./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec1_product26.cil.c --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 03d7b7b3 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec1_product26.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 0cfd5986b9c6081aba994f88e5d05d10fdc0f15ef14be4c1b5ef95a6415946c3 --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 18:06:06,883 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 18:06:06,884 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 18:06:06,910 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 18:06:06,911 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 18:06:06,913 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 18:06:06,915 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 18:06:06,917 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 18:06:06,919 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 18:06:06,922 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 18:06:06,923 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 18:06:06,924 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 18:06:06,924 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 18:06:06,926 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 18:06:06,927 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 18:06:06,928 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 18:06:06,929 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 18:06:06,930 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 18:06:06,933 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 18:06:06,937 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 18:06:06,938 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 18:06:06,939 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 18:06:06,940 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 18:06:06,941 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 18:06:06,946 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 18:06:06,946 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 18:06:06,946 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 18:06:06,947 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 18:06:06,948 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 18:06:06,948 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 18:06:06,949 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 18:06:06,949 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 18:06:06,950 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 18:06:06,951 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 18:06:06,952 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 18:06:06,952 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 18:06:06,953 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 18:06:06,953 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 18:06:06,953 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 18:06:06,954 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 18:06:06,954 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 18:06:06,956 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-02-20 18:06:06,979 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 18:06:06,979 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 18:06:06,980 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 18:06:06,980 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 18:06:06,980 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 18:06:06,981 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 18:06:06,981 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 18:06:06,981 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 18:06:06,981 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 18:06:06,982 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 18:06:06,982 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 18:06:06,983 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 18:06:06,983 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 18:06:06,983 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 18:06:06,983 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-02-20 18:06:06,983 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 18:06:06,983 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-02-20 18:06:06,983 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 18:06:06,984 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-02-20 18:06:06,984 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 18:06:06,984 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-02-20 18:06:06,984 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 18:06:06,984 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 18:06:06,984 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 18:06:06,985 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:06:06,985 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 18:06:06,985 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 18:06:06,985 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-02-20 18:06:06,985 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-02-20 18:06:06,985 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-02-20 18:06:06,986 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2022-02-20 18:06:06,986 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-02-20 18:06:06,986 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-02-20 18:06:06,986 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 0cfd5986b9c6081aba994f88e5d05d10fdc0f15ef14be4c1b5ef95a6415946c3 [2022-02-20 18:06:07,219 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 18:06:07,243 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 18:06:07,245 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 18:06:07,246 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 18:06:07,247 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 18:06:07,248 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec1_product26.cil.c [2022-02-20 18:06:07,299 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/11d45afe3/ed9ef004a719461fbbc084a371205a32/FLAGd508c6bf0 [2022-02-20 18:06:07,731 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 18:06:07,734 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product26.cil.c [2022-02-20 18:06:07,748 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/11d45afe3/ed9ef004a719461fbbc084a371205a32/FLAGd508c6bf0 [2022-02-20 18:06:07,760 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/11d45afe3/ed9ef004a719461fbbc084a371205a32 [2022-02-20 18:06:07,766 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 18:06:07,768 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 18:06:07,770 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 18:06:07,770 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 18:06:07,772 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 18:06:07,773 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:06:07" (1/1) ... [2022-02-20 18:06:07,774 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@1a760c9f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:06:07, skipping insertion in model container [2022-02-20 18:06:07,774 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:06:07" (1/1) ... [2022-02-20 18:06:07,780 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 18:06:07,818 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:06:08,110 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product26.cil.c[17861,17874] [2022-02-20 18:06:08,122 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:06:08,128 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 18:06:08,194 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product26.cil.c[17861,17874] [2022-02-20 18:06:08,194 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:06:08,205 INFO L208 MainTranslator]: Completed translation [2022-02-20 18:06:08,206 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:06:08 WrapperNode [2022-02-20 18:06:08,206 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 18:06:08,207 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 18:06:08,207 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 18:06:08,207 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 18:06:08,215 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:06:08" (1/1) ... [2022-02-20 18:06:08,225 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:06:08" (1/1) ... [2022-02-20 18:06:08,245 INFO L137 Inliner]: procedures = 54, calls = 152, calls flagged for inlining = 22, calls inlined = 17, statements flattened = 216 [2022-02-20 18:06:08,246 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 18:06:08,246 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 18:06:08,246 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 18:06:08,246 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 18:06:08,252 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:06:08" (1/1) ... [2022-02-20 18:06:08,252 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:06:08" (1/1) ... [2022-02-20 18:06:08,254 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:06:08" (1/1) ... [2022-02-20 18:06:08,254 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:06:08" (1/1) ... [2022-02-20 18:06:08,258 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:06:08" (1/1) ... [2022-02-20 18:06:08,261 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:06:08" (1/1) ... [2022-02-20 18:06:08,263 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:06:08" (1/1) ... [2022-02-20 18:06:08,264 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 18:06:08,265 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 18:06:08,265 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 18:06:08,265 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 18:06:08,266 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:06:08" (1/1) ... [2022-02-20 18:06:08,285 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:06:08,317 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 18:06:08,328 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 18:06:08,345 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 18:06:08,357 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 18:06:08,358 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-02-20 18:06:08,358 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-02-20 18:06:08,358 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-02-20 18:06:08,358 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-02-20 18:06:08,358 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-02-20 18:06:08,358 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-02-20 18:06:08,359 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-02-20 18:06:08,360 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-02-20 18:06:08,360 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-02-20 18:06:08,360 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-02-20 18:06:08,360 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-02-20 18:06:08,360 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-02-20 18:06:08,360 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-02-20 18:06:08,361 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 18:06:08,361 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 18:06:08,406 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 18:06:08,408 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 18:06:08,664 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 18:06:08,669 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 18:06:08,670 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-02-20 18:06:08,671 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:06:08 BoogieIcfgContainer [2022-02-20 18:06:08,681 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 18:06:08,683 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 18:06:08,683 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 18:06:08,685 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 18:06:08,685 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 06:06:07" (1/3) ... [2022-02-20 18:06:08,686 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1ed8706b and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:06:08, skipping insertion in model container [2022-02-20 18:06:08,686 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:06:08" (2/3) ... [2022-02-20 18:06:08,686 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1ed8706b and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:06:08, skipping insertion in model container [2022-02-20 18:06:08,686 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:06:08" (3/3) ... [2022-02-20 18:06:08,687 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product26.cil.c [2022-02-20 18:06:08,690 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 18:06:08,691 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-02-20 18:06:08,732 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 18:06:08,738 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 18:06:08,739 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-02-20 18:06:08,756 INFO L276 IsEmpty]: Start isEmpty. Operand has 74 states, 57 states have (on average 1.3859649122807018) internal successors, (79), 63 states have internal predecessors, (79), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:06:08,761 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2022-02-20 18:06:08,762 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:06:08,762 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:06:08,763 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:06:08,767 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:06:08,767 INFO L85 PathProgramCache]: Analyzing trace with hash 734159136, now seen corresponding path program 1 times [2022-02-20 18:06:08,773 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:06:08,774 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1670705846] [2022-02-20 18:06:08,774 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:06:08,775 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:06:08,918 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:08,985 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-02-20 18:06:08,989 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:09,002 INFO L290 TraceCheckUtils]: 0: Hoare triple {77#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {77#true} is VALID [2022-02-20 18:06:09,002 INFO L290 TraceCheckUtils]: 1: Hoare triple {77#true} assume true; {77#true} is VALID [2022-02-20 18:06:09,003 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {77#true} {78#false} #198#return; {78#false} is VALID [2022-02-20 18:06:09,007 INFO L290 TraceCheckUtils]: 0: Hoare triple {77#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(13, 9);call #Ultimate.allocInit(3, 10);call write~init~int(79, 10, 0, 1);call write~init~int(110, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(4, 11);call write~init~int(79, 11, 0, 1);call write~init~int(102, 11, 1, 1);call write~init~int(102, 11, 2, 1);call write~init~int(0, 11, 3, 1);call #Ultimate.allocInit(7, 12);call write~init~int(44, 12, 0, 1);call write~init~int(80, 12, 1, 1);call write~init~int(117, 12, 2, 1);call write~init~int(109, 12, 3, 1);call write~init~int(112, 12, 4, 1);call write~init~int(58, 12, 5, 1);call write~init~int(0, 12, 6, 1);call #Ultimate.allocInit(3, 13);call write~init~int(79, 13, 0, 1);call write~init~int(110, 13, 1, 1);call write~init~int(0, 13, 2, 1);call #Ultimate.allocInit(4, 14);call write~init~int(79, 14, 0, 1);call write~init~int(102, 14, 1, 1);call write~init~int(102, 14, 2, 1);call write~init~int(0, 14, 3, 1);call #Ultimate.allocInit(3, 15);call write~init~int(41, 15, 0, 1);call write~init~int(32, 15, 1, 1);call write~init~int(0, 15, 2, 1);call #Ultimate.allocInit(2, 16);call write~init~int(10, 16, 0, 1);call write~init~int(0, 16, 1, 1);call #Ultimate.allocInit(30, 17);call #Ultimate.allocInit(9, 18);call #Ultimate.allocInit(21, 19);call #Ultimate.allocInit(30, 20);call #Ultimate.allocInit(9, 21);call #Ultimate.allocInit(21, 22);call #Ultimate.allocInit(30, 23);call #Ultimate.allocInit(9, 24);call #Ultimate.allocInit(25, 25);call #Ultimate.allocInit(30, 26);call #Ultimate.allocInit(9, 27);call #Ultimate.allocInit(25, 28);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~cleanupTimeShifts~0 := 4;~pumpRunning~0 := 0;~systemActive~0 := 1;~head~0.base, ~head~0.offset := 0, 0; {77#true} is VALID [2022-02-20 18:06:09,008 INFO L290 TraceCheckUtils]: 1: Hoare triple {77#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret12#1, main_~retValue_acc~5#1, main_~tmp~1#1;havoc main_~retValue_acc~5#1;havoc main_~tmp~1#1;assume { :begin_inline_select_helpers } true; {77#true} is VALID [2022-02-20 18:06:09,008 INFO L290 TraceCheckUtils]: 2: Hoare triple {77#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {77#true} is VALID [2022-02-20 18:06:09,009 INFO L290 TraceCheckUtils]: 3: Hoare triple {77#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {77#true} is VALID [2022-02-20 18:06:09,010 INFO L290 TraceCheckUtils]: 4: Hoare triple {77#true} main_#t~ret12#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret12#1 && main_#t~ret12#1 <= 2147483647;main_~tmp~1#1 := main_#t~ret12#1;havoc main_#t~ret12#1; {77#true} is VALID [2022-02-20 18:06:09,010 INFO L290 TraceCheckUtils]: 5: Hoare triple {77#true} assume 0 != main_~tmp~1#1;assume { :begin_inline_setup } true; {77#true} is VALID [2022-02-20 18:06:09,010 INFO L290 TraceCheckUtils]: 6: Hoare triple {77#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet48#1, test_#t~nondet49#1, test_#t~nondet50#1, test_#t~nondet51#1, test_~splverifierCounter~0#1, test_~tmp~8#1, test_~tmp___0~2#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~8#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {77#true} is VALID [2022-02-20 18:06:09,011 INFO L290 TraceCheckUtils]: 7: Hoare triple {77#true} assume false; {78#false} is VALID [2022-02-20 18:06:09,012 INFO L272 TraceCheckUtils]: 8: Hoare triple {78#false} call cleanup(); {78#false} is VALID [2022-02-20 18:06:09,012 INFO L290 TraceCheckUtils]: 9: Hoare triple {78#false} havoc ~i~0;havoc ~__cil_tmp2~0; {78#false} is VALID [2022-02-20 18:06:09,012 INFO L272 TraceCheckUtils]: 10: Hoare triple {78#false} call timeShift(); {78#false} is VALID [2022-02-20 18:06:09,012 INFO L290 TraceCheckUtils]: 11: Hoare triple {78#false} assume !(0 != ~pumpRunning~0); {78#false} is VALID [2022-02-20 18:06:09,012 INFO L290 TraceCheckUtils]: 12: Hoare triple {78#false} assume !(0 != ~systemActive~0); {78#false} is VALID [2022-02-20 18:06:09,013 INFO L290 TraceCheckUtils]: 13: Hoare triple {78#false} assume { :begin_inline___utac_acc__Specification1_spec__1 } true;havoc __utac_acc__Specification1_spec__1_#t~ret10#1, __utac_acc__Specification1_spec__1_#t~ret11#1, __utac_acc__Specification1_spec__1_~tmp~0#1, __utac_acc__Specification1_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification1_spec__1_~tmp~0#1;havoc __utac_acc__Specification1_spec__1_~tmp___0~0#1; {78#false} is VALID [2022-02-20 18:06:09,013 INFO L272 TraceCheckUtils]: 14: Hoare triple {78#false} call __utac_acc__Specification1_spec__1_#t~ret10#1 := isMethaneLevelCritical(); {77#true} is VALID [2022-02-20 18:06:09,013 INFO L290 TraceCheckUtils]: 15: Hoare triple {77#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {77#true} is VALID [2022-02-20 18:06:09,013 INFO L290 TraceCheckUtils]: 16: Hoare triple {77#true} assume true; {77#true} is VALID [2022-02-20 18:06:09,028 INFO L284 TraceCheckUtils]: 17: Hoare quadruple {77#true} {78#false} #198#return; {78#false} is VALID [2022-02-20 18:06:09,028 INFO L290 TraceCheckUtils]: 18: Hoare triple {78#false} assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret10#1 && __utac_acc__Specification1_spec__1_#t~ret10#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp~0#1 := __utac_acc__Specification1_spec__1_#t~ret10#1;havoc __utac_acc__Specification1_spec__1_#t~ret10#1; {78#false} is VALID [2022-02-20 18:06:09,029 INFO L290 TraceCheckUtils]: 19: Hoare triple {78#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {78#false} is VALID [2022-02-20 18:06:09,029 INFO L290 TraceCheckUtils]: 20: Hoare triple {78#false} __utac_acc__Specification1_spec__1_#t~ret11#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret11#1 && __utac_acc__Specification1_spec__1_#t~ret11#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp___0~0#1 := __utac_acc__Specification1_spec__1_#t~ret11#1;havoc __utac_acc__Specification1_spec__1_#t~ret11#1; {78#false} is VALID [2022-02-20 18:06:09,030 INFO L290 TraceCheckUtils]: 21: Hoare triple {78#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp___0~0#1;assume { :begin_inline___automaton_fail } true; {78#false} is VALID [2022-02-20 18:06:09,030 INFO L290 TraceCheckUtils]: 22: Hoare triple {78#false} assume !false; {78#false} is VALID [2022-02-20 18:06:09,030 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:06:09,031 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:06:09,031 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1670705846] [2022-02-20 18:06:09,032 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1670705846] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:06:09,032 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:06:09,032 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:06:09,034 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1767073489] [2022-02-20 18:06:09,035 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:06:09,041 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2022-02-20 18:06:09,042 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:06:09,045 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:09,076 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 23 edges. 23 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:09,077 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-02-20 18:06:09,077 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:06:09,094 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-02-20 18:06:09,094 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:06:09,097 INFO L87 Difference]: Start difference. First operand has 74 states, 57 states have (on average 1.3859649122807018) internal successors, (79), 63 states have internal predecessors, (79), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) Second operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:09,191 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:09,191 INFO L93 Difference]: Finished difference Result 140 states and 189 transitions. [2022-02-20 18:06:09,191 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-02-20 18:06:09,192 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2022-02-20 18:06:09,192 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:06:09,193 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:09,204 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 189 transitions. [2022-02-20 18:06:09,205 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:09,209 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 189 transitions. [2022-02-20 18:06:09,210 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 189 transitions. [2022-02-20 18:06:09,352 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 189 edges. 189 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:09,361 INFO L225 Difference]: With dead ends: 140 [2022-02-20 18:06:09,361 INFO L226 Difference]: Without dead ends: 65 [2022-02-20 18:06:09,364 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:06:09,368 INFO L933 BasicCegarLoop]: 91 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 91 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:06:09,368 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 91 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:06:09,381 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 65 states. [2022-02-20 18:06:09,398 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 65 to 65. [2022-02-20 18:06:09,399 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:06:09,400 INFO L82 GeneralOperation]: Start isEquivalent. First operand 65 states. Second operand has 65 states, 50 states have (on average 1.3) internal successors, (65), 55 states have internal predecessors, (65), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:06:09,405 INFO L74 IsIncluded]: Start isIncluded. First operand 65 states. Second operand has 65 states, 50 states have (on average 1.3) internal successors, (65), 55 states have internal predecessors, (65), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:06:09,405 INFO L87 Difference]: Start difference. First operand 65 states. Second operand has 65 states, 50 states have (on average 1.3) internal successors, (65), 55 states have internal predecessors, (65), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:06:09,409 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:09,409 INFO L93 Difference]: Finished difference Result 65 states and 82 transitions. [2022-02-20 18:06:09,409 INFO L276 IsEmpty]: Start isEmpty. Operand 65 states and 82 transitions. [2022-02-20 18:06:09,410 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:09,410 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:09,410 INFO L74 IsIncluded]: Start isIncluded. First operand has 65 states, 50 states have (on average 1.3) internal successors, (65), 55 states have internal predecessors, (65), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) Second operand 65 states. [2022-02-20 18:06:09,411 INFO L87 Difference]: Start difference. First operand has 65 states, 50 states have (on average 1.3) internal successors, (65), 55 states have internal predecessors, (65), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) Second operand 65 states. [2022-02-20 18:06:09,414 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:09,414 INFO L93 Difference]: Finished difference Result 65 states and 82 transitions. [2022-02-20 18:06:09,414 INFO L276 IsEmpty]: Start isEmpty. Operand 65 states and 82 transitions. [2022-02-20 18:06:09,415 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:09,415 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:09,415 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:06:09,415 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:06:09,415 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 65 states, 50 states have (on average 1.3) internal successors, (65), 55 states have internal predecessors, (65), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:06:09,420 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 65 states to 65 states and 82 transitions. [2022-02-20 18:06:09,421 INFO L78 Accepts]: Start accepts. Automaton has 65 states and 82 transitions. Word has length 23 [2022-02-20 18:06:09,421 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:06:09,421 INFO L470 AbstractCegarLoop]: Abstraction has 65 states and 82 transitions. [2022-02-20 18:06:09,422 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:09,422 INFO L276 IsEmpty]: Start isEmpty. Operand 65 states and 82 transitions. [2022-02-20 18:06:09,422 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2022-02-20 18:06:09,422 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:06:09,422 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:06:09,423 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-02-20 18:06:09,423 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:06:09,423 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:06:09,423 INFO L85 PathProgramCache]: Analyzing trace with hash 1529571606, now seen corresponding path program 1 times [2022-02-20 18:06:09,423 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:06:09,424 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1324958544] [2022-02-20 18:06:09,424 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:06:09,424 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:06:09,443 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:09,492 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2022-02-20 18:06:09,493 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:09,501 INFO L290 TraceCheckUtils]: 0: Hoare triple {511#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {511#true} is VALID [2022-02-20 18:06:09,502 INFO L290 TraceCheckUtils]: 1: Hoare triple {511#true} assume true; {511#true} is VALID [2022-02-20 18:06:09,502 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {511#true} {512#false} #198#return; {512#false} is VALID [2022-02-20 18:06:09,503 INFO L290 TraceCheckUtils]: 0: Hoare triple {511#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(13, 9);call #Ultimate.allocInit(3, 10);call write~init~int(79, 10, 0, 1);call write~init~int(110, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(4, 11);call write~init~int(79, 11, 0, 1);call write~init~int(102, 11, 1, 1);call write~init~int(102, 11, 2, 1);call write~init~int(0, 11, 3, 1);call #Ultimate.allocInit(7, 12);call write~init~int(44, 12, 0, 1);call write~init~int(80, 12, 1, 1);call write~init~int(117, 12, 2, 1);call write~init~int(109, 12, 3, 1);call write~init~int(112, 12, 4, 1);call write~init~int(58, 12, 5, 1);call write~init~int(0, 12, 6, 1);call #Ultimate.allocInit(3, 13);call write~init~int(79, 13, 0, 1);call write~init~int(110, 13, 1, 1);call write~init~int(0, 13, 2, 1);call #Ultimate.allocInit(4, 14);call write~init~int(79, 14, 0, 1);call write~init~int(102, 14, 1, 1);call write~init~int(102, 14, 2, 1);call write~init~int(0, 14, 3, 1);call #Ultimate.allocInit(3, 15);call write~init~int(41, 15, 0, 1);call write~init~int(32, 15, 1, 1);call write~init~int(0, 15, 2, 1);call #Ultimate.allocInit(2, 16);call write~init~int(10, 16, 0, 1);call write~init~int(0, 16, 1, 1);call #Ultimate.allocInit(30, 17);call #Ultimate.allocInit(9, 18);call #Ultimate.allocInit(21, 19);call #Ultimate.allocInit(30, 20);call #Ultimate.allocInit(9, 21);call #Ultimate.allocInit(21, 22);call #Ultimate.allocInit(30, 23);call #Ultimate.allocInit(9, 24);call #Ultimate.allocInit(25, 25);call #Ultimate.allocInit(30, 26);call #Ultimate.allocInit(9, 27);call #Ultimate.allocInit(25, 28);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~cleanupTimeShifts~0 := 4;~pumpRunning~0 := 0;~systemActive~0 := 1;~head~0.base, ~head~0.offset := 0, 0; {511#true} is VALID [2022-02-20 18:06:09,503 INFO L290 TraceCheckUtils]: 1: Hoare triple {511#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret12#1, main_~retValue_acc~5#1, main_~tmp~1#1;havoc main_~retValue_acc~5#1;havoc main_~tmp~1#1;assume { :begin_inline_select_helpers } true; {511#true} is VALID [2022-02-20 18:06:09,503 INFO L290 TraceCheckUtils]: 2: Hoare triple {511#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {511#true} is VALID [2022-02-20 18:06:09,503 INFO L290 TraceCheckUtils]: 3: Hoare triple {511#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {511#true} is VALID [2022-02-20 18:06:09,504 INFO L290 TraceCheckUtils]: 4: Hoare triple {511#true} main_#t~ret12#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret12#1 && main_#t~ret12#1 <= 2147483647;main_~tmp~1#1 := main_#t~ret12#1;havoc main_#t~ret12#1; {511#true} is VALID [2022-02-20 18:06:09,504 INFO L290 TraceCheckUtils]: 5: Hoare triple {511#true} assume 0 != main_~tmp~1#1;assume { :begin_inline_setup } true; {511#true} is VALID [2022-02-20 18:06:09,504 INFO L290 TraceCheckUtils]: 6: Hoare triple {511#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet48#1, test_#t~nondet49#1, test_#t~nondet50#1, test_#t~nondet51#1, test_~splverifierCounter~0#1, test_~tmp~8#1, test_~tmp___0~2#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~8#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {513#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:06:09,505 INFO L290 TraceCheckUtils]: 7: Hoare triple {513#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !false; {513#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:06:09,505 INFO L290 TraceCheckUtils]: 8: Hoare triple {513#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !(test_~splverifierCounter~0#1 < 4); {512#false} is VALID [2022-02-20 18:06:09,505 INFO L272 TraceCheckUtils]: 9: Hoare triple {512#false} call cleanup(); {512#false} is VALID [2022-02-20 18:06:09,506 INFO L290 TraceCheckUtils]: 10: Hoare triple {512#false} havoc ~i~0;havoc ~__cil_tmp2~0; {512#false} is VALID [2022-02-20 18:06:09,506 INFO L272 TraceCheckUtils]: 11: Hoare triple {512#false} call timeShift(); {512#false} is VALID [2022-02-20 18:06:09,506 INFO L290 TraceCheckUtils]: 12: Hoare triple {512#false} assume !(0 != ~pumpRunning~0); {512#false} is VALID [2022-02-20 18:06:09,506 INFO L290 TraceCheckUtils]: 13: Hoare triple {512#false} assume !(0 != ~systemActive~0); {512#false} is VALID [2022-02-20 18:06:09,506 INFO L290 TraceCheckUtils]: 14: Hoare triple {512#false} assume { :begin_inline___utac_acc__Specification1_spec__1 } true;havoc __utac_acc__Specification1_spec__1_#t~ret10#1, __utac_acc__Specification1_spec__1_#t~ret11#1, __utac_acc__Specification1_spec__1_~tmp~0#1, __utac_acc__Specification1_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification1_spec__1_~tmp~0#1;havoc __utac_acc__Specification1_spec__1_~tmp___0~0#1; {512#false} is VALID [2022-02-20 18:06:09,506 INFO L272 TraceCheckUtils]: 15: Hoare triple {512#false} call __utac_acc__Specification1_spec__1_#t~ret10#1 := isMethaneLevelCritical(); {511#true} is VALID [2022-02-20 18:06:09,507 INFO L290 TraceCheckUtils]: 16: Hoare triple {511#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {511#true} is VALID [2022-02-20 18:06:09,507 INFO L290 TraceCheckUtils]: 17: Hoare triple {511#true} assume true; {511#true} is VALID [2022-02-20 18:06:09,507 INFO L284 TraceCheckUtils]: 18: Hoare quadruple {511#true} {512#false} #198#return; {512#false} is VALID [2022-02-20 18:06:09,507 INFO L290 TraceCheckUtils]: 19: Hoare triple {512#false} assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret10#1 && __utac_acc__Specification1_spec__1_#t~ret10#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp~0#1 := __utac_acc__Specification1_spec__1_#t~ret10#1;havoc __utac_acc__Specification1_spec__1_#t~ret10#1; {512#false} is VALID [2022-02-20 18:06:09,508 INFO L290 TraceCheckUtils]: 20: Hoare triple {512#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {512#false} is VALID [2022-02-20 18:06:09,508 INFO L290 TraceCheckUtils]: 21: Hoare triple {512#false} __utac_acc__Specification1_spec__1_#t~ret11#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret11#1 && __utac_acc__Specification1_spec__1_#t~ret11#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp___0~0#1 := __utac_acc__Specification1_spec__1_#t~ret11#1;havoc __utac_acc__Specification1_spec__1_#t~ret11#1; {512#false} is VALID [2022-02-20 18:06:09,508 INFO L290 TraceCheckUtils]: 22: Hoare triple {512#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp___0~0#1;assume { :begin_inline___automaton_fail } true; {512#false} is VALID [2022-02-20 18:06:09,509 INFO L290 TraceCheckUtils]: 23: Hoare triple {512#false} assume !false; {512#false} is VALID [2022-02-20 18:06:09,509 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:06:09,509 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:06:09,511 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1324958544] [2022-02-20 18:06:09,511 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1324958544] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:06:09,511 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:06:09,511 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:06:09,511 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1263373925] [2022-02-20 18:06:09,511 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:06:09,512 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2022-02-20 18:06:09,512 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:06:09,512 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:09,529 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 24 edges. 24 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:09,531 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:06:09,531 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:06:09,532 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:06:09,532 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:06:09,532 INFO L87 Difference]: Start difference. First operand 65 states and 82 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:09,601 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:09,601 INFO L93 Difference]: Finished difference Result 95 states and 119 transitions. [2022-02-20 18:06:09,601 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:06:09,602 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2022-02-20 18:06:09,602 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:06:09,602 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:09,607 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 119 transitions. [2022-02-20 18:06:09,607 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:09,610 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 119 transitions. [2022-02-20 18:06:09,610 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 119 transitions. [2022-02-20 18:06:09,714 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 119 edges. 119 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:09,724 INFO L225 Difference]: With dead ends: 95 [2022-02-20 18:06:09,724 INFO L226 Difference]: Without dead ends: 56 [2022-02-20 18:06:09,728 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:06:09,730 INFO L933 BasicCegarLoop]: 69 mSDtfsCounter, 13 mSDsluCounter, 52 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 121 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:06:09,731 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [16 Valid, 121 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:06:09,732 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 56 states. [2022-02-20 18:06:09,738 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 56 to 56. [2022-02-20 18:06:09,738 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:06:09,739 INFO L82 GeneralOperation]: Start isEquivalent. First operand 56 states. Second operand has 56 states, 44 states have (on average 1.3181818181818181) internal successors, (58), 49 states have internal predecessors, (58), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 18:06:09,739 INFO L74 IsIncluded]: Start isIncluded. First operand 56 states. Second operand has 56 states, 44 states have (on average 1.3181818181818181) internal successors, (58), 49 states have internal predecessors, (58), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 18:06:09,739 INFO L87 Difference]: Start difference. First operand 56 states. Second operand has 56 states, 44 states have (on average 1.3181818181818181) internal successors, (58), 49 states have internal predecessors, (58), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 18:06:09,741 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:09,741 INFO L93 Difference]: Finished difference Result 56 states and 70 transitions. [2022-02-20 18:06:09,741 INFO L276 IsEmpty]: Start isEmpty. Operand 56 states and 70 transitions. [2022-02-20 18:06:09,742 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:09,742 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:09,742 INFO L74 IsIncluded]: Start isIncluded. First operand has 56 states, 44 states have (on average 1.3181818181818181) internal successors, (58), 49 states have internal predecessors, (58), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) Second operand 56 states. [2022-02-20 18:06:09,742 INFO L87 Difference]: Start difference. First operand has 56 states, 44 states have (on average 1.3181818181818181) internal successors, (58), 49 states have internal predecessors, (58), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) Second operand 56 states. [2022-02-20 18:06:09,744 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:09,744 INFO L93 Difference]: Finished difference Result 56 states and 70 transitions. [2022-02-20 18:06:09,744 INFO L276 IsEmpty]: Start isEmpty. Operand 56 states and 70 transitions. [2022-02-20 18:06:09,745 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:09,745 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:09,745 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:06:09,745 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:06:09,745 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 56 states, 44 states have (on average 1.3181818181818181) internal successors, (58), 49 states have internal predecessors, (58), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 18:06:09,746 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 56 states to 56 states and 70 transitions. [2022-02-20 18:06:09,747 INFO L78 Accepts]: Start accepts. Automaton has 56 states and 70 transitions. Word has length 24 [2022-02-20 18:06:09,747 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:06:09,747 INFO L470 AbstractCegarLoop]: Abstraction has 56 states and 70 transitions. [2022-02-20 18:06:09,747 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:09,747 INFO L276 IsEmpty]: Start isEmpty. Operand 56 states and 70 transitions. [2022-02-20 18:06:09,748 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2022-02-20 18:06:09,748 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:06:09,748 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:06:09,748 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-02-20 18:06:09,748 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:06:09,748 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:06:09,748 INFO L85 PathProgramCache]: Analyzing trace with hash 434754844, now seen corresponding path program 1 times [2022-02-20 18:06:09,749 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:06:09,749 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [805121906] [2022-02-20 18:06:09,749 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:06:09,749 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:06:09,767 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:09,840 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2022-02-20 18:06:09,841 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:09,844 INFO L290 TraceCheckUtils]: 0: Hoare triple {848#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {848#true} is VALID [2022-02-20 18:06:09,844 INFO L290 TraceCheckUtils]: 1: Hoare triple {848#true} assume true; {848#true} is VALID [2022-02-20 18:06:09,844 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {848#true} {849#false} #198#return; {849#false} is VALID [2022-02-20 18:06:09,846 INFO L290 TraceCheckUtils]: 0: Hoare triple {848#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(13, 9);call #Ultimate.allocInit(3, 10);call write~init~int(79, 10, 0, 1);call write~init~int(110, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(4, 11);call write~init~int(79, 11, 0, 1);call write~init~int(102, 11, 1, 1);call write~init~int(102, 11, 2, 1);call write~init~int(0, 11, 3, 1);call #Ultimate.allocInit(7, 12);call write~init~int(44, 12, 0, 1);call write~init~int(80, 12, 1, 1);call write~init~int(117, 12, 2, 1);call write~init~int(109, 12, 3, 1);call write~init~int(112, 12, 4, 1);call write~init~int(58, 12, 5, 1);call write~init~int(0, 12, 6, 1);call #Ultimate.allocInit(3, 13);call write~init~int(79, 13, 0, 1);call write~init~int(110, 13, 1, 1);call write~init~int(0, 13, 2, 1);call #Ultimate.allocInit(4, 14);call write~init~int(79, 14, 0, 1);call write~init~int(102, 14, 1, 1);call write~init~int(102, 14, 2, 1);call write~init~int(0, 14, 3, 1);call #Ultimate.allocInit(3, 15);call write~init~int(41, 15, 0, 1);call write~init~int(32, 15, 1, 1);call write~init~int(0, 15, 2, 1);call #Ultimate.allocInit(2, 16);call write~init~int(10, 16, 0, 1);call write~init~int(0, 16, 1, 1);call #Ultimate.allocInit(30, 17);call #Ultimate.allocInit(9, 18);call #Ultimate.allocInit(21, 19);call #Ultimate.allocInit(30, 20);call #Ultimate.allocInit(9, 21);call #Ultimate.allocInit(21, 22);call #Ultimate.allocInit(30, 23);call #Ultimate.allocInit(9, 24);call #Ultimate.allocInit(25, 25);call #Ultimate.allocInit(30, 26);call #Ultimate.allocInit(9, 27);call #Ultimate.allocInit(25, 28);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~cleanupTimeShifts~0 := 4;~pumpRunning~0 := 0;~systemActive~0 := 1;~head~0.base, ~head~0.offset := 0, 0; {850#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:09,846 INFO L290 TraceCheckUtils]: 1: Hoare triple {850#(= 1 ~systemActive~0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret12#1, main_~retValue_acc~5#1, main_~tmp~1#1;havoc main_~retValue_acc~5#1;havoc main_~tmp~1#1;assume { :begin_inline_select_helpers } true; {850#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:09,847 INFO L290 TraceCheckUtils]: 2: Hoare triple {850#(= 1 ~systemActive~0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {850#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:09,847 INFO L290 TraceCheckUtils]: 3: Hoare triple {850#(= 1 ~systemActive~0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {850#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:09,847 INFO L290 TraceCheckUtils]: 4: Hoare triple {850#(= 1 ~systemActive~0)} main_#t~ret12#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret12#1 && main_#t~ret12#1 <= 2147483647;main_~tmp~1#1 := main_#t~ret12#1;havoc main_#t~ret12#1; {850#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:09,850 INFO L290 TraceCheckUtils]: 5: Hoare triple {850#(= 1 ~systemActive~0)} assume 0 != main_~tmp~1#1;assume { :begin_inline_setup } true; {850#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:09,851 INFO L290 TraceCheckUtils]: 6: Hoare triple {850#(= 1 ~systemActive~0)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet48#1, test_#t~nondet49#1, test_#t~nondet50#1, test_#t~nondet51#1, test_~splverifierCounter~0#1, test_~tmp~8#1, test_~tmp___0~2#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~8#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {850#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:09,851 INFO L290 TraceCheckUtils]: 7: Hoare triple {850#(= 1 ~systemActive~0)} assume !false; {850#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:09,852 INFO L290 TraceCheckUtils]: 8: Hoare triple {850#(= 1 ~systemActive~0)} assume test_~splverifierCounter~0#1 < 4; {850#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:09,852 INFO L290 TraceCheckUtils]: 9: Hoare triple {850#(= 1 ~systemActive~0)} assume -2147483648 <= test_#t~nondet48#1 && test_#t~nondet48#1 <= 2147483647;test_~tmp~8#1 := test_#t~nondet48#1;havoc test_#t~nondet48#1; {850#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:09,852 INFO L290 TraceCheckUtils]: 10: Hoare triple {850#(= 1 ~systemActive~0)} assume !(0 != test_~tmp~8#1); {850#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:09,853 INFO L290 TraceCheckUtils]: 11: Hoare triple {850#(= 1 ~systemActive~0)} assume -2147483648 <= test_#t~nondet49#1 && test_#t~nondet49#1 <= 2147483647;test_~tmp___0~2#1 := test_#t~nondet49#1;havoc test_#t~nondet49#1; {850#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:09,853 INFO L290 TraceCheckUtils]: 12: Hoare triple {850#(= 1 ~systemActive~0)} assume !(0 != test_~tmp___0~2#1); {850#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:09,854 INFO L290 TraceCheckUtils]: 13: Hoare triple {850#(= 1 ~systemActive~0)} assume -2147483648 <= test_#t~nondet50#1 && test_#t~nondet50#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet50#1;havoc test_#t~nondet50#1; {850#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:09,854 INFO L290 TraceCheckUtils]: 14: Hoare triple {850#(= 1 ~systemActive~0)} assume !(0 != test_~tmp___2~0#1);assume -2147483648 <= test_#t~nondet51#1 && test_#t~nondet51#1 <= 2147483647;test_~tmp___1~0#1 := test_#t~nondet51#1;havoc test_#t~nondet51#1; {850#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:09,855 INFO L290 TraceCheckUtils]: 15: Hoare triple {850#(= 1 ~systemActive~0)} assume 0 != test_~tmp___1~0#1; {850#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:09,855 INFO L272 TraceCheckUtils]: 16: Hoare triple {850#(= 1 ~systemActive~0)} call timeShift(); {850#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:09,855 INFO L290 TraceCheckUtils]: 17: Hoare triple {850#(= 1 ~systemActive~0)} assume !(0 != ~pumpRunning~0); {850#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:09,856 INFO L290 TraceCheckUtils]: 18: Hoare triple {850#(= 1 ~systemActive~0)} assume !(0 != ~systemActive~0); {849#false} is VALID [2022-02-20 18:06:09,856 INFO L290 TraceCheckUtils]: 19: Hoare triple {849#false} assume { :begin_inline___utac_acc__Specification1_spec__1 } true;havoc __utac_acc__Specification1_spec__1_#t~ret10#1, __utac_acc__Specification1_spec__1_#t~ret11#1, __utac_acc__Specification1_spec__1_~tmp~0#1, __utac_acc__Specification1_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification1_spec__1_~tmp~0#1;havoc __utac_acc__Specification1_spec__1_~tmp___0~0#1; {849#false} is VALID [2022-02-20 18:06:09,856 INFO L272 TraceCheckUtils]: 20: Hoare triple {849#false} call __utac_acc__Specification1_spec__1_#t~ret10#1 := isMethaneLevelCritical(); {848#true} is VALID [2022-02-20 18:06:09,856 INFO L290 TraceCheckUtils]: 21: Hoare triple {848#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {848#true} is VALID [2022-02-20 18:06:09,856 INFO L290 TraceCheckUtils]: 22: Hoare triple {848#true} assume true; {848#true} is VALID [2022-02-20 18:06:09,856 INFO L284 TraceCheckUtils]: 23: Hoare quadruple {848#true} {849#false} #198#return; {849#false} is VALID [2022-02-20 18:06:09,856 INFO L290 TraceCheckUtils]: 24: Hoare triple {849#false} assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret10#1 && __utac_acc__Specification1_spec__1_#t~ret10#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp~0#1 := __utac_acc__Specification1_spec__1_#t~ret10#1;havoc __utac_acc__Specification1_spec__1_#t~ret10#1; {849#false} is VALID [2022-02-20 18:06:09,857 INFO L290 TraceCheckUtils]: 25: Hoare triple {849#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {849#false} is VALID [2022-02-20 18:06:09,857 INFO L290 TraceCheckUtils]: 26: Hoare triple {849#false} __utac_acc__Specification1_spec__1_#t~ret11#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret11#1 && __utac_acc__Specification1_spec__1_#t~ret11#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp___0~0#1 := __utac_acc__Specification1_spec__1_#t~ret11#1;havoc __utac_acc__Specification1_spec__1_#t~ret11#1; {849#false} is VALID [2022-02-20 18:06:09,857 INFO L290 TraceCheckUtils]: 27: Hoare triple {849#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp___0~0#1;assume { :begin_inline___automaton_fail } true; {849#false} is VALID [2022-02-20 18:06:09,857 INFO L290 TraceCheckUtils]: 28: Hoare triple {849#false} assume !false; {849#false} is VALID [2022-02-20 18:06:09,857 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:06:09,857 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:06:09,858 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [805121906] [2022-02-20 18:06:09,858 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [805121906] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:06:09,858 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:06:09,858 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:06:09,858 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [834227510] [2022-02-20 18:06:09,858 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:06:09,858 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 29 [2022-02-20 18:06:09,859 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:06:09,859 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:09,882 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 29 edges. 29 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:09,882 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:06:09,882 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:06:09,882 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:06:09,882 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:06:09,883 INFO L87 Difference]: Start difference. First operand 56 states and 70 transitions. Second operand has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:09,949 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:09,949 INFO L93 Difference]: Finished difference Result 105 states and 134 transitions. [2022-02-20 18:06:09,949 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:06:09,949 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 29 [2022-02-20 18:06:09,949 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:06:09,950 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:09,951 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 134 transitions. [2022-02-20 18:06:09,952 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:09,953 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 134 transitions. [2022-02-20 18:06:09,953 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 134 transitions. [2022-02-20 18:06:10,056 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 134 edges. 134 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:10,058 INFO L225 Difference]: With dead ends: 105 [2022-02-20 18:06:10,058 INFO L226 Difference]: Without dead ends: 56 [2022-02-20 18:06:10,060 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:06:10,061 INFO L933 BasicCegarLoop]: 68 mSDtfsCounter, 50 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 50 SdHoareTripleChecker+Valid, 68 SdHoareTripleChecker+Invalid, 2 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:06:10,062 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [50 Valid, 68 Invalid, 2 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:06:10,062 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 56 states. [2022-02-20 18:06:10,065 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 56 to 56. [2022-02-20 18:06:10,066 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:06:10,066 INFO L82 GeneralOperation]: Start isEquivalent. First operand 56 states. Second operand has 56 states, 44 states have (on average 1.2954545454545454) internal successors, (57), 49 states have internal predecessors, (57), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 18:06:10,066 INFO L74 IsIncluded]: Start isIncluded. First operand 56 states. Second operand has 56 states, 44 states have (on average 1.2954545454545454) internal successors, (57), 49 states have internal predecessors, (57), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 18:06:10,067 INFO L87 Difference]: Start difference. First operand 56 states. Second operand has 56 states, 44 states have (on average 1.2954545454545454) internal successors, (57), 49 states have internal predecessors, (57), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 18:06:10,068 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:10,068 INFO L93 Difference]: Finished difference Result 56 states and 69 transitions. [2022-02-20 18:06:10,069 INFO L276 IsEmpty]: Start isEmpty. Operand 56 states and 69 transitions. [2022-02-20 18:06:10,069 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:10,069 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:10,069 INFO L74 IsIncluded]: Start isIncluded. First operand has 56 states, 44 states have (on average 1.2954545454545454) internal successors, (57), 49 states have internal predecessors, (57), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) Second operand 56 states. [2022-02-20 18:06:10,070 INFO L87 Difference]: Start difference. First operand has 56 states, 44 states have (on average 1.2954545454545454) internal successors, (57), 49 states have internal predecessors, (57), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) Second operand 56 states. [2022-02-20 18:06:10,071 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:10,072 INFO L93 Difference]: Finished difference Result 56 states and 69 transitions. [2022-02-20 18:06:10,072 INFO L276 IsEmpty]: Start isEmpty. Operand 56 states and 69 transitions. [2022-02-20 18:06:10,072 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:10,072 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:10,072 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:06:10,072 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:06:10,073 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 56 states, 44 states have (on average 1.2954545454545454) internal successors, (57), 49 states have internal predecessors, (57), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 18:06:10,074 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 56 states to 56 states and 69 transitions. [2022-02-20 18:06:10,074 INFO L78 Accepts]: Start accepts. Automaton has 56 states and 69 transitions. Word has length 29 [2022-02-20 18:06:10,075 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:06:10,075 INFO L470 AbstractCegarLoop]: Abstraction has 56 states and 69 transitions. [2022-02-20 18:06:10,075 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:10,075 INFO L276 IsEmpty]: Start isEmpty. Operand 56 states and 69 transitions. [2022-02-20 18:06:10,076 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-02-20 18:06:10,076 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:06:10,076 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:06:10,076 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-02-20 18:06:10,077 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:06:10,077 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:06:10,077 INFO L85 PathProgramCache]: Analyzing trace with hash -863748242, now seen corresponding path program 1 times [2022-02-20 18:06:10,077 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:06:10,077 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [485306541] [2022-02-20 18:06:10,078 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:06:10,078 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:06:10,096 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:10,137 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2022-02-20 18:06:10,138 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:10,140 INFO L290 TraceCheckUtils]: 0: Hoare triple {1197#true} assume true; {1197#true} is VALID [2022-02-20 18:06:10,141 INFO L284 TraceCheckUtils]: 1: Hoare quadruple {1197#true} {1199#(= ~methaneLevelCritical~0 0)} #196#return; {1199#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:10,141 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2022-02-20 18:06:10,143 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:10,149 INFO L290 TraceCheckUtils]: 0: Hoare triple {1197#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {1207#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} is VALID [2022-02-20 18:06:10,150 INFO L290 TraceCheckUtils]: 1: Hoare triple {1207#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} assume true; {1207#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} is VALID [2022-02-20 18:06:10,151 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1207#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} {1199#(= ~methaneLevelCritical~0 0)} #198#return; {1205#(= |timeShift___utac_acc__Specification1_spec__1_#t~ret10#1| 0)} is VALID [2022-02-20 18:06:10,151 INFO L290 TraceCheckUtils]: 0: Hoare triple {1197#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(13, 9);call #Ultimate.allocInit(3, 10);call write~init~int(79, 10, 0, 1);call write~init~int(110, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(4, 11);call write~init~int(79, 11, 0, 1);call write~init~int(102, 11, 1, 1);call write~init~int(102, 11, 2, 1);call write~init~int(0, 11, 3, 1);call #Ultimate.allocInit(7, 12);call write~init~int(44, 12, 0, 1);call write~init~int(80, 12, 1, 1);call write~init~int(117, 12, 2, 1);call write~init~int(109, 12, 3, 1);call write~init~int(112, 12, 4, 1);call write~init~int(58, 12, 5, 1);call write~init~int(0, 12, 6, 1);call #Ultimate.allocInit(3, 13);call write~init~int(79, 13, 0, 1);call write~init~int(110, 13, 1, 1);call write~init~int(0, 13, 2, 1);call #Ultimate.allocInit(4, 14);call write~init~int(79, 14, 0, 1);call write~init~int(102, 14, 1, 1);call write~init~int(102, 14, 2, 1);call write~init~int(0, 14, 3, 1);call #Ultimate.allocInit(3, 15);call write~init~int(41, 15, 0, 1);call write~init~int(32, 15, 1, 1);call write~init~int(0, 15, 2, 1);call #Ultimate.allocInit(2, 16);call write~init~int(10, 16, 0, 1);call write~init~int(0, 16, 1, 1);call #Ultimate.allocInit(30, 17);call #Ultimate.allocInit(9, 18);call #Ultimate.allocInit(21, 19);call #Ultimate.allocInit(30, 20);call #Ultimate.allocInit(9, 21);call #Ultimate.allocInit(21, 22);call #Ultimate.allocInit(30, 23);call #Ultimate.allocInit(9, 24);call #Ultimate.allocInit(25, 25);call #Ultimate.allocInit(30, 26);call #Ultimate.allocInit(9, 27);call #Ultimate.allocInit(25, 28);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~cleanupTimeShifts~0 := 4;~pumpRunning~0 := 0;~systemActive~0 := 1;~head~0.base, ~head~0.offset := 0, 0; {1199#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:10,151 INFO L290 TraceCheckUtils]: 1: Hoare triple {1199#(= ~methaneLevelCritical~0 0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret12#1, main_~retValue_acc~5#1, main_~tmp~1#1;havoc main_~retValue_acc~5#1;havoc main_~tmp~1#1;assume { :begin_inline_select_helpers } true; {1199#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:10,152 INFO L290 TraceCheckUtils]: 2: Hoare triple {1199#(= ~methaneLevelCritical~0 0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1199#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:10,152 INFO L290 TraceCheckUtils]: 3: Hoare triple {1199#(= ~methaneLevelCritical~0 0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {1199#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:10,152 INFO L290 TraceCheckUtils]: 4: Hoare triple {1199#(= ~methaneLevelCritical~0 0)} main_#t~ret12#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret12#1 && main_#t~ret12#1 <= 2147483647;main_~tmp~1#1 := main_#t~ret12#1;havoc main_#t~ret12#1; {1199#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:10,153 INFO L290 TraceCheckUtils]: 5: Hoare triple {1199#(= ~methaneLevelCritical~0 0)} assume 0 != main_~tmp~1#1;assume { :begin_inline_setup } true; {1199#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:10,153 INFO L290 TraceCheckUtils]: 6: Hoare triple {1199#(= ~methaneLevelCritical~0 0)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet48#1, test_#t~nondet49#1, test_#t~nondet50#1, test_#t~nondet51#1, test_~splverifierCounter~0#1, test_~tmp~8#1, test_~tmp___0~2#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~8#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {1199#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:10,153 INFO L290 TraceCheckUtils]: 7: Hoare triple {1199#(= ~methaneLevelCritical~0 0)} assume !false; {1199#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:10,154 INFO L290 TraceCheckUtils]: 8: Hoare triple {1199#(= ~methaneLevelCritical~0 0)} assume test_~splverifierCounter~0#1 < 4; {1199#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:10,154 INFO L290 TraceCheckUtils]: 9: Hoare triple {1199#(= ~methaneLevelCritical~0 0)} assume -2147483648 <= test_#t~nondet48#1 && test_#t~nondet48#1 <= 2147483647;test_~tmp~8#1 := test_#t~nondet48#1;havoc test_#t~nondet48#1; {1199#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:10,154 INFO L290 TraceCheckUtils]: 10: Hoare triple {1199#(= ~methaneLevelCritical~0 0)} assume !(0 != test_~tmp~8#1); {1199#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:10,155 INFO L290 TraceCheckUtils]: 11: Hoare triple {1199#(= ~methaneLevelCritical~0 0)} assume -2147483648 <= test_#t~nondet49#1 && test_#t~nondet49#1 <= 2147483647;test_~tmp___0~2#1 := test_#t~nondet49#1;havoc test_#t~nondet49#1; {1199#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:10,155 INFO L290 TraceCheckUtils]: 12: Hoare triple {1199#(= ~methaneLevelCritical~0 0)} assume !(0 != test_~tmp___0~2#1); {1199#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:10,156 INFO L290 TraceCheckUtils]: 13: Hoare triple {1199#(= ~methaneLevelCritical~0 0)} assume -2147483648 <= test_#t~nondet50#1 && test_#t~nondet50#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet50#1;havoc test_#t~nondet50#1; {1199#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:10,156 INFO L290 TraceCheckUtils]: 14: Hoare triple {1199#(= ~methaneLevelCritical~0 0)} assume !(0 != test_~tmp___2~0#1);assume -2147483648 <= test_#t~nondet51#1 && test_#t~nondet51#1 <= 2147483647;test_~tmp___1~0#1 := test_#t~nondet51#1;havoc test_#t~nondet51#1; {1199#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:10,156 INFO L290 TraceCheckUtils]: 15: Hoare triple {1199#(= ~methaneLevelCritical~0 0)} assume 0 != test_~tmp___1~0#1; {1199#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:10,157 INFO L272 TraceCheckUtils]: 16: Hoare triple {1199#(= ~methaneLevelCritical~0 0)} call timeShift(); {1199#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:10,157 INFO L290 TraceCheckUtils]: 17: Hoare triple {1199#(= ~methaneLevelCritical~0 0)} assume !(0 != ~pumpRunning~0); {1199#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:10,157 INFO L290 TraceCheckUtils]: 18: Hoare triple {1199#(= ~methaneLevelCritical~0 0)} assume 0 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret13#1, processEnvironment_~tmp~2#1;havoc processEnvironment_~tmp~2#1; {1199#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:10,158 INFO L290 TraceCheckUtils]: 19: Hoare triple {1199#(= ~methaneLevelCritical~0 0)} assume !(0 != ~pumpRunning~0); {1199#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:10,158 INFO L272 TraceCheckUtils]: 20: Hoare triple {1199#(= ~methaneLevelCritical~0 0)} call processEnvironment__wrappee__base(); {1197#true} is VALID [2022-02-20 18:06:10,158 INFO L290 TraceCheckUtils]: 21: Hoare triple {1197#true} assume true; {1197#true} is VALID [2022-02-20 18:06:10,158 INFO L284 TraceCheckUtils]: 22: Hoare quadruple {1197#true} {1199#(= ~methaneLevelCritical~0 0)} #196#return; {1199#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:10,159 INFO L290 TraceCheckUtils]: 23: Hoare triple {1199#(= ~methaneLevelCritical~0 0)} assume { :end_inline_processEnvironment } true; {1199#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:10,159 INFO L290 TraceCheckUtils]: 24: Hoare triple {1199#(= ~methaneLevelCritical~0 0)} assume { :begin_inline___utac_acc__Specification1_spec__1 } true;havoc __utac_acc__Specification1_spec__1_#t~ret10#1, __utac_acc__Specification1_spec__1_#t~ret11#1, __utac_acc__Specification1_spec__1_~tmp~0#1, __utac_acc__Specification1_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification1_spec__1_~tmp~0#1;havoc __utac_acc__Specification1_spec__1_~tmp___0~0#1; {1199#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:10,159 INFO L272 TraceCheckUtils]: 25: Hoare triple {1199#(= ~methaneLevelCritical~0 0)} call __utac_acc__Specification1_spec__1_#t~ret10#1 := isMethaneLevelCritical(); {1197#true} is VALID [2022-02-20 18:06:10,160 INFO L290 TraceCheckUtils]: 26: Hoare triple {1197#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {1207#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} is VALID [2022-02-20 18:06:10,160 INFO L290 TraceCheckUtils]: 27: Hoare triple {1207#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} assume true; {1207#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} is VALID [2022-02-20 18:06:10,161 INFO L284 TraceCheckUtils]: 28: Hoare quadruple {1207#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} {1199#(= ~methaneLevelCritical~0 0)} #198#return; {1205#(= |timeShift___utac_acc__Specification1_spec__1_#t~ret10#1| 0)} is VALID [2022-02-20 18:06:10,161 INFO L290 TraceCheckUtils]: 29: Hoare triple {1205#(= |timeShift___utac_acc__Specification1_spec__1_#t~ret10#1| 0)} assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret10#1 && __utac_acc__Specification1_spec__1_#t~ret10#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp~0#1 := __utac_acc__Specification1_spec__1_#t~ret10#1;havoc __utac_acc__Specification1_spec__1_#t~ret10#1; {1206#(= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 0)} is VALID [2022-02-20 18:06:10,161 INFO L290 TraceCheckUtils]: 30: Hoare triple {1206#(= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 0)} assume 0 != __utac_acc__Specification1_spec__1_~tmp~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {1198#false} is VALID [2022-02-20 18:06:10,162 INFO L290 TraceCheckUtils]: 31: Hoare triple {1198#false} __utac_acc__Specification1_spec__1_#t~ret11#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret11#1 && __utac_acc__Specification1_spec__1_#t~ret11#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp___0~0#1 := __utac_acc__Specification1_spec__1_#t~ret11#1;havoc __utac_acc__Specification1_spec__1_#t~ret11#1; {1198#false} is VALID [2022-02-20 18:06:10,162 INFO L290 TraceCheckUtils]: 32: Hoare triple {1198#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp___0~0#1;assume { :begin_inline___automaton_fail } true; {1198#false} is VALID [2022-02-20 18:06:10,162 INFO L290 TraceCheckUtils]: 33: Hoare triple {1198#false} assume !false; {1198#false} is VALID [2022-02-20 18:06:10,162 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:06:10,162 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:06:10,162 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [485306541] [2022-02-20 18:06:10,162 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [485306541] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:06:10,163 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:06:10,163 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 18:06:10,163 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [670772926] [2022-02-20 18:06:10,163 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:06:10,163 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.833333333333333) internal successors, (29), 5 states have internal predecessors, (29), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 34 [2022-02-20 18:06:10,164 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:06:10,164 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 4.833333333333333) internal successors, (29), 5 states have internal predecessors, (29), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:06:10,185 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 34 edges. 34 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:10,185 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 18:06:10,185 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:06:10,185 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 18:06:10,186 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 18:06:10,186 INFO L87 Difference]: Start difference. First operand 56 states and 69 transitions. Second operand has 6 states, 6 states have (on average 4.833333333333333) internal successors, (29), 5 states have internal predecessors, (29), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:06:10,428 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:10,428 INFO L93 Difference]: Finished difference Result 153 states and 195 transitions. [2022-02-20 18:06:10,429 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-20 18:06:10,429 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.833333333333333) internal successors, (29), 5 states have internal predecessors, (29), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 34 [2022-02-20 18:06:10,429 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:06:10,429 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 4.833333333333333) internal successors, (29), 5 states have internal predecessors, (29), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:06:10,432 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 195 transitions. [2022-02-20 18:06:10,432 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 4.833333333333333) internal successors, (29), 5 states have internal predecessors, (29), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:06:10,435 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 195 transitions. [2022-02-20 18:06:10,435 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 195 transitions. [2022-02-20 18:06:10,538 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 195 edges. 195 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:10,542 INFO L225 Difference]: With dead ends: 153 [2022-02-20 18:06:10,543 INFO L226 Difference]: Without dead ends: 104 [2022-02-20 18:06:10,543 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-02-20 18:06:10,550 INFO L933 BasicCegarLoop]: 72 mSDtfsCounter, 41 mSDsluCounter, 254 mSDsCounter, 0 mSdLazyCounter, 36 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 43 SdHoareTripleChecker+Valid, 326 SdHoareTripleChecker+Invalid, 40 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 36 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:06:10,552 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [43 Valid, 326 Invalid, 40 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 36 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:06:10,553 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 104 states. [2022-02-20 18:06:10,563 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 104 to 101. [2022-02-20 18:06:10,563 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:06:10,563 INFO L82 GeneralOperation]: Start isEquivalent. First operand 104 states. Second operand has 101 states, 78 states have (on average 1.294871794871795) internal successors, (101), 87 states have internal predecessors, (101), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (13), 10 states have call predecessors, (13), 12 states have call successors, (13) [2022-02-20 18:06:10,564 INFO L74 IsIncluded]: Start isIncluded. First operand 104 states. Second operand has 101 states, 78 states have (on average 1.294871794871795) internal successors, (101), 87 states have internal predecessors, (101), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (13), 10 states have call predecessors, (13), 12 states have call successors, (13) [2022-02-20 18:06:10,564 INFO L87 Difference]: Start difference. First operand 104 states. Second operand has 101 states, 78 states have (on average 1.294871794871795) internal successors, (101), 87 states have internal predecessors, (101), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (13), 10 states have call predecessors, (13), 12 states have call successors, (13) [2022-02-20 18:06:10,567 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:10,567 INFO L93 Difference]: Finished difference Result 104 states and 129 transitions. [2022-02-20 18:06:10,567 INFO L276 IsEmpty]: Start isEmpty. Operand 104 states and 129 transitions. [2022-02-20 18:06:10,567 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:10,567 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:10,568 INFO L74 IsIncluded]: Start isIncluded. First operand has 101 states, 78 states have (on average 1.294871794871795) internal successors, (101), 87 states have internal predecessors, (101), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (13), 10 states have call predecessors, (13), 12 states have call successors, (13) Second operand 104 states. [2022-02-20 18:06:10,568 INFO L87 Difference]: Start difference. First operand has 101 states, 78 states have (on average 1.294871794871795) internal successors, (101), 87 states have internal predecessors, (101), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (13), 10 states have call predecessors, (13), 12 states have call successors, (13) Second operand 104 states. [2022-02-20 18:06:10,570 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:10,570 INFO L93 Difference]: Finished difference Result 104 states and 129 transitions. [2022-02-20 18:06:10,570 INFO L276 IsEmpty]: Start isEmpty. Operand 104 states and 129 transitions. [2022-02-20 18:06:10,571 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:10,575 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:10,575 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:06:10,575 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:06:10,576 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 101 states, 78 states have (on average 1.294871794871795) internal successors, (101), 87 states have internal predecessors, (101), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (13), 10 states have call predecessors, (13), 12 states have call successors, (13) [2022-02-20 18:06:10,580 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 101 states to 101 states and 126 transitions. [2022-02-20 18:06:10,580 INFO L78 Accepts]: Start accepts. Automaton has 101 states and 126 transitions. Word has length 34 [2022-02-20 18:06:10,581 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:06:10,581 INFO L470 AbstractCegarLoop]: Abstraction has 101 states and 126 transitions. [2022-02-20 18:06:10,581 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.833333333333333) internal successors, (29), 5 states have internal predecessors, (29), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:06:10,581 INFO L276 IsEmpty]: Start isEmpty. Operand 101 states and 126 transitions. [2022-02-20 18:06:10,583 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-02-20 18:06:10,583 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:06:10,583 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:06:10,583 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-02-20 18:06:10,583 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:06:10,584 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:06:10,584 INFO L85 PathProgramCache]: Analyzing trace with hash 263176306, now seen corresponding path program 1 times [2022-02-20 18:06:10,584 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:06:10,584 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [467738446] [2022-02-20 18:06:10,584 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:06:10,584 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:06:10,631 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:10,676 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-02-20 18:06:10,677 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:10,680 INFO L290 TraceCheckUtils]: 0: Hoare triple {1798#(= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)} assume !(0 != ~methaneLevelCritical~0);~methaneLevelCritical~0 := 1; {1785#true} is VALID [2022-02-20 18:06:10,680 INFO L290 TraceCheckUtils]: 1: Hoare triple {1785#true} assume true; {1785#true} is VALID [2022-02-20 18:06:10,680 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1785#true} {1787#(= ~pumpRunning~0 0)} #206#return; {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,680 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-02-20 18:06:10,681 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:10,683 INFO L290 TraceCheckUtils]: 0: Hoare triple {1785#true} assume true; {1785#true} is VALID [2022-02-20 18:06:10,683 INFO L284 TraceCheckUtils]: 1: Hoare quadruple {1785#true} {1787#(= ~pumpRunning~0 0)} #196#return; {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,683 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2022-02-20 18:06:10,684 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:10,686 INFO L290 TraceCheckUtils]: 0: Hoare triple {1785#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {1785#true} is VALID [2022-02-20 18:06:10,686 INFO L290 TraceCheckUtils]: 1: Hoare triple {1785#true} assume true; {1785#true} is VALID [2022-02-20 18:06:10,687 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1785#true} {1787#(= ~pumpRunning~0 0)} #198#return; {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,687 INFO L290 TraceCheckUtils]: 0: Hoare triple {1785#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(13, 9);call #Ultimate.allocInit(3, 10);call write~init~int(79, 10, 0, 1);call write~init~int(110, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(4, 11);call write~init~int(79, 11, 0, 1);call write~init~int(102, 11, 1, 1);call write~init~int(102, 11, 2, 1);call write~init~int(0, 11, 3, 1);call #Ultimate.allocInit(7, 12);call write~init~int(44, 12, 0, 1);call write~init~int(80, 12, 1, 1);call write~init~int(117, 12, 2, 1);call write~init~int(109, 12, 3, 1);call write~init~int(112, 12, 4, 1);call write~init~int(58, 12, 5, 1);call write~init~int(0, 12, 6, 1);call #Ultimate.allocInit(3, 13);call write~init~int(79, 13, 0, 1);call write~init~int(110, 13, 1, 1);call write~init~int(0, 13, 2, 1);call #Ultimate.allocInit(4, 14);call write~init~int(79, 14, 0, 1);call write~init~int(102, 14, 1, 1);call write~init~int(102, 14, 2, 1);call write~init~int(0, 14, 3, 1);call #Ultimate.allocInit(3, 15);call write~init~int(41, 15, 0, 1);call write~init~int(32, 15, 1, 1);call write~init~int(0, 15, 2, 1);call #Ultimate.allocInit(2, 16);call write~init~int(10, 16, 0, 1);call write~init~int(0, 16, 1, 1);call #Ultimate.allocInit(30, 17);call #Ultimate.allocInit(9, 18);call #Ultimate.allocInit(21, 19);call #Ultimate.allocInit(30, 20);call #Ultimate.allocInit(9, 21);call #Ultimate.allocInit(21, 22);call #Ultimate.allocInit(30, 23);call #Ultimate.allocInit(9, 24);call #Ultimate.allocInit(25, 25);call #Ultimate.allocInit(30, 26);call #Ultimate.allocInit(9, 27);call #Ultimate.allocInit(25, 28);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~cleanupTimeShifts~0 := 4;~pumpRunning~0 := 0;~systemActive~0 := 1;~head~0.base, ~head~0.offset := 0, 0; {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,688 INFO L290 TraceCheckUtils]: 1: Hoare triple {1787#(= ~pumpRunning~0 0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret12#1, main_~retValue_acc~5#1, main_~tmp~1#1;havoc main_~retValue_acc~5#1;havoc main_~tmp~1#1;assume { :begin_inline_select_helpers } true; {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,688 INFO L290 TraceCheckUtils]: 2: Hoare triple {1787#(= ~pumpRunning~0 0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,688 INFO L290 TraceCheckUtils]: 3: Hoare triple {1787#(= ~pumpRunning~0 0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,688 INFO L290 TraceCheckUtils]: 4: Hoare triple {1787#(= ~pumpRunning~0 0)} main_#t~ret12#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret12#1 && main_#t~ret12#1 <= 2147483647;main_~tmp~1#1 := main_#t~ret12#1;havoc main_#t~ret12#1; {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,689 INFO L290 TraceCheckUtils]: 5: Hoare triple {1787#(= ~pumpRunning~0 0)} assume 0 != main_~tmp~1#1;assume { :begin_inline_setup } true; {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,689 INFO L290 TraceCheckUtils]: 6: Hoare triple {1787#(= ~pumpRunning~0 0)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet48#1, test_#t~nondet49#1, test_#t~nondet50#1, test_#t~nondet51#1, test_~splverifierCounter~0#1, test_~tmp~8#1, test_~tmp___0~2#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~8#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,689 INFO L290 TraceCheckUtils]: 7: Hoare triple {1787#(= ~pumpRunning~0 0)} assume !false; {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,689 INFO L290 TraceCheckUtils]: 8: Hoare triple {1787#(= ~pumpRunning~0 0)} assume test_~splverifierCounter~0#1 < 4; {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,690 INFO L290 TraceCheckUtils]: 9: Hoare triple {1787#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet48#1 && test_#t~nondet48#1 <= 2147483647;test_~tmp~8#1 := test_#t~nondet48#1;havoc test_#t~nondet48#1; {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,690 INFO L290 TraceCheckUtils]: 10: Hoare triple {1787#(= ~pumpRunning~0 0)} assume !(0 != test_~tmp~8#1); {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,690 INFO L290 TraceCheckUtils]: 11: Hoare triple {1787#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet49#1 && test_#t~nondet49#1 <= 2147483647;test_~tmp___0~2#1 := test_#t~nondet49#1;havoc test_#t~nondet49#1; {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,690 INFO L290 TraceCheckUtils]: 12: Hoare triple {1787#(= ~pumpRunning~0 0)} assume 0 != test_~tmp___0~2#1; {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,691 INFO L272 TraceCheckUtils]: 13: Hoare triple {1787#(= ~pumpRunning~0 0)} call changeMethaneLevel(); {1798#(= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)} is VALID [2022-02-20 18:06:10,691 INFO L290 TraceCheckUtils]: 14: Hoare triple {1798#(= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)} assume !(0 != ~methaneLevelCritical~0);~methaneLevelCritical~0 := 1; {1785#true} is VALID [2022-02-20 18:06:10,691 INFO L290 TraceCheckUtils]: 15: Hoare triple {1785#true} assume true; {1785#true} is VALID [2022-02-20 18:06:10,691 INFO L284 TraceCheckUtils]: 16: Hoare quadruple {1785#true} {1787#(= ~pumpRunning~0 0)} #206#return; {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,692 INFO L290 TraceCheckUtils]: 17: Hoare triple {1787#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet50#1 && test_#t~nondet50#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet50#1;havoc test_#t~nondet50#1; {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,692 INFO L290 TraceCheckUtils]: 18: Hoare triple {1787#(= ~pumpRunning~0 0)} assume !(0 != test_~tmp___2~0#1);assume -2147483648 <= test_#t~nondet51#1 && test_#t~nondet51#1 <= 2147483647;test_~tmp___1~0#1 := test_#t~nondet51#1;havoc test_#t~nondet51#1; {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,692 INFO L290 TraceCheckUtils]: 19: Hoare triple {1787#(= ~pumpRunning~0 0)} assume 0 != test_~tmp___1~0#1; {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,693 INFO L272 TraceCheckUtils]: 20: Hoare triple {1787#(= ~pumpRunning~0 0)} call timeShift(); {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,693 INFO L290 TraceCheckUtils]: 21: Hoare triple {1787#(= ~pumpRunning~0 0)} assume !(0 != ~pumpRunning~0); {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,693 INFO L290 TraceCheckUtils]: 22: Hoare triple {1787#(= ~pumpRunning~0 0)} assume 0 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret13#1, processEnvironment_~tmp~2#1;havoc processEnvironment_~tmp~2#1; {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,693 INFO L290 TraceCheckUtils]: 23: Hoare triple {1787#(= ~pumpRunning~0 0)} assume !(0 != ~pumpRunning~0); {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,693 INFO L272 TraceCheckUtils]: 24: Hoare triple {1787#(= ~pumpRunning~0 0)} call processEnvironment__wrappee__base(); {1785#true} is VALID [2022-02-20 18:06:10,694 INFO L290 TraceCheckUtils]: 25: Hoare triple {1785#true} assume true; {1785#true} is VALID [2022-02-20 18:06:10,694 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {1785#true} {1787#(= ~pumpRunning~0 0)} #196#return; {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,694 INFO L290 TraceCheckUtils]: 27: Hoare triple {1787#(= ~pumpRunning~0 0)} assume { :end_inline_processEnvironment } true; {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,694 INFO L290 TraceCheckUtils]: 28: Hoare triple {1787#(= ~pumpRunning~0 0)} assume { :begin_inline___utac_acc__Specification1_spec__1 } true;havoc __utac_acc__Specification1_spec__1_#t~ret10#1, __utac_acc__Specification1_spec__1_#t~ret11#1, __utac_acc__Specification1_spec__1_~tmp~0#1, __utac_acc__Specification1_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification1_spec__1_~tmp~0#1;havoc __utac_acc__Specification1_spec__1_~tmp___0~0#1; {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,694 INFO L272 TraceCheckUtils]: 29: Hoare triple {1787#(= ~pumpRunning~0 0)} call __utac_acc__Specification1_spec__1_#t~ret10#1 := isMethaneLevelCritical(); {1785#true} is VALID [2022-02-20 18:06:10,695 INFO L290 TraceCheckUtils]: 30: Hoare triple {1785#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {1785#true} is VALID [2022-02-20 18:06:10,695 INFO L290 TraceCheckUtils]: 31: Hoare triple {1785#true} assume true; {1785#true} is VALID [2022-02-20 18:06:10,695 INFO L284 TraceCheckUtils]: 32: Hoare quadruple {1785#true} {1787#(= ~pumpRunning~0 0)} #198#return; {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,695 INFO L290 TraceCheckUtils]: 33: Hoare triple {1787#(= ~pumpRunning~0 0)} assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret10#1 && __utac_acc__Specification1_spec__1_#t~ret10#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp~0#1 := __utac_acc__Specification1_spec__1_#t~ret10#1;havoc __utac_acc__Specification1_spec__1_#t~ret10#1; {1787#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:10,696 INFO L290 TraceCheckUtils]: 34: Hoare triple {1787#(= ~pumpRunning~0 0)} assume 0 != __utac_acc__Specification1_spec__1_~tmp~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {1796#(= |timeShift_isPumpRunning_#res#1| 0)} is VALID [2022-02-20 18:06:10,696 INFO L290 TraceCheckUtils]: 35: Hoare triple {1796#(= |timeShift_isPumpRunning_#res#1| 0)} __utac_acc__Specification1_spec__1_#t~ret11#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret11#1 && __utac_acc__Specification1_spec__1_#t~ret11#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp___0~0#1 := __utac_acc__Specification1_spec__1_#t~ret11#1;havoc __utac_acc__Specification1_spec__1_#t~ret11#1; {1797#(= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 0)} is VALID [2022-02-20 18:06:10,696 INFO L290 TraceCheckUtils]: 36: Hoare triple {1797#(= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 0)} assume 0 != __utac_acc__Specification1_spec__1_~tmp___0~0#1;assume { :begin_inline___automaton_fail } true; {1786#false} is VALID [2022-02-20 18:06:10,696 INFO L290 TraceCheckUtils]: 37: Hoare triple {1786#false} assume !false; {1786#false} is VALID [2022-02-20 18:06:10,697 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:06:10,697 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:06:10,697 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [467738446] [2022-02-20 18:06:10,697 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [467738446] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:06:10,697 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:06:10,697 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 18:06:10,697 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [133725460] [2022-02-20 18:06:10,697 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:06:10,697 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 38 [2022-02-20 18:06:10,698 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:06:10,698 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:06:10,718 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 38 edges. 38 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:10,718 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 18:06:10,718 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:06:10,719 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 18:06:10,719 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 18:06:10,719 INFO L87 Difference]: Start difference. First operand 101 states and 126 transitions. Second operand has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:06:10,894 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:10,894 INFO L93 Difference]: Finished difference Result 178 states and 223 transitions. [2022-02-20 18:06:10,895 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 18:06:10,895 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 38 [2022-02-20 18:06:10,895 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:06:10,895 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:06:10,897 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 121 transitions. [2022-02-20 18:06:10,898 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:06:10,899 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 121 transitions. [2022-02-20 18:06:10,899 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 121 transitions. [2022-02-20 18:06:10,974 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 121 edges. 121 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:10,974 INFO L225 Difference]: With dead ends: 178 [2022-02-20 18:06:10,974 INFO L226 Difference]: Without dead ends: 0 [2022-02-20 18:06:10,975 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=27, Invalid=45, Unknown=0, NotChecked=0, Total=72 [2022-02-20 18:06:10,975 INFO L933 BasicCegarLoop]: 45 mSDtfsCounter, 45 mSDsluCounter, 74 mSDsCounter, 0 mSdLazyCounter, 65 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 46 SdHoareTripleChecker+Valid, 119 SdHoareTripleChecker+Invalid, 78 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 65 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 18:06:10,976 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [46 Valid, 119 Invalid, 78 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 65 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 18:06:10,976 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-02-20 18:06:10,976 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-02-20 18:06:10,976 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:06:10,976 INFO L82 GeneralOperation]: Start isEquivalent. First operand 0 states. Second operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 18:06:10,976 INFO L74 IsIncluded]: Start isIncluded. First operand 0 states. Second operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 18:06:10,976 INFO L87 Difference]: Start difference. First operand 0 states. Second operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 18:06:10,976 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:10,976 INFO L93 Difference]: Finished difference Result 0 states and 0 transitions. [2022-02-20 18:06:10,976 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-02-20 18:06:10,976 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:10,977 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:10,977 INFO L74 IsIncluded]: Start isIncluded. First operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Second operand 0 states. [2022-02-20 18:06:10,977 INFO L87 Difference]: Start difference. First operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Second operand 0 states. [2022-02-20 18:06:10,977 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:10,977 INFO L93 Difference]: Finished difference Result 0 states and 0 transitions. [2022-02-20 18:06:10,977 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-02-20 18:06:10,977 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:10,977 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:10,977 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:06:10,977 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:06:10,977 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 18:06:10,977 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-02-20 18:06:10,977 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 38 [2022-02-20 18:06:10,977 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:06:10,977 INFO L470 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-02-20 18:06:10,977 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:06:10,977 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-02-20 18:06:10,978 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:10,979 INFO L764 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-02-20 18:06:10,980 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-02-20 18:06:10,981 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-02-20 18:06:11,277 INFO L858 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 341 347) no Hoare annotation was computed. [2022-02-20 18:06:11,277 INFO L861 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 341 347) the Hoare annotation is: true [2022-02-20 18:06:11,277 INFO L858 garLoopResultBuilder]: For program point L125-1(lines 121 132) no Hoare annotation was computed. [2022-02-20 18:06:11,278 INFO L854 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 121 132) the Hoare annotation is: (or (not (= ~pumpRunning~0 0)) (not (= 1 ~systemActive~0)) (= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)) [2022-02-20 18:06:11,278 INFO L858 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 121 132) no Hoare annotation was computed. [2022-02-20 18:06:11,278 INFO L858 garLoopResultBuilder]: For program point L353(lines 353 370) no Hoare annotation was computed. [2022-02-20 18:06:11,278 INFO L854 garLoopResultBuilder]: At program point L192(line 192) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) (not (= 1 ~systemActive~0))) [2022-02-20 18:06:11,278 INFO L858 garLoopResultBuilder]: For program point L192-1(line 192) no Hoare annotation was computed. [2022-02-20 18:06:11,278 INFO L858 garLoopResultBuilder]: For program point L473(lines 473 477) no Hoare annotation was computed. [2022-02-20 18:06:11,278 INFO L858 garLoopResultBuilder]: For program point L473-2(lines 473 477) no Hoare annotation was computed. [2022-02-20 18:06:11,278 INFO L854 garLoopResultBuilder]: At program point L424(lines 419 427) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or .cse0 .cse1 (and (= ~pumpRunning~0 0) (= |timeShift_isPumpRunning_#res#1| 0))) (or .cse0 .cse1 (not (= ~methaneLevelCritical~0 0))))) [2022-02-20 18:06:11,279 INFO L858 garLoopResultBuilder]: For program point timeShiftFINAL(lines 317 340) no Hoare annotation was computed. [2022-02-20 18:06:11,279 INFO L858 garLoopResultBuilder]: For program point L321-1(lines 320 339) no Hoare annotation was computed. [2022-02-20 18:06:11,280 INFO L854 garLoopResultBuilder]: At program point L363(line 363) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:06:11,280 INFO L858 garLoopResultBuilder]: For program point L198(lines 198 204) no Hoare annotation was computed. [2022-02-20 18:06:11,280 INFO L858 garLoopResultBuilder]: For program point L194(lines 194 207) no Hoare annotation was computed. [2022-02-20 18:06:11,280 INFO L858 garLoopResultBuilder]: For program point L929(line 929) no Hoare annotation was computed. [2022-02-20 18:06:11,280 INFO L854 garLoopResultBuilder]: At program point L194-1(lines 186 210) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or .cse0 (= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 0) .cse1 (not (= ~methaneLevelCritical~0 0))) (or .cse0 (= ~pumpRunning~0 0) .cse1))) [2022-02-20 18:06:11,281 INFO L854 garLoopResultBuilder]: At program point L479(lines 464 482) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:06:11,281 INFO L854 garLoopResultBuilder]: At program point L405(lines 400 407) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:06:11,281 INFO L854 garLoopResultBuilder]: At program point L368(line 368) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) (not (= 1 ~systemActive~0))) [2022-02-20 18:06:11,281 INFO L854 garLoopResultBuilder]: At program point L368-1(lines 349 373) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) (not (= 1 ~systemActive~0))) [2022-02-20 18:06:11,281 INFO L854 garLoopResultBuilder]: At program point L930(lines 925 932) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:06:11,281 INFO L854 garLoopResultBuilder]: At program point L179(lines 174 182) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:06:11,281 INFO L854 garLoopResultBuilder]: At program point timeShiftENTRY(lines 317 340) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) (not (= 1 ~systemActive~0))) [2022-02-20 18:06:11,281 INFO L858 garLoopResultBuilder]: For program point timeShiftEXIT(lines 317 340) no Hoare annotation was computed. [2022-02-20 18:06:11,282 INFO L858 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 929) no Hoare annotation was computed. [2022-02-20 18:06:11,282 INFO L858 garLoopResultBuilder]: For program point L328-1(lines 328 334) no Hoare annotation was computed. [2022-02-20 18:06:11,282 INFO L858 garLoopResultBuilder]: For program point L101(lines 101 105) no Hoare annotation was computed. [2022-02-20 18:06:11,282 INFO L858 garLoopResultBuilder]: For program point L357(lines 357 365) no Hoare annotation was computed. [2022-02-20 18:06:11,282 INFO L854 garLoopResultBuilder]: At program point L101-2(lines 97 108) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:06:11,283 INFO L858 garLoopResultBuilder]: For program point L225(line 225) no Hoare annotation was computed. [2022-02-20 18:06:11,283 INFO L858 garLoopResultBuilder]: For program point cleanupEXIT(lines 214 243) no Hoare annotation was computed. [2022-02-20 18:06:11,283 INFO L861 garLoopResultBuilder]: At program point L224-2(lines 224 238) the Hoare annotation is: true [2022-02-20 18:06:11,283 INFO L861 garLoopResultBuilder]: At program point cleanupENTRY(lines 214 243) the Hoare annotation is: true [2022-02-20 18:06:11,283 INFO L861 garLoopResultBuilder]: At program point L220(line 220) the Hoare annotation is: true [2022-02-20 18:06:11,284 INFO L858 garLoopResultBuilder]: For program point L220-1(line 220) no Hoare annotation was computed. [2022-02-20 18:06:11,284 INFO L861 garLoopResultBuilder]: At program point L239(lines 214 243) the Hoare annotation is: true [2022-02-20 18:06:11,284 INFO L858 garLoopResultBuilder]: For program point L235(line 235) no Hoare annotation was computed. [2022-02-20 18:06:11,284 INFO L858 garLoopResultBuilder]: For program point L228(lines 228 232) no Hoare annotation was computed. [2022-02-20 18:06:11,284 INFO L861 garLoopResultBuilder]: At program point L228-1(lines 228 232) the Hoare annotation is: true [2022-02-20 18:06:11,284 INFO L861 garLoopResultBuilder]: At program point isMethaneLevelCriticalENTRY(lines 133 141) the Hoare annotation is: true [2022-02-20 18:06:11,284 INFO L858 garLoopResultBuilder]: For program point isMethaneLevelCriticalFINAL(lines 133 141) no Hoare annotation was computed. [2022-02-20 18:06:11,285 INFO L858 garLoopResultBuilder]: For program point isMethaneLevelCriticalEXIT(lines 133 141) no Hoare annotation was computed. [2022-02-20 18:06:11,285 INFO L854 garLoopResultBuilder]: At program point L890(line 890) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-02-20 18:06:11,285 INFO L861 garLoopResultBuilder]: At program point L919(lines 858 923) the Hoare annotation is: true [2022-02-20 18:06:11,285 INFO L858 garLoopResultBuilder]: For program point L878(lines 878 884) no Hoare annotation was computed. [2022-02-20 18:06:11,285 INFO L858 garLoopResultBuilder]: For program point L878-1(lines 878 884) no Hoare annotation was computed. [2022-02-20 18:06:11,285 INFO L858 garLoopResultBuilder]: For program point L870(lines 870 874) no Hoare annotation was computed. [2022-02-20 18:06:11,285 INFO L858 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-02-20 18:06:11,285 INFO L858 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-02-20 18:06:11,288 INFO L858 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-02-20 18:06:11,288 INFO L861 garLoopResultBuilder]: At program point L284(lines 277 286) the Hoare annotation is: true [2022-02-20 18:06:11,289 INFO L854 garLoopResultBuilder]: At program point L916(lines 867 917) the Hoare annotation is: false [2022-02-20 18:06:11,289 INFO L858 garLoopResultBuilder]: For program point L297(lines 297 304) no Hoare annotation was computed. [2022-02-20 18:06:11,289 INFO L858 garLoopResultBuilder]: For program point L297-2(lines 297 304) no Hoare annotation was computed. [2022-02-20 18:06:11,289 INFO L858 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-02-20 18:06:11,289 INFO L858 garLoopResultBuilder]: For program point L888(lines 888 894) no Hoare annotation was computed. [2022-02-20 18:06:11,289 INFO L858 garLoopResultBuilder]: For program point L888-1(lines 888 894) no Hoare annotation was computed. [2022-02-20 18:06:11,289 INFO L854 garLoopResultBuilder]: At program point L83(lines 78 86) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0)) [2022-02-20 18:06:11,290 INFO L861 garLoopResultBuilder]: At program point L306(lines 287 309) the Hoare annotation is: true [2022-02-20 18:06:11,290 INFO L854 garLoopResultBuilder]: At program point L273(lines 269 275) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0)) [2022-02-20 18:06:11,290 INFO L854 garLoopResultBuilder]: At program point L913(lines 868 915) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-02-20 18:06:11,290 INFO L854 garLoopResultBuilder]: At program point L880(line 880) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-02-20 18:06:11,290 INFO L854 garLoopResultBuilder]: At program point L75(lines 71 77) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0)) [2022-02-20 18:06:11,290 INFO L854 garLoopResultBuilder]: At program point L488(lines 483 490) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-02-20 18:06:11,290 INFO L858 garLoopResultBuilder]: For program point L906(lines 906 910) no Hoare annotation was computed. [2022-02-20 18:06:11,290 INFO L854 garLoopResultBuilder]: At program point L906-2(lines 898 911) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-02-20 18:06:11,291 INFO L858 garLoopResultBuilder]: For program point L869(lines 868 915) no Hoare annotation was computed. [2022-02-20 18:06:11,291 INFO L854 garLoopResultBuilder]: At program point L68(lines 64 70) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0)) [2022-02-20 18:06:11,291 INFO L858 garLoopResultBuilder]: For program point L898(lines 898 911) no Hoare annotation was computed. [2022-02-20 18:06:11,291 INFO L858 garLoopResultBuilder]: For program point L113-1(lines 109 120) no Hoare annotation was computed. [2022-02-20 18:06:11,291 INFO L858 garLoopResultBuilder]: For program point waterRiseEXIT(lines 109 120) no Hoare annotation was computed. [2022-02-20 18:06:11,291 INFO L861 garLoopResultBuilder]: At program point waterRiseENTRY(lines 109 120) the Hoare annotation is: true [2022-02-20 18:06:11,294 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1] [2022-02-20 18:06:11,296 INFO L180 ceAbstractionStarter]: Computing trace abstraction results [2022-02-20 18:06:11,300 WARN L170 areAnnotationChecker]: processEnvironment__wrappee__baseEXIT has no Hoare annotation [2022-02-20 18:06:11,300 WARN L170 areAnnotationChecker]: L125-1 has no Hoare annotation [2022-02-20 18:06:11,300 WARN L170 areAnnotationChecker]: L125-1 has no Hoare annotation [2022-02-20 18:06:11,300 WARN L170 areAnnotationChecker]: L101 has no Hoare annotation [2022-02-20 18:06:11,300 WARN L170 areAnnotationChecker]: L321-1 has no Hoare annotation [2022-02-20 18:06:11,300 WARN L170 areAnnotationChecker]: isMethaneLevelCriticalFINAL has no Hoare annotation [2022-02-20 18:06:11,300 WARN L170 areAnnotationChecker]: ULTIMATE.startENTRY has no Hoare annotation [2022-02-20 18:06:11,300 WARN L170 areAnnotationChecker]: L113-1 has no Hoare annotation [2022-02-20 18:06:11,300 WARN L170 areAnnotationChecker]: L113-1 has no Hoare annotation [2022-02-20 18:06:11,300 WARN L170 areAnnotationChecker]: processEnvironment__wrappee__baseEXIT has no Hoare annotation [2022-02-20 18:06:11,301 WARN L170 areAnnotationChecker]: processEnvironment__wrappee__baseEXIT has no Hoare annotation [2022-02-20 18:06:11,301 WARN L170 areAnnotationChecker]: L125-1 has no Hoare annotation [2022-02-20 18:06:11,301 WARN L170 areAnnotationChecker]: L101 has no Hoare annotation [2022-02-20 18:06:11,301 WARN L170 areAnnotationChecker]: L101 has no Hoare annotation [2022-02-20 18:06:11,301 WARN L170 areAnnotationChecker]: L321-1 has no Hoare annotation [2022-02-20 18:06:11,301 WARN L170 areAnnotationChecker]: L321-1 has no Hoare annotation [2022-02-20 18:06:11,301 WARN L170 areAnnotationChecker]: L220-1 has no Hoare annotation [2022-02-20 18:06:11,302 WARN L170 areAnnotationChecker]: isMethaneLevelCriticalFINAL has no Hoare annotation [2022-02-20 18:06:11,302 WARN L170 areAnnotationChecker]: L-1 has no Hoare annotation [2022-02-20 18:06:11,302 WARN L170 areAnnotationChecker]: L113-1 has no Hoare annotation [2022-02-20 18:06:11,302 WARN L170 areAnnotationChecker]: L328-1 has no Hoare annotation [2022-02-20 18:06:11,302 WARN L170 areAnnotationChecker]: changeMethaneLevelEXIT has no Hoare annotation [2022-02-20 18:06:11,302 WARN L170 areAnnotationChecker]: L321-1 has no Hoare annotation [2022-02-20 18:06:11,302 WARN L170 areAnnotationChecker]: L353 has no Hoare annotation [2022-02-20 18:06:11,302 WARN L170 areAnnotationChecker]: L353 has no Hoare annotation [2022-02-20 18:06:11,303 WARN L170 areAnnotationChecker]: L328-1 has no Hoare annotation [2022-02-20 18:06:11,303 WARN L170 areAnnotationChecker]: L220-1 has no Hoare annotation [2022-02-20 18:06:11,303 WARN L170 areAnnotationChecker]: isMethaneLevelCriticalEXIT has no Hoare annotation [2022-02-20 18:06:11,304 WARN L170 areAnnotationChecker]: waterRiseEXIT has no Hoare annotation [2022-02-20 18:06:11,304 WARN L170 areAnnotationChecker]: L888-1 has no Hoare annotation [2022-02-20 18:06:11,304 WARN L170 areAnnotationChecker]: L473 has no Hoare annotation [2022-02-20 18:06:11,304 WARN L170 areAnnotationChecker]: L192-1 has no Hoare annotation [2022-02-20 18:06:11,304 WARN L170 areAnnotationChecker]: L225 has no Hoare annotation [2022-02-20 18:06:11,304 WARN L170 areAnnotationChecker]: L192-1 has no Hoare annotation [2022-02-20 18:06:11,305 WARN L170 areAnnotationChecker]: L878-1 has no Hoare annotation [2022-02-20 18:06:11,305 WARN L170 areAnnotationChecker]: L898 has no Hoare annotation [2022-02-20 18:06:11,305 WARN L170 areAnnotationChecker]: L898 has no Hoare annotation [2022-02-20 18:06:11,305 WARN L170 areAnnotationChecker]: L473 has no Hoare annotation [2022-02-20 18:06:11,305 WARN L170 areAnnotationChecker]: L473 has no Hoare annotation [2022-02-20 18:06:11,305 WARN L170 areAnnotationChecker]: cleanupEXIT has no Hoare annotation [2022-02-20 18:06:11,305 WARN L170 areAnnotationChecker]: L225 has no Hoare annotation [2022-02-20 18:06:11,305 WARN L170 areAnnotationChecker]: L194 has no Hoare annotation [2022-02-20 18:06:11,305 WARN L170 areAnnotationChecker]: L194 has no Hoare annotation [2022-02-20 18:06:11,305 WARN L170 areAnnotationChecker]: L297 has no Hoare annotation [2022-02-20 18:06:11,305 WARN L170 areAnnotationChecker]: L888 has no Hoare annotation [2022-02-20 18:06:11,306 WARN L170 areAnnotationChecker]: L888 has no Hoare annotation [2022-02-20 18:06:11,306 WARN L170 areAnnotationChecker]: L906 has no Hoare annotation [2022-02-20 18:06:11,306 WARN L170 areAnnotationChecker]: L906 has no Hoare annotation [2022-02-20 18:06:11,306 WARN L170 areAnnotationChecker]: L473-2 has no Hoare annotation [2022-02-20 18:06:11,306 WARN L170 areAnnotationChecker]: cleanupEXIT has no Hoare annotation [2022-02-20 18:06:11,306 WARN L170 areAnnotationChecker]: L228 has no Hoare annotation [2022-02-20 18:06:11,306 WARN L170 areAnnotationChecker]: L228 has no Hoare annotation [2022-02-20 18:06:11,306 WARN L170 areAnnotationChecker]: L198 has no Hoare annotation [2022-02-20 18:06:11,306 WARN L170 areAnnotationChecker]: timeShiftFINAL has no Hoare annotation [2022-02-20 18:06:11,307 WARN L170 areAnnotationChecker]: L297 has no Hoare annotation [2022-02-20 18:06:11,307 WARN L170 areAnnotationChecker]: L297 has no Hoare annotation [2022-02-20 18:06:11,307 WARN L170 areAnnotationChecker]: L888-1 has no Hoare annotation [2022-02-20 18:06:11,308 WARN L170 areAnnotationChecker]: L357 has no Hoare annotation [2022-02-20 18:06:11,308 WARN L170 areAnnotationChecker]: L235 has no Hoare annotation [2022-02-20 18:06:11,308 WARN L170 areAnnotationChecker]: L198 has no Hoare annotation [2022-02-20 18:06:11,308 WARN L170 areAnnotationChecker]: L198 has no Hoare annotation [2022-02-20 18:06:11,308 WARN L170 areAnnotationChecker]: timeShiftFINAL has no Hoare annotation [2022-02-20 18:06:11,309 WARN L170 areAnnotationChecker]: L297-2 has no Hoare annotation [2022-02-20 18:06:11,309 WARN L170 areAnnotationChecker]: L869 has no Hoare annotation [2022-02-20 18:06:11,309 WARN L170 areAnnotationChecker]: L357 has no Hoare annotation [2022-02-20 18:06:11,309 WARN L170 areAnnotationChecker]: L357 has no Hoare annotation [2022-02-20 18:06:11,309 WARN L170 areAnnotationChecker]: L297-2 has no Hoare annotation [2022-02-20 18:06:11,309 WARN L170 areAnnotationChecker]: L235 has no Hoare annotation [2022-02-20 18:06:11,309 WARN L170 areAnnotationChecker]: L929 has no Hoare annotation [2022-02-20 18:06:11,309 WARN L170 areAnnotationChecker]: L929 has no Hoare annotation [2022-02-20 18:06:11,310 WARN L170 areAnnotationChecker]: timeShiftEXIT has no Hoare annotation [2022-02-20 18:06:11,310 WARN L170 areAnnotationChecker]: timeShiftEXIT has no Hoare annotation [2022-02-20 18:06:11,310 WARN L170 areAnnotationChecker]: timeShiftEXIT has no Hoare annotation [2022-02-20 18:06:11,310 WARN L170 areAnnotationChecker]: ULTIMATE.startFINAL has no Hoare annotation [2022-02-20 18:06:11,310 WARN L170 areAnnotationChecker]: L869 has no Hoare annotation [2022-02-20 18:06:11,310 WARN L170 areAnnotationChecker]: L869 has no Hoare annotation [2022-02-20 18:06:11,311 WARN L170 areAnnotationChecker]: ULTIMATE.startFINAL has no Hoare annotation [2022-02-20 18:06:11,311 WARN L170 areAnnotationChecker]: L870 has no Hoare annotation [2022-02-20 18:06:11,312 WARN L170 areAnnotationChecker]: L878 has no Hoare annotation [2022-02-20 18:06:11,312 WARN L170 areAnnotationChecker]: L878 has no Hoare annotation [2022-02-20 18:06:11,312 WARN L170 areAnnotationChecker]: L878-1 has no Hoare annotation [2022-02-20 18:06:11,312 INFO L163 areAnnotationChecker]: CFG has 21 edges. 21 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. 0 times interpolants missing. [2022-02-20 18:06:11,332 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 20.02 06:06:11 BoogieIcfgContainer [2022-02-20 18:06:11,332 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-02-20 18:06:11,333 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-02-20 18:06:11,333 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-02-20 18:06:11,333 INFO L275 PluginConnector]: Witness Printer initialized [2022-02-20 18:06:11,333 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:06:08" (3/4) ... [2022-02-20 18:06:11,335 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-02-20 18:06:11,339 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-02-20 18:06:11,339 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-02-20 18:06:11,339 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-02-20 18:06:11,339 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-02-20 18:06:11,339 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2022-02-20 18:06:11,339 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-02-20 18:06:11,351 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 49 nodes and edges [2022-02-20 18:06:11,351 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-02-20 18:06:11,352 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-02-20 18:06:11,352 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-02-20 18:06:11,352 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-02-20 18:06:11,352 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-02-20 18:06:11,353 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-02-20 18:06:11,371 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 == systemActive) [2022-02-20 18:06:11,372 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive) [2022-02-20 18:06:11,373 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(\old(pumpRunning) == 0) || tmp == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) && ((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) [2022-02-20 18:06:11,374 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && \result == 0)) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) [2022-02-20 18:06:11,374 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 == systemActive) [2022-02-20 18:06:11,374 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 == systemActive) [2022-02-20 18:06:11,374 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 == systemActive) [2022-02-20 18:06:11,375 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 == systemActive) [2022-02-20 18:06:11,398 INFO L141 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2022-02-20 18:06:11,398 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-02-20 18:06:11,399 INFO L158 Benchmark]: Toolchain (without parser) took 3631.19ms. Allocated memory was 132.1MB in the beginning and 197.1MB in the end (delta: 65.0MB). Free memory was 93.4MB in the beginning and 90.0MB in the end (delta: 3.4MB). Peak memory consumption was 68.5MB. Max. memory is 16.1GB. [2022-02-20 18:06:11,399 INFO L158 Benchmark]: CDTParser took 0.16ms. Allocated memory is still 132.1MB. Free memory was 110.7MB in the beginning and 110.7MB in the end (delta: 77.7kB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:06:11,399 INFO L158 Benchmark]: CACSL2BoogieTranslator took 436.28ms. Allocated memory is still 132.1MB. Free memory was 93.2MB in the beginning and 94.8MB in the end (delta: -1.6MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2022-02-20 18:06:11,400 INFO L158 Benchmark]: Boogie Procedure Inliner took 39.09ms. Allocated memory is still 132.1MB. Free memory was 94.8MB in the beginning and 92.3MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:06:11,400 INFO L158 Benchmark]: Boogie Preprocessor took 18.31ms. Allocated memory is still 132.1MB. Free memory was 92.3MB in the beginning and 90.6MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:06:11,400 INFO L158 Benchmark]: RCFGBuilder took 416.43ms. Allocated memory is still 132.1MB. Free memory was 90.6MB in the beginning and 72.1MB in the end (delta: 18.5MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2022-02-20 18:06:11,400 INFO L158 Benchmark]: TraceAbstraction took 2649.47ms. Allocated memory was 132.1MB in the beginning and 197.1MB in the end (delta: 65.0MB). Free memory was 71.7MB in the beginning and 95.2MB in the end (delta: -23.5MB). Peak memory consumption was 41.3MB. Max. memory is 16.1GB. [2022-02-20 18:06:11,401 INFO L158 Benchmark]: Witness Printer took 65.21ms. Allocated memory is still 197.1MB. Free memory was 95.2MB in the beginning and 90.0MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-02-20 18:06:11,404 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.16ms. Allocated memory is still 132.1MB. Free memory was 110.7MB in the beginning and 110.7MB in the end (delta: 77.7kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 436.28ms. Allocated memory is still 132.1MB. Free memory was 93.2MB in the beginning and 94.8MB in the end (delta: -1.6MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 39.09ms. Allocated memory is still 132.1MB. Free memory was 94.8MB in the beginning and 92.3MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 18.31ms. Allocated memory is still 132.1MB. Free memory was 92.3MB in the beginning and 90.6MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 416.43ms. Allocated memory is still 132.1MB. Free memory was 90.6MB in the beginning and 72.1MB in the end (delta: 18.5MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 2649.47ms. Allocated memory was 132.1MB in the beginning and 197.1MB in the end (delta: 65.0MB). Free memory was 71.7MB in the beginning and 95.2MB in the end (delta: -23.5MB). Peak memory consumption was 41.3MB. Max. memory is 16.1GB. * Witness Printer took 65.21ms. Allocated memory is still 197.1MB. Free memory was 95.2MB in the beginning and 90.0MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 929]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 74 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 2.6s, OverallIterations: 5, TraceHistogramMax: 1, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 1.3s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.3s, InitialAbstractionConstructionTime: 0.0s, PartialOrderReductionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 155 SdHoareTripleChecker+Valid, 0.1s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 149 mSDsluCounter, 725 SdHoareTripleChecker+Invalid, 0.1s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 380 mSDsCounter, 18 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 103 IncrementalHoareTripleChecker+Invalid, 121 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 18 mSolverCounterUnsat, 345 mSDtfsCounter, 103 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 39 GetRequests, 23 SyntacticMatches, 0 SemanticMatches, 16 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=101occurred in iteration=4, InterpolantAutomatonStates: 22, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.1s AutomataMinimizationTime, 5 MinimizatonAttempts, 3 StatesRemovedByMinimization, 1 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 34 LocationsWithAnnotation, 191 PreInvPairs, 215 NumberOfFragments, 275 HoareAnnotationTreeSize, 191 FomulaSimplifications, 16 FormulaSimplificationTreeSizeReduction, 0.0s HoareSimplificationTime, 34 FomulaSimplificationsInter, 447 FormulaSimplificationTreeSizeReductionInter, 0.2s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 0.4s InterpolantComputationTime, 148 NumberOfCodeBlocks, 148 NumberOfCodeBlocksAsserted, 5 NumberOfCheckSat, 143 ConstructedInterpolants, 0 QuantifiedInterpolants, 295 SizeOfPredicates, 0 NumberOfNonLiveVariables, 0 ConjunctsInSsa, 0 ConjunctsInUnsatCore, 5 InterpolantComputations, 5 PerfectInterpolantSequences, 0/0 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 868]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && splverifierCounter == 0 - InvariantResult [Line: 97]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 == systemActive) - InvariantResult [Line: 174]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 == systemActive) - InvariantResult [Line: 78]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive - InvariantResult [Line: 224]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 64]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive - InvariantResult [Line: 400]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 == systemActive) - InvariantResult [Line: 349]: Loop Invariant Derived loop invariant: (!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive) - InvariantResult [Line: 71]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive - InvariantResult [Line: 269]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive - InvariantResult [Line: 287]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 214]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 925]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 == systemActive) - InvariantResult [Line: 277]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 464]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 == systemActive) - InvariantResult [Line: 186]: Loop Invariant Derived loop invariant: (((!(\old(pumpRunning) == 0) || tmp == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) && ((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) - InvariantResult [Line: 419]: Loop Invariant Derived loop invariant: ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && \result == 0)) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) - InvariantResult [Line: 867]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 483]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && splverifierCounter == 0 - InvariantResult [Line: 858]: Loop Invariant Derived loop invariant: 1 RESULT: Ultimate proved your program to be correct! [2022-02-20 18:06:11,436 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE