-20 18:06:04,190 INFO L158 Benchmark]: Witness Printer took 78.47ms. Allocated memory is still 172.0MB. Free memory was 109.7MB in the beginning and 104.4MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-02-20 18:06:04,194 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.21ms. Allocated memory is still 94.4MB. Free memory was 49.5MB in the beginning and 49.4MB in the end (delta: 83.9kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 510.31ms. Allocated memory is still 94.4MB. Free memory was 60.4MB in the beginning and 58.5MB in the end (delta: 1.9MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 47.33ms. Allocated memory is still 94.4MB. Free memory was 58.5MB in the beginning and 55.8MB in the end (delta: 2.7MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 23.23ms. Allocated memory is still 94.4MB. Free memory was 55.8MB in the beginning and 54.3MB in the end (delta: 1.5MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * RCFGBuilder took 580.98ms. Allocated memory was 94.4MB in the beginning and 127.9MB in the end (delta: 33.6MB). Free memory was 54.3MB in the beginning and 94.6MB in the end (delta: -40.2MB). Peak memory consumption was 13.0MB. Max. memory is 16.1GB. * TraceAbstraction took 3482.36ms. Allocated memory was 127.9MB in the beginning and 172.0MB in the end (delta: 44.0MB). Free memory was 94.0MB in the beginning and 109.7MB in the end (delta: -15.7MB). Peak memory consumption was 28.9MB. Max. memory is 16.1GB. * Witness Printer took 78.47ms. Allocated memory is still 172.0MB. Free memory was 109.7MB in the beginning and 104.4MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 553]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 73 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 3.4s, OverallIterations: 5, TraceHistogramMax: 1, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 1.8s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.4s, InitialAbstractionConstructionTime: 0.0s, PartialOrderReductionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 241 SdHoareTripleChecker+Valid, 0.2s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 235 mSDsluCounter, 782 SdHoareTripleChecker+Invalid, 0.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 447 mSDsCounter, 38 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 131 IncrementalHoareTripleChecker+Invalid, 169 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 38 mSolverCounterUnsat, 335 mSDtfsCounter, 131 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 44 GetRequests, 23 SyntacticMatches, 0 SemanticMatches, 21 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=99occurred in iteration=4, InterpolantAutomatonStates: 24, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 5 MinimizatonAttempts, 3 StatesRemovedByMinimization, 1 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 33 LocationsWithAnnotation, 190 PreInvPairs, 212 NumberOfFragments, 298 HoareAnnotationTreeSize, 190 FomulaSimplifications, 16 FormulaSimplificationTreeSizeReduction, 0.1s HoareSimplificationTime, 33 FomulaSimplificationsInter, 457 FormulaSimplificationTreeSizeReductionInter, 0.3s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 0.4s InterpolantComputationTime, 145 NumberOfCodeBlocks, 145 NumberOfCodeBlocksAsserted, 5 NumberOfCheckSat, 140 ConstructedInterpolants, 0 QuantifiedInterpolants, 298 SizeOfPredicates, 0 NumberOfNonLiveVariables, 0 ConjunctsInSsa, 0 ConjunctsInUnsatCore, 5 InterpolantComputations, 5 PerfectInterpolantSequences, 0/0 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 695]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 == systemActive) - InvariantResult [Line: 457]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 895]: Loop Invariant Derived loop invariant: ((pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive) && \result == systemActive - InvariantResult [Line: 598]: Loop Invariant Derived loop invariant: (!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive) - InvariantResult [Line: 650]: Loop Invariant Derived loop invariant: ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && \result == 0)) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) - InvariantResult [Line: 881]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive - InvariantResult [Line: 795]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 == systemActive) - InvariantResult [Line: 525]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 53]: Loop Invariant Derived loop invariant: (((!(\old(pumpRunning) == 0) || tmp == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) && ((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) - InvariantResult [Line: 718]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 == systemActive) - InvariantResult [Line: 447]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 815]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0) && tmp == systemActive - InvariantResult [Line: 631]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 == systemActive) - InvariantResult [Line: 549]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 == systemActive) - InvariantResult [Line: 805]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 504]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive) && \result == systemActive) && tmp == systemActive - InvariantResult [Line: 814]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 888]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive - InvariantResult [Line: 512]: Loop Invariant Derived loop invariant: 1 RESULT: Ultimate proved your program to be correct! [2022-02-20 18:06:04,237 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE