./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec1_product27.cil.c --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 03d7b7b3 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec1_product27.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 57a688f8a9792d29adbf3f8f01563f73a4548e3755afcb9efbc0eedec2ffc9fc --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 18:06:07,637 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 18:06:07,639 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 18:06:07,662 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 18:06:07,666 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 18:06:07,667 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 18:06:07,670 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 18:06:07,672 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 18:06:07,673 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 18:06:07,674 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 18:06:07,675 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 18:06:07,676 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 18:06:07,676 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 18:06:07,677 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 18:06:07,678 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 18:06:07,679 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 18:06:07,680 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 18:06:07,681 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 18:06:07,682 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 18:06:07,684 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 18:06:07,685 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 18:06:07,686 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 18:06:07,687 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 18:06:07,688 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 18:06:07,691 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 18:06:07,691 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 18:06:07,691 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 18:06:07,692 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 18:06:07,693 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 18:06:07,694 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 18:06:07,694 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 18:06:07,695 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 18:06:07,695 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 18:06:07,696 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 18:06:07,697 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 18:06:07,697 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 18:06:07,698 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 18:06:07,698 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 18:06:07,698 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 18:06:07,699 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 18:06:07,700 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 18:06:07,701 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-02-20 18:06:07,718 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 18:06:07,719 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 18:06:07,719 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 18:06:07,719 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 18:06:07,720 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 18:06:07,720 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 18:06:07,721 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 18:06:07,721 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 18:06:07,721 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 18:06:07,721 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 18:06:07,722 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 18:06:07,722 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 18:06:07,722 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 18:06:07,722 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 18:06:07,722 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-02-20 18:06:07,723 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 18:06:07,723 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-02-20 18:06:07,723 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 18:06:07,723 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-02-20 18:06:07,723 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 18:06:07,724 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-02-20 18:06:07,724 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 18:06:07,724 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 18:06:07,724 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 18:06:07,724 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:06:07,725 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 18:06:07,725 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 18:06:07,725 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-02-20 18:06:07,725 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-02-20 18:06:07,726 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-02-20 18:06:07,726 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2022-02-20 18:06:07,726 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-02-20 18:06:07,726 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-02-20 18:06:07,726 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 57a688f8a9792d29adbf3f8f01563f73a4548e3755afcb9efbc0eedec2ffc9fc [2022-02-20 18:06:07,906 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 18:06:07,926 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 18:06:07,928 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 18:06:07,929 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 18:06:07,930 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 18:06:07,931 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec1_product27.cil.c [2022-02-20 18:06:07,995 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5e4a61990/1915d679717c4b6295bcc39272367039/FLAGf61bd853c [2022-02-20 18:06:08,413 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 18:06:08,414 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product27.cil.c [2022-02-20 18:06:08,427 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5e4a61990/1915d679717c4b6295bcc39272367039/FLAGf61bd853c [2022-02-20 18:06:08,436 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5e4a61990/1915d679717c4b6295bcc39272367039 [2022-02-20 18:06:08,438 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 18:06:08,440 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 18:06:08,441 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 18:06:08,441 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 18:06:08,444 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 18:06:08,445 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:06:08" (1/1) ... [2022-02-20 18:06:08,446 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@87c12b1 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:06:08, skipping insertion in model container [2022-02-20 18:06:08,446 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:06:08" (1/1) ... [2022-02-20 18:06:08,451 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 18:06:08,488 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:06:08,633 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product27.cil.c[2141,2154] [2022-02-20 18:06:08,754 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:06:08,762 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 18:06:08,773 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product27.cil.c[2141,2154] [2022-02-20 18:06:08,845 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:06:08,864 INFO L208 MainTranslator]: Completed translation [2022-02-20 18:06:08,865 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:06:08 WrapperNode [2022-02-20 18:06:08,865 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 18:06:08,867 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 18:06:08,867 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 18:06:08,867 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 18:06:08,880 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:06:08" (1/1) ... [2022-02-20 18:06:08,905 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:06:08" (1/1) ... [2022-02-20 18:06:08,948 INFO L137 Inliner]: procedures = 54, calls = 153, calls flagged for inlining = 21, calls inlined = 16, statements flattened = 216 [2022-02-20 18:06:08,953 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 18:06:08,954 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 18:06:08,954 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 18:06:08,954 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 18:06:08,962 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:06:08" (1/1) ... [2022-02-20 18:06:08,962 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:06:08" (1/1) ... [2022-02-20 18:06:08,972 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:06:08" (1/1) ... [2022-02-20 18:06:08,973 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:06:08" (1/1) ... [2022-02-20 18:06:08,982 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:06:08" (1/1) ... [2022-02-20 18:06:08,997 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:06:08" (1/1) ... [2022-02-20 18:06:09,000 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:06:08" (1/1) ... [2022-02-20 18:06:09,005 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 18:06:09,007 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 18:06:09,008 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 18:06:09,008 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 18:06:09,010 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:06:08" (1/1) ... [2022-02-20 18:06:09,016 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:06:09,025 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 18:06:09,045 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 18:06:09,076 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 18:06:09,076 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-02-20 18:06:09,076 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-02-20 18:06:09,077 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-02-20 18:06:09,077 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-02-20 18:06:09,077 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-02-20 18:06:09,077 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-02-20 18:06:09,077 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-02-20 18:06:09,077 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-02-20 18:06:09,078 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-02-20 18:06:09,078 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-02-20 18:06:09,078 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-02-20 18:06:09,078 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-02-20 18:06:09,078 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-02-20 18:06:09,078 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-02-20 18:06:09,078 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-02-20 18:06:09,079 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 18:06:09,079 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 18:06:09,080 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 18:06:09,144 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 18:06:09,146 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 18:06:09,506 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 18:06:09,513 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 18:06:09,515 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-02-20 18:06:09,518 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:06:09 BoogieIcfgContainer [2022-02-20 18:06:09,518 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 18:06:09,520 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 18:06:09,520 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 18:06:09,523 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 18:06:09,523 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 06:06:08" (1/3) ... [2022-02-20 18:06:09,524 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@62c62a6a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:06:09, skipping insertion in model container [2022-02-20 18:06:09,524 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:06:08" (2/3) ... [2022-02-20 18:06:09,524 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@62c62a6a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:06:09, skipping insertion in model container [2022-02-20 18:06:09,524 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:06:09" (3/3) ... [2022-02-20 18:06:09,525 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product27.cil.c [2022-02-20 18:06:09,530 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 18:06:09,531 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-02-20 18:06:09,580 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 18:06:09,586 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 18:06:09,586 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-02-20 18:06:09,627 INFO L276 IsEmpty]: Start isEmpty. Operand has 80 states, 60 states have (on average 1.3833333333333333) internal successors, (83), 67 states have internal predecessors, (83), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:06:09,637 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2022-02-20 18:06:09,637 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:06:09,638 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:06:09,639 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:06:09,647 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:06:09,648 INFO L85 PathProgramCache]: Analyzing trace with hash 233664886, now seen corresponding path program 1 times [2022-02-20 18:06:09,658 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:06:09,659 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [63344988] [2022-02-20 18:06:09,660 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:06:09,661 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:06:09,852 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:09,942 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-02-20 18:06:09,950 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:09,963 INFO L290 TraceCheckUtils]: 0: Hoare triple {83#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {83#true} is VALID [2022-02-20 18:06:09,964 INFO L290 TraceCheckUtils]: 1: Hoare triple {83#true} assume true; {83#true} is VALID [2022-02-20 18:06:09,965 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {83#true} {84#false} #209#return; {84#false} is VALID [2022-02-20 18:06:09,970 INFO L290 TraceCheckUtils]: 0: Hoare triple {83#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(30, 9);call #Ultimate.allocInit(9, 10);call #Ultimate.allocInit(21, 11);call #Ultimate.allocInit(30, 12);call #Ultimate.allocInit(9, 13);call #Ultimate.allocInit(21, 14);call #Ultimate.allocInit(30, 15);call #Ultimate.allocInit(9, 16);call #Ultimate.allocInit(25, 17);call #Ultimate.allocInit(30, 18);call #Ultimate.allocInit(9, 19);call #Ultimate.allocInit(25, 20);call #Ultimate.allocInit(13, 21);call #Ultimate.allocInit(3, 22);call write~init~int(79, 22, 0, 1);call write~init~int(110, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(4, 23);call write~init~int(79, 23, 0, 1);call write~init~int(102, 23, 1, 1);call write~init~int(102, 23, 2, 1);call write~init~int(0, 23, 3, 1);call #Ultimate.allocInit(7, 24);call write~init~int(44, 24, 0, 1);call write~init~int(80, 24, 1, 1);call write~init~int(117, 24, 2, 1);call write~init~int(109, 24, 3, 1);call write~init~int(112, 24, 4, 1);call write~init~int(58, 24, 5, 1);call write~init~int(0, 24, 6, 1);call #Ultimate.allocInit(3, 25);call write~init~int(79, 25, 0, 1);call write~init~int(110, 25, 1, 1);call write~init~int(0, 25, 2, 1);call #Ultimate.allocInit(4, 26);call write~init~int(79, 26, 0, 1);call write~init~int(102, 26, 1, 1);call write~init~int(102, 26, 2, 1);call write~init~int(0, 26, 3, 1);call #Ultimate.allocInit(3, 27);call write~init~int(41, 27, 0, 1);call write~init~int(32, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(10, 28, 0, 1);call write~init~int(0, 28, 1, 1);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~cleanupTimeShifts~0 := 4;~head~0.base, ~head~0.offset := 0, 0;~pumpRunning~0 := 0;~systemActive~0 := 1; {83#true} is VALID [2022-02-20 18:06:09,970 INFO L290 TraceCheckUtils]: 1: Hoare triple {83#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret12#1, main_~retValue_acc~5#1, main_~tmp~1#1;havoc main_~retValue_acc~5#1;havoc main_~tmp~1#1;assume { :begin_inline_select_helpers } true; {83#true} is VALID [2022-02-20 18:06:09,971 INFO L290 TraceCheckUtils]: 2: Hoare triple {83#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {83#true} is VALID [2022-02-20 18:06:09,971 INFO L290 TraceCheckUtils]: 3: Hoare triple {83#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {83#true} is VALID [2022-02-20 18:06:09,972 INFO L290 TraceCheckUtils]: 4: Hoare triple {83#true} main_#t~ret12#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret12#1 && main_#t~ret12#1 <= 2147483647;main_~tmp~1#1 := main_#t~ret12#1;havoc main_#t~ret12#1; {83#true} is VALID [2022-02-20 18:06:09,973 INFO L290 TraceCheckUtils]: 5: Hoare triple {83#true} assume 0 != main_~tmp~1#1;assume { :begin_inline_setup } true; {83#true} is VALID [2022-02-20 18:06:09,973 INFO L290 TraceCheckUtils]: 6: Hoare triple {83#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet36#1, test_#t~nondet37#1, test_#t~nondet38#1, test_#t~nondet39#1, test_~splverifierCounter~0#1, test_~tmp~5#1, test_~tmp___0~1#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~5#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {83#true} is VALID [2022-02-20 18:06:09,974 INFO L290 TraceCheckUtils]: 7: Hoare triple {83#true} assume false; {84#false} is VALID [2022-02-20 18:06:09,974 INFO L272 TraceCheckUtils]: 8: Hoare triple {84#false} call cleanup(); {84#false} is VALID [2022-02-20 18:06:09,975 INFO L290 TraceCheckUtils]: 9: Hoare triple {84#false} havoc ~i~0;havoc ~__cil_tmp2~0; {84#false} is VALID [2022-02-20 18:06:09,975 INFO L272 TraceCheckUtils]: 10: Hoare triple {84#false} call timeShift(); {84#false} is VALID [2022-02-20 18:06:09,975 INFO L290 TraceCheckUtils]: 11: Hoare triple {84#false} assume !(0 != ~pumpRunning~0); {84#false} is VALID [2022-02-20 18:06:09,976 INFO L290 TraceCheckUtils]: 12: Hoare triple {84#false} assume !(0 != ~systemActive~0); {84#false} is VALID [2022-02-20 18:06:09,976 INFO L290 TraceCheckUtils]: 13: Hoare triple {84#false} assume { :begin_inline___utac_acc__Specification1_spec__1 } true;havoc __utac_acc__Specification1_spec__1_#t~ret10#1, __utac_acc__Specification1_spec__1_#t~ret11#1, __utac_acc__Specification1_spec__1_~tmp~0#1, __utac_acc__Specification1_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification1_spec__1_~tmp~0#1;havoc __utac_acc__Specification1_spec__1_~tmp___0~0#1; {84#false} is VALID [2022-02-20 18:06:09,976 INFO L272 TraceCheckUtils]: 14: Hoare triple {84#false} call __utac_acc__Specification1_spec__1_#t~ret10#1 := isMethaneLevelCritical(); {83#true} is VALID [2022-02-20 18:06:09,976 INFO L290 TraceCheckUtils]: 15: Hoare triple {83#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {83#true} is VALID [2022-02-20 18:06:09,977 INFO L290 TraceCheckUtils]: 16: Hoare triple {83#true} assume true; {83#true} is VALID [2022-02-20 18:06:09,977 INFO L284 TraceCheckUtils]: 17: Hoare quadruple {83#true} {84#false} #209#return; {84#false} is VALID [2022-02-20 18:06:09,978 INFO L290 TraceCheckUtils]: 18: Hoare triple {84#false} assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret10#1 && __utac_acc__Specification1_spec__1_#t~ret10#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp~0#1 := __utac_acc__Specification1_spec__1_#t~ret10#1;havoc __utac_acc__Specification1_spec__1_#t~ret10#1; {84#false} is VALID [2022-02-20 18:06:09,978 INFO L290 TraceCheckUtils]: 19: Hoare triple {84#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~10#1;havoc isPumpRunning_~retValue_acc~10#1;isPumpRunning_~retValue_acc~10#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~10#1; {84#false} is VALID [2022-02-20 18:06:09,978 INFO L290 TraceCheckUtils]: 20: Hoare triple {84#false} __utac_acc__Specification1_spec__1_#t~ret11#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret11#1 && __utac_acc__Specification1_spec__1_#t~ret11#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp___0~0#1 := __utac_acc__Specification1_spec__1_#t~ret11#1;havoc __utac_acc__Specification1_spec__1_#t~ret11#1; {84#false} is VALID [2022-02-20 18:06:09,979 INFO L290 TraceCheckUtils]: 21: Hoare triple {84#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp___0~0#1;assume { :begin_inline___automaton_fail } true; {84#false} is VALID [2022-02-20 18:06:09,979 INFO L290 TraceCheckUtils]: 22: Hoare triple {84#false} assume !false; {84#false} is VALID [2022-02-20 18:06:09,979 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:06:09,980 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:06:09,981 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [63344988] [2022-02-20 18:06:09,982 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [63344988] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:06:09,982 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:06:09,982 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:06:09,983 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [210770206] [2022-02-20 18:06:09,984 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:06:09,990 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2022-02-20 18:06:09,992 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:06:09,995 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:10,034 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 23 edges. 23 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:10,035 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-02-20 18:06:10,035 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:06:10,056 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-02-20 18:06:10,057 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:06:10,060 INFO L87 Difference]: Start difference. First operand has 80 states, 60 states have (on average 1.3833333333333333) internal successors, (83), 67 states have internal predecessors, (83), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) Second operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:10,154 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:10,156 INFO L93 Difference]: Finished difference Result 152 states and 205 transitions. [2022-02-20 18:06:10,158 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-02-20 18:06:10,158 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2022-02-20 18:06:10,158 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:06:10,160 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:10,185 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 205 transitions. [2022-02-20 18:06:10,185 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:10,191 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 205 transitions. [2022-02-20 18:06:10,192 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 205 transitions. [2022-02-20 18:06:10,432 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 205 edges. 205 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:10,445 INFO L225 Difference]: With dead ends: 152 [2022-02-20 18:06:10,445 INFO L226 Difference]: Without dead ends: 71 [2022-02-20 18:06:10,449 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:06:10,452 INFO L933 BasicCegarLoop]: 99 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 99 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:06:10,454 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 99 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:06:10,470 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 71 states. [2022-02-20 18:06:10,484 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 71 to 71. [2022-02-20 18:06:10,484 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:06:10,485 INFO L82 GeneralOperation]: Start isEquivalent. First operand 71 states. Second operand has 71 states, 53 states have (on average 1.3018867924528301) internal successors, (69), 59 states have internal predecessors, (69), 11 states have call successors, (11), 7 states have call predecessors, (11), 6 states have return successors, (10), 8 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 18:06:10,487 INFO L74 IsIncluded]: Start isIncluded. First operand 71 states. Second operand has 71 states, 53 states have (on average 1.3018867924528301) internal successors, (69), 59 states have internal predecessors, (69), 11 states have call successors, (11), 7 states have call predecessors, (11), 6 states have return successors, (10), 8 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 18:06:10,487 INFO L87 Difference]: Start difference. First operand 71 states. Second operand has 71 states, 53 states have (on average 1.3018867924528301) internal successors, (69), 59 states have internal predecessors, (69), 11 states have call successors, (11), 7 states have call predecessors, (11), 6 states have return successors, (10), 8 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 18:06:10,493 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:10,493 INFO L93 Difference]: Finished difference Result 71 states and 90 transitions. [2022-02-20 18:06:10,493 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 90 transitions. [2022-02-20 18:06:10,494 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:10,494 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:10,495 INFO L74 IsIncluded]: Start isIncluded. First operand has 71 states, 53 states have (on average 1.3018867924528301) internal successors, (69), 59 states have internal predecessors, (69), 11 states have call successors, (11), 7 states have call predecessors, (11), 6 states have return successors, (10), 8 states have call predecessors, (10), 10 states have call successors, (10) Second operand 71 states. [2022-02-20 18:06:10,495 INFO L87 Difference]: Start difference. First operand has 71 states, 53 states have (on average 1.3018867924528301) internal successors, (69), 59 states have internal predecessors, (69), 11 states have call successors, (11), 7 states have call predecessors, (11), 6 states have return successors, (10), 8 states have call predecessors, (10), 10 states have call successors, (10) Second operand 71 states. [2022-02-20 18:06:10,500 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:10,500 INFO L93 Difference]: Finished difference Result 71 states and 90 transitions. [2022-02-20 18:06:10,501 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 90 transitions. [2022-02-20 18:06:10,502 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:10,502 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:10,502 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:06:10,502 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:06:10,503 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 71 states, 53 states have (on average 1.3018867924528301) internal successors, (69), 59 states have internal predecessors, (69), 11 states have call successors, (11), 7 states have call predecessors, (11), 6 states have return successors, (10), 8 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 18:06:10,507 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 71 states to 71 states and 90 transitions. [2022-02-20 18:06:10,508 INFO L78 Accepts]: Start accepts. Automaton has 71 states and 90 transitions. Word has length 23 [2022-02-20 18:06:10,508 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:06:10,509 INFO L470 AbstractCegarLoop]: Abstraction has 71 states and 90 transitions. [2022-02-20 18:06:10,509 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:10,509 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 90 transitions. [2022-02-20 18:06:10,510 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2022-02-20 18:06:10,510 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:06:10,511 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:06:10,511 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-02-20 18:06:10,511 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:06:10,512 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:06:10,512 INFO L85 PathProgramCache]: Analyzing trace with hash 962070603, now seen corresponding path program 1 times [2022-02-20 18:06:10,512 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:06:10,513 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [918308924] [2022-02-20 18:06:10,513 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:06:10,513 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:06:10,534 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:10,562 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2022-02-20 18:06:10,564 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:10,566 INFO L290 TraceCheckUtils]: 0: Hoare triple {553#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {553#true} is VALID [2022-02-20 18:06:10,567 INFO L290 TraceCheckUtils]: 1: Hoare triple {553#true} assume true; {553#true} is VALID [2022-02-20 18:06:10,567 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {553#true} {554#false} #209#return; {554#false} is VALID [2022-02-20 18:06:10,567 INFO L290 TraceCheckUtils]: 0: Hoare triple {553#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(30, 9);call #Ultimate.allocInit(9, 10);call #Ultimate.allocInit(21, 11);call #Ultimate.allocInit(30, 12);call #Ultimate.allocInit(9, 13);call #Ultimate.allocInit(21, 14);call #Ultimate.allocInit(30, 15);call #Ultimate.allocInit(9, 16);call #Ultimate.allocInit(25, 17);call #Ultimate.allocInit(30, 18);call #Ultimate.allocInit(9, 19);call #Ultimate.allocInit(25, 20);call #Ultimate.allocInit(13, 21);call #Ultimate.allocInit(3, 22);call write~init~int(79, 22, 0, 1);call write~init~int(110, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(4, 23);call write~init~int(79, 23, 0, 1);call write~init~int(102, 23, 1, 1);call write~init~int(102, 23, 2, 1);call write~init~int(0, 23, 3, 1);call #Ultimate.allocInit(7, 24);call write~init~int(44, 24, 0, 1);call write~init~int(80, 24, 1, 1);call write~init~int(117, 24, 2, 1);call write~init~int(109, 24, 3, 1);call write~init~int(112, 24, 4, 1);call write~init~int(58, 24, 5, 1);call write~init~int(0, 24, 6, 1);call #Ultimate.allocInit(3, 25);call write~init~int(79, 25, 0, 1);call write~init~int(110, 25, 1, 1);call write~init~int(0, 25, 2, 1);call #Ultimate.allocInit(4, 26);call write~init~int(79, 26, 0, 1);call write~init~int(102, 26, 1, 1);call write~init~int(102, 26, 2, 1);call write~init~int(0, 26, 3, 1);call #Ultimate.allocInit(3, 27);call write~init~int(41, 27, 0, 1);call write~init~int(32, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(10, 28, 0, 1);call write~init~int(0, 28, 1, 1);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~cleanupTimeShifts~0 := 4;~head~0.base, ~head~0.offset := 0, 0;~pumpRunning~0 := 0;~systemActive~0 := 1; {553#true} is VALID [2022-02-20 18:06:10,567 INFO L290 TraceCheckUtils]: 1: Hoare triple {553#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret12#1, main_~retValue_acc~5#1, main_~tmp~1#1;havoc main_~retValue_acc~5#1;havoc main_~tmp~1#1;assume { :begin_inline_select_helpers } true; {553#true} is VALID [2022-02-20 18:06:10,568 INFO L290 TraceCheckUtils]: 2: Hoare triple {553#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {553#true} is VALID [2022-02-20 18:06:10,568 INFO L290 TraceCheckUtils]: 3: Hoare triple {553#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {553#true} is VALID [2022-02-20 18:06:10,568 INFO L290 TraceCheckUtils]: 4: Hoare triple {553#true} main_#t~ret12#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret12#1 && main_#t~ret12#1 <= 2147483647;main_~tmp~1#1 := main_#t~ret12#1;havoc main_#t~ret12#1; {553#true} is VALID [2022-02-20 18:06:10,568 INFO L290 TraceCheckUtils]: 5: Hoare triple {553#true} assume 0 != main_~tmp~1#1;assume { :begin_inline_setup } true; {553#true} is VALID [2022-02-20 18:06:10,569 INFO L290 TraceCheckUtils]: 6: Hoare triple {553#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet36#1, test_#t~nondet37#1, test_#t~nondet38#1, test_#t~nondet39#1, test_~splverifierCounter~0#1, test_~tmp~5#1, test_~tmp___0~1#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~5#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {555#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:06:10,569 INFO L290 TraceCheckUtils]: 7: Hoare triple {555#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !false; {555#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:06:10,570 INFO L290 TraceCheckUtils]: 8: Hoare triple {555#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !(test_~splverifierCounter~0#1 < 4); {554#false} is VALID [2022-02-20 18:06:10,570 INFO L272 TraceCheckUtils]: 9: Hoare triple {554#false} call cleanup(); {554#false} is VALID [2022-02-20 18:06:10,570 INFO L290 TraceCheckUtils]: 10: Hoare triple {554#false} havoc ~i~0;havoc ~__cil_tmp2~0; {554#false} is VALID [2022-02-20 18:06:10,571 INFO L272 TraceCheckUtils]: 11: Hoare triple {554#false} call timeShift(); {554#false} is VALID [2022-02-20 18:06:10,571 INFO L290 TraceCheckUtils]: 12: Hoare triple {554#false} assume !(0 != ~pumpRunning~0); {554#false} is VALID [2022-02-20 18:06:10,571 INFO L290 TraceCheckUtils]: 13: Hoare triple {554#false} assume !(0 != ~systemActive~0); {554#false} is VALID [2022-02-20 18:06:10,571 INFO L290 TraceCheckUtils]: 14: Hoare triple {554#false} assume { :begin_inline___utac_acc__Specification1_spec__1 } true;havoc __utac_acc__Specification1_spec__1_#t~ret10#1, __utac_acc__Specification1_spec__1_#t~ret11#1, __utac_acc__Specification1_spec__1_~tmp~0#1, __utac_acc__Specification1_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification1_spec__1_~tmp~0#1;havoc __utac_acc__Specification1_spec__1_~tmp___0~0#1; {554#false} is VALID [2022-02-20 18:06:10,572 INFO L272 TraceCheckUtils]: 15: Hoare triple {554#false} call __utac_acc__Specification1_spec__1_#t~ret10#1 := isMethaneLevelCritical(); {553#true} is VALID [2022-02-20 18:06:10,572 INFO L290 TraceCheckUtils]: 16: Hoare triple {553#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {553#true} is VALID [2022-02-20 18:06:10,572 INFO L290 TraceCheckUtils]: 17: Hoare triple {553#true} assume true; {553#true} is VALID [2022-02-20 18:06:10,572 INFO L284 TraceCheckUtils]: 18: Hoare quadruple {553#true} {554#false} #209#return; {554#false} is VALID [2022-02-20 18:06:10,573 INFO L290 TraceCheckUtils]: 19: Hoare triple {554#false} assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret10#1 && __utac_acc__Specification1_spec__1_#t~ret10#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp~0#1 := __utac_acc__Specification1_spec__1_#t~ret10#1;havoc __utac_acc__Specification1_spec__1_#t~ret10#1; {554#false} is VALID [2022-02-20 18:06:10,573 INFO L290 TraceCheckUtils]: 20: Hoare triple {554#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~10#1;havoc isPumpRunning_~retValue_acc~10#1;isPumpRunning_~retValue_acc~10#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~10#1; {554#false} is VALID [2022-02-20 18:06:10,573 INFO L290 TraceCheckUtils]: 21: Hoare triple {554#false} __utac_acc__Specification1_spec__1_#t~ret11#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret11#1 && __utac_acc__Specification1_spec__1_#t~ret11#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp___0~0#1 := __utac_acc__Specification1_spec__1_#t~ret11#1;havoc __utac_acc__Specification1_spec__1_#t~ret11#1; {554#false} is VALID [2022-02-20 18:06:10,573 INFO L290 TraceCheckUtils]: 22: Hoare triple {554#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp___0~0#1;assume { :begin_inline___automaton_fail } true; {554#false} is VALID [2022-02-20 18:06:10,574 INFO L290 TraceCheckUtils]: 23: Hoare triple {554#false} assume !false; {554#false} is VALID [2022-02-20 18:06:10,574 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:06:10,574 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:06:10,574 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [918308924] [2022-02-20 18:06:10,575 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [918308924] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:06:10,575 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:06:10,575 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:06:10,575 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [470395631] [2022-02-20 18:06:10,575 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:06:10,577 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2022-02-20 18:06:10,577 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:06:10,577 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:10,596 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 24 edges. 24 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:10,597 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:06:10,597 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:06:10,597 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:06:10,598 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:06:10,598 INFO L87 Difference]: Start difference. First operand 71 states and 90 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:10,670 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:10,671 INFO L93 Difference]: Finished difference Result 104 states and 130 transitions. [2022-02-20 18:06:10,671 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:06:10,671 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2022-02-20 18:06:10,672 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:06:10,672 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:10,677 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 130 transitions. [2022-02-20 18:06:10,677 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:10,680 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 130 transitions. [2022-02-20 18:06:10,682 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 130 transitions. [2022-02-20 18:06:10,786 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 130 edges. 130 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:10,793 INFO L225 Difference]: With dead ends: 104 [2022-02-20 18:06:10,793 INFO L226 Difference]: Without dead ends: 62 [2022-02-20 18:06:10,797 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:06:10,799 INFO L933 BasicCegarLoop]: 77 mSDtfsCounter, 16 mSDsluCounter, 56 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 133 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:06:10,800 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [20 Valid, 133 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:06:10,802 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 62 states. [2022-02-20 18:06:10,807 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 62 to 62. [2022-02-20 18:06:10,807 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:06:10,808 INFO L82 GeneralOperation]: Start isEquivalent. First operand 62 states. Second operand has 62 states, 47 states have (on average 1.3191489361702127) internal successors, (62), 53 states have internal predecessors, (62), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 6 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:06:10,808 INFO L74 IsIncluded]: Start isIncluded. First operand 62 states. Second operand has 62 states, 47 states have (on average 1.3191489361702127) internal successors, (62), 53 states have internal predecessors, (62), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 6 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:06:10,809 INFO L87 Difference]: Start difference. First operand 62 states. Second operand has 62 states, 47 states have (on average 1.3191489361702127) internal successors, (62), 53 states have internal predecessors, (62), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 6 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:06:10,812 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:10,812 INFO L93 Difference]: Finished difference Result 62 states and 78 transitions. [2022-02-20 18:06:10,812 INFO L276 IsEmpty]: Start isEmpty. Operand 62 states and 78 transitions. [2022-02-20 18:06:10,813 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:10,813 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:10,814 INFO L74 IsIncluded]: Start isIncluded. First operand has 62 states, 47 states have (on average 1.3191489361702127) internal successors, (62), 53 states have internal predecessors, (62), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 6 states have call predecessors, (8), 8 states have call successors, (8) Second operand 62 states. [2022-02-20 18:06:10,814 INFO L87 Difference]: Start difference. First operand has 62 states, 47 states have (on average 1.3191489361702127) internal successors, (62), 53 states have internal predecessors, (62), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 6 states have call predecessors, (8), 8 states have call successors, (8) Second operand 62 states. [2022-02-20 18:06:10,817 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:10,817 INFO L93 Difference]: Finished difference Result 62 states and 78 transitions. [2022-02-20 18:06:10,817 INFO L276 IsEmpty]: Start isEmpty. Operand 62 states and 78 transitions. [2022-02-20 18:06:10,818 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:10,818 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:10,818 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:06:10,818 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:06:10,819 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 62 states, 47 states have (on average 1.3191489361702127) internal successors, (62), 53 states have internal predecessors, (62), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 6 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:06:10,822 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 62 states to 62 states and 78 transitions. [2022-02-20 18:06:10,822 INFO L78 Accepts]: Start accepts. Automaton has 62 states and 78 transitions. Word has length 24 [2022-02-20 18:06:10,822 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:06:10,822 INFO L470 AbstractCegarLoop]: Abstraction has 62 states and 78 transitions. [2022-02-20 18:06:10,822 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:10,823 INFO L276 IsEmpty]: Start isEmpty. Operand 62 states and 78 transitions. [2022-02-20 18:06:10,823 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2022-02-20 18:06:10,827 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:06:10,827 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:06:10,827 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-02-20 18:06:10,827 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:06:10,828 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:06:10,828 INFO L85 PathProgramCache]: Analyzing trace with hash -1633759331, now seen corresponding path program 1 times [2022-02-20 18:06:10,828 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:06:10,829 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1878451431] [2022-02-20 18:06:10,829 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:06:10,829 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:06:10,854 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:10,881 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-02-20 18:06:10,883 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:10,892 INFO L290 TraceCheckUtils]: 0: Hoare triple {922#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {922#true} is VALID [2022-02-20 18:06:10,892 INFO L290 TraceCheckUtils]: 1: Hoare triple {922#true} assume true; {922#true} is VALID [2022-02-20 18:06:10,892 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {922#true} {923#false} #209#return; {923#false} is VALID [2022-02-20 18:06:10,895 INFO L290 TraceCheckUtils]: 0: Hoare triple {922#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(30, 9);call #Ultimate.allocInit(9, 10);call #Ultimate.allocInit(21, 11);call #Ultimate.allocInit(30, 12);call #Ultimate.allocInit(9, 13);call #Ultimate.allocInit(21, 14);call #Ultimate.allocInit(30, 15);call #Ultimate.allocInit(9, 16);call #Ultimate.allocInit(25, 17);call #Ultimate.allocInit(30, 18);call #Ultimate.allocInit(9, 19);call #Ultimate.allocInit(25, 20);call #Ultimate.allocInit(13, 21);call #Ultimate.allocInit(3, 22);call write~init~int(79, 22, 0, 1);call write~init~int(110, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(4, 23);call write~init~int(79, 23, 0, 1);call write~init~int(102, 23, 1, 1);call write~init~int(102, 23, 2, 1);call write~init~int(0, 23, 3, 1);call #Ultimate.allocInit(7, 24);call write~init~int(44, 24, 0, 1);call write~init~int(80, 24, 1, 1);call write~init~int(117, 24, 2, 1);call write~init~int(109, 24, 3, 1);call write~init~int(112, 24, 4, 1);call write~init~int(58, 24, 5, 1);call write~init~int(0, 24, 6, 1);call #Ultimate.allocInit(3, 25);call write~init~int(79, 25, 0, 1);call write~init~int(110, 25, 1, 1);call write~init~int(0, 25, 2, 1);call #Ultimate.allocInit(4, 26);call write~init~int(79, 26, 0, 1);call write~init~int(102, 26, 1, 1);call write~init~int(102, 26, 2, 1);call write~init~int(0, 26, 3, 1);call #Ultimate.allocInit(3, 27);call write~init~int(41, 27, 0, 1);call write~init~int(32, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(10, 28, 0, 1);call write~init~int(0, 28, 1, 1);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~cleanupTimeShifts~0 := 4;~head~0.base, ~head~0.offset := 0, 0;~pumpRunning~0 := 0;~systemActive~0 := 1; {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:10,895 INFO L290 TraceCheckUtils]: 1: Hoare triple {924#(= 1 ~systemActive~0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret12#1, main_~retValue_acc~5#1, main_~tmp~1#1;havoc main_~retValue_acc~5#1;havoc main_~tmp~1#1;assume { :begin_inline_select_helpers } true; {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:10,896 INFO L290 TraceCheckUtils]: 2: Hoare triple {924#(= 1 ~systemActive~0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:10,896 INFO L290 TraceCheckUtils]: 3: Hoare triple {924#(= 1 ~systemActive~0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:10,897 INFO L290 TraceCheckUtils]: 4: Hoare triple {924#(= 1 ~systemActive~0)} main_#t~ret12#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret12#1 && main_#t~ret12#1 <= 2147483647;main_~tmp~1#1 := main_#t~ret12#1;havoc main_#t~ret12#1; {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:10,897 INFO L290 TraceCheckUtils]: 5: Hoare triple {924#(= 1 ~systemActive~0)} assume 0 != main_~tmp~1#1;assume { :begin_inline_setup } true; {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:10,898 INFO L290 TraceCheckUtils]: 6: Hoare triple {924#(= 1 ~systemActive~0)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet36#1, test_#t~nondet37#1, test_#t~nondet38#1, test_#t~nondet39#1, test_~splverifierCounter~0#1, test_~tmp~5#1, test_~tmp___0~1#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~5#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:10,898 INFO L290 TraceCheckUtils]: 7: Hoare triple {924#(= 1 ~systemActive~0)} assume !false; {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:10,900 INFO L290 TraceCheckUtils]: 8: Hoare triple {924#(= 1 ~systemActive~0)} assume test_~splverifierCounter~0#1 < 4; {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:10,901 INFO L290 TraceCheckUtils]: 9: Hoare triple {924#(= 1 ~systemActive~0)} assume -2147483648 <= test_#t~nondet36#1 && test_#t~nondet36#1 <= 2147483647;test_~tmp~5#1 := test_#t~nondet36#1;havoc test_#t~nondet36#1; {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:10,901 INFO L290 TraceCheckUtils]: 10: Hoare triple {924#(= 1 ~systemActive~0)} assume !(0 != test_~tmp~5#1); {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:10,902 INFO L290 TraceCheckUtils]: 11: Hoare triple {924#(= 1 ~systemActive~0)} assume -2147483648 <= test_#t~nondet37#1 && test_#t~nondet37#1 <= 2147483647;test_~tmp___0~1#1 := test_#t~nondet37#1;havoc test_#t~nondet37#1; {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:10,903 INFO L290 TraceCheckUtils]: 12: Hoare triple {924#(= 1 ~systemActive~0)} assume !(0 != test_~tmp___0~1#1); {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:10,903 INFO L290 TraceCheckUtils]: 13: Hoare triple {924#(= 1 ~systemActive~0)} assume -2147483648 <= test_#t~nondet38#1 && test_#t~nondet38#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet38#1;havoc test_#t~nondet38#1; {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:10,904 INFO L290 TraceCheckUtils]: 14: Hoare triple {924#(= 1 ~systemActive~0)} assume 0 != test_~tmp___2~0#1; {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:10,904 INFO L272 TraceCheckUtils]: 15: Hoare triple {924#(= 1 ~systemActive~0)} call timeShift(); {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:10,905 INFO L290 TraceCheckUtils]: 16: Hoare triple {924#(= 1 ~systemActive~0)} assume !(0 != ~pumpRunning~0); {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:06:10,905 INFO L290 TraceCheckUtils]: 17: Hoare triple {924#(= 1 ~systemActive~0)} assume !(0 != ~systemActive~0); {923#false} is VALID [2022-02-20 18:06:10,905 INFO L290 TraceCheckUtils]: 18: Hoare triple {923#false} assume { :begin_inline___utac_acc__Specification1_spec__1 } true;havoc __utac_acc__Specification1_spec__1_#t~ret10#1, __utac_acc__Specification1_spec__1_#t~ret11#1, __utac_acc__Specification1_spec__1_~tmp~0#1, __utac_acc__Specification1_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification1_spec__1_~tmp~0#1;havoc __utac_acc__Specification1_spec__1_~tmp___0~0#1; {923#false} is VALID [2022-02-20 18:06:10,906 INFO L272 TraceCheckUtils]: 19: Hoare triple {923#false} call __utac_acc__Specification1_spec__1_#t~ret10#1 := isMethaneLevelCritical(); {922#true} is VALID [2022-02-20 18:06:10,906 INFO L290 TraceCheckUtils]: 20: Hoare triple {922#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {922#true} is VALID [2022-02-20 18:06:10,906 INFO L290 TraceCheckUtils]: 21: Hoare triple {922#true} assume true; {922#true} is VALID [2022-02-20 18:06:10,906 INFO L284 TraceCheckUtils]: 22: Hoare quadruple {922#true} {923#false} #209#return; {923#false} is VALID [2022-02-20 18:06:10,906 INFO L290 TraceCheckUtils]: 23: Hoare triple {923#false} assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret10#1 && __utac_acc__Specification1_spec__1_#t~ret10#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp~0#1 := __utac_acc__Specification1_spec__1_#t~ret10#1;havoc __utac_acc__Specification1_spec__1_#t~ret10#1; {923#false} is VALID [2022-02-20 18:06:10,918 INFO L290 TraceCheckUtils]: 24: Hoare triple {923#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~10#1;havoc isPumpRunning_~retValue_acc~10#1;isPumpRunning_~retValue_acc~10#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~10#1; {923#false} is VALID [2022-02-20 18:06:10,918 INFO L290 TraceCheckUtils]: 25: Hoare triple {923#false} __utac_acc__Specification1_spec__1_#t~ret11#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret11#1 && __utac_acc__Specification1_spec__1_#t~ret11#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp___0~0#1 := __utac_acc__Specification1_spec__1_#t~ret11#1;havoc __utac_acc__Specification1_spec__1_#t~ret11#1; {923#false} is VALID [2022-02-20 18:06:10,919 INFO L290 TraceCheckUtils]: 26: Hoare triple {923#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp___0~0#1;assume { :begin_inline___automaton_fail } true; {923#false} is VALID [2022-02-20 18:06:10,919 INFO L290 TraceCheckUtils]: 27: Hoare triple {923#false} assume !false; {923#false} is VALID [2022-02-20 18:06:10,919 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:06:10,920 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:06:10,920 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1878451431] [2022-02-20 18:06:10,920 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1878451431] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:06:10,920 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:06:10,921 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:06:10,921 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2033007426] [2022-02-20 18:06:10,922 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:06:10,922 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 28 [2022-02-20 18:06:10,924 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:06:10,924 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:10,948 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 28 edges. 28 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:10,949 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:06:10,949 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:06:10,949 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:06:10,950 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:06:10,950 INFO L87 Difference]: Start difference. First operand 62 states and 78 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:11,087 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:11,088 INFO L93 Difference]: Finished difference Result 171 states and 220 transitions. [2022-02-20 18:06:11,088 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:06:11,088 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 28 [2022-02-20 18:06:11,089 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:06:11,089 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:11,093 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 220 transitions. [2022-02-20 18:06:11,093 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:11,097 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 220 transitions. [2022-02-20 18:06:11,097 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 220 transitions. [2022-02-20 18:06:11,277 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 220 edges. 220 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:11,281 INFO L225 Difference]: With dead ends: 171 [2022-02-20 18:06:11,281 INFO L226 Difference]: Without dead ends: 116 [2022-02-20 18:06:11,282 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:06:11,282 INFO L933 BasicCegarLoop]: 98 mSDtfsCounter, 58 mSDsluCounter, 68 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 58 SdHoareTripleChecker+Valid, 166 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:06:11,283 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [58 Valid, 166 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:06:11,284 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 116 states. [2022-02-20 18:06:11,297 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 116 to 113. [2022-02-20 18:06:11,297 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:06:11,298 INFO L82 GeneralOperation]: Start isEquivalent. First operand 116 states. Second operand has 113 states, 84 states have (on average 1.3452380952380953) internal successors, (113), 95 states have internal predecessors, (113), 16 states have call successors, (16), 12 states have call predecessors, (16), 12 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2022-02-20 18:06:11,299 INFO L74 IsIncluded]: Start isIncluded. First operand 116 states. Second operand has 113 states, 84 states have (on average 1.3452380952380953) internal successors, (113), 95 states have internal predecessors, (113), 16 states have call successors, (16), 12 states have call predecessors, (16), 12 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2022-02-20 18:06:11,300 INFO L87 Difference]: Start difference. First operand 116 states. Second operand has 113 states, 84 states have (on average 1.3452380952380953) internal successors, (113), 95 states have internal predecessors, (113), 16 states have call successors, (16), 12 states have call predecessors, (16), 12 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2022-02-20 18:06:11,307 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:11,307 INFO L93 Difference]: Finished difference Result 116 states and 147 transitions. [2022-02-20 18:06:11,307 INFO L276 IsEmpty]: Start isEmpty. Operand 116 states and 147 transitions. [2022-02-20 18:06:11,309 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:11,309 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:11,309 INFO L74 IsIncluded]: Start isIncluded. First operand has 113 states, 84 states have (on average 1.3452380952380953) internal successors, (113), 95 states have internal predecessors, (113), 16 states have call successors, (16), 12 states have call predecessors, (16), 12 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) Second operand 116 states. [2022-02-20 18:06:11,311 INFO L87 Difference]: Start difference. First operand has 113 states, 84 states have (on average 1.3452380952380953) internal successors, (113), 95 states have internal predecessors, (113), 16 states have call successors, (16), 12 states have call predecessors, (16), 12 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) Second operand 116 states. [2022-02-20 18:06:11,320 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:11,320 INFO L93 Difference]: Finished difference Result 116 states and 147 transitions. [2022-02-20 18:06:11,320 INFO L276 IsEmpty]: Start isEmpty. Operand 116 states and 147 transitions. [2022-02-20 18:06:11,321 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:11,321 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:11,321 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:06:11,321 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:06:11,322 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 113 states, 84 states have (on average 1.3452380952380953) internal successors, (113), 95 states have internal predecessors, (113), 16 states have call successors, (16), 12 states have call predecessors, (16), 12 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2022-02-20 18:06:11,327 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 113 states to 113 states and 145 transitions. [2022-02-20 18:06:11,327 INFO L78 Accepts]: Start accepts. Automaton has 113 states and 145 transitions. Word has length 28 [2022-02-20 18:06:11,327 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:06:11,327 INFO L470 AbstractCegarLoop]: Abstraction has 113 states and 145 transitions. [2022-02-20 18:06:11,328 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:06:11,328 INFO L276 IsEmpty]: Start isEmpty. Operand 113 states and 145 transitions. [2022-02-20 18:06:11,329 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-02-20 18:06:11,329 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:06:11,329 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:06:11,329 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-02-20 18:06:11,329 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:06:11,330 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:06:11,330 INFO L85 PathProgramCache]: Analyzing trace with hash -1210161126, now seen corresponding path program 1 times [2022-02-20 18:06:11,330 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:06:11,331 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1704392827] [2022-02-20 18:06:11,331 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:06:11,331 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:06:11,375 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:11,445 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-02-20 18:06:11,448 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:11,455 INFO L290 TraceCheckUtils]: 0: Hoare triple {1562#true} assume true; {1562#true} is VALID [2022-02-20 18:06:11,456 INFO L284 TraceCheckUtils]: 1: Hoare quadruple {1562#true} {1564#(= ~methaneLevelCritical~0 0)} #207#return; {1564#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:11,457 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-02-20 18:06:11,460 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:11,470 INFO L290 TraceCheckUtils]: 0: Hoare triple {1562#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {1572#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} is VALID [2022-02-20 18:06:11,471 INFO L290 TraceCheckUtils]: 1: Hoare triple {1572#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} assume true; {1572#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} is VALID [2022-02-20 18:06:11,471 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1572#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} {1564#(= ~methaneLevelCritical~0 0)} #209#return; {1570#(= |timeShift___utac_acc__Specification1_spec__1_#t~ret10#1| 0)} is VALID [2022-02-20 18:06:11,472 INFO L290 TraceCheckUtils]: 0: Hoare triple {1562#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(30, 9);call #Ultimate.allocInit(9, 10);call #Ultimate.allocInit(21, 11);call #Ultimate.allocInit(30, 12);call #Ultimate.allocInit(9, 13);call #Ultimate.allocInit(21, 14);call #Ultimate.allocInit(30, 15);call #Ultimate.allocInit(9, 16);call #Ultimate.allocInit(25, 17);call #Ultimate.allocInit(30, 18);call #Ultimate.allocInit(9, 19);call #Ultimate.allocInit(25, 20);call #Ultimate.allocInit(13, 21);call #Ultimate.allocInit(3, 22);call write~init~int(79, 22, 0, 1);call write~init~int(110, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(4, 23);call write~init~int(79, 23, 0, 1);call write~init~int(102, 23, 1, 1);call write~init~int(102, 23, 2, 1);call write~init~int(0, 23, 3, 1);call #Ultimate.allocInit(7, 24);call write~init~int(44, 24, 0, 1);call write~init~int(80, 24, 1, 1);call write~init~int(117, 24, 2, 1);call write~init~int(109, 24, 3, 1);call write~init~int(112, 24, 4, 1);call write~init~int(58, 24, 5, 1);call write~init~int(0, 24, 6, 1);call #Ultimate.allocInit(3, 25);call write~init~int(79, 25, 0, 1);call write~init~int(110, 25, 1, 1);call write~init~int(0, 25, 2, 1);call #Ultimate.allocInit(4, 26);call write~init~int(79, 26, 0, 1);call write~init~int(102, 26, 1, 1);call write~init~int(102, 26, 2, 1);call write~init~int(0, 26, 3, 1);call #Ultimate.allocInit(3, 27);call write~init~int(41, 27, 0, 1);call write~init~int(32, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(10, 28, 0, 1);call write~init~int(0, 28, 1, 1);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~cleanupTimeShifts~0 := 4;~head~0.base, ~head~0.offset := 0, 0;~pumpRunning~0 := 0;~systemActive~0 := 1; {1564#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:11,472 INFO L290 TraceCheckUtils]: 1: Hoare triple {1564#(= ~methaneLevelCritical~0 0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret12#1, main_~retValue_acc~5#1, main_~tmp~1#1;havoc main_~retValue_acc~5#1;havoc main_~tmp~1#1;assume { :begin_inline_select_helpers } true; {1564#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:11,473 INFO L290 TraceCheckUtils]: 2: Hoare triple {1564#(= ~methaneLevelCritical~0 0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1564#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:11,473 INFO L290 TraceCheckUtils]: 3: Hoare triple {1564#(= ~methaneLevelCritical~0 0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {1564#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:11,474 INFO L290 TraceCheckUtils]: 4: Hoare triple {1564#(= ~methaneLevelCritical~0 0)} main_#t~ret12#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret12#1 && main_#t~ret12#1 <= 2147483647;main_~tmp~1#1 := main_#t~ret12#1;havoc main_#t~ret12#1; {1564#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:11,474 INFO L290 TraceCheckUtils]: 5: Hoare triple {1564#(= ~methaneLevelCritical~0 0)} assume 0 != main_~tmp~1#1;assume { :begin_inline_setup } true; {1564#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:11,474 INFO L290 TraceCheckUtils]: 6: Hoare triple {1564#(= ~methaneLevelCritical~0 0)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet36#1, test_#t~nondet37#1, test_#t~nondet38#1, test_#t~nondet39#1, test_~splverifierCounter~0#1, test_~tmp~5#1, test_~tmp___0~1#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~5#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {1564#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:11,476 INFO L290 TraceCheckUtils]: 7: Hoare triple {1564#(= ~methaneLevelCritical~0 0)} assume !false; {1564#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:11,477 INFO L290 TraceCheckUtils]: 8: Hoare triple {1564#(= ~methaneLevelCritical~0 0)} assume test_~splverifierCounter~0#1 < 4; {1564#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:11,477 INFO L290 TraceCheckUtils]: 9: Hoare triple {1564#(= ~methaneLevelCritical~0 0)} assume -2147483648 <= test_#t~nondet36#1 && test_#t~nondet36#1 <= 2147483647;test_~tmp~5#1 := test_#t~nondet36#1;havoc test_#t~nondet36#1; {1564#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:11,478 INFO L290 TraceCheckUtils]: 10: Hoare triple {1564#(= ~methaneLevelCritical~0 0)} assume !(0 != test_~tmp~5#1); {1564#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:11,478 INFO L290 TraceCheckUtils]: 11: Hoare triple {1564#(= ~methaneLevelCritical~0 0)} assume -2147483648 <= test_#t~nondet37#1 && test_#t~nondet37#1 <= 2147483647;test_~tmp___0~1#1 := test_#t~nondet37#1;havoc test_#t~nondet37#1; {1564#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:11,479 INFO L290 TraceCheckUtils]: 12: Hoare triple {1564#(= ~methaneLevelCritical~0 0)} assume !(0 != test_~tmp___0~1#1); {1564#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:11,479 INFO L290 TraceCheckUtils]: 13: Hoare triple {1564#(= ~methaneLevelCritical~0 0)} assume -2147483648 <= test_#t~nondet38#1 && test_#t~nondet38#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet38#1;havoc test_#t~nondet38#1; {1564#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:11,482 INFO L290 TraceCheckUtils]: 14: Hoare triple {1564#(= ~methaneLevelCritical~0 0)} assume 0 != test_~tmp___2~0#1; {1564#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:11,483 INFO L272 TraceCheckUtils]: 15: Hoare triple {1564#(= ~methaneLevelCritical~0 0)} call timeShift(); {1564#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:11,487 INFO L290 TraceCheckUtils]: 16: Hoare triple {1564#(= ~methaneLevelCritical~0 0)} assume !(0 != ~pumpRunning~0); {1564#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:11,488 INFO L290 TraceCheckUtils]: 17: Hoare triple {1564#(= ~methaneLevelCritical~0 0)} assume 0 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret40#1, processEnvironment_~tmp~6#1;havoc processEnvironment_~tmp~6#1; {1564#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:11,488 INFO L290 TraceCheckUtils]: 18: Hoare triple {1564#(= ~methaneLevelCritical~0 0)} assume !(0 != ~pumpRunning~0); {1564#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:11,488 INFO L272 TraceCheckUtils]: 19: Hoare triple {1564#(= ~methaneLevelCritical~0 0)} call processEnvironment__wrappee__base(); {1562#true} is VALID [2022-02-20 18:06:11,489 INFO L290 TraceCheckUtils]: 20: Hoare triple {1562#true} assume true; {1562#true} is VALID [2022-02-20 18:06:11,489 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {1562#true} {1564#(= ~methaneLevelCritical~0 0)} #207#return; {1564#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:11,491 INFO L290 TraceCheckUtils]: 22: Hoare triple {1564#(= ~methaneLevelCritical~0 0)} assume { :end_inline_processEnvironment } true; {1564#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:11,491 INFO L290 TraceCheckUtils]: 23: Hoare triple {1564#(= ~methaneLevelCritical~0 0)} assume { :begin_inline___utac_acc__Specification1_spec__1 } true;havoc __utac_acc__Specification1_spec__1_#t~ret10#1, __utac_acc__Specification1_spec__1_#t~ret11#1, __utac_acc__Specification1_spec__1_~tmp~0#1, __utac_acc__Specification1_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification1_spec__1_~tmp~0#1;havoc __utac_acc__Specification1_spec__1_~tmp___0~0#1; {1564#(= ~methaneLevelCritical~0 0)} is VALID [2022-02-20 18:06:11,491 INFO L272 TraceCheckUtils]: 24: Hoare triple {1564#(= ~methaneLevelCritical~0 0)} call __utac_acc__Specification1_spec__1_#t~ret10#1 := isMethaneLevelCritical(); {1562#true} is VALID [2022-02-20 18:06:11,495 INFO L290 TraceCheckUtils]: 25: Hoare triple {1562#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {1572#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} is VALID [2022-02-20 18:06:11,496 INFO L290 TraceCheckUtils]: 26: Hoare triple {1572#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} assume true; {1572#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} is VALID [2022-02-20 18:06:11,504 INFO L284 TraceCheckUtils]: 27: Hoare quadruple {1572#(= |isMethaneLevelCritical_#res| ~methaneLevelCritical~0)} {1564#(= ~methaneLevelCritical~0 0)} #209#return; {1570#(= |timeShift___utac_acc__Specification1_spec__1_#t~ret10#1| 0)} is VALID [2022-02-20 18:06:11,505 INFO L290 TraceCheckUtils]: 28: Hoare triple {1570#(= |timeShift___utac_acc__Specification1_spec__1_#t~ret10#1| 0)} assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret10#1 && __utac_acc__Specification1_spec__1_#t~ret10#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp~0#1 := __utac_acc__Specification1_spec__1_#t~ret10#1;havoc __utac_acc__Specification1_spec__1_#t~ret10#1; {1571#(= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 0)} is VALID [2022-02-20 18:06:11,506 INFO L290 TraceCheckUtils]: 29: Hoare triple {1571#(= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 0)} assume 0 != __utac_acc__Specification1_spec__1_~tmp~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~10#1;havoc isPumpRunning_~retValue_acc~10#1;isPumpRunning_~retValue_acc~10#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~10#1; {1563#false} is VALID [2022-02-20 18:06:11,506 INFO L290 TraceCheckUtils]: 30: Hoare triple {1563#false} __utac_acc__Specification1_spec__1_#t~ret11#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret11#1 && __utac_acc__Specification1_spec__1_#t~ret11#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp___0~0#1 := __utac_acc__Specification1_spec__1_#t~ret11#1;havoc __utac_acc__Specification1_spec__1_#t~ret11#1; {1563#false} is VALID [2022-02-20 18:06:11,506 INFO L290 TraceCheckUtils]: 31: Hoare triple {1563#false} assume 0 != __utac_acc__Specification1_spec__1_~tmp___0~0#1;assume { :begin_inline___automaton_fail } true; {1563#false} is VALID [2022-02-20 18:06:11,506 INFO L290 TraceCheckUtils]: 32: Hoare triple {1563#false} assume !false; {1563#false} is VALID [2022-02-20 18:06:11,507 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:06:11,507 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:06:11,507 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1704392827] [2022-02-20 18:06:11,507 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1704392827] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:06:11,507 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:06:11,507 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 18:06:11,507 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1117884395] [2022-02-20 18:06:11,508 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:06:11,508 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2022-02-20 18:06:11,508 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:06:11,508 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:06:11,535 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 33 edges. 33 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:11,536 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 18:06:11,536 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:06:11,537 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 18:06:11,537 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 18:06:11,537 INFO L87 Difference]: Start difference. First operand 113 states and 145 transitions. Second operand has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:06:11,838 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:11,838 INFO L93 Difference]: Finished difference Result 325 states and 426 transitions. [2022-02-20 18:06:11,839 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-20 18:06:11,839 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2022-02-20 18:06:11,839 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:06:11,839 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:06:11,843 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 222 transitions. [2022-02-20 18:06:11,844 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:06:11,847 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 222 transitions. [2022-02-20 18:06:11,847 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 222 transitions. [2022-02-20 18:06:12,018 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 222 edges. 222 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:12,027 INFO L225 Difference]: With dead ends: 325 [2022-02-20 18:06:12,027 INFO L226 Difference]: Without dead ends: 219 [2022-02-20 18:06:12,028 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-02-20 18:06:12,029 INFO L933 BasicCegarLoop]: 83 mSDtfsCounter, 51 mSDsluCounter, 292 mSDsCounter, 0 mSdLazyCounter, 40 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 53 SdHoareTripleChecker+Valid, 375 SdHoareTripleChecker+Invalid, 44 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 40 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:06:12,029 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [53 Valid, 375 Invalid, 44 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 40 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:06:12,030 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 219 states. [2022-02-20 18:06:12,045 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 219 to 213. [2022-02-20 18:06:12,045 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:06:12,046 INFO L82 GeneralOperation]: Start isEquivalent. First operand 219 states. Second operand has 213 states, 156 states have (on average 1.3333333333333333) internal successors, (208), 177 states have internal predecessors, (208), 32 states have call successors, (32), 24 states have call predecessors, (32), 24 states have return successors, (34), 22 states have call predecessors, (34), 32 states have call successors, (34) [2022-02-20 18:06:12,046 INFO L74 IsIncluded]: Start isIncluded. First operand 219 states. Second operand has 213 states, 156 states have (on average 1.3333333333333333) internal successors, (208), 177 states have internal predecessors, (208), 32 states have call successors, (32), 24 states have call predecessors, (32), 24 states have return successors, (34), 22 states have call predecessors, (34), 32 states have call successors, (34) [2022-02-20 18:06:12,047 INFO L87 Difference]: Start difference. First operand 219 states. Second operand has 213 states, 156 states have (on average 1.3333333333333333) internal successors, (208), 177 states have internal predecessors, (208), 32 states have call successors, (32), 24 states have call predecessors, (32), 24 states have return successors, (34), 22 states have call predecessors, (34), 32 states have call successors, (34) [2022-02-20 18:06:12,056 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:12,056 INFO L93 Difference]: Finished difference Result 219 states and 280 transitions. [2022-02-20 18:06:12,056 INFO L276 IsEmpty]: Start isEmpty. Operand 219 states and 280 transitions. [2022-02-20 18:06:12,057 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:12,057 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:12,058 INFO L74 IsIncluded]: Start isIncluded. First operand has 213 states, 156 states have (on average 1.3333333333333333) internal successors, (208), 177 states have internal predecessors, (208), 32 states have call successors, (32), 24 states have call predecessors, (32), 24 states have return successors, (34), 22 states have call predecessors, (34), 32 states have call successors, (34) Second operand 219 states. [2022-02-20 18:06:12,058 INFO L87 Difference]: Start difference. First operand has 213 states, 156 states have (on average 1.3333333333333333) internal successors, (208), 177 states have internal predecessors, (208), 32 states have call successors, (32), 24 states have call predecessors, (32), 24 states have return successors, (34), 22 states have call predecessors, (34), 32 states have call successors, (34) Second operand 219 states. [2022-02-20 18:06:12,067 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:12,068 INFO L93 Difference]: Finished difference Result 219 states and 280 transitions. [2022-02-20 18:06:12,068 INFO L276 IsEmpty]: Start isEmpty. Operand 219 states and 280 transitions. [2022-02-20 18:06:12,068 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:12,068 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:12,069 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:06:12,069 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:06:12,069 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 213 states, 156 states have (on average 1.3333333333333333) internal successors, (208), 177 states have internal predecessors, (208), 32 states have call successors, (32), 24 states have call predecessors, (32), 24 states have return successors, (34), 22 states have call predecessors, (34), 32 states have call successors, (34) [2022-02-20 18:06:12,078 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 213 states to 213 states and 274 transitions. [2022-02-20 18:06:12,078 INFO L78 Accepts]: Start accepts. Automaton has 213 states and 274 transitions. Word has length 33 [2022-02-20 18:06:12,078 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:06:12,078 INFO L470 AbstractCegarLoop]: Abstraction has 213 states and 274 transitions. [2022-02-20 18:06:12,079 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:06:12,079 INFO L276 IsEmpty]: Start isEmpty. Operand 213 states and 274 transitions. [2022-02-20 18:06:12,079 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2022-02-20 18:06:12,080 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:06:12,080 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:06:12,080 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-02-20 18:06:12,080 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:06:12,080 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:06:12,080 INFO L85 PathProgramCache]: Analyzing trace with hash -618871306, now seen corresponding path program 1 times [2022-02-20 18:06:12,081 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:06:12,081 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1533084662] [2022-02-20 18:06:12,081 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:06:12,081 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:06:12,101 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:12,137 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-02-20 18:06:12,139 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:12,142 INFO L290 TraceCheckUtils]: 0: Hoare triple {2791#(= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)} assume !(0 != ~methaneLevelCritical~0);~methaneLevelCritical~0 := 1; {2778#true} is VALID [2022-02-20 18:06:12,142 INFO L290 TraceCheckUtils]: 1: Hoare triple {2778#true} assume true; {2778#true} is VALID [2022-02-20 18:06:12,143 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {2778#true} {2780#(= ~pumpRunning~0 0)} #217#return; {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,143 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-02-20 18:06:12,143 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:12,145 INFO L290 TraceCheckUtils]: 0: Hoare triple {2778#true} assume true; {2778#true} is VALID [2022-02-20 18:06:12,146 INFO L284 TraceCheckUtils]: 1: Hoare quadruple {2778#true} {2780#(= ~pumpRunning~0 0)} #207#return; {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,146 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-02-20 18:06:12,147 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:06:12,149 INFO L290 TraceCheckUtils]: 0: Hoare triple {2778#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {2778#true} is VALID [2022-02-20 18:06:12,149 INFO L290 TraceCheckUtils]: 1: Hoare triple {2778#true} assume true; {2778#true} is VALID [2022-02-20 18:06:12,150 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {2778#true} {2780#(= ~pumpRunning~0 0)} #209#return; {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,150 INFO L290 TraceCheckUtils]: 0: Hoare triple {2778#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(30, 9);call #Ultimate.allocInit(9, 10);call #Ultimate.allocInit(21, 11);call #Ultimate.allocInit(30, 12);call #Ultimate.allocInit(9, 13);call #Ultimate.allocInit(21, 14);call #Ultimate.allocInit(30, 15);call #Ultimate.allocInit(9, 16);call #Ultimate.allocInit(25, 17);call #Ultimate.allocInit(30, 18);call #Ultimate.allocInit(9, 19);call #Ultimate.allocInit(25, 20);call #Ultimate.allocInit(13, 21);call #Ultimate.allocInit(3, 22);call write~init~int(79, 22, 0, 1);call write~init~int(110, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(4, 23);call write~init~int(79, 23, 0, 1);call write~init~int(102, 23, 1, 1);call write~init~int(102, 23, 2, 1);call write~init~int(0, 23, 3, 1);call #Ultimate.allocInit(7, 24);call write~init~int(44, 24, 0, 1);call write~init~int(80, 24, 1, 1);call write~init~int(117, 24, 2, 1);call write~init~int(109, 24, 3, 1);call write~init~int(112, 24, 4, 1);call write~init~int(58, 24, 5, 1);call write~init~int(0, 24, 6, 1);call #Ultimate.allocInit(3, 25);call write~init~int(79, 25, 0, 1);call write~init~int(110, 25, 1, 1);call write~init~int(0, 25, 2, 1);call #Ultimate.allocInit(4, 26);call write~init~int(79, 26, 0, 1);call write~init~int(102, 26, 1, 1);call write~init~int(102, 26, 2, 1);call write~init~int(0, 26, 3, 1);call #Ultimate.allocInit(3, 27);call write~init~int(41, 27, 0, 1);call write~init~int(32, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(10, 28, 0, 1);call write~init~int(0, 28, 1, 1);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~cleanupTimeShifts~0 := 4;~head~0.base, ~head~0.offset := 0, 0;~pumpRunning~0 := 0;~systemActive~0 := 1; {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,151 INFO L290 TraceCheckUtils]: 1: Hoare triple {2780#(= ~pumpRunning~0 0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret12#1, main_~retValue_acc~5#1, main_~tmp~1#1;havoc main_~retValue_acc~5#1;havoc main_~tmp~1#1;assume { :begin_inline_select_helpers } true; {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,151 INFO L290 TraceCheckUtils]: 2: Hoare triple {2780#(= ~pumpRunning~0 0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,152 INFO L290 TraceCheckUtils]: 3: Hoare triple {2780#(= ~pumpRunning~0 0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,152 INFO L290 TraceCheckUtils]: 4: Hoare triple {2780#(= ~pumpRunning~0 0)} main_#t~ret12#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret12#1 && main_#t~ret12#1 <= 2147483647;main_~tmp~1#1 := main_#t~ret12#1;havoc main_#t~ret12#1; {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,152 INFO L290 TraceCheckUtils]: 5: Hoare triple {2780#(= ~pumpRunning~0 0)} assume 0 != main_~tmp~1#1;assume { :begin_inline_setup } true; {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,153 INFO L290 TraceCheckUtils]: 6: Hoare triple {2780#(= ~pumpRunning~0 0)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet36#1, test_#t~nondet37#1, test_#t~nondet38#1, test_#t~nondet39#1, test_~splverifierCounter~0#1, test_~tmp~5#1, test_~tmp___0~1#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~5#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,153 INFO L290 TraceCheckUtils]: 7: Hoare triple {2780#(= ~pumpRunning~0 0)} assume !false; {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,153 INFO L290 TraceCheckUtils]: 8: Hoare triple {2780#(= ~pumpRunning~0 0)} assume test_~splverifierCounter~0#1 < 4; {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,154 INFO L290 TraceCheckUtils]: 9: Hoare triple {2780#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet36#1 && test_#t~nondet36#1 <= 2147483647;test_~tmp~5#1 := test_#t~nondet36#1;havoc test_#t~nondet36#1; {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,154 INFO L290 TraceCheckUtils]: 10: Hoare triple {2780#(= ~pumpRunning~0 0)} assume !(0 != test_~tmp~5#1); {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,154 INFO L290 TraceCheckUtils]: 11: Hoare triple {2780#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet37#1 && test_#t~nondet37#1 <= 2147483647;test_~tmp___0~1#1 := test_#t~nondet37#1;havoc test_#t~nondet37#1; {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,155 INFO L290 TraceCheckUtils]: 12: Hoare triple {2780#(= ~pumpRunning~0 0)} assume 0 != test_~tmp___0~1#1; {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,155 INFO L272 TraceCheckUtils]: 13: Hoare triple {2780#(= ~pumpRunning~0 0)} call changeMethaneLevel(); {2791#(= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)} is VALID [2022-02-20 18:06:12,155 INFO L290 TraceCheckUtils]: 14: Hoare triple {2791#(= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)} assume !(0 != ~methaneLevelCritical~0);~methaneLevelCritical~0 := 1; {2778#true} is VALID [2022-02-20 18:06:12,155 INFO L290 TraceCheckUtils]: 15: Hoare triple {2778#true} assume true; {2778#true} is VALID [2022-02-20 18:06:12,156 INFO L284 TraceCheckUtils]: 16: Hoare quadruple {2778#true} {2780#(= ~pumpRunning~0 0)} #217#return; {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,156 INFO L290 TraceCheckUtils]: 17: Hoare triple {2780#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet38#1 && test_#t~nondet38#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet38#1;havoc test_#t~nondet38#1; {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,157 INFO L290 TraceCheckUtils]: 18: Hoare triple {2780#(= ~pumpRunning~0 0)} assume 0 != test_~tmp___2~0#1; {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,157 INFO L272 TraceCheckUtils]: 19: Hoare triple {2780#(= ~pumpRunning~0 0)} call timeShift(); {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,157 INFO L290 TraceCheckUtils]: 20: Hoare triple {2780#(= ~pumpRunning~0 0)} assume !(0 != ~pumpRunning~0); {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,158 INFO L290 TraceCheckUtils]: 21: Hoare triple {2780#(= ~pumpRunning~0 0)} assume 0 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret40#1, processEnvironment_~tmp~6#1;havoc processEnvironment_~tmp~6#1; {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,158 INFO L290 TraceCheckUtils]: 22: Hoare triple {2780#(= ~pumpRunning~0 0)} assume !(0 != ~pumpRunning~0); {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,158 INFO L272 TraceCheckUtils]: 23: Hoare triple {2780#(= ~pumpRunning~0 0)} call processEnvironment__wrappee__base(); {2778#true} is VALID [2022-02-20 18:06:12,158 INFO L290 TraceCheckUtils]: 24: Hoare triple {2778#true} assume true; {2778#true} is VALID [2022-02-20 18:06:12,159 INFO L284 TraceCheckUtils]: 25: Hoare quadruple {2778#true} {2780#(= ~pumpRunning~0 0)} #207#return; {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,159 INFO L290 TraceCheckUtils]: 26: Hoare triple {2780#(= ~pumpRunning~0 0)} assume { :end_inline_processEnvironment } true; {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,159 INFO L290 TraceCheckUtils]: 27: Hoare triple {2780#(= ~pumpRunning~0 0)} assume { :begin_inline___utac_acc__Specification1_spec__1 } true;havoc __utac_acc__Specification1_spec__1_#t~ret10#1, __utac_acc__Specification1_spec__1_#t~ret11#1, __utac_acc__Specification1_spec__1_~tmp~0#1, __utac_acc__Specification1_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification1_spec__1_~tmp~0#1;havoc __utac_acc__Specification1_spec__1_~tmp___0~0#1; {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,159 INFO L272 TraceCheckUtils]: 28: Hoare triple {2780#(= ~pumpRunning~0 0)} call __utac_acc__Specification1_spec__1_#t~ret10#1 := isMethaneLevelCritical(); {2778#true} is VALID [2022-02-20 18:06:12,160 INFO L290 TraceCheckUtils]: 29: Hoare triple {2778#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {2778#true} is VALID [2022-02-20 18:06:12,160 INFO L290 TraceCheckUtils]: 30: Hoare triple {2778#true} assume true; {2778#true} is VALID [2022-02-20 18:06:12,160 INFO L284 TraceCheckUtils]: 31: Hoare quadruple {2778#true} {2780#(= ~pumpRunning~0 0)} #209#return; {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,161 INFO L290 TraceCheckUtils]: 32: Hoare triple {2780#(= ~pumpRunning~0 0)} assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret10#1 && __utac_acc__Specification1_spec__1_#t~ret10#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp~0#1 := __utac_acc__Specification1_spec__1_#t~ret10#1;havoc __utac_acc__Specification1_spec__1_#t~ret10#1; {2780#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:06:12,161 INFO L290 TraceCheckUtils]: 33: Hoare triple {2780#(= ~pumpRunning~0 0)} assume 0 != __utac_acc__Specification1_spec__1_~tmp~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~10#1;havoc isPumpRunning_~retValue_acc~10#1;isPumpRunning_~retValue_acc~10#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~10#1; {2789#(= |timeShift_isPumpRunning_#res#1| 0)} is VALID [2022-02-20 18:06:12,162 INFO L290 TraceCheckUtils]: 34: Hoare triple {2789#(= |timeShift_isPumpRunning_#res#1| 0)} __utac_acc__Specification1_spec__1_#t~ret11#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification1_spec__1_#t~ret11#1 && __utac_acc__Specification1_spec__1_#t~ret11#1 <= 2147483647;__utac_acc__Specification1_spec__1_~tmp___0~0#1 := __utac_acc__Specification1_spec__1_#t~ret11#1;havoc __utac_acc__Specification1_spec__1_#t~ret11#1; {2790#(= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 0)} is VALID [2022-02-20 18:06:12,162 INFO L290 TraceCheckUtils]: 35: Hoare triple {2790#(= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 0)} assume 0 != __utac_acc__Specification1_spec__1_~tmp___0~0#1;assume { :begin_inline___automaton_fail } true; {2779#false} is VALID [2022-02-20 18:06:12,162 INFO L290 TraceCheckUtils]: 36: Hoare triple {2779#false} assume !false; {2779#false} is VALID [2022-02-20 18:06:12,162 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:06:12,163 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:06:12,163 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1533084662] [2022-02-20 18:06:12,163 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1533084662] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:06:12,163 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:06:12,163 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 18:06:12,163 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1478675478] [2022-02-20 18:06:12,163 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:06:12,164 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 37 [2022-02-20 18:06:12,164 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:06:12,164 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:06:12,190 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 37 edges. 37 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:12,190 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 18:06:12,190 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:06:12,191 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 18:06:12,191 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 18:06:12,191 INFO L87 Difference]: Start difference. First operand 213 states and 274 transitions. Second operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:06:12,427 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:12,427 INFO L93 Difference]: Finished difference Result 371 states and 478 transitions. [2022-02-20 18:06:12,428 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 18:06:12,428 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 37 [2022-02-20 18:06:12,428 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:06:12,428 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:06:12,430 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 134 transitions. [2022-02-20 18:06:12,431 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:06:12,432 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 134 transitions. [2022-02-20 18:06:12,433 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 134 transitions. [2022-02-20 18:06:12,529 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 134 edges. 134 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:06:12,529 INFO L225 Difference]: With dead ends: 371 [2022-02-20 18:06:12,529 INFO L226 Difference]: Without dead ends: 0 [2022-02-20 18:06:12,531 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=27, Invalid=45, Unknown=0, NotChecked=0, Total=72 [2022-02-20 18:06:12,532 INFO L933 BasicCegarLoop]: 47 mSDtfsCounter, 50 mSDsluCounter, 77 mSDsCounter, 0 mSdLazyCounter, 71 mSolverCounterSat, 14 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 51 SdHoareTripleChecker+Valid, 124 SdHoareTripleChecker+Invalid, 85 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 14 IncrementalHoareTripleChecker+Valid, 71 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 18:06:12,533 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [51 Valid, 124 Invalid, 85 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [14 Valid, 71 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 18:06:12,533 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-02-20 18:06:12,533 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-02-20 18:06:12,533 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:06:12,534 INFO L82 GeneralOperation]: Start isEquivalent. First operand 0 states. Second operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 18:06:12,534 INFO L74 IsIncluded]: Start isIncluded. First operand 0 states. Second operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 18:06:12,534 INFO L87 Difference]: Start difference. First operand 0 states. Second operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 18:06:12,534 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:12,534 INFO L93 Difference]: Finished difference Result 0 states and 0 transitions. [2022-02-20 18:06:12,534 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-02-20 18:06:12,534 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:12,534 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:12,534 INFO L74 IsIncluded]: Start isIncluded. First operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Second operand 0 states. [2022-02-20 18:06:12,534 INFO L87 Difference]: Start difference. First operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Second operand 0 states. [2022-02-20 18:06:12,534 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:06:12,535 INFO L93 Difference]: Finished difference Result 0 states and 0 transitions. [2022-02-20 18:06:12,535 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-02-20 18:06:12,539 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:12,539 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:06:12,539 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:06:12,539 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:06:12,539 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 18:06:12,540 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-02-20 18:06:12,540 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 37 [2022-02-20 18:06:12,540 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:06:12,540 INFO L470 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-02-20 18:06:12,541 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:06:12,541 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-02-20 18:06:12,542 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:06:12,544 INFO L764 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-02-20 18:06:12,544 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-02-20 18:06:12,546 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-02-20 18:06:12,926 INFO L861 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 841 848) the Hoare annotation is: true [2022-02-20 18:06:12,926 INFO L858 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 841 848) no Hoare annotation was computed. [2022-02-20 18:06:12,927 INFO L858 garLoopResultBuilder]: For program point deactivatePumpFINAL(lines 841 848) no Hoare annotation was computed. [2022-02-20 18:06:12,927 INFO L858 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 782 788) no Hoare annotation was computed. [2022-02-20 18:06:12,927 INFO L861 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 782 788) the Hoare annotation is: true [2022-02-20 18:06:12,927 INFO L854 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 130 141) the Hoare annotation is: (or (not (= ~pumpRunning~0 0)) (= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)) [2022-02-20 18:06:12,927 INFO L858 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 130 141) no Hoare annotation was computed. [2022-02-20 18:06:12,927 INFO L858 garLoopResultBuilder]: For program point L134-1(lines 130 141) no Hoare annotation was computed. [2022-02-20 18:06:12,927 INFO L854 garLoopResultBuilder]: At program point L865(lines 860 868) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0)))) (and (or .cse0 (not (= ~methaneLevelCritical~0 0))) (or .cse0 (and (= ~pumpRunning~0 0) (= |timeShift_isPumpRunning_#res#1| 0))))) [2022-02-20 18:06:12,927 INFO L854 garLoopResultBuilder]: At program point L93(lines 88 95) the Hoare annotation is: (not (= |old(~pumpRunning~0)| 0)) [2022-02-20 18:06:12,927 INFO L854 garLoopResultBuilder]: At program point L188(lines 183 191) the Hoare annotation is: (not (= |old(~pumpRunning~0)| 0)) [2022-02-20 18:06:12,927 INFO L858 garLoopResultBuilder]: For program point L762-1(lines 761 780) no Hoare annotation was computed. [2022-02-20 18:06:12,927 INFO L858 garLoopResultBuilder]: For program point L110(lines 110 114) no Hoare annotation was computed. [2022-02-20 18:06:12,928 INFO L854 garLoopResultBuilder]: At program point L110-2(lines 106 117) the Hoare annotation is: (not (= |old(~pumpRunning~0)| 0)) [2022-02-20 18:06:12,928 INFO L858 garLoopResultBuilder]: For program point timeShiftFINAL(lines 758 781) no Hoare annotation was computed. [2022-02-20 18:06:12,928 INFO L854 garLoopResultBuilder]: At program point L804(line 804) the Hoare annotation is: (not (= |old(~pumpRunning~0)| 0)) [2022-02-20 18:06:12,928 INFO L854 garLoopResultBuilder]: At program point L800(line 800) the Hoare annotation is: (not (= |old(~pumpRunning~0)| 0)) [2022-02-20 18:06:12,928 INFO L854 garLoopResultBuilder]: At program point L920(lines 905 923) the Hoare annotation is: (not (= |old(~pumpRunning~0)| 0)) [2022-02-20 18:06:12,928 INFO L858 garLoopResultBuilder]: For program point L206(lines 206 212) no Hoare annotation was computed. [2022-02-20 18:06:12,928 INFO L858 garLoopResultBuilder]: For program point L202(lines 202 215) no Hoare annotation was computed. [2022-02-20 18:06:12,928 INFO L854 garLoopResultBuilder]: At program point L809(line 809) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0)) [2022-02-20 18:06:12,928 INFO L854 garLoopResultBuilder]: At program point L202-1(lines 194 218) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0)))) (and (or .cse0 (= ~pumpRunning~0 0)) (or .cse0 (= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 0) (not (= ~methaneLevelCritical~0 0))))) [2022-02-20 18:06:12,929 INFO L854 garLoopResultBuilder]: At program point L809-1(lines 790 814) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0)) [2022-02-20 18:06:12,929 INFO L858 garLoopResultBuilder]: For program point L769-1(lines 769 775) no Hoare annotation was computed. [2022-02-20 18:06:12,929 INFO L858 garLoopResultBuilder]: For program point L798(lines 798 806) no Hoare annotation was computed. [2022-02-20 18:06:12,931 INFO L858 garLoopResultBuilder]: For program point L92(line 92) no Hoare annotation was computed. [2022-02-20 18:06:12,932 INFO L858 garLoopResultBuilder]: For program point L794(lines 794 811) no Hoare annotation was computed. [2022-02-20 18:06:12,932 INFO L858 garLoopResultBuilder]: For program point L914(lines 914 918) no Hoare annotation was computed. [2022-02-20 18:06:12,932 INFO L858 garLoopResultBuilder]: For program point L914-2(lines 914 918) no Hoare annotation was computed. [2022-02-20 18:06:12,932 INFO L854 garLoopResultBuilder]: At program point timeShiftENTRY(lines 758 781) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0)) [2022-02-20 18:06:12,933 INFO L858 garLoopResultBuilder]: For program point timeShiftEXIT(lines 758 781) no Hoare annotation was computed. [2022-02-20 18:06:12,934 INFO L858 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 92) no Hoare annotation was computed. [2022-02-20 18:06:12,934 INFO L854 garLoopResultBuilder]: At program point L200(line 200) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0)) [2022-02-20 18:06:12,934 INFO L858 garLoopResultBuilder]: For program point L200-1(line 200) no Hoare annotation was computed. [2022-02-20 18:06:12,934 INFO L858 garLoopResultBuilder]: For program point cleanupEXIT(lines 222 251) no Hoare annotation was computed. [2022-02-20 18:06:12,934 INFO L861 garLoopResultBuilder]: At program point cleanupENTRY(lines 222 251) the Hoare annotation is: true [2022-02-20 18:06:12,934 INFO L861 garLoopResultBuilder]: At program point L247(lines 222 251) the Hoare annotation is: true [2022-02-20 18:06:12,935 INFO L858 garLoopResultBuilder]: For program point L243(line 243) no Hoare annotation was computed. [2022-02-20 18:06:12,935 INFO L858 garLoopResultBuilder]: For program point L236(lines 236 240) no Hoare annotation was computed. [2022-02-20 18:06:12,935 INFO L861 garLoopResultBuilder]: At program point L236-1(lines 236 240) the Hoare annotation is: true [2022-02-20 18:06:12,935 INFO L858 garLoopResultBuilder]: For program point L233(line 233) no Hoare annotation was computed. [2022-02-20 18:06:12,935 INFO L861 garLoopResultBuilder]: At program point L232-2(lines 232 246) the Hoare annotation is: true [2022-02-20 18:06:12,935 INFO L861 garLoopResultBuilder]: At program point L228(line 228) the Hoare annotation is: true [2022-02-20 18:06:12,935 INFO L858 garLoopResultBuilder]: For program point L228-1(line 228) no Hoare annotation was computed. [2022-02-20 18:06:12,936 INFO L861 garLoopResultBuilder]: At program point isMethaneLevelCriticalENTRY(lines 142 150) the Hoare annotation is: true [2022-02-20 18:06:12,936 INFO L858 garLoopResultBuilder]: For program point isMethaneLevelCriticalFINAL(lines 142 150) no Hoare annotation was computed. [2022-02-20 18:06:12,936 INFO L858 garLoopResultBuilder]: For program point isMethaneLevelCriticalEXIT(lines 142 150) no Hoare annotation was computed. [2022-02-20 18:06:12,937 INFO L854 garLoopResultBuilder]: At program point L936(lines 924 938) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-02-20 18:06:12,938 INFO L861 garLoopResultBuilder]: At program point L292(lines 285 294) the Hoare annotation is: true [2022-02-20 18:06:12,938 INFO L858 garLoopResultBuilder]: For program point L928(lines 928 934) no Hoare annotation was computed. [2022-02-20 18:06:12,938 INFO L858 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-02-20 18:06:12,938 INFO L858 garLoopResultBuilder]: For program point L928-1(lines 928 934) no Hoare annotation was computed. [2022-02-20 18:06:12,938 INFO L858 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-02-20 18:06:12,938 INFO L858 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-02-20 18:06:12,939 INFO L858 garLoopResultBuilder]: For program point L697(lines 696 743) no Hoare annotation was computed. [2022-02-20 18:06:12,939 INFO L858 garLoopResultBuilder]: For program point L726(lines 726 739) no Hoare annotation was computed. [2022-02-20 18:06:12,939 INFO L858 garLoopResultBuilder]: For program point L305(lines 305 312) no Hoare annotation was computed. [2022-02-20 18:06:12,939 INFO L858 garLoopResultBuilder]: For program point L305-2(lines 305 312) no Hoare annotation was computed. [2022-02-20 18:06:12,939 INFO L854 garLoopResultBuilder]: At program point L718(line 718) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-02-20 18:06:12,939 INFO L861 garLoopResultBuilder]: At program point L747(lines 686 751) the Hoare annotation is: true [2022-02-20 18:06:12,940 INFO L858 garLoopResultBuilder]: For program point L706(lines 706 712) no Hoare annotation was computed. [2022-02-20 18:06:12,940 INFO L858 garLoopResultBuilder]: For program point L706-1(lines 706 712) no Hoare annotation was computed. [2022-02-20 18:06:12,940 INFO L858 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-02-20 18:06:12,940 INFO L858 garLoopResultBuilder]: For program point L698(lines 698 702) no Hoare annotation was computed. [2022-02-20 18:06:12,941 INFO L861 garLoopResultBuilder]: At program point L314(lines 295 317) the Hoare annotation is: true [2022-02-20 18:06:12,941 INFO L854 garLoopResultBuilder]: At program point L281(lines 277 283) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0)) [2022-02-20 18:06:12,941 INFO L854 garLoopResultBuilder]: At program point L83(lines 78 86) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0)) [2022-02-20 18:06:12,941 INFO L854 garLoopResultBuilder]: At program point L75(lines 71 77) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0)) [2022-02-20 18:06:12,941 INFO L854 garLoopResultBuilder]: At program point L744(lines 695 745) the Hoare annotation is: false [2022-02-20 18:06:12,941 INFO L854 garLoopResultBuilder]: At program point L930(line 930) the Hoare annotation is: false [2022-02-20 18:06:12,942 INFO L858 garLoopResultBuilder]: For program point L732(lines 732 738) no Hoare annotation was computed. [2022-02-20 18:06:12,942 INFO L854 garLoopResultBuilder]: At program point L732-2(lines 726 739) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-02-20 18:06:12,942 INFO L858 garLoopResultBuilder]: For program point L716(lines 716 722) no Hoare annotation was computed. [2022-02-20 18:06:12,942 INFO L858 garLoopResultBuilder]: For program point L716-1(lines 716 722) no Hoare annotation was computed. [2022-02-20 18:06:12,942 INFO L854 garLoopResultBuilder]: At program point L741(lines 696 743) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-02-20 18:06:12,942 INFO L854 garLoopResultBuilder]: At program point L68(lines 64 70) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0)) [2022-02-20 18:06:12,943 INFO L854 garLoopResultBuilder]: At program point L708(line 708) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-02-20 18:06:12,943 INFO L858 garLoopResultBuilder]: For program point waterRiseEXIT(lines 118 129) no Hoare annotation was computed. [2022-02-20 18:06:12,943 INFO L858 garLoopResultBuilder]: For program point L122-1(lines 118 129) no Hoare annotation was computed. [2022-02-20 18:06:12,951 INFO L861 garLoopResultBuilder]: At program point waterRiseENTRY(lines 118 129) the Hoare annotation is: true [2022-02-20 18:06:12,956 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1] [2022-02-20 18:06:12,957 INFO L180 ceAbstractionStarter]: Computing trace abstraction results [2022-02-20 18:06:12,960 WARN L170 areAnnotationChecker]: deactivatePumpFINAL has no Hoare annotation [2022-02-20 18:06:12,961 WARN L170 areAnnotationChecker]: processEnvironment__wrappee__baseEXIT has no Hoare annotation [2022-02-20 18:06:12,961 WARN L170 areAnnotationChecker]: L134-1 has no Hoare annotation [2022-02-20 18:06:12,961 WARN L170 areAnnotationChecker]: L134-1 has no Hoare annotation [2022-02-20 18:06:12,961 WARN L170 areAnnotationChecker]: L110 has no Hoare annotation [2022-02-20 18:06:12,961 WARN L170 areAnnotationChecker]: L762-1 has no Hoare annotation [2022-02-20 18:06:12,961 WARN L170 areAnnotationChecker]: isMethaneLevelCriticalFINAL has no Hoare annotation [2022-02-20 18:06:12,961 WARN L170 areAnnotationChecker]: ULTIMATE.startENTRY has no Hoare annotation [2022-02-20 18:06:12,962 WARN L170 areAnnotationChecker]: L122-1 has no Hoare annotation [2022-02-20 18:06:12,962 WARN L170 areAnnotationChecker]: L122-1 has no Hoare annotation [2022-02-20 18:06:12,962 WARN L170 areAnnotationChecker]: deactivatePumpFINAL has no Hoare annotation [2022-02-20 18:06:12,962 WARN L170 areAnnotationChecker]: processEnvironment__wrappee__baseEXIT has no Hoare annotation [2022-02-20 18:06:12,962 WARN L170 areAnnotationChecker]: processEnvironment__wrappee__baseEXIT has no Hoare annotation [2022-02-20 18:06:12,962 WARN L170 areAnnotationChecker]: L134-1 has no Hoare annotation [2022-02-20 18:06:12,962 WARN L170 areAnnotationChecker]: L110 has no Hoare annotation [2022-02-20 18:06:12,962 WARN L170 areAnnotationChecker]: L110 has no Hoare annotation [2022-02-20 18:06:12,963 WARN L170 areAnnotationChecker]: L762-1 has no Hoare annotation [2022-02-20 18:06:12,963 WARN L170 areAnnotationChecker]: L762-1 has no Hoare annotation [2022-02-20 18:06:12,963 WARN L170 areAnnotationChecker]: L228-1 has no Hoare annotation [2022-02-20 18:06:12,964 WARN L170 areAnnotationChecker]: isMethaneLevelCriticalFINAL has no Hoare annotation [2022-02-20 18:06:12,964 WARN L170 areAnnotationChecker]: L-1 has no Hoare annotation [2022-02-20 18:06:12,964 WARN L170 areAnnotationChecker]: L122-1 has no Hoare annotation [2022-02-20 18:06:12,964 WARN L170 areAnnotationChecker]: deactivatePumpEXIT has no Hoare annotation [2022-02-20 18:06:12,965 WARN L170 areAnnotationChecker]: deactivatePumpEXIT has no Hoare annotation [2022-02-20 18:06:12,965 WARN L170 areAnnotationChecker]: L769-1 has no Hoare annotation [2022-02-20 18:06:12,965 WARN L170 areAnnotationChecker]: changeMethaneLevelEXIT has no Hoare annotation [2022-02-20 18:06:12,965 WARN L170 areAnnotationChecker]: L762-1 has no Hoare annotation [2022-02-20 18:06:12,965 WARN L170 areAnnotationChecker]: L794 has no Hoare annotation [2022-02-20 18:06:12,965 WARN L170 areAnnotationChecker]: L794 has no Hoare annotation [2022-02-20 18:06:12,965 WARN L170 areAnnotationChecker]: L769-1 has no Hoare annotation [2022-02-20 18:06:12,965 WARN L170 areAnnotationChecker]: L228-1 has no Hoare annotation [2022-02-20 18:06:12,965 WARN L170 areAnnotationChecker]: isMethaneLevelCriticalEXIT has no Hoare annotation [2022-02-20 18:06:12,966 WARN L170 areAnnotationChecker]: waterRiseEXIT has no Hoare annotation [2022-02-20 18:06:12,966 WARN L170 areAnnotationChecker]: L928-1 has no Hoare annotation [2022-02-20 18:06:12,966 WARN L170 areAnnotationChecker]: L716-1 has no Hoare annotation [2022-02-20 18:06:12,966 WARN L170 areAnnotationChecker]: L914 has no Hoare annotation [2022-02-20 18:06:12,967 WARN L170 areAnnotationChecker]: L200-1 has no Hoare annotation [2022-02-20 18:06:12,967 WARN L170 areAnnotationChecker]: L233 has no Hoare annotation [2022-02-20 18:06:12,967 WARN L170 areAnnotationChecker]: L200-1 has no Hoare annotation [2022-02-20 18:06:12,970 WARN L170 areAnnotationChecker]: L706-1 has no Hoare annotation [2022-02-20 18:06:12,970 WARN L170 areAnnotationChecker]: L726 has no Hoare annotation [2022-02-20 18:06:12,970 WARN L170 areAnnotationChecker]: L726 has no Hoare annotation [2022-02-20 18:06:12,971 WARN L170 areAnnotationChecker]: L914 has no Hoare annotation [2022-02-20 18:06:12,971 WARN L170 areAnnotationChecker]: L914 has no Hoare annotation [2022-02-20 18:06:12,971 WARN L170 areAnnotationChecker]: cleanupEXIT has no Hoare annotation [2022-02-20 18:06:12,971 WARN L170 areAnnotationChecker]: L233 has no Hoare annotation [2022-02-20 18:06:12,971 WARN L170 areAnnotationChecker]: L202 has no Hoare annotation [2022-02-20 18:06:12,971 WARN L170 areAnnotationChecker]: L202 has no Hoare annotation [2022-02-20 18:06:12,971 WARN L170 areAnnotationChecker]: L305 has no Hoare annotation [2022-02-20 18:06:12,971 WARN L170 areAnnotationChecker]: L716 has no Hoare annotation [2022-02-20 18:06:12,971 WARN L170 areAnnotationChecker]: L716 has no Hoare annotation [2022-02-20 18:06:12,972 WARN L170 areAnnotationChecker]: L732 has no Hoare annotation [2022-02-20 18:06:12,972 WARN L170 areAnnotationChecker]: L732 has no Hoare annotation [2022-02-20 18:06:12,972 WARN L170 areAnnotationChecker]: L914-2 has no Hoare annotation [2022-02-20 18:06:12,972 WARN L170 areAnnotationChecker]: cleanupEXIT has no Hoare annotation [2022-02-20 18:06:12,972 WARN L170 areAnnotationChecker]: L236 has no Hoare annotation [2022-02-20 18:06:12,972 WARN L170 areAnnotationChecker]: L236 has no Hoare annotation [2022-02-20 18:06:12,972 WARN L170 areAnnotationChecker]: L206 has no Hoare annotation [2022-02-20 18:06:12,972 WARN L170 areAnnotationChecker]: timeShiftFINAL has no Hoare annotation [2022-02-20 18:06:12,972 WARN L170 areAnnotationChecker]: L305 has no Hoare annotation [2022-02-20 18:06:12,972 WARN L170 areAnnotationChecker]: L305 has no Hoare annotation [2022-02-20 18:06:12,972 WARN L170 areAnnotationChecker]: L716-1 has no Hoare annotation [2022-02-20 18:06:12,973 WARN L170 areAnnotationChecker]: L697 has no Hoare annotation [2022-02-20 18:06:12,973 WARN L170 areAnnotationChecker]: L928 has no Hoare annotation [2022-02-20 18:06:12,973 WARN L170 areAnnotationChecker]: L928 has no Hoare annotation [2022-02-20 18:06:12,973 WARN L170 areAnnotationChecker]: L798 has no Hoare annotation [2022-02-20 18:06:12,973 WARN L170 areAnnotationChecker]: L243 has no Hoare annotation [2022-02-20 18:06:12,974 WARN L170 areAnnotationChecker]: L206 has no Hoare annotation [2022-02-20 18:06:12,974 WARN L170 areAnnotationChecker]: L206 has no Hoare annotation [2022-02-20 18:06:12,974 WARN L170 areAnnotationChecker]: timeShiftFINAL has no Hoare annotation [2022-02-20 18:06:12,974 WARN L170 areAnnotationChecker]: L305-2 has no Hoare annotation [2022-02-20 18:06:12,974 WARN L170 areAnnotationChecker]: L697 has no Hoare annotation [2022-02-20 18:06:12,975 WARN L170 areAnnotationChecker]: L697 has no Hoare annotation [2022-02-20 18:06:12,975 WARN L170 areAnnotationChecker]: L928-1 has no Hoare annotation [2022-02-20 18:06:12,975 WARN L170 areAnnotationChecker]: L798 has no Hoare annotation [2022-02-20 18:06:12,975 WARN L170 areAnnotationChecker]: L798 has no Hoare annotation [2022-02-20 18:06:12,975 WARN L170 areAnnotationChecker]: L305-2 has no Hoare annotation [2022-02-20 18:06:12,975 WARN L170 areAnnotationChecker]: L243 has no Hoare annotation [2022-02-20 18:06:12,975 WARN L170 areAnnotationChecker]: L92 has no Hoare annotation [2022-02-20 18:06:12,975 WARN L170 areAnnotationChecker]: L92 has no Hoare annotation [2022-02-20 18:06:12,975 WARN L170 areAnnotationChecker]: timeShiftEXIT has no Hoare annotation [2022-02-20 18:06:12,975 WARN L170 areAnnotationChecker]: timeShiftEXIT has no Hoare annotation [2022-02-20 18:06:12,976 WARN L170 areAnnotationChecker]: timeShiftEXIT has no Hoare annotation [2022-02-20 18:06:12,976 WARN L170 areAnnotationChecker]: ULTIMATE.startFINAL has no Hoare annotation [2022-02-20 18:06:12,976 WARN L170 areAnnotationChecker]: L698 has no Hoare annotation [2022-02-20 18:06:12,976 WARN L170 areAnnotationChecker]: ULTIMATE.startFINAL has no Hoare annotation [2022-02-20 18:06:12,976 WARN L170 areAnnotationChecker]: L706 has no Hoare annotation [2022-02-20 18:06:12,977 WARN L170 areAnnotationChecker]: L706 has no Hoare annotation [2022-02-20 18:06:12,977 WARN L170 areAnnotationChecker]: L706-1 has no Hoare annotation [2022-02-20 18:06:12,977 INFO L163 areAnnotationChecker]: CFG has 22 edges. 22 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. 0 times interpolants missing. [2022-02-20 18:06:12,989 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 20.02 06:06:12 BoogieIcfgContainer [2022-02-20 18:06:12,989 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-02-20 18:06:12,989 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-02-20 18:06:12,990 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-02-20 18:06:12,990 INFO L275 PluginConnector]: Witness Printer initialized [2022-02-20 18:06:12,990 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:06:09" (3/4) ... [2022-02-20 18:06:12,993 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-02-20 18:06:12,997 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-02-20 18:06:12,997 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-02-20 18:06:12,997 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-02-20 18:06:12,997 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-02-20 18:06:12,997 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-02-20 18:06:12,997 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2022-02-20 18:06:12,998 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-02-20 18:06:13,003 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 49 nodes and edges [2022-02-20 18:06:13,004 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-02-20 18:06:13,004 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-02-20 18:06:13,004 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-02-20 18:06:13,005 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-02-20 18:06:13,005 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-02-20 18:06:13,005 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-02-20 18:06:13,025 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) [2022-02-20 18:06:13,026 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || pumpRunning == 0 [2022-02-20 18:06:13,026 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(\old(pumpRunning) == 0) || pumpRunning == 0) && ((!(\old(pumpRunning) == 0) || tmp == 0) || !(methaneLevelCritical == 0)) [2022-02-20 18:06:13,027 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) && (!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \result == 0)) [2022-02-20 18:06:13,027 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) [2022-02-20 18:06:13,027 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) [2022-02-20 18:06:13,027 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) [2022-02-20 18:06:13,043 INFO L141 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2022-02-20 18:06:13,044 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-02-20 18:06:13,045 INFO L158 Benchmark]: Toolchain (without parser) took 4605.02ms. Allocated memory was 100.7MB in the beginning and 121.6MB in the end (delta: 21.0MB). Free memory was 67.2MB in the beginning and 86.0MB in the end (delta: -18.8MB). Peak memory consumption was 669.6kB. Max. memory is 16.1GB. [2022-02-20 18:06:13,045 INFO L158 Benchmark]: CDTParser took 0.13ms. Allocated memory is still 100.7MB. Free memory is still 55.7MB. There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:06:13,045 INFO L158 Benchmark]: CACSL2BoogieTranslator took 424.91ms. Allocated memory is still 100.7MB. Free memory was 67.0MB in the beginning and 64.6MB in the end (delta: 2.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2022-02-20 18:06:13,046 INFO L158 Benchmark]: Boogie Procedure Inliner took 86.77ms. Allocated memory is still 100.7MB. Free memory was 64.6MB in the beginning and 61.9MB in the end (delta: 2.7MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-02-20 18:06:13,046 INFO L158 Benchmark]: Boogie Preprocessor took 52.49ms. Allocated memory is still 100.7MB. Free memory was 61.9MB in the beginning and 60.5MB in the end (delta: 1.5MB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:06:13,046 INFO L158 Benchmark]: RCFGBuilder took 511.01ms. Allocated memory was 100.7MB in the beginning and 121.6MB in the end (delta: 21.0MB). Free memory was 60.2MB in the beginning and 91.2MB in the end (delta: -31.0MB). Peak memory consumption was 19.5MB. Max. memory is 16.1GB. [2022-02-20 18:06:13,046 INFO L158 Benchmark]: TraceAbstraction took 3469.29ms. Allocated memory is still 121.6MB. Free memory was 91.0MB in the beginning and 91.3MB in the end (delta: -275.8kB). Peak memory consumption was 56.0MB. Max. memory is 16.1GB. [2022-02-20 18:06:13,047 INFO L158 Benchmark]: Witness Printer took 54.29ms. Allocated memory is still 121.6MB. Free memory was 91.3MB in the beginning and 86.0MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-02-20 18:06:13,048 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.13ms. Allocated memory is still 100.7MB. Free memory is still 55.7MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 424.91ms. Allocated memory is still 100.7MB. Free memory was 67.0MB in the beginning and 64.6MB in the end (delta: 2.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 86.77ms. Allocated memory is still 100.7MB. Free memory was 64.6MB in the beginning and 61.9MB in the end (delta: 2.7MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 52.49ms. Allocated memory is still 100.7MB. Free memory was 61.9MB in the beginning and 60.5MB in the end (delta: 1.5MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 511.01ms. Allocated memory was 100.7MB in the beginning and 121.6MB in the end (delta: 21.0MB). Free memory was 60.2MB in the beginning and 91.2MB in the end (delta: -31.0MB). Peak memory consumption was 19.5MB. Max. memory is 16.1GB. * TraceAbstraction took 3469.29ms. Allocated memory is still 121.6MB. Free memory was 91.0MB in the beginning and 91.3MB in the end (delta: -275.8kB). Peak memory consumption was 56.0MB. Max. memory is 16.1GB. * Witness Printer took 54.29ms. Allocated memory is still 121.6MB. Free memory was 91.3MB in the beginning and 86.0MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 92]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 80 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 3.4s, OverallIterations: 5, TraceHistogramMax: 1, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 1.8s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.4s, InitialAbstractionConstructionTime: 0.0s, PartialOrderReductionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 182 SdHoareTripleChecker+Valid, 0.1s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 175 mSDsluCounter, 897 SdHoareTripleChecker+Invalid, 0.1s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 493 mSDsCounter, 18 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 116 IncrementalHoareTripleChecker+Invalid, 134 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 18 mSolverCounterUnsat, 404 mSDtfsCounter, 116 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 39 GetRequests, 23 SyntacticMatches, 0 SemanticMatches, 16 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=213occurred in iteration=4, InterpolantAutomatonStates: 22, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 5 MinimizatonAttempts, 9 StatesRemovedByMinimization, 2 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 36 LocationsWithAnnotation, 292 PreInvPairs, 334 NumberOfFragments, 196 HoareAnnotationTreeSize, 292 FomulaSimplifications, 16 FormulaSimplificationTreeSizeReduction, 0.1s HoareSimplificationTime, 36 FomulaSimplificationsInter, 901 FormulaSimplificationTreeSizeReductionInter, 0.3s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 0.4s InterpolantComputationTime, 145 NumberOfCodeBlocks, 145 NumberOfCodeBlocksAsserted, 5 NumberOfCheckSat, 140 ConstructedInterpolants, 0 QuantifiedInterpolants, 286 SizeOfPredicates, 0 NumberOfNonLiveVariables, 0 ConjunctsInSsa, 0 ConjunctsInUnsatCore, 5 InterpolantComputations, 5 PerfectInterpolantSequences, 0/0 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 194]: Loop Invariant Derived loop invariant: (!(\old(pumpRunning) == 0) || pumpRunning == 0) && ((!(\old(pumpRunning) == 0) || tmp == 0) || !(methaneLevelCritical == 0)) - InvariantResult [Line: 695]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 924]: Loop Invariant Derived loop invariant: pumpRunning == 0 && splverifierCounter == 0 - InvariantResult [Line: 183]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) - InvariantResult [Line: 696]: Loop Invariant Derived loop invariant: pumpRunning == 0 && splverifierCounter == 0 - InvariantResult [Line: 285]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 790]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || pumpRunning == 0 - InvariantResult [Line: 78]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive - InvariantResult [Line: 64]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive - InvariantResult [Line: 295]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 905]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) - InvariantResult [Line: 860]: Loop Invariant Derived loop invariant: (!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) && (!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \result == 0)) - InvariantResult [Line: 71]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive - InvariantResult [Line: 686]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 106]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) - InvariantResult [Line: 277]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive - InvariantResult [Line: 232]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 222]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 88]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) RESULT: Ultimate proved your program to be correct! [2022-02-20 18:06:13,090 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE