./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec3_product06.cil.c --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 03d7b7b3 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_product06.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash af4f743cc6be4267a21638b2aaf4488875c5d1d37960e5576634d1fd02e8bed4 --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 18:08:33,250 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 18:08:33,251 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 18:08:33,271 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 18:08:33,272 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 18:08:33,272 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 18:08:33,273 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 18:08:33,274 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 18:08:33,275 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 18:08:33,276 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 18:08:33,277 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 18:08:33,277 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 18:08:33,278 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 18:08:33,278 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 18:08:33,279 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 18:08:33,280 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 18:08:33,280 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 18:08:33,281 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 18:08:33,282 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 18:08:33,284 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 18:08:33,285 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 18:08:33,286 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 18:08:33,286 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 18:08:33,287 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 18:08:33,289 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 18:08:33,289 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 18:08:33,290 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 18:08:33,290 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 18:08:33,291 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 18:08:33,291 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 18:08:33,292 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 18:08:33,292 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 18:08:33,293 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 18:08:33,294 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 18:08:33,294 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 18:08:33,295 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 18:08:33,295 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 18:08:33,296 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 18:08:33,296 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 18:08:33,297 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 18:08:33,297 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 18:08:33,298 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-02-20 18:08:33,315 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 18:08:33,316 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 18:08:33,316 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 18:08:33,316 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 18:08:33,317 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 18:08:33,317 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 18:08:33,317 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 18:08:33,317 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 18:08:33,318 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 18:08:33,318 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 18:08:33,318 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 18:08:33,318 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 18:08:33,318 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 18:08:33,319 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 18:08:33,319 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-02-20 18:08:33,321 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 18:08:33,321 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-02-20 18:08:33,322 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 18:08:33,322 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-02-20 18:08:33,322 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 18:08:33,322 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-02-20 18:08:33,322 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 18:08:33,322 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 18:08:33,323 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 18:08:33,323 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:08:33,323 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 18:08:33,323 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 18:08:33,323 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-02-20 18:08:33,324 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-02-20 18:08:33,324 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-02-20 18:08:33,324 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2022-02-20 18:08:33,324 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-02-20 18:08:33,325 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-02-20 18:08:33,325 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> af4f743cc6be4267a21638b2aaf4488875c5d1d37960e5576634d1fd02e8bed4 [2022-02-20 18:08:33,508 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 18:08:33,527 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 18:08:33,531 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 18:08:33,531 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 18:08:33,532 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 18:08:33,533 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_product06.cil.c [2022-02-20 18:08:33,579 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/4693949f0/6a307c7c887141feb5395e9a63a5fb34/FLAG9d61710ad [2022-02-20 18:08:33,985 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 18:08:33,987 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product06.cil.c [2022-02-20 18:08:33,994 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/4693949f0/6a307c7c887141feb5395e9a63a5fb34/FLAG9d61710ad [2022-02-20 18:08:34,005 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/4693949f0/6a307c7c887141feb5395e9a63a5fb34 [2022-02-20 18:08:34,006 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 18:08:34,007 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 18:08:34,011 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 18:08:34,011 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 18:08:34,013 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 18:08:34,014 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:08:34" (1/1) ... [2022-02-20 18:08:34,015 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@39f1c2fc and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:34, skipping insertion in model container [2022-02-20 18:08:34,016 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:08:34" (1/1) ... [2022-02-20 18:08:34,023 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 18:08:34,055 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:08:34,167 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product06.cil.c[1605,1618] [2022-02-20 18:08:34,288 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:08:34,294 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 18:08:34,305 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product06.cil.c[1605,1618] [2022-02-20 18:08:34,365 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:08:34,382 INFO L208 MainTranslator]: Completed translation [2022-02-20 18:08:34,383 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:34 WrapperNode [2022-02-20 18:08:34,383 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 18:08:34,384 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 18:08:34,384 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 18:08:34,384 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 18:08:34,390 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:34" (1/1) ... [2022-02-20 18:08:34,414 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:34" (1/1) ... [2022-02-20 18:08:34,451 INFO L137 Inliner]: procedures = 51, calls = 150, calls flagged for inlining = 20, calls inlined = 17, statements flattened = 216 [2022-02-20 18:08:34,453 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 18:08:34,453 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 18:08:34,453 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 18:08:34,454 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 18:08:34,459 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:34" (1/1) ... [2022-02-20 18:08:34,459 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:34" (1/1) ... [2022-02-20 18:08:34,460 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:34" (1/1) ... [2022-02-20 18:08:34,461 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:34" (1/1) ... [2022-02-20 18:08:34,464 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:34" (1/1) ... [2022-02-20 18:08:34,467 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:34" (1/1) ... [2022-02-20 18:08:34,468 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:34" (1/1) ... [2022-02-20 18:08:34,469 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 18:08:34,470 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 18:08:34,470 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 18:08:34,470 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 18:08:34,478 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:34" (1/1) ... [2022-02-20 18:08:34,484 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:08:34,494 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 18:08:34,503 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 18:08:34,508 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 18:08:34,527 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 18:08:34,527 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-02-20 18:08:34,527 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-02-20 18:08:34,527 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-02-20 18:08:34,528 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-02-20 18:08:34,528 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-02-20 18:08:34,528 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-02-20 18:08:34,528 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-02-20 18:08:34,529 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-02-20 18:08:34,530 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-02-20 18:08:34,530 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-02-20 18:08:34,530 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-02-20 18:08:34,530 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-02-20 18:08:34,530 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-02-20 18:08:34,530 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 18:08:34,530 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 18:08:34,616 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 18:08:34,618 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 18:08:34,922 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 18:08:34,929 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 18:08:34,929 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-02-20 18:08:34,931 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:08:34 BoogieIcfgContainer [2022-02-20 18:08:34,931 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 18:08:34,933 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 18:08:34,933 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 18:08:34,935 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 18:08:34,936 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 06:08:34" (1/3) ... [2022-02-20 18:08:34,936 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5cf84ed4 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:08:34, skipping insertion in model container [2022-02-20 18:08:34,936 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:34" (2/3) ... [2022-02-20 18:08:34,937 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5cf84ed4 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:08:34, skipping insertion in model container [2022-02-20 18:08:34,937 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:08:34" (3/3) ... [2022-02-20 18:08:34,938 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product06.cil.c [2022-02-20 18:08:34,941 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 18:08:34,941 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-02-20 18:08:34,974 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 18:08:34,978 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 18:08:34,979 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-02-20 18:08:34,992 INFO L276 IsEmpty]: Start isEmpty. Operand has 75 states, 57 states have (on average 1.3859649122807018) internal successors, (79), 63 states have internal predecessors, (79), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 18:08:34,996 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 18:08:34,996 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:34,997 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:34,997 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:35,001 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:35,001 INFO L85 PathProgramCache]: Analyzing trace with hash 1884919457, now seen corresponding path program 1 times [2022-02-20 18:08:35,008 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:08:35,008 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1615605657] [2022-02-20 18:08:35,008 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:35,009 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:08:35,103 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:35,176 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-02-20 18:08:35,178 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:35,187 INFO L290 TraceCheckUtils]: 0: Hoare triple {78#true} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {78#true} is VALID [2022-02-20 18:08:35,187 INFO L290 TraceCheckUtils]: 1: Hoare triple {78#true} assume true; {78#true} is VALID [2022-02-20 18:08:35,188 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {78#true} {79#false} #204#return; {79#false} is VALID [2022-02-20 18:08:35,189 INFO L290 TraceCheckUtils]: 0: Hoare triple {78#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(3, 5);call write~init~int(79, 5, 0, 1);call write~init~int(110, 5, 1, 1);call write~init~int(0, 5, 2, 1);call #Ultimate.allocInit(4, 6);call write~init~int(79, 6, 0, 1);call write~init~int(102, 6, 1, 1);call write~init~int(102, 6, 2, 1);call write~init~int(0, 6, 3, 1);call #Ultimate.allocInit(7, 7);call write~init~int(44, 7, 0, 1);call write~init~int(80, 7, 1, 1);call write~init~int(117, 7, 2, 1);call write~init~int(109, 7, 3, 1);call write~init~int(112, 7, 4, 1);call write~init~int(58, 7, 5, 1);call write~init~int(0, 7, 6, 1);call #Ultimate.allocInit(3, 8);call write~init~int(79, 8, 0, 1);call write~init~int(110, 8, 1, 1);call write~init~int(0, 8, 2, 1);call #Ultimate.allocInit(4, 9);call write~init~int(79, 9, 0, 1);call write~init~int(102, 9, 1, 1);call write~init~int(102, 9, 2, 1);call write~init~int(0, 9, 3, 1);call #Ultimate.allocInit(3, 10);call write~init~int(41, 10, 0, 1);call write~init~int(32, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(2, 11);call write~init~int(10, 11, 0, 1);call write~init~int(0, 11, 1, 1);call #Ultimate.allocInit(13, 12);call #Ultimate.allocInit(7, 13);call write~init~int(44, 13, 0, 1);call write~init~int(77, 13, 1, 1);call write~init~int(101, 13, 2, 1);call write~init~int(116, 13, 3, 1);call write~init~int(104, 13, 4, 1);call write~init~int(58, 13, 5, 1);call write~init~int(0, 13, 6, 1);call #Ultimate.allocInit(5, 14);call write~init~int(67, 14, 0, 1);call write~init~int(82, 14, 1, 1);call write~init~int(73, 14, 2, 1);call write~init~int(84, 14, 3, 1);call write~init~int(0, 14, 4, 1);call #Ultimate.allocInit(3, 15);call write~init~int(79, 15, 0, 1);call write~init~int(75, 15, 1, 1);call write~init~int(0, 15, 2, 1);call #Ultimate.allocInit(2, 16);call write~init~int(41, 16, 0, 1);call write~init~int(0, 16, 1, 1);call #Ultimate.allocInit(30, 17);call #Ultimate.allocInit(9, 18);call #Ultimate.allocInit(21, 19);call #Ultimate.allocInit(30, 20);call #Ultimate.allocInit(9, 21);call #Ultimate.allocInit(21, 22);call #Ultimate.allocInit(30, 23);call #Ultimate.allocInit(9, 24);call #Ultimate.allocInit(25, 25);call #Ultimate.allocInit(30, 26);call #Ultimate.allocInit(9, 27);call #Ultimate.allocInit(25, 28);~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~cleanupTimeShifts~0 := 4;~head~0.base, ~head~0.offset := 0, 0; {78#true} is VALID [2022-02-20 18:08:35,189 INFO L290 TraceCheckUtils]: 1: Hoare triple {78#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret24#1, main_~retValue_acc~6#1, main_~tmp~2#1;havoc main_~retValue_acc~6#1;havoc main_~tmp~2#1;assume { :begin_inline_select_helpers } true; {78#true} is VALID [2022-02-20 18:08:35,189 INFO L290 TraceCheckUtils]: 2: Hoare triple {78#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {78#true} is VALID [2022-02-20 18:08:35,190 INFO L290 TraceCheckUtils]: 3: Hoare triple {78#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {78#true} is VALID [2022-02-20 18:08:35,190 INFO L290 TraceCheckUtils]: 4: Hoare triple {78#true} main_#t~ret24#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret24#1 && main_#t~ret24#1 <= 2147483647;main_~tmp~2#1 := main_#t~ret24#1;havoc main_#t~ret24#1; {78#true} is VALID [2022-02-20 18:08:35,190 INFO L290 TraceCheckUtils]: 5: Hoare triple {78#true} assume 0 != main_~tmp~2#1;assume { :begin_inline_setup } true; {78#true} is VALID [2022-02-20 18:08:35,190 INFO L290 TraceCheckUtils]: 6: Hoare triple {78#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet15#1, test_#t~nondet16#1, test_#t~nondet17#1, test_#t~nondet18#1, test_~splverifierCounter~0#1, test_~tmp~1#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~1#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {78#true} is VALID [2022-02-20 18:08:35,191 INFO L290 TraceCheckUtils]: 7: Hoare triple {78#true} assume false; {79#false} is VALID [2022-02-20 18:08:35,191 INFO L272 TraceCheckUtils]: 8: Hoare triple {79#false} call cleanup(); {79#false} is VALID [2022-02-20 18:08:35,191 INFO L290 TraceCheckUtils]: 9: Hoare triple {79#false} havoc ~i~0;havoc ~__cil_tmp2~0; {79#false} is VALID [2022-02-20 18:08:35,191 INFO L272 TraceCheckUtils]: 10: Hoare triple {79#false} call timeShift(); {79#false} is VALID [2022-02-20 18:08:35,192 INFO L290 TraceCheckUtils]: 11: Hoare triple {79#false} assume !(0 != ~pumpRunning~0); {79#false} is VALID [2022-02-20 18:08:35,192 INFO L290 TraceCheckUtils]: 12: Hoare triple {79#false} assume !(0 != ~systemActive~0); {79#false} is VALID [2022-02-20 18:08:35,192 INFO L290 TraceCheckUtils]: 13: Hoare triple {79#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret48#1, __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_~tmp~6#1, __utac_acc__Specification3_spec__1_~tmp___0~1#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~6#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~1#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {79#false} is VALID [2022-02-20 18:08:35,192 INFO L272 TraceCheckUtils]: 14: Hoare triple {79#false} call __utac_acc__Specification3_spec__1_#t~ret48#1 := isMethaneLevelCritical(); {78#true} is VALID [2022-02-20 18:08:35,193 INFO L290 TraceCheckUtils]: 15: Hoare triple {78#true} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {78#true} is VALID [2022-02-20 18:08:35,193 INFO L290 TraceCheckUtils]: 16: Hoare triple {78#true} assume true; {78#true} is VALID [2022-02-20 18:08:35,193 INFO L284 TraceCheckUtils]: 17: Hoare quadruple {78#true} {79#false} #204#return; {79#false} is VALID [2022-02-20 18:08:35,193 INFO L290 TraceCheckUtils]: 18: Hoare triple {79#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret48#1 && __utac_acc__Specification3_spec__1_#t~ret48#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~6#1 := __utac_acc__Specification3_spec__1_#t~ret48#1;havoc __utac_acc__Specification3_spec__1_#t~ret48#1; {79#false} is VALID [2022-02-20 18:08:35,193 INFO L290 TraceCheckUtils]: 19: Hoare triple {79#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~6#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~5#1;havoc getWaterLevel_~retValue_acc~5#1;getWaterLevel_~retValue_acc~5#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~5#1; {79#false} is VALID [2022-02-20 18:08:35,193 INFO L290 TraceCheckUtils]: 20: Hoare triple {79#false} __utac_acc__Specification3_spec__1_#t~ret49#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret49#1 && __utac_acc__Specification3_spec__1_#t~ret49#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~1#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {79#false} is VALID [2022-02-20 18:08:35,194 INFO L290 TraceCheckUtils]: 21: Hoare triple {79#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~1#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~3#1;havoc isPumpRunning_~retValue_acc~3#1;isPumpRunning_~retValue_acc~3#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~3#1; {79#false} is VALID [2022-02-20 18:08:35,194 INFO L290 TraceCheckUtils]: 22: Hoare triple {79#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret50#1 && __utac_acc__Specification3_spec__1_#t~ret50#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {79#false} is VALID [2022-02-20 18:08:35,194 INFO L290 TraceCheckUtils]: 23: Hoare triple {79#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {79#false} is VALID [2022-02-20 18:08:35,194 INFO L290 TraceCheckUtils]: 24: Hoare triple {79#false} assume !false; {79#false} is VALID [2022-02-20 18:08:35,195 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:35,195 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:08:35,195 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1615605657] [2022-02-20 18:08:35,196 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1615605657] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:35,196 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:35,196 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:08:35,197 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1244033820] [2022-02-20 18:08:35,198 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:35,201 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:08:35,202 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:35,204 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:35,229 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:35,230 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-02-20 18:08:35,230 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:08:35,258 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-02-20 18:08:35,258 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:08:35,262 INFO L87 Difference]: Start difference. First operand has 75 states, 57 states have (on average 1.3859649122807018) internal successors, (79), 63 states have internal predecessors, (79), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:35,352 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:35,352 INFO L93 Difference]: Finished difference Result 142 states and 193 transitions. [2022-02-20 18:08:35,353 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-02-20 18:08:35,353 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:08:35,353 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:35,355 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:35,375 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 193 transitions. [2022-02-20 18:08:35,375 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:35,381 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 193 transitions. [2022-02-20 18:08:35,381 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 193 transitions. [2022-02-20 18:08:35,576 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 193 edges. 193 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:35,583 INFO L225 Difference]: With dead ends: 142 [2022-02-20 18:08:35,584 INFO L226 Difference]: Without dead ends: 66 [2022-02-20 18:08:35,586 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:08:35,588 INFO L933 BasicCegarLoop]: 93 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 93 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:35,589 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 93 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:35,599 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 66 states. [2022-02-20 18:08:35,610 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 66 to 66. [2022-02-20 18:08:35,610 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:35,611 INFO L82 GeneralOperation]: Start isEquivalent. First operand 66 states. Second operand has 66 states, 50 states have (on average 1.3) internal successors, (65), 55 states have internal predecessors, (65), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:08:35,612 INFO L74 IsIncluded]: Start isIncluded. First operand 66 states. Second operand has 66 states, 50 states have (on average 1.3) internal successors, (65), 55 states have internal predecessors, (65), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:08:35,612 INFO L87 Difference]: Start difference. First operand 66 states. Second operand has 66 states, 50 states have (on average 1.3) internal successors, (65), 55 states have internal predecessors, (65), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:08:35,616 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:35,616 INFO L93 Difference]: Finished difference Result 66 states and 84 transitions. [2022-02-20 18:08:35,616 INFO L276 IsEmpty]: Start isEmpty. Operand 66 states and 84 transitions. [2022-02-20 18:08:35,617 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:35,617 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:35,618 INFO L74 IsIncluded]: Start isIncluded. First operand has 66 states, 50 states have (on average 1.3) internal successors, (65), 55 states have internal predecessors, (65), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) Second operand 66 states. [2022-02-20 18:08:35,618 INFO L87 Difference]: Start difference. First operand has 66 states, 50 states have (on average 1.3) internal successors, (65), 55 states have internal predecessors, (65), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) Second operand 66 states. [2022-02-20 18:08:35,622 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:35,622 INFO L93 Difference]: Finished difference Result 66 states and 84 transitions. [2022-02-20 18:08:35,622 INFO L276 IsEmpty]: Start isEmpty. Operand 66 states and 84 transitions. [2022-02-20 18:08:35,623 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:35,623 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:35,623 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:35,623 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:35,623 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 66 states, 50 states have (on average 1.3) internal successors, (65), 55 states have internal predecessors, (65), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:08:35,626 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 66 states to 66 states and 84 transitions. [2022-02-20 18:08:35,629 INFO L78 Accepts]: Start accepts. Automaton has 66 states and 84 transitions. Word has length 25 [2022-02-20 18:08:35,629 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:35,629 INFO L470 AbstractCegarLoop]: Abstraction has 66 states and 84 transitions. [2022-02-20 18:08:35,629 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:35,629 INFO L276 IsEmpty]: Start isEmpty. Operand 66 states and 84 transitions. [2022-02-20 18:08:35,630 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-02-20 18:08:35,630 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:35,630 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:35,631 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-02-20 18:08:35,631 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:35,631 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:35,631 INFO L85 PathProgramCache]: Analyzing trace with hash 1772124439, now seen corresponding path program 1 times [2022-02-20 18:08:35,632 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:08:35,632 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1483091088] [2022-02-20 18:08:35,632 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:35,632 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:08:35,668 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:35,707 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2022-02-20 18:08:35,708 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:35,711 INFO L290 TraceCheckUtils]: 0: Hoare triple {520#true} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {520#true} is VALID [2022-02-20 18:08:35,711 INFO L290 TraceCheckUtils]: 1: Hoare triple {520#true} assume true; {520#true} is VALID [2022-02-20 18:08:35,711 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {520#true} {521#false} #204#return; {521#false} is VALID [2022-02-20 18:08:35,711 INFO L290 TraceCheckUtils]: 0: Hoare triple {520#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(3, 5);call write~init~int(79, 5, 0, 1);call write~init~int(110, 5, 1, 1);call write~init~int(0, 5, 2, 1);call #Ultimate.allocInit(4, 6);call write~init~int(79, 6, 0, 1);call write~init~int(102, 6, 1, 1);call write~init~int(102, 6, 2, 1);call write~init~int(0, 6, 3, 1);call #Ultimate.allocInit(7, 7);call write~init~int(44, 7, 0, 1);call write~init~int(80, 7, 1, 1);call write~init~int(117, 7, 2, 1);call write~init~int(109, 7, 3, 1);call write~init~int(112, 7, 4, 1);call write~init~int(58, 7, 5, 1);call write~init~int(0, 7, 6, 1);call #Ultimate.allocInit(3, 8);call write~init~int(79, 8, 0, 1);call write~init~int(110, 8, 1, 1);call write~init~int(0, 8, 2, 1);call #Ultimate.allocInit(4, 9);call write~init~int(79, 9, 0, 1);call write~init~int(102, 9, 1, 1);call write~init~int(102, 9, 2, 1);call write~init~int(0, 9, 3, 1);call #Ultimate.allocInit(3, 10);call write~init~int(41, 10, 0, 1);call write~init~int(32, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(2, 11);call write~init~int(10, 11, 0, 1);call write~init~int(0, 11, 1, 1);call #Ultimate.allocInit(13, 12);call #Ultimate.allocInit(7, 13);call write~init~int(44, 13, 0, 1);call write~init~int(77, 13, 1, 1);call write~init~int(101, 13, 2, 1);call write~init~int(116, 13, 3, 1);call write~init~int(104, 13, 4, 1);call write~init~int(58, 13, 5, 1);call write~init~int(0, 13, 6, 1);call #Ultimate.allocInit(5, 14);call write~init~int(67, 14, 0, 1);call write~init~int(82, 14, 1, 1);call write~init~int(73, 14, 2, 1);call write~init~int(84, 14, 3, 1);call write~init~int(0, 14, 4, 1);call #Ultimate.allocInit(3, 15);call write~init~int(79, 15, 0, 1);call write~init~int(75, 15, 1, 1);call write~init~int(0, 15, 2, 1);call #Ultimate.allocInit(2, 16);call write~init~int(41, 16, 0, 1);call write~init~int(0, 16, 1, 1);call #Ultimate.allocInit(30, 17);call #Ultimate.allocInit(9, 18);call #Ultimate.allocInit(21, 19);call #Ultimate.allocInit(30, 20);call #Ultimate.allocInit(9, 21);call #Ultimate.allocInit(21, 22);call #Ultimate.allocInit(30, 23);call #Ultimate.allocInit(9, 24);call #Ultimate.allocInit(25, 25);call #Ultimate.allocInit(30, 26);call #Ultimate.allocInit(9, 27);call #Ultimate.allocInit(25, 28);~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~cleanupTimeShifts~0 := 4;~head~0.base, ~head~0.offset := 0, 0; {520#true} is VALID [2022-02-20 18:08:35,712 INFO L290 TraceCheckUtils]: 1: Hoare triple {520#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret24#1, main_~retValue_acc~6#1, main_~tmp~2#1;havoc main_~retValue_acc~6#1;havoc main_~tmp~2#1;assume { :begin_inline_select_helpers } true; {520#true} is VALID [2022-02-20 18:08:35,712 INFO L290 TraceCheckUtils]: 2: Hoare triple {520#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {520#true} is VALID [2022-02-20 18:08:35,712 INFO L290 TraceCheckUtils]: 3: Hoare triple {520#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {520#true} is VALID [2022-02-20 18:08:35,712 INFO L290 TraceCheckUtils]: 4: Hoare triple {520#true} main_#t~ret24#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret24#1 && main_#t~ret24#1 <= 2147483647;main_~tmp~2#1 := main_#t~ret24#1;havoc main_#t~ret24#1; {520#true} is VALID [2022-02-20 18:08:35,712 INFO L290 TraceCheckUtils]: 5: Hoare triple {520#true} assume 0 != main_~tmp~2#1;assume { :begin_inline_setup } true; {520#true} is VALID [2022-02-20 18:08:35,712 INFO L290 TraceCheckUtils]: 6: Hoare triple {520#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet15#1, test_#t~nondet16#1, test_#t~nondet17#1, test_#t~nondet18#1, test_~splverifierCounter~0#1, test_~tmp~1#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~1#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {522#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:08:35,713 INFO L290 TraceCheckUtils]: 7: Hoare triple {522#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !false; {522#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:08:35,713 INFO L290 TraceCheckUtils]: 8: Hoare triple {522#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !(test_~splverifierCounter~0#1 < 4); {521#false} is VALID [2022-02-20 18:08:35,713 INFO L272 TraceCheckUtils]: 9: Hoare triple {521#false} call cleanup(); {521#false} is VALID [2022-02-20 18:08:35,714 INFO L290 TraceCheckUtils]: 10: Hoare triple {521#false} havoc ~i~0;havoc ~__cil_tmp2~0; {521#false} is VALID [2022-02-20 18:08:35,714 INFO L272 TraceCheckUtils]: 11: Hoare triple {521#false} call timeShift(); {521#false} is VALID [2022-02-20 18:08:35,714 INFO L290 TraceCheckUtils]: 12: Hoare triple {521#false} assume !(0 != ~pumpRunning~0); {521#false} is VALID [2022-02-20 18:08:35,714 INFO L290 TraceCheckUtils]: 13: Hoare triple {521#false} assume !(0 != ~systemActive~0); {521#false} is VALID [2022-02-20 18:08:35,714 INFO L290 TraceCheckUtils]: 14: Hoare triple {521#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret48#1, __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_~tmp~6#1, __utac_acc__Specification3_spec__1_~tmp___0~1#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~6#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~1#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {521#false} is VALID [2022-02-20 18:08:35,714 INFO L272 TraceCheckUtils]: 15: Hoare triple {521#false} call __utac_acc__Specification3_spec__1_#t~ret48#1 := isMethaneLevelCritical(); {520#true} is VALID [2022-02-20 18:08:35,714 INFO L290 TraceCheckUtils]: 16: Hoare triple {520#true} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {520#true} is VALID [2022-02-20 18:08:35,714 INFO L290 TraceCheckUtils]: 17: Hoare triple {520#true} assume true; {520#true} is VALID [2022-02-20 18:08:35,714 INFO L284 TraceCheckUtils]: 18: Hoare quadruple {520#true} {521#false} #204#return; {521#false} is VALID [2022-02-20 18:08:35,715 INFO L290 TraceCheckUtils]: 19: Hoare triple {521#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret48#1 && __utac_acc__Specification3_spec__1_#t~ret48#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~6#1 := __utac_acc__Specification3_spec__1_#t~ret48#1;havoc __utac_acc__Specification3_spec__1_#t~ret48#1; {521#false} is VALID [2022-02-20 18:08:35,715 INFO L290 TraceCheckUtils]: 20: Hoare triple {521#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~6#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~5#1;havoc getWaterLevel_~retValue_acc~5#1;getWaterLevel_~retValue_acc~5#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~5#1; {521#false} is VALID [2022-02-20 18:08:35,715 INFO L290 TraceCheckUtils]: 21: Hoare triple {521#false} __utac_acc__Specification3_spec__1_#t~ret49#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret49#1 && __utac_acc__Specification3_spec__1_#t~ret49#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~1#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {521#false} is VALID [2022-02-20 18:08:35,715 INFO L290 TraceCheckUtils]: 22: Hoare triple {521#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~1#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~3#1;havoc isPumpRunning_~retValue_acc~3#1;isPumpRunning_~retValue_acc~3#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~3#1; {521#false} is VALID [2022-02-20 18:08:35,715 INFO L290 TraceCheckUtils]: 23: Hoare triple {521#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret50#1 && __utac_acc__Specification3_spec__1_#t~ret50#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {521#false} is VALID [2022-02-20 18:08:35,715 INFO L290 TraceCheckUtils]: 24: Hoare triple {521#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {521#false} is VALID [2022-02-20 18:08:35,715 INFO L290 TraceCheckUtils]: 25: Hoare triple {521#false} assume !false; {521#false} is VALID [2022-02-20 18:08:35,715 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:35,716 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:08:35,716 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1483091088] [2022-02-20 18:08:35,716 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1483091088] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:35,716 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:35,716 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:08:35,716 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1182868492] [2022-02-20 18:08:35,716 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:35,717 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:08:35,717 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:35,718 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:35,737 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 26 edges. 26 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:35,738 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:08:35,739 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:08:35,740 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:08:35,740 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:35,741 INFO L87 Difference]: Start difference. First operand 66 states and 84 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:35,831 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:35,832 INFO L93 Difference]: Finished difference Result 97 states and 123 transitions. [2022-02-20 18:08:35,832 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:08:35,832 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:08:35,832 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:35,832 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:35,835 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 123 transitions. [2022-02-20 18:08:35,835 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:35,837 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 123 transitions. [2022-02-20 18:08:35,837 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 123 transitions. [2022-02-20 18:08:35,913 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 123 edges. 123 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:35,914 INFO L225 Difference]: With dead ends: 97 [2022-02-20 18:08:35,915 INFO L226 Difference]: Without dead ends: 57 [2022-02-20 18:08:35,915 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:35,916 INFO L933 BasicCegarLoop]: 71 mSDtfsCounter, 13 mSDsluCounter, 54 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 125 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:35,916 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [16 Valid, 125 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:35,917 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 57 states. [2022-02-20 18:08:35,933 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 57 to 57. [2022-02-20 18:08:35,935 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:35,936 INFO L82 GeneralOperation]: Start isEquivalent. First operand 57 states. Second operand has 57 states, 44 states have (on average 1.3181818181818181) internal successors, (58), 49 states have internal predecessors, (58), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:08:35,936 INFO L74 IsIncluded]: Start isIncluded. First operand 57 states. Second operand has 57 states, 44 states have (on average 1.3181818181818181) internal successors, (58), 49 states have internal predecessors, (58), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:08:35,937 INFO L87 Difference]: Start difference. First operand 57 states. Second operand has 57 states, 44 states have (on average 1.3181818181818181) internal successors, (58), 49 states have internal predecessors, (58), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:08:35,941 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:35,942 INFO L93 Difference]: Finished difference Result 57 states and 72 transitions. [2022-02-20 18:08:35,942 INFO L276 IsEmpty]: Start isEmpty. Operand 57 states and 72 transitions. [2022-02-20 18:08:35,942 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:35,943 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:35,943 INFO L74 IsIncluded]: Start isIncluded. First operand has 57 states, 44 states have (on average 1.3181818181818181) internal successors, (58), 49 states have internal predecessors, (58), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) Second operand 57 states. [2022-02-20 18:08:35,943 INFO L87 Difference]: Start difference. First operand has 57 states, 44 states have (on average 1.3181818181818181) internal successors, (58), 49 states have internal predecessors, (58), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) Second operand 57 states. [2022-02-20 18:08:35,945 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:35,948 INFO L93 Difference]: Finished difference Result 57 states and 72 transitions. [2022-02-20 18:08:35,948 INFO L276 IsEmpty]: Start isEmpty. Operand 57 states and 72 transitions. [2022-02-20 18:08:35,948 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:35,950 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:35,950 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:35,950 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:35,951 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 57 states, 44 states have (on average 1.3181818181818181) internal successors, (58), 49 states have internal predecessors, (58), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:08:35,952 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 57 states to 57 states and 72 transitions. [2022-02-20 18:08:35,953 INFO L78 Accepts]: Start accepts. Automaton has 57 states and 72 transitions. Word has length 26 [2022-02-20 18:08:35,953 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:35,953 INFO L470 AbstractCegarLoop]: Abstraction has 57 states and 72 transitions. [2022-02-20 18:08:35,954 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:35,955 INFO L276 IsEmpty]: Start isEmpty. Operand 57 states and 72 transitions. [2022-02-20 18:08:35,955 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2022-02-20 18:08:35,956 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:35,957 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:35,958 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-02-20 18:08:35,958 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:35,959 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:35,960 INFO L85 PathProgramCache]: Analyzing trace with hash -735726567, now seen corresponding path program 1 times [2022-02-20 18:08:35,961 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:08:35,961 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1105384503] [2022-02-20 18:08:35,961 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:35,961 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:08:35,994 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:36,046 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2022-02-20 18:08:36,047 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:36,055 INFO L290 TraceCheckUtils]: 0: Hoare triple {865#true} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {865#true} is VALID [2022-02-20 18:08:36,056 INFO L290 TraceCheckUtils]: 1: Hoare triple {865#true} assume true; {865#true} is VALID [2022-02-20 18:08:36,056 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {865#true} {866#false} #204#return; {866#false} is VALID [2022-02-20 18:08:36,058 INFO L290 TraceCheckUtils]: 0: Hoare triple {865#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(3, 5);call write~init~int(79, 5, 0, 1);call write~init~int(110, 5, 1, 1);call write~init~int(0, 5, 2, 1);call #Ultimate.allocInit(4, 6);call write~init~int(79, 6, 0, 1);call write~init~int(102, 6, 1, 1);call write~init~int(102, 6, 2, 1);call write~init~int(0, 6, 3, 1);call #Ultimate.allocInit(7, 7);call write~init~int(44, 7, 0, 1);call write~init~int(80, 7, 1, 1);call write~init~int(117, 7, 2, 1);call write~init~int(109, 7, 3, 1);call write~init~int(112, 7, 4, 1);call write~init~int(58, 7, 5, 1);call write~init~int(0, 7, 6, 1);call #Ultimate.allocInit(3, 8);call write~init~int(79, 8, 0, 1);call write~init~int(110, 8, 1, 1);call write~init~int(0, 8, 2, 1);call #Ultimate.allocInit(4, 9);call write~init~int(79, 9, 0, 1);call write~init~int(102, 9, 1, 1);call write~init~int(102, 9, 2, 1);call write~init~int(0, 9, 3, 1);call #Ultimate.allocInit(3, 10);call write~init~int(41, 10, 0, 1);call write~init~int(32, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(2, 11);call write~init~int(10, 11, 0, 1);call write~init~int(0, 11, 1, 1);call #Ultimate.allocInit(13, 12);call #Ultimate.allocInit(7, 13);call write~init~int(44, 13, 0, 1);call write~init~int(77, 13, 1, 1);call write~init~int(101, 13, 2, 1);call write~init~int(116, 13, 3, 1);call write~init~int(104, 13, 4, 1);call write~init~int(58, 13, 5, 1);call write~init~int(0, 13, 6, 1);call #Ultimate.allocInit(5, 14);call write~init~int(67, 14, 0, 1);call write~init~int(82, 14, 1, 1);call write~init~int(73, 14, 2, 1);call write~init~int(84, 14, 3, 1);call write~init~int(0, 14, 4, 1);call #Ultimate.allocInit(3, 15);call write~init~int(79, 15, 0, 1);call write~init~int(75, 15, 1, 1);call write~init~int(0, 15, 2, 1);call #Ultimate.allocInit(2, 16);call write~init~int(41, 16, 0, 1);call write~init~int(0, 16, 1, 1);call #Ultimate.allocInit(30, 17);call #Ultimate.allocInit(9, 18);call #Ultimate.allocInit(21, 19);call #Ultimate.allocInit(30, 20);call #Ultimate.allocInit(9, 21);call #Ultimate.allocInit(21, 22);call #Ultimate.allocInit(30, 23);call #Ultimate.allocInit(9, 24);call #Ultimate.allocInit(25, 25);call #Ultimate.allocInit(30, 26);call #Ultimate.allocInit(9, 27);call #Ultimate.allocInit(25, 28);~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~cleanupTimeShifts~0 := 4;~head~0.base, ~head~0.offset := 0, 0; {867#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:08:36,059 INFO L290 TraceCheckUtils]: 1: Hoare triple {867#(= 1 ~systemActive~0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret24#1, main_~retValue_acc~6#1, main_~tmp~2#1;havoc main_~retValue_acc~6#1;havoc main_~tmp~2#1;assume { :begin_inline_select_helpers } true; {867#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:08:36,059 INFO L290 TraceCheckUtils]: 2: Hoare triple {867#(= 1 ~systemActive~0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {867#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:08:36,059 INFO L290 TraceCheckUtils]: 3: Hoare triple {867#(= 1 ~systemActive~0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {868#(= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)} is VALID [2022-02-20 18:08:36,061 INFO L290 TraceCheckUtils]: 4: Hoare triple {868#(= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)} main_#t~ret24#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret24#1 && main_#t~ret24#1 <= 2147483647;main_~tmp~2#1 := main_#t~ret24#1;havoc main_#t~ret24#1; {869#(= |ULTIMATE.start_main_~tmp~2#1| ~systemActive~0)} is VALID [2022-02-20 18:08:36,061 INFO L290 TraceCheckUtils]: 5: Hoare triple {869#(= |ULTIMATE.start_main_~tmp~2#1| ~systemActive~0)} assume 0 != main_~tmp~2#1;assume { :begin_inline_setup } true; {870#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:36,061 INFO L290 TraceCheckUtils]: 6: Hoare triple {870#(not (= 0 ~systemActive~0))} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet15#1, test_#t~nondet16#1, test_#t~nondet17#1, test_#t~nondet18#1, test_~splverifierCounter~0#1, test_~tmp~1#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~1#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {870#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:36,062 INFO L290 TraceCheckUtils]: 7: Hoare triple {870#(not (= 0 ~systemActive~0))} assume !false; {870#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:36,062 INFO L290 TraceCheckUtils]: 8: Hoare triple {870#(not (= 0 ~systemActive~0))} assume test_~splverifierCounter~0#1 < 4; {870#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:36,063 INFO L290 TraceCheckUtils]: 9: Hoare triple {870#(not (= 0 ~systemActive~0))} assume -2147483648 <= test_#t~nondet15#1 && test_#t~nondet15#1 <= 2147483647;test_~tmp~1#1 := test_#t~nondet15#1;havoc test_#t~nondet15#1; {870#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:36,063 INFO L290 TraceCheckUtils]: 10: Hoare triple {870#(not (= 0 ~systemActive~0))} assume !(0 != test_~tmp~1#1); {870#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:36,064 INFO L290 TraceCheckUtils]: 11: Hoare triple {870#(not (= 0 ~systemActive~0))} assume -2147483648 <= test_#t~nondet16#1 && test_#t~nondet16#1 <= 2147483647;test_~tmp___0~0#1 := test_#t~nondet16#1;havoc test_#t~nondet16#1; {870#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:36,064 INFO L290 TraceCheckUtils]: 12: Hoare triple {870#(not (= 0 ~systemActive~0))} assume !(0 != test_~tmp___0~0#1); {870#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:36,064 INFO L290 TraceCheckUtils]: 13: Hoare triple {870#(not (= 0 ~systemActive~0))} assume -2147483648 <= test_#t~nondet17#1 && test_#t~nondet17#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet17#1;havoc test_#t~nondet17#1; {870#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:36,065 INFO L290 TraceCheckUtils]: 14: Hoare triple {870#(not (= 0 ~systemActive~0))} assume !(0 != test_~tmp___2~0#1);assume -2147483648 <= test_#t~nondet18#1 && test_#t~nondet18#1 <= 2147483647;test_~tmp___1~0#1 := test_#t~nondet18#1;havoc test_#t~nondet18#1; {870#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:36,066 INFO L290 TraceCheckUtils]: 15: Hoare triple {870#(not (= 0 ~systemActive~0))} assume 0 != test_~tmp___1~0#1; {870#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:36,066 INFO L272 TraceCheckUtils]: 16: Hoare triple {870#(not (= 0 ~systemActive~0))} call timeShift(); {870#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:36,067 INFO L290 TraceCheckUtils]: 17: Hoare triple {870#(not (= 0 ~systemActive~0))} assume !(0 != ~pumpRunning~0); {870#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:36,067 INFO L290 TraceCheckUtils]: 18: Hoare triple {870#(not (= 0 ~systemActive~0))} assume !(0 != ~systemActive~0); {866#false} is VALID [2022-02-20 18:08:36,067 INFO L290 TraceCheckUtils]: 19: Hoare triple {866#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret48#1, __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_~tmp~6#1, __utac_acc__Specification3_spec__1_~tmp___0~1#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~6#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~1#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {866#false} is VALID [2022-02-20 18:08:36,067 INFO L272 TraceCheckUtils]: 20: Hoare triple {866#false} call __utac_acc__Specification3_spec__1_#t~ret48#1 := isMethaneLevelCritical(); {865#true} is VALID [2022-02-20 18:08:36,067 INFO L290 TraceCheckUtils]: 21: Hoare triple {865#true} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {865#true} is VALID [2022-02-20 18:08:36,068 INFO L290 TraceCheckUtils]: 22: Hoare triple {865#true} assume true; {865#true} is VALID [2022-02-20 18:08:36,068 INFO L284 TraceCheckUtils]: 23: Hoare quadruple {865#true} {866#false} #204#return; {866#false} is VALID [2022-02-20 18:08:36,068 INFO L290 TraceCheckUtils]: 24: Hoare triple {866#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret48#1 && __utac_acc__Specification3_spec__1_#t~ret48#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~6#1 := __utac_acc__Specification3_spec__1_#t~ret48#1;havoc __utac_acc__Specification3_spec__1_#t~ret48#1; {866#false} is VALID [2022-02-20 18:08:36,068 INFO L290 TraceCheckUtils]: 25: Hoare triple {866#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~6#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~5#1;havoc getWaterLevel_~retValue_acc~5#1;getWaterLevel_~retValue_acc~5#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~5#1; {866#false} is VALID [2022-02-20 18:08:36,068 INFO L290 TraceCheckUtils]: 26: Hoare triple {866#false} __utac_acc__Specification3_spec__1_#t~ret49#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret49#1 && __utac_acc__Specification3_spec__1_#t~ret49#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~1#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {866#false} is VALID [2022-02-20 18:08:36,069 INFO L290 TraceCheckUtils]: 27: Hoare triple {866#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~1#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~3#1;havoc isPumpRunning_~retValue_acc~3#1;isPumpRunning_~retValue_acc~3#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~3#1; {866#false} is VALID [2022-02-20 18:08:36,069 INFO L290 TraceCheckUtils]: 28: Hoare triple {866#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret50#1 && __utac_acc__Specification3_spec__1_#t~ret50#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {866#false} is VALID [2022-02-20 18:08:36,069 INFO L290 TraceCheckUtils]: 29: Hoare triple {866#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {866#false} is VALID [2022-02-20 18:08:36,069 INFO L290 TraceCheckUtils]: 30: Hoare triple {866#false} assume !false; {866#false} is VALID [2022-02-20 18:08:36,069 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:36,070 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:08:36,070 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1105384503] [2022-02-20 18:08:36,070 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1105384503] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:36,070 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:36,070 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 18:08:36,070 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [878430552] [2022-02-20 18:08:36,071 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:36,071 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 6 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 31 [2022-02-20 18:08:36,071 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:36,071 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 6 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:36,107 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 31 edges. 31 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:36,107 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 18:08:36,107 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:08:36,108 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 18:08:36,108 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-02-20 18:08:36,108 INFO L87 Difference]: Start difference. First operand 57 states and 72 transitions. Second operand has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 6 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:36,324 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:36,324 INFO L93 Difference]: Finished difference Result 107 states and 138 transitions. [2022-02-20 18:08:36,324 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 18:08:36,325 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 6 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 31 [2022-02-20 18:08:36,325 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:36,325 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 6 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:36,327 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 138 transitions. [2022-02-20 18:08:36,327 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 6 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:36,329 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 138 transitions. [2022-02-20 18:08:36,329 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 138 transitions. [2022-02-20 18:08:36,415 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 138 edges. 138 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:36,416 INFO L225 Difference]: With dead ends: 107 [2022-02-20 18:08:36,417 INFO L226 Difference]: Without dead ends: 57 [2022-02-20 18:08:36,417 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2022-02-20 18:08:36,418 INFO L933 BasicCegarLoop]: 65 mSDtfsCounter, 97 mSDsluCounter, 74 mSDsCounter, 0 mSdLazyCounter, 33 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 97 SdHoareTripleChecker+Valid, 139 SdHoareTripleChecker+Invalid, 46 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 33 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:36,418 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [97 Valid, 139 Invalid, 46 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 33 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:36,419 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 57 states. [2022-02-20 18:08:36,422 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 57 to 57. [2022-02-20 18:08:36,422 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:36,423 INFO L82 GeneralOperation]: Start isEquivalent. First operand 57 states. Second operand has 57 states, 44 states have (on average 1.2954545454545454) internal successors, (57), 49 states have internal predecessors, (57), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:08:36,423 INFO L74 IsIncluded]: Start isIncluded. First operand 57 states. Second operand has 57 states, 44 states have (on average 1.2954545454545454) internal successors, (57), 49 states have internal predecessors, (57), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:08:36,423 INFO L87 Difference]: Start difference. First operand 57 states. Second operand has 57 states, 44 states have (on average 1.2954545454545454) internal successors, (57), 49 states have internal predecessors, (57), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:08:36,425 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:36,425 INFO L93 Difference]: Finished difference Result 57 states and 71 transitions. [2022-02-20 18:08:36,425 INFO L276 IsEmpty]: Start isEmpty. Operand 57 states and 71 transitions. [2022-02-20 18:08:36,426 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:36,426 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:36,426 INFO L74 IsIncluded]: Start isIncluded. First operand has 57 states, 44 states have (on average 1.2954545454545454) internal successors, (57), 49 states have internal predecessors, (57), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) Second operand 57 states. [2022-02-20 18:08:36,426 INFO L87 Difference]: Start difference. First operand has 57 states, 44 states have (on average 1.2954545454545454) internal successors, (57), 49 states have internal predecessors, (57), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) Second operand 57 states. [2022-02-20 18:08:36,428 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:36,428 INFO L93 Difference]: Finished difference Result 57 states and 71 transitions. [2022-02-20 18:08:36,428 INFO L276 IsEmpty]: Start isEmpty. Operand 57 states and 71 transitions. [2022-02-20 18:08:36,428 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:36,429 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:36,429 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:36,429 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:36,429 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 57 states, 44 states have (on average 1.2954545454545454) internal successors, (57), 49 states have internal predecessors, (57), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:08:36,430 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 57 states to 57 states and 71 transitions. [2022-02-20 18:08:36,431 INFO L78 Accepts]: Start accepts. Automaton has 57 states and 71 transitions. Word has length 31 [2022-02-20 18:08:36,431 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:36,431 INFO L470 AbstractCegarLoop]: Abstraction has 57 states and 71 transitions. [2022-02-20 18:08:36,431 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 6 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:36,431 INFO L276 IsEmpty]: Start isEmpty. Operand 57 states and 71 transitions. [2022-02-20 18:08:36,432 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 37 [2022-02-20 18:08:36,432 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:36,432 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:36,432 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-02-20 18:08:36,432 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:36,433 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:36,433 INFO L85 PathProgramCache]: Analyzing trace with hash -499241908, now seen corresponding path program 1 times [2022-02-20 18:08:36,433 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:08:36,433 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1651696687] [2022-02-20 18:08:36,433 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:36,434 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:08:36,454 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:36,494 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2022-02-20 18:08:36,495 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:36,498 INFO L290 TraceCheckUtils]: 0: Hoare triple {1229#true} assume true; {1229#true} is VALID [2022-02-20 18:08:36,499 INFO L284 TraceCheckUtils]: 1: Hoare quadruple {1229#true} {1231#(= ~waterLevel~0 1)} #202#return; {1231#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:36,499 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2022-02-20 18:08:36,500 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:36,503 INFO L290 TraceCheckUtils]: 0: Hoare triple {1229#true} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {1229#true} is VALID [2022-02-20 18:08:36,503 INFO L290 TraceCheckUtils]: 1: Hoare triple {1229#true} assume true; {1229#true} is VALID [2022-02-20 18:08:36,504 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1229#true} {1231#(= ~waterLevel~0 1)} #204#return; {1231#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:36,504 INFO L290 TraceCheckUtils]: 0: Hoare triple {1229#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(3, 5);call write~init~int(79, 5, 0, 1);call write~init~int(110, 5, 1, 1);call write~init~int(0, 5, 2, 1);call #Ultimate.allocInit(4, 6);call write~init~int(79, 6, 0, 1);call write~init~int(102, 6, 1, 1);call write~init~int(102, 6, 2, 1);call write~init~int(0, 6, 3, 1);call #Ultimate.allocInit(7, 7);call write~init~int(44, 7, 0, 1);call write~init~int(80, 7, 1, 1);call write~init~int(117, 7, 2, 1);call write~init~int(109, 7, 3, 1);call write~init~int(112, 7, 4, 1);call write~init~int(58, 7, 5, 1);call write~init~int(0, 7, 6, 1);call #Ultimate.allocInit(3, 8);call write~init~int(79, 8, 0, 1);call write~init~int(110, 8, 1, 1);call write~init~int(0, 8, 2, 1);call #Ultimate.allocInit(4, 9);call write~init~int(79, 9, 0, 1);call write~init~int(102, 9, 1, 1);call write~init~int(102, 9, 2, 1);call write~init~int(0, 9, 3, 1);call #Ultimate.allocInit(3, 10);call write~init~int(41, 10, 0, 1);call write~init~int(32, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(2, 11);call write~init~int(10, 11, 0, 1);call write~init~int(0, 11, 1, 1);call #Ultimate.allocInit(13, 12);call #Ultimate.allocInit(7, 13);call write~init~int(44, 13, 0, 1);call write~init~int(77, 13, 1, 1);call write~init~int(101, 13, 2, 1);call write~init~int(116, 13, 3, 1);call write~init~int(104, 13, 4, 1);call write~init~int(58, 13, 5, 1);call write~init~int(0, 13, 6, 1);call #Ultimate.allocInit(5, 14);call write~init~int(67, 14, 0, 1);call write~init~int(82, 14, 1, 1);call write~init~int(73, 14, 2, 1);call write~init~int(84, 14, 3, 1);call write~init~int(0, 14, 4, 1);call #Ultimate.allocInit(3, 15);call write~init~int(79, 15, 0, 1);call write~init~int(75, 15, 1, 1);call write~init~int(0, 15, 2, 1);call #Ultimate.allocInit(2, 16);call write~init~int(41, 16, 0, 1);call write~init~int(0, 16, 1, 1);call #Ultimate.allocInit(30, 17);call #Ultimate.allocInit(9, 18);call #Ultimate.allocInit(21, 19);call #Ultimate.allocInit(30, 20);call #Ultimate.allocInit(9, 21);call #Ultimate.allocInit(21, 22);call #Ultimate.allocInit(30, 23);call #Ultimate.allocInit(9, 24);call #Ultimate.allocInit(25, 25);call #Ultimate.allocInit(30, 26);call #Ultimate.allocInit(9, 27);call #Ultimate.allocInit(25, 28);~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~cleanupTimeShifts~0 := 4;~head~0.base, ~head~0.offset := 0, 0; {1231#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:36,504 INFO L290 TraceCheckUtils]: 1: Hoare triple {1231#(= ~waterLevel~0 1)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret24#1, main_~retValue_acc~6#1, main_~tmp~2#1;havoc main_~retValue_acc~6#1;havoc main_~tmp~2#1;assume { :begin_inline_select_helpers } true; {1231#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:36,505 INFO L290 TraceCheckUtils]: 2: Hoare triple {1231#(= ~waterLevel~0 1)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1231#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:36,505 INFO L290 TraceCheckUtils]: 3: Hoare triple {1231#(= ~waterLevel~0 1)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {1231#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:36,506 INFO L290 TraceCheckUtils]: 4: Hoare triple {1231#(= ~waterLevel~0 1)} main_#t~ret24#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret24#1 && main_#t~ret24#1 <= 2147483647;main_~tmp~2#1 := main_#t~ret24#1;havoc main_#t~ret24#1; {1231#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:36,506 INFO L290 TraceCheckUtils]: 5: Hoare triple {1231#(= ~waterLevel~0 1)} assume 0 != main_~tmp~2#1;assume { :begin_inline_setup } true; {1231#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:36,506 INFO L290 TraceCheckUtils]: 6: Hoare triple {1231#(= ~waterLevel~0 1)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet15#1, test_#t~nondet16#1, test_#t~nondet17#1, test_#t~nondet18#1, test_~splverifierCounter~0#1, test_~tmp~1#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~1#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {1231#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:36,507 INFO L290 TraceCheckUtils]: 7: Hoare triple {1231#(= ~waterLevel~0 1)} assume !false; {1231#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:36,507 INFO L290 TraceCheckUtils]: 8: Hoare triple {1231#(= ~waterLevel~0 1)} assume test_~splverifierCounter~0#1 < 4; {1231#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:36,509 INFO L290 TraceCheckUtils]: 9: Hoare triple {1231#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet15#1 && test_#t~nondet15#1 <= 2147483647;test_~tmp~1#1 := test_#t~nondet15#1;havoc test_#t~nondet15#1; {1231#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:36,509 INFO L290 TraceCheckUtils]: 10: Hoare triple {1231#(= ~waterLevel~0 1)} assume !(0 != test_~tmp~1#1); {1231#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:36,510 INFO L290 TraceCheckUtils]: 11: Hoare triple {1231#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet16#1 && test_#t~nondet16#1 <= 2147483647;test_~tmp___0~0#1 := test_#t~nondet16#1;havoc test_#t~nondet16#1; {1231#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:36,510 INFO L290 TraceCheckUtils]: 12: Hoare triple {1231#(= ~waterLevel~0 1)} assume !(0 != test_~tmp___0~0#1); {1231#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:36,511 INFO L290 TraceCheckUtils]: 13: Hoare triple {1231#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet17#1 && test_#t~nondet17#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet17#1;havoc test_#t~nondet17#1; {1231#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:36,511 INFO L290 TraceCheckUtils]: 14: Hoare triple {1231#(= ~waterLevel~0 1)} assume !(0 != test_~tmp___2~0#1);assume -2147483648 <= test_#t~nondet18#1 && test_#t~nondet18#1 <= 2147483647;test_~tmp___1~0#1 := test_#t~nondet18#1;havoc test_#t~nondet18#1; {1231#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:36,511 INFO L290 TraceCheckUtils]: 15: Hoare triple {1231#(= ~waterLevel~0 1)} assume 0 != test_~tmp___1~0#1; {1231#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:36,512 INFO L272 TraceCheckUtils]: 16: Hoare triple {1231#(= ~waterLevel~0 1)} call timeShift(); {1231#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:36,512 INFO L290 TraceCheckUtils]: 17: Hoare triple {1231#(= ~waterLevel~0 1)} assume !(0 != ~pumpRunning~0); {1231#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:36,512 INFO L290 TraceCheckUtils]: 18: Hoare triple {1231#(= ~waterLevel~0 1)} assume 0 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret5#1, processEnvironment_~tmp~0#1;havoc processEnvironment_~tmp~0#1; {1231#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:36,514 INFO L290 TraceCheckUtils]: 19: Hoare triple {1231#(= ~waterLevel~0 1)} assume !(0 != ~pumpRunning~0); {1231#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:36,514 INFO L272 TraceCheckUtils]: 20: Hoare triple {1231#(= ~waterLevel~0 1)} call processEnvironment__wrappee__base(); {1229#true} is VALID [2022-02-20 18:08:36,515 INFO L290 TraceCheckUtils]: 21: Hoare triple {1229#true} assume true; {1229#true} is VALID [2022-02-20 18:08:36,515 INFO L284 TraceCheckUtils]: 22: Hoare quadruple {1229#true} {1231#(= ~waterLevel~0 1)} #202#return; {1231#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:36,515 INFO L290 TraceCheckUtils]: 23: Hoare triple {1231#(= ~waterLevel~0 1)} assume { :end_inline_processEnvironment } true; {1231#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:36,516 INFO L290 TraceCheckUtils]: 24: Hoare triple {1231#(= ~waterLevel~0 1)} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret48#1, __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_~tmp~6#1, __utac_acc__Specification3_spec__1_~tmp___0~1#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~6#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~1#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {1231#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:36,516 INFO L272 TraceCheckUtils]: 25: Hoare triple {1231#(= ~waterLevel~0 1)} call __utac_acc__Specification3_spec__1_#t~ret48#1 := isMethaneLevelCritical(); {1229#true} is VALID [2022-02-20 18:08:36,516 INFO L290 TraceCheckUtils]: 26: Hoare triple {1229#true} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {1229#true} is VALID [2022-02-20 18:08:36,516 INFO L290 TraceCheckUtils]: 27: Hoare triple {1229#true} assume true; {1229#true} is VALID [2022-02-20 18:08:36,516 INFO L284 TraceCheckUtils]: 28: Hoare quadruple {1229#true} {1231#(= ~waterLevel~0 1)} #204#return; {1231#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:36,517 INFO L290 TraceCheckUtils]: 29: Hoare triple {1231#(= ~waterLevel~0 1)} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret48#1 && __utac_acc__Specification3_spec__1_#t~ret48#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~6#1 := __utac_acc__Specification3_spec__1_#t~ret48#1;havoc __utac_acc__Specification3_spec__1_#t~ret48#1; {1231#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:36,517 INFO L290 TraceCheckUtils]: 30: Hoare triple {1231#(= ~waterLevel~0 1)} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~6#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~5#1;havoc getWaterLevel_~retValue_acc~5#1;getWaterLevel_~retValue_acc~5#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~5#1; {1237#(= |timeShift_getWaterLevel_#res#1| 1)} is VALID [2022-02-20 18:08:36,518 INFO L290 TraceCheckUtils]: 31: Hoare triple {1237#(= |timeShift_getWaterLevel_#res#1| 1)} __utac_acc__Specification3_spec__1_#t~ret49#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret49#1 && __utac_acc__Specification3_spec__1_#t~ret49#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~1#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {1238#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~1#1| 1)} is VALID [2022-02-20 18:08:36,518 INFO L290 TraceCheckUtils]: 32: Hoare triple {1238#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~1#1| 1)} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~1#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~3#1;havoc isPumpRunning_~retValue_acc~3#1;isPumpRunning_~retValue_acc~3#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~3#1; {1230#false} is VALID [2022-02-20 18:08:36,518 INFO L290 TraceCheckUtils]: 33: Hoare triple {1230#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret50#1 && __utac_acc__Specification3_spec__1_#t~ret50#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {1230#false} is VALID [2022-02-20 18:08:36,518 INFO L290 TraceCheckUtils]: 34: Hoare triple {1230#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {1230#false} is VALID [2022-02-20 18:08:36,518 INFO L290 TraceCheckUtils]: 35: Hoare triple {1230#false} assume !false; {1230#false} is VALID [2022-02-20 18:08:36,519 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:36,519 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:08:36,519 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1651696687] [2022-02-20 18:08:36,519 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1651696687] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:36,519 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:36,519 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 18:08:36,519 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1923016942] [2022-02-20 18:08:36,519 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:36,519 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 36 [2022-02-20 18:08:36,520 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:36,520 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:36,541 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 36 edges. 36 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:36,542 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 18:08:36,542 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:08:36,542 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 18:08:36,542 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 18:08:36,543 INFO L87 Difference]: Start difference. First operand 57 states and 71 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:36,705 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:36,705 INFO L93 Difference]: Finished difference Result 153 states and 199 transitions. [2022-02-20 18:08:36,705 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 18:08:36,705 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 36 [2022-02-20 18:08:36,706 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:36,706 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:36,708 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 199 transitions. [2022-02-20 18:08:36,708 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:36,710 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 199 transitions. [2022-02-20 18:08:36,710 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 199 transitions. [2022-02-20 18:08:36,836 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 199 edges. 199 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:36,838 INFO L225 Difference]: With dead ends: 153 [2022-02-20 18:08:36,838 INFO L226 Difference]: Without dead ends: 103 [2022-02-20 18:08:36,839 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-02-20 18:08:36,840 INFO L933 BasicCegarLoop]: 76 mSDtfsCounter, 41 mSDsluCounter, 208 mSDsCounter, 0 mSdLazyCounter, 21 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 41 SdHoareTripleChecker+Valid, 284 SdHoareTripleChecker+Invalid, 23 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 21 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:36,840 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [41 Valid, 284 Invalid, 23 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 21 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:36,841 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 103 states. [2022-02-20 18:08:36,854 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 103 to 100. [2022-02-20 18:08:36,857 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:36,858 INFO L82 GeneralOperation]: Start isEquivalent. First operand 103 states. Second operand has 100 states, 76 states have (on average 1.2894736842105263) internal successors, (98), 84 states have internal predecessors, (98), 14 states have call successors, (14), 10 states have call predecessors, (14), 9 states have return successors, (15), 11 states have call predecessors, (15), 14 states have call successors, (15) [2022-02-20 18:08:36,859 INFO L74 IsIncluded]: Start isIncluded. First operand 103 states. Second operand has 100 states, 76 states have (on average 1.2894736842105263) internal successors, (98), 84 states have internal predecessors, (98), 14 states have call successors, (14), 10 states have call predecessors, (14), 9 states have return successors, (15), 11 states have call predecessors, (15), 14 states have call successors, (15) [2022-02-20 18:08:36,859 INFO L87 Difference]: Start difference. First operand 103 states. Second operand has 100 states, 76 states have (on average 1.2894736842105263) internal successors, (98), 84 states have internal predecessors, (98), 14 states have call successors, (14), 10 states have call predecessors, (14), 9 states have return successors, (15), 11 states have call predecessors, (15), 14 states have call successors, (15) [2022-02-20 18:08:36,863 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:36,863 INFO L93 Difference]: Finished difference Result 103 states and 130 transitions. [2022-02-20 18:08:36,864 INFO L276 IsEmpty]: Start isEmpty. Operand 103 states and 130 transitions. [2022-02-20 18:08:36,865 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:36,865 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:36,866 INFO L74 IsIncluded]: Start isIncluded. First operand has 100 states, 76 states have (on average 1.2894736842105263) internal successors, (98), 84 states have internal predecessors, (98), 14 states have call successors, (14), 10 states have call predecessors, (14), 9 states have return successors, (15), 11 states have call predecessors, (15), 14 states have call successors, (15) Second operand 103 states. [2022-02-20 18:08:36,867 INFO L87 Difference]: Start difference. First operand has 100 states, 76 states have (on average 1.2894736842105263) internal successors, (98), 84 states have internal predecessors, (98), 14 states have call successors, (14), 10 states have call predecessors, (14), 9 states have return successors, (15), 11 states have call predecessors, (15), 14 states have call successors, (15) Second operand 103 states. [2022-02-20 18:08:36,872 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:36,872 INFO L93 Difference]: Finished difference Result 103 states and 130 transitions. [2022-02-20 18:08:36,873 INFO L276 IsEmpty]: Start isEmpty. Operand 103 states and 130 transitions. [2022-02-20 18:08:36,873 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:36,873 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:36,873 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:36,873 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:36,874 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 100 states, 76 states have (on average 1.2894736842105263) internal successors, (98), 84 states have internal predecessors, (98), 14 states have call successors, (14), 10 states have call predecessors, (14), 9 states have return successors, (15), 11 states have call predecessors, (15), 14 states have call successors, (15) [2022-02-20 18:08:36,882 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 100 states to 100 states and 127 transitions. [2022-02-20 18:08:36,882 INFO L78 Accepts]: Start accepts. Automaton has 100 states and 127 transitions. Word has length 36 [2022-02-20 18:08:36,882 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:36,882 INFO L470 AbstractCegarLoop]: Abstraction has 100 states and 127 transitions. [2022-02-20 18:08:36,883 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:36,883 INFO L276 IsEmpty]: Start isEmpty. Operand 100 states and 127 transitions. [2022-02-20 18:08:36,885 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-02-20 18:08:36,885 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:36,885 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:36,886 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-02-20 18:08:36,886 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:36,886 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:36,887 INFO L85 PathProgramCache]: Analyzing trace with hash 567255143, now seen corresponding path program 1 times [2022-02-20 18:08:36,887 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:08:36,887 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1972218616] [2022-02-20 18:08:36,887 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:36,887 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:08:36,932 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:36,949 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2022-02-20 18:08:36,950 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:36,953 INFO L290 TraceCheckUtils]: 0: Hoare triple {1814#true} assume true; {1814#true} is VALID [2022-02-20 18:08:36,953 INFO L284 TraceCheckUtils]: 1: Hoare quadruple {1814#true} {1815#false} #202#return; {1815#false} is VALID [2022-02-20 18:08:36,953 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-02-20 18:08:36,954 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:36,958 INFO L290 TraceCheckUtils]: 0: Hoare triple {1814#true} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {1814#true} is VALID [2022-02-20 18:08:36,958 INFO L290 TraceCheckUtils]: 1: Hoare triple {1814#true} assume true; {1814#true} is VALID [2022-02-20 18:08:36,958 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1814#true} {1815#false} #204#return; {1815#false} is VALID [2022-02-20 18:08:36,959 INFO L290 TraceCheckUtils]: 0: Hoare triple {1814#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(3, 5);call write~init~int(79, 5, 0, 1);call write~init~int(110, 5, 1, 1);call write~init~int(0, 5, 2, 1);call #Ultimate.allocInit(4, 6);call write~init~int(79, 6, 0, 1);call write~init~int(102, 6, 1, 1);call write~init~int(102, 6, 2, 1);call write~init~int(0, 6, 3, 1);call #Ultimate.allocInit(7, 7);call write~init~int(44, 7, 0, 1);call write~init~int(80, 7, 1, 1);call write~init~int(117, 7, 2, 1);call write~init~int(109, 7, 3, 1);call write~init~int(112, 7, 4, 1);call write~init~int(58, 7, 5, 1);call write~init~int(0, 7, 6, 1);call #Ultimate.allocInit(3, 8);call write~init~int(79, 8, 0, 1);call write~init~int(110, 8, 1, 1);call write~init~int(0, 8, 2, 1);call #Ultimate.allocInit(4, 9);call write~init~int(79, 9, 0, 1);call write~init~int(102, 9, 1, 1);call write~init~int(102, 9, 2, 1);call write~init~int(0, 9, 3, 1);call #Ultimate.allocInit(3, 10);call write~init~int(41, 10, 0, 1);call write~init~int(32, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(2, 11);call write~init~int(10, 11, 0, 1);call write~init~int(0, 11, 1, 1);call #Ultimate.allocInit(13, 12);call #Ultimate.allocInit(7, 13);call write~init~int(44, 13, 0, 1);call write~init~int(77, 13, 1, 1);call write~init~int(101, 13, 2, 1);call write~init~int(116, 13, 3, 1);call write~init~int(104, 13, 4, 1);call write~init~int(58, 13, 5, 1);call write~init~int(0, 13, 6, 1);call #Ultimate.allocInit(5, 14);call write~init~int(67, 14, 0, 1);call write~init~int(82, 14, 1, 1);call write~init~int(73, 14, 2, 1);call write~init~int(84, 14, 3, 1);call write~init~int(0, 14, 4, 1);call #Ultimate.allocInit(3, 15);call write~init~int(79, 15, 0, 1);call write~init~int(75, 15, 1, 1);call write~init~int(0, 15, 2, 1);call #Ultimate.allocInit(2, 16);call write~init~int(41, 16, 0, 1);call write~init~int(0, 16, 1, 1);call #Ultimate.allocInit(30, 17);call #Ultimate.allocInit(9, 18);call #Ultimate.allocInit(21, 19);call #Ultimate.allocInit(30, 20);call #Ultimate.allocInit(9, 21);call #Ultimate.allocInit(21, 22);call #Ultimate.allocInit(30, 23);call #Ultimate.allocInit(9, 24);call #Ultimate.allocInit(25, 25);call #Ultimate.allocInit(30, 26);call #Ultimate.allocInit(9, 27);call #Ultimate.allocInit(25, 28);~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~cleanupTimeShifts~0 := 4;~head~0.base, ~head~0.offset := 0, 0; {1816#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:36,959 INFO L290 TraceCheckUtils]: 1: Hoare triple {1816#(= ~pumpRunning~0 0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret24#1, main_~retValue_acc~6#1, main_~tmp~2#1;havoc main_~retValue_acc~6#1;havoc main_~tmp~2#1;assume { :begin_inline_select_helpers } true; {1816#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:36,959 INFO L290 TraceCheckUtils]: 2: Hoare triple {1816#(= ~pumpRunning~0 0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1816#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:36,960 INFO L290 TraceCheckUtils]: 3: Hoare triple {1816#(= ~pumpRunning~0 0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {1816#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:36,960 INFO L290 TraceCheckUtils]: 4: Hoare triple {1816#(= ~pumpRunning~0 0)} main_#t~ret24#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret24#1 && main_#t~ret24#1 <= 2147483647;main_~tmp~2#1 := main_#t~ret24#1;havoc main_#t~ret24#1; {1816#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:36,960 INFO L290 TraceCheckUtils]: 5: Hoare triple {1816#(= ~pumpRunning~0 0)} assume 0 != main_~tmp~2#1;assume { :begin_inline_setup } true; {1816#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:36,961 INFO L290 TraceCheckUtils]: 6: Hoare triple {1816#(= ~pumpRunning~0 0)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet15#1, test_#t~nondet16#1, test_#t~nondet17#1, test_#t~nondet18#1, test_~splverifierCounter~0#1, test_~tmp~1#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~1#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {1816#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:36,961 INFO L290 TraceCheckUtils]: 7: Hoare triple {1816#(= ~pumpRunning~0 0)} assume !false; {1816#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:36,961 INFO L290 TraceCheckUtils]: 8: Hoare triple {1816#(= ~pumpRunning~0 0)} assume test_~splverifierCounter~0#1 < 4; {1816#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:36,962 INFO L290 TraceCheckUtils]: 9: Hoare triple {1816#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet15#1 && test_#t~nondet15#1 <= 2147483647;test_~tmp~1#1 := test_#t~nondet15#1;havoc test_#t~nondet15#1; {1816#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:36,962 INFO L290 TraceCheckUtils]: 10: Hoare triple {1816#(= ~pumpRunning~0 0)} assume !(0 != test_~tmp~1#1); {1816#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:36,962 INFO L290 TraceCheckUtils]: 11: Hoare triple {1816#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet16#1 && test_#t~nondet16#1 <= 2147483647;test_~tmp___0~0#1 := test_#t~nondet16#1;havoc test_#t~nondet16#1; {1816#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:36,963 INFO L290 TraceCheckUtils]: 12: Hoare triple {1816#(= ~pumpRunning~0 0)} assume !(0 != test_~tmp___0~0#1); {1816#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:36,963 INFO L290 TraceCheckUtils]: 13: Hoare triple {1816#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet17#1 && test_#t~nondet17#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet17#1;havoc test_#t~nondet17#1; {1816#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:36,963 INFO L290 TraceCheckUtils]: 14: Hoare triple {1816#(= ~pumpRunning~0 0)} assume !(0 != test_~tmp___2~0#1);assume -2147483648 <= test_#t~nondet18#1 && test_#t~nondet18#1 <= 2147483647;test_~tmp___1~0#1 := test_#t~nondet18#1;havoc test_#t~nondet18#1; {1816#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:36,964 INFO L290 TraceCheckUtils]: 15: Hoare triple {1816#(= ~pumpRunning~0 0)} assume 0 != test_~tmp___1~0#1; {1816#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:36,964 INFO L272 TraceCheckUtils]: 16: Hoare triple {1816#(= ~pumpRunning~0 0)} call timeShift(); {1816#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:36,964 INFO L290 TraceCheckUtils]: 17: Hoare triple {1816#(= ~pumpRunning~0 0)} assume 0 != ~pumpRunning~0;assume { :begin_inline_lowerWaterLevel } true; {1815#false} is VALID [2022-02-20 18:08:36,965 INFO L290 TraceCheckUtils]: 18: Hoare triple {1815#false} assume ~waterLevel~0 > 0;~waterLevel~0 := ~waterLevel~0 - 1; {1815#false} is VALID [2022-02-20 18:08:36,965 INFO L290 TraceCheckUtils]: 19: Hoare triple {1815#false} assume { :end_inline_lowerWaterLevel } true; {1815#false} is VALID [2022-02-20 18:08:36,965 INFO L290 TraceCheckUtils]: 20: Hoare triple {1815#false} assume 0 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret5#1, processEnvironment_~tmp~0#1;havoc processEnvironment_~tmp~0#1; {1815#false} is VALID [2022-02-20 18:08:36,965 INFO L290 TraceCheckUtils]: 21: Hoare triple {1815#false} assume !(0 != ~pumpRunning~0); {1815#false} is VALID [2022-02-20 18:08:36,967 INFO L272 TraceCheckUtils]: 22: Hoare triple {1815#false} call processEnvironment__wrappee__base(); {1814#true} is VALID [2022-02-20 18:08:36,967 INFO L290 TraceCheckUtils]: 23: Hoare triple {1814#true} assume true; {1814#true} is VALID [2022-02-20 18:08:36,967 INFO L284 TraceCheckUtils]: 24: Hoare quadruple {1814#true} {1815#false} #202#return; {1815#false} is VALID [2022-02-20 18:08:36,967 INFO L290 TraceCheckUtils]: 25: Hoare triple {1815#false} assume { :end_inline_processEnvironment } true; {1815#false} is VALID [2022-02-20 18:08:36,967 INFO L290 TraceCheckUtils]: 26: Hoare triple {1815#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret48#1, __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_~tmp~6#1, __utac_acc__Specification3_spec__1_~tmp___0~1#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~6#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~1#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {1815#false} is VALID [2022-02-20 18:08:36,968 INFO L272 TraceCheckUtils]: 27: Hoare triple {1815#false} call __utac_acc__Specification3_spec__1_#t~ret48#1 := isMethaneLevelCritical(); {1814#true} is VALID [2022-02-20 18:08:36,968 INFO L290 TraceCheckUtils]: 28: Hoare triple {1814#true} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {1814#true} is VALID [2022-02-20 18:08:36,968 INFO L290 TraceCheckUtils]: 29: Hoare triple {1814#true} assume true; {1814#true} is VALID [2022-02-20 18:08:36,968 INFO L284 TraceCheckUtils]: 30: Hoare quadruple {1814#true} {1815#false} #204#return; {1815#false} is VALID [2022-02-20 18:08:36,968 INFO L290 TraceCheckUtils]: 31: Hoare triple {1815#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret48#1 && __utac_acc__Specification3_spec__1_#t~ret48#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~6#1 := __utac_acc__Specification3_spec__1_#t~ret48#1;havoc __utac_acc__Specification3_spec__1_#t~ret48#1; {1815#false} is VALID [2022-02-20 18:08:36,968 INFO L290 TraceCheckUtils]: 32: Hoare triple {1815#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~6#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~5#1;havoc getWaterLevel_~retValue_acc~5#1;getWaterLevel_~retValue_acc~5#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~5#1; {1815#false} is VALID [2022-02-20 18:08:36,968 INFO L290 TraceCheckUtils]: 33: Hoare triple {1815#false} __utac_acc__Specification3_spec__1_#t~ret49#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret49#1 && __utac_acc__Specification3_spec__1_#t~ret49#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~1#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {1815#false} is VALID [2022-02-20 18:08:36,969 INFO L290 TraceCheckUtils]: 34: Hoare triple {1815#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~1#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~3#1;havoc isPumpRunning_~retValue_acc~3#1;isPumpRunning_~retValue_acc~3#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~3#1; {1815#false} is VALID [2022-02-20 18:08:36,969 INFO L290 TraceCheckUtils]: 35: Hoare triple {1815#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret50#1 && __utac_acc__Specification3_spec__1_#t~ret50#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {1815#false} is VALID [2022-02-20 18:08:36,969 INFO L290 TraceCheckUtils]: 36: Hoare triple {1815#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {1815#false} is VALID [2022-02-20 18:08:36,969 INFO L290 TraceCheckUtils]: 37: Hoare triple {1815#false} assume !false; {1815#false} is VALID [2022-02-20 18:08:36,970 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:36,970 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:08:36,970 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1972218616] [2022-02-20 18:08:36,970 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1972218616] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:36,970 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:36,971 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:08:36,971 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1155907277] [2022-02-20 18:08:36,971 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:36,971 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 38 [2022-02-20 18:08:36,972 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:36,972 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:36,994 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 38 edges. 38 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:36,995 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:08:36,996 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:08:36,996 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:08:36,996 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:36,996 INFO L87 Difference]: Start difference. First operand 100 states and 127 transitions. Second operand has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:37,045 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:37,046 INFO L93 Difference]: Finished difference Result 178 states and 227 transitions. [2022-02-20 18:08:37,046 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:08:37,046 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 38 [2022-02-20 18:08:37,046 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:37,046 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:37,049 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 124 transitions. [2022-02-20 18:08:37,049 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:37,051 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 124 transitions. [2022-02-20 18:08:37,051 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 124 transitions. [2022-02-20 18:08:37,121 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 124 edges. 124 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:37,123 INFO L225 Difference]: With dead ends: 178 [2022-02-20 18:08:37,123 INFO L226 Difference]: Without dead ends: 85 [2022-02-20 18:08:37,126 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:37,129 INFO L933 BasicCegarLoop]: 54 mSDtfsCounter, 40 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 40 SdHoareTripleChecker+Valid, 54 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:37,130 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [40 Valid, 54 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:37,131 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 85 states. [2022-02-20 18:08:37,141 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 85 to 85. [2022-02-20 18:08:37,141 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:37,142 INFO L82 GeneralOperation]: Start isEquivalent. First operand 85 states. Second operand has 85 states, 65 states have (on average 1.2307692307692308) internal successors, (80), 69 states have internal predecessors, (80), 10 states have call successors, (10), 10 states have call predecessors, (10), 9 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 18:08:37,143 INFO L74 IsIncluded]: Start isIncluded. First operand 85 states. Second operand has 85 states, 65 states have (on average 1.2307692307692308) internal successors, (80), 69 states have internal predecessors, (80), 10 states have call successors, (10), 10 states have call predecessors, (10), 9 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 18:08:37,143 INFO L87 Difference]: Start difference. First operand 85 states. Second operand has 85 states, 65 states have (on average 1.2307692307692308) internal successors, (80), 69 states have internal predecessors, (80), 10 states have call successors, (10), 10 states have call predecessors, (10), 9 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 18:08:37,145 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:37,145 INFO L93 Difference]: Finished difference Result 85 states and 100 transitions. [2022-02-20 18:08:37,145 INFO L276 IsEmpty]: Start isEmpty. Operand 85 states and 100 transitions. [2022-02-20 18:08:37,146 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:37,146 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:37,147 INFO L74 IsIncluded]: Start isIncluded. First operand has 85 states, 65 states have (on average 1.2307692307692308) internal successors, (80), 69 states have internal predecessors, (80), 10 states have call successors, (10), 10 states have call predecessors, (10), 9 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand 85 states. [2022-02-20 18:08:37,147 INFO L87 Difference]: Start difference. First operand has 85 states, 65 states have (on average 1.2307692307692308) internal successors, (80), 69 states have internal predecessors, (80), 10 states have call successors, (10), 10 states have call predecessors, (10), 9 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand 85 states. [2022-02-20 18:08:37,149 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:37,149 INFO L93 Difference]: Finished difference Result 85 states and 100 transitions. [2022-02-20 18:08:37,149 INFO L276 IsEmpty]: Start isEmpty. Operand 85 states and 100 transitions. [2022-02-20 18:08:37,150 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:37,150 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:37,150 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:37,150 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:37,150 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 85 states, 65 states have (on average 1.2307692307692308) internal successors, (80), 69 states have internal predecessors, (80), 10 states have call successors, (10), 10 states have call predecessors, (10), 9 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 18:08:37,153 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 85 states to 85 states and 100 transitions. [2022-02-20 18:08:37,153 INFO L78 Accepts]: Start accepts. Automaton has 85 states and 100 transitions. Word has length 38 [2022-02-20 18:08:37,153 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:37,153 INFO L470 AbstractCegarLoop]: Abstraction has 85 states and 100 transitions. [2022-02-20 18:08:37,154 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:37,154 INFO L276 IsEmpty]: Start isEmpty. Operand 85 states and 100 transitions. [2022-02-20 18:08:37,155 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2022-02-20 18:08:37,155 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:37,155 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:37,155 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-02-20 18:08:37,155 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:37,158 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:37,158 INFO L85 PathProgramCache]: Analyzing trace with hash 810891442, now seen corresponding path program 1 times [2022-02-20 18:08:37,158 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:08:37,159 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [922878959] [2022-02-20 18:08:37,159 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:37,159 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:08:37,198 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:08:37,198 INFO L352 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2022-02-20 18:08:37,233 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:08:37,251 INFO L138 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2022-02-20 18:08:37,251 INFO L628 BasicCegarLoop]: Counterexample is feasible [2022-02-20 18:08:37,252 INFO L764 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-02-20 18:08:37,253 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-02-20 18:08:37,255 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1] [2022-02-20 18:08:37,257 INFO L180 ceAbstractionStarter]: Computing trace abstraction results [2022-02-20 18:08:37,271 FATAL L489 DefaultTranslator]: Callstack has procedure call flag but succeeding procedure is empty at [CALL] call waterRise(); [2022-02-20 18:08:37,272 FATAL L? ?]: The Plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction has thrown an exception: java.lang.AssertionError: callstack broken after backtranslation by InlinerBacktranslator at de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:216) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:206) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getProgramExecutionAsString(CounterExampleResult.java:155) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getLongDescription(CounterExampleResult.java:134) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ResultService.reportResult(ResultService.java:86) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.CegarLoopResultReporter.reportResult(CegarLoopResultReporter.java:141) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.reportLocationResults(TraceAbstractionStarter.java:607) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.runCegarLoops(TraceAbstractionStarter.java:182) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.(TraceAbstractionStarter.java:156) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver.finish(TraceAbstractionObserver.java:123) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runObserver(PluginConnector.java:168) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runTool(PluginConnector.java:151) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.run(PluginConnector.java:128) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.executePluginConnector(ToolchainWalker.java:232) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.processPlugin(ToolchainWalker.java:226) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walkUnprotected(ToolchainWalker.java:142) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walk(ToolchainWalker.java:104) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainManager$Toolchain.processToolchain(ToolchainManager.java:320) at de.uni_freiburg.informatik.ultimate.core.coreplugin.toolchain.DefaultToolchainJob.run(DefaultToolchainJob.java:145) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:63) [2022-02-20 18:08:37,278 INFO L158 Benchmark]: Toolchain (without parser) took 3270.85ms. Allocated memory was 94.4MB in the beginning and 169.9MB in the end (delta: 75.5MB). Free memory was 64.7MB in the beginning and 91.2MB in the end (delta: -26.5MB). Peak memory consumption was 49.7MB. Max. memory is 16.1GB. [2022-02-20 18:08:37,279 INFO L158 Benchmark]: CDTParser took 0.19ms. Allocated memory is still 94.4MB. Free memory is still 49.6MB. There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:08:37,280 INFO L158 Benchmark]: CACSL2BoogieTranslator took 372.46ms. Allocated memory was 94.4MB in the beginning and 123.7MB in the end (delta: 29.4MB). Free memory was 64.4MB in the beginning and 88.8MB in the end (delta: -24.4MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2022-02-20 18:08:37,281 INFO L158 Benchmark]: Boogie Procedure Inliner took 69.08ms. Allocated memory is still 123.7MB. Free memory was 88.8MB in the beginning and 86.3MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:08:37,282 INFO L158 Benchmark]: Boogie Preprocessor took 16.16ms. Allocated memory is still 123.7MB. Free memory was 86.3MB in the beginning and 84.6MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:08:37,283 INFO L158 Benchmark]: RCFGBuilder took 461.45ms. Allocated memory is still 123.7MB. Free memory was 84.6MB in the beginning and 98.9MB in the end (delta: -14.3MB). Peak memory consumption was 23.6MB. Max. memory is 16.1GB. [2022-02-20 18:08:37,283 INFO L158 Benchmark]: TraceAbstraction took 2344.26ms. Allocated memory was 123.7MB in the beginning and 169.9MB in the end (delta: 46.1MB). Free memory was 98.3MB in the beginning and 91.2MB in the end (delta: 7.1MB). Peak memory consumption was 54.2MB. Max. memory is 16.1GB. [2022-02-20 18:08:37,285 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.19ms. Allocated memory is still 94.4MB. Free memory is still 49.6MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 372.46ms. Allocated memory was 94.4MB in the beginning and 123.7MB in the end (delta: 29.4MB). Free memory was 64.4MB in the beginning and 88.8MB in the end (delta: -24.4MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 69.08ms. Allocated memory is still 123.7MB. Free memory was 88.8MB in the beginning and 86.3MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 16.16ms. Allocated memory is still 123.7MB. Free memory was 86.3MB in the beginning and 84.6MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 461.45ms. Allocated memory is still 123.7MB. Free memory was 84.6MB in the beginning and 98.9MB in the end (delta: -14.3MB). Peak memory consumption was 23.6MB. Max. memory is 16.1GB. * TraceAbstraction took 2344.26ms. Allocated memory was 123.7MB in the beginning and 169.9MB in the end (delta: 46.1MB). Free memory was 98.3MB in the beginning and 91.2MB in the end (delta: 7.1MB). Peak memory consumption was 54.2MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: AssertionError: callstack broken after backtranslation by InlinerBacktranslator: de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) RESULT: Ultimate could not prove your program: Toolchain returned no result. [2022-02-20 18:08:37,309 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Using bit-precise analysis Retrying with bit-precise analysis ### Bit-precise run ### Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_product06.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Bitvector.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash af4f743cc6be4267a21638b2aaf4488875c5d1d37960e5576634d1fd02e8bed4 --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 18:08:38,961 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 18:08:38,964 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 18:08:38,994 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 18:08:38,994 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 18:08:38,997 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 18:08:38,998 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 18:08:39,003 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 18:08:39,006 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 18:08:39,010 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 18:08:39,015 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 18:08:39,018 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 18:08:39,019 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 18:08:39,019 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 18:08:39,020 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 18:08:39,020 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 18:08:39,021 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 18:08:39,021 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 18:08:39,022 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 18:08:39,023 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 18:08:39,024 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 18:08:39,026 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 18:08:39,029 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 18:08:39,030 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 18:08:39,036 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 18:08:39,036 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 18:08:39,037 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 18:08:39,038 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 18:08:39,038 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 18:08:39,039 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 18:08:39,039 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 18:08:39,040 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 18:08:39,041 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 18:08:39,041 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 18:08:39,042 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 18:08:39,042 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 18:08:39,043 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 18:08:39,043 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 18:08:39,043 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 18:08:39,044 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 18:08:39,044 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 18:08:39,045 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Bitvector.epf [2022-02-20 18:08:39,071 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 18:08:39,071 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 18:08:39,072 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 18:08:39,072 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 18:08:39,072 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 18:08:39,073 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 18:08:39,073 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 18:08:39,073 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 18:08:39,074 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 18:08:39,074 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 18:08:39,074 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 18:08:39,075 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 18:08:39,075 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 18:08:39,075 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-02-20 18:08:39,075 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 18:08:39,075 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-02-20 18:08:39,075 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-02-20 18:08:39,075 INFO L138 SettingsManager]: * Use bitvectors instead of ints=true [2022-02-20 18:08:39,075 INFO L138 SettingsManager]: * Memory model=HoenickeLindenmann_4ByteResolution [2022-02-20 18:08:39,076 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 18:08:39,076 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-02-20 18:08:39,076 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 18:08:39,076 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-02-20 18:08:39,076 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 18:08:39,076 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 18:08:39,076 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 18:08:39,077 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:08:39,077 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 18:08:39,077 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 18:08:39,077 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-02-20 18:08:39,077 INFO L138 SettingsManager]: * Trace refinement strategy=WOLF [2022-02-20 18:08:39,077 INFO L138 SettingsManager]: * Command for external solver=cvc4 --incremental --print-success --lang smt [2022-02-20 18:08:39,078 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2022-02-20 18:08:39,078 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-02-20 18:08:39,078 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-02-20 18:08:39,078 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2022-02-20 18:08:39,078 INFO L138 SettingsManager]: * Logic for external solver=AUFBV WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> af4f743cc6be4267a21638b2aaf4488875c5d1d37960e5576634d1fd02e8bed4 [2022-02-20 18:08:39,351 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 18:08:39,371 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 18:08:39,373 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 18:08:39,374 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 18:08:39,374 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 18:08:39,375 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_product06.cil.c [2022-02-20 18:08:39,423 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/9d5c17774/72b76a0da883411e93e5c6d60ebf7dee/FLAGe71954f1a [2022-02-20 18:08:39,847 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 18:08:39,849 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product06.cil.c [2022-02-20 18:08:39,859 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/9d5c17774/72b76a0da883411e93e5c6d60ebf7dee/FLAGe71954f1a [2022-02-20 18:08:39,874 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/9d5c17774/72b76a0da883411e93e5c6d60ebf7dee [2022-02-20 18:08:39,876 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 18:08:39,877 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 18:08:39,878 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 18:08:39,879 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 18:08:39,881 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 18:08:39,882 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:08:39" (1/1) ... [2022-02-20 18:08:39,882 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@162961f3 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:39, skipping insertion in model container [2022-02-20 18:08:39,883 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:08:39" (1/1) ... [2022-02-20 18:08:39,887 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 18:08:39,926 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:08:40,073 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product06.cil.c[1605,1618] [2022-02-20 18:08:40,228 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:08:40,242 INFO L200 MainTranslator]: Restarting translation with changed settings: SettingsChange [mNewPreferredMemoryModel=HoenickeLindenmann_1ByteResolution] [2022-02-20 18:08:40,252 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:08:40,264 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product06.cil.c[1605,1618] [2022-02-20 18:08:40,339 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:08:40,345 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 18:08:40,358 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product06.cil.c[1605,1618] [2022-02-20 18:08:40,394 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:08:40,410 INFO L208 MainTranslator]: Completed translation [2022-02-20 18:08:40,412 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:40 WrapperNode [2022-02-20 18:08:40,412 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 18:08:40,413 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 18:08:40,413 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 18:08:40,413 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 18:08:40,418 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:40" (1/1) ... [2022-02-20 18:08:40,442 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:40" (1/1) ... [2022-02-20 18:08:40,472 INFO L137 Inliner]: procedures = 53, calls = 150, calls flagged for inlining = 20, calls inlined = 17, statements flattened = 206 [2022-02-20 18:08:40,474 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 18:08:40,475 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 18:08:40,476 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 18:08:40,476 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 18:08:40,482 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:40" (1/1) ... [2022-02-20 18:08:40,482 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:40" (1/1) ... [2022-02-20 18:08:40,490 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:40" (1/1) ... [2022-02-20 18:08:40,491 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:40" (1/1) ... [2022-02-20 18:08:40,501 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:40" (1/1) ... [2022-02-20 18:08:40,509 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:40" (1/1) ... [2022-02-20 18:08:40,510 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:40" (1/1) ... [2022-02-20 18:08:40,513 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 18:08:40,515 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 18:08:40,515 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 18:08:40,515 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 18:08:40,516 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:40" (1/1) ... [2022-02-20 18:08:40,521 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:08:40,528 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 18:08:40,541 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 18:08:40,565 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 18:08:40,565 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-02-20 18:08:40,565 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-02-20 18:08:40,565 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-02-20 18:08:40,565 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-02-20 18:08:40,565 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-02-20 18:08:40,566 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-02-20 18:08:40,566 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-02-20 18:08:40,566 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-02-20 18:08:40,566 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-02-20 18:08:40,566 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-02-20 18:08:40,566 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~intINTTYPE1 [2022-02-20 18:08:40,566 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-02-20 18:08:40,566 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-02-20 18:08:40,566 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 18:08:40,567 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 18:08:40,549 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 18:08:40,620 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 18:08:40,621 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 18:08:40,862 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 18:08:40,866 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 18:08:40,867 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-02-20 18:08:40,868 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:08:40 BoogieIcfgContainer [2022-02-20 18:08:40,868 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 18:08:40,869 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 18:08:40,869 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 18:08:40,871 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 18:08:40,871 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 06:08:39" (1/3) ... [2022-02-20 18:08:40,872 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1d542c52 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:08:40, skipping insertion in model container [2022-02-20 18:08:40,872 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:40" (2/3) ... [2022-02-20 18:08:40,872 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1d542c52 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:08:40, skipping insertion in model container [2022-02-20 18:08:40,872 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:08:40" (3/3) ... [2022-02-20 18:08:40,873 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product06.cil.c [2022-02-20 18:08:40,876 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 18:08:40,877 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-02-20 18:08:40,908 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 18:08:40,912 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 18:08:40,913 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-02-20 18:08:40,925 INFO L276 IsEmpty]: Start isEmpty. Operand has 75 states, 57 states have (on average 1.3859649122807018) internal successors, (79), 63 states have internal predecessors, (79), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 18:08:40,929 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 18:08:40,930 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:40,930 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:40,931 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:40,934 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:40,934 INFO L85 PathProgramCache]: Analyzing trace with hash 1884919457, now seen corresponding path program 1 times [2022-02-20 18:08:40,943 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:08:40,943 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1788489824] [2022-02-20 18:08:40,943 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:40,944 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:08:40,944 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:08:40,946 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:08:40,947 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Waiting until timeout for monitored process [2022-02-20 18:08:41,044 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:41,047 INFO L263 TraceCheckSpWp]: Trace formula consists of 154 conjuncts, 1 conjunts are in the unsatisfiable core [2022-02-20 18:08:41,060 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:41,063 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:08:41,155 INFO L290 TraceCheckUtils]: 0: Hoare triple {78#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(13bv32, 4bv32);call #Ultimate.allocInit(3bv32, 5bv32);call write~init~intINTTYPE1(79bv8, 5bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 5bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 5bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 6bv32);call write~init~intINTTYPE1(79bv8, 6bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 6bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 6bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 6bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 7bv32);call write~init~intINTTYPE1(44bv8, 7bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 7bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 7bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 7bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 7bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 7bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 7bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 8bv32);call write~init~intINTTYPE1(79bv8, 8bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 8bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 8bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 9bv32);call write~init~intINTTYPE1(79bv8, 9bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 9bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 9bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 9bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 10bv32);call write~init~intINTTYPE1(41bv8, 10bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 10bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 10bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 11bv32);call write~init~intINTTYPE1(10bv8, 11bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 11bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 12bv32);call #Ultimate.allocInit(7bv32, 13bv32);call write~init~intINTTYPE1(44bv8, 13bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 13bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 13bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 13bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 13bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 13bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 13bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 14bv32);call write~init~intINTTYPE1(67bv8, 14bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 14bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 14bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 14bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 14bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 15bv32);call write~init~intINTTYPE1(79bv8, 15bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 15bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 15bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 16bv32);call write~init~intINTTYPE1(41bv8, 16bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 16bv32, 1bv32, 1bv32);call #Ultimate.allocInit(30bv32, 17bv32);call #Ultimate.allocInit(9bv32, 18bv32);call #Ultimate.allocInit(21bv32, 19bv32);call #Ultimate.allocInit(30bv32, 20bv32);call #Ultimate.allocInit(9bv32, 21bv32);call #Ultimate.allocInit(21bv32, 22bv32);call #Ultimate.allocInit(30bv32, 23bv32);call #Ultimate.allocInit(9bv32, 24bv32);call #Ultimate.allocInit(25bv32, 25bv32);call #Ultimate.allocInit(30bv32, 26bv32);call #Ultimate.allocInit(9bv32, 27bv32);call #Ultimate.allocInit(25bv32, 28bv32);~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~cleanupTimeShifts~0 := 4bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {78#true} is VALID [2022-02-20 18:08:41,158 INFO L290 TraceCheckUtils]: 1: Hoare triple {78#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret24#1, main_~retValue_acc~6#1, main_~tmp~2#1;havoc main_~retValue_acc~6#1;havoc main_~tmp~2#1;assume { :begin_inline_select_helpers } true; {78#true} is VALID [2022-02-20 18:08:41,159 INFO L290 TraceCheckUtils]: 2: Hoare triple {78#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {78#true} is VALID [2022-02-20 18:08:41,159 INFO L290 TraceCheckUtils]: 3: Hoare triple {78#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {78#true} is VALID [2022-02-20 18:08:41,159 INFO L290 TraceCheckUtils]: 4: Hoare triple {78#true} main_#t~ret24#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~2#1 := main_#t~ret24#1;havoc main_#t~ret24#1; {78#true} is VALID [2022-02-20 18:08:41,159 INFO L290 TraceCheckUtils]: 5: Hoare triple {78#true} assume 0bv32 != main_~tmp~2#1;assume { :begin_inline_setup } true; {78#true} is VALID [2022-02-20 18:08:41,159 INFO L290 TraceCheckUtils]: 6: Hoare triple {78#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet15#1, test_#t~nondet16#1, test_#t~nondet17#1, test_#t~nondet18#1, test_~splverifierCounter~0#1, test_~tmp~1#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~1#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {78#true} is VALID [2022-02-20 18:08:41,160 INFO L290 TraceCheckUtils]: 7: Hoare triple {78#true} assume false; {79#false} is VALID [2022-02-20 18:08:41,161 INFO L272 TraceCheckUtils]: 8: Hoare triple {79#false} call cleanup(); {79#false} is VALID [2022-02-20 18:08:41,161 INFO L290 TraceCheckUtils]: 9: Hoare triple {79#false} havoc ~i~0;havoc ~__cil_tmp2~0; {79#false} is VALID [2022-02-20 18:08:41,161 INFO L272 TraceCheckUtils]: 10: Hoare triple {79#false} call timeShift(); {79#false} is VALID [2022-02-20 18:08:41,162 INFO L290 TraceCheckUtils]: 11: Hoare triple {79#false} assume !(0bv32 != ~pumpRunning~0); {79#false} is VALID [2022-02-20 18:08:41,162 INFO L290 TraceCheckUtils]: 12: Hoare triple {79#false} assume !(0bv32 != ~systemActive~0); {79#false} is VALID [2022-02-20 18:08:41,162 INFO L290 TraceCheckUtils]: 13: Hoare triple {79#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret48#1, __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_~tmp~6#1, __utac_acc__Specification3_spec__1_~tmp___0~1#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~6#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~1#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {79#false} is VALID [2022-02-20 18:08:41,162 INFO L272 TraceCheckUtils]: 14: Hoare triple {79#false} call __utac_acc__Specification3_spec__1_#t~ret48#1 := isMethaneLevelCritical(); {79#false} is VALID [2022-02-20 18:08:41,162 INFO L290 TraceCheckUtils]: 15: Hoare triple {79#false} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {79#false} is VALID [2022-02-20 18:08:41,163 INFO L290 TraceCheckUtils]: 16: Hoare triple {79#false} assume true; {79#false} is VALID [2022-02-20 18:08:41,163 INFO L284 TraceCheckUtils]: 17: Hoare quadruple {79#false} {79#false} #204#return; {79#false} is VALID [2022-02-20 18:08:41,163 INFO L290 TraceCheckUtils]: 18: Hoare triple {79#false} __utac_acc__Specification3_spec__1_~tmp~6#1 := __utac_acc__Specification3_spec__1_#t~ret48#1;havoc __utac_acc__Specification3_spec__1_#t~ret48#1; {79#false} is VALID [2022-02-20 18:08:41,164 INFO L290 TraceCheckUtils]: 19: Hoare triple {79#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~6#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~5#1;havoc getWaterLevel_~retValue_acc~5#1;getWaterLevel_~retValue_acc~5#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~5#1; {79#false} is VALID [2022-02-20 18:08:41,164 INFO L290 TraceCheckUtils]: 20: Hoare triple {79#false} __utac_acc__Specification3_spec__1_#t~ret49#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~1#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {79#false} is VALID [2022-02-20 18:08:41,164 INFO L290 TraceCheckUtils]: 21: Hoare triple {79#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~1#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~3#1;havoc isPumpRunning_~retValue_acc~3#1;isPumpRunning_~retValue_acc~3#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~3#1; {79#false} is VALID [2022-02-20 18:08:41,165 INFO L290 TraceCheckUtils]: 22: Hoare triple {79#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {79#false} is VALID [2022-02-20 18:08:41,165 INFO L290 TraceCheckUtils]: 23: Hoare triple {79#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {79#false} is VALID [2022-02-20 18:08:41,165 INFO L290 TraceCheckUtils]: 24: Hoare triple {79#false} assume !false; {79#false} is VALID [2022-02-20 18:08:41,166 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:41,167 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:08:41,167 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:08:41,168 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1788489824] [2022-02-20 18:08:41,168 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1788489824] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:41,168 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:41,169 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:08:41,170 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1347350398] [2022-02-20 18:08:41,171 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:41,175 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:08:41,176 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:41,179 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:41,209 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:41,210 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-02-20 18:08:41,210 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:08:41,236 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-02-20 18:08:41,237 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:08:41,240 INFO L87 Difference]: Start difference. First operand has 75 states, 57 states have (on average 1.3859649122807018) internal successors, (79), 63 states have internal predecessors, (79), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:41,329 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:41,330 INFO L93 Difference]: Finished difference Result 142 states and 193 transitions. [2022-02-20 18:08:41,330 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-02-20 18:08:41,330 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:08:41,330 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:41,331 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:41,339 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 193 transitions. [2022-02-20 18:08:41,339 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:41,344 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 193 transitions. [2022-02-20 18:08:41,344 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 193 transitions. [2022-02-20 18:08:41,524 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 193 edges. 193 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:41,534 INFO L225 Difference]: With dead ends: 142 [2022-02-20 18:08:41,536 INFO L226 Difference]: Without dead ends: 66 [2022-02-20 18:08:41,539 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 24 GetRequests, 24 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:08:41,543 INFO L933 BasicCegarLoop]: 93 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 93 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:41,544 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 93 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:41,556 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 66 states. [2022-02-20 18:08:41,573 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 66 to 66. [2022-02-20 18:08:41,573 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:41,574 INFO L82 GeneralOperation]: Start isEquivalent. First operand 66 states. Second operand has 66 states, 50 states have (on average 1.3) internal successors, (65), 55 states have internal predecessors, (65), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:08:41,576 INFO L74 IsIncluded]: Start isIncluded. First operand 66 states. Second operand has 66 states, 50 states have (on average 1.3) internal successors, (65), 55 states have internal predecessors, (65), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:08:41,583 INFO L87 Difference]: Start difference. First operand 66 states. Second operand has 66 states, 50 states have (on average 1.3) internal successors, (65), 55 states have internal predecessors, (65), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:08:41,595 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:41,595 INFO L93 Difference]: Finished difference Result 66 states and 84 transitions. [2022-02-20 18:08:41,595 INFO L276 IsEmpty]: Start isEmpty. Operand 66 states and 84 transitions. [2022-02-20 18:08:41,600 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:41,600 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:41,600 INFO L74 IsIncluded]: Start isIncluded. First operand has 66 states, 50 states have (on average 1.3) internal successors, (65), 55 states have internal predecessors, (65), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) Second operand 66 states. [2022-02-20 18:08:41,601 INFO L87 Difference]: Start difference. First operand has 66 states, 50 states have (on average 1.3) internal successors, (65), 55 states have internal predecessors, (65), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) Second operand 66 states. [2022-02-20 18:08:41,604 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:41,604 INFO L93 Difference]: Finished difference Result 66 states and 84 transitions. [2022-02-20 18:08:41,604 INFO L276 IsEmpty]: Start isEmpty. Operand 66 states and 84 transitions. [2022-02-20 18:08:41,605 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:41,605 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:41,605 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:41,605 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:41,605 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 66 states, 50 states have (on average 1.3) internal successors, (65), 55 states have internal predecessors, (65), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:08:41,608 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 66 states to 66 states and 84 transitions. [2022-02-20 18:08:41,609 INFO L78 Accepts]: Start accepts. Automaton has 66 states and 84 transitions. Word has length 25 [2022-02-20 18:08:41,609 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:41,609 INFO L470 AbstractCegarLoop]: Abstraction has 66 states and 84 transitions. [2022-02-20 18:08:41,609 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:41,609 INFO L276 IsEmpty]: Start isEmpty. Operand 66 states and 84 transitions. [2022-02-20 18:08:41,611 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-02-20 18:08:41,611 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:41,611 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:41,621 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Forceful destruction successful, exit code 0 [2022-02-20 18:08:41,817 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:08:41,818 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:41,818 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:41,819 INFO L85 PathProgramCache]: Analyzing trace with hash 1772124439, now seen corresponding path program 1 times [2022-02-20 18:08:41,819 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:08:41,819 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [847005929] [2022-02-20 18:08:41,819 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:41,819 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:08:41,819 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:08:41,822 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:08:41,823 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Waiting until timeout for monitored process [2022-02-20 18:08:41,880 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:41,882 INFO L263 TraceCheckSpWp]: Trace formula consists of 155 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-20 18:08:41,889 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:41,890 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:08:41,969 INFO L290 TraceCheckUtils]: 0: Hoare triple {589#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(13bv32, 4bv32);call #Ultimate.allocInit(3bv32, 5bv32);call write~init~intINTTYPE1(79bv8, 5bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 5bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 5bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 6bv32);call write~init~intINTTYPE1(79bv8, 6bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 6bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 6bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 6bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 7bv32);call write~init~intINTTYPE1(44bv8, 7bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 7bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 7bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 7bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 7bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 7bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 7bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 8bv32);call write~init~intINTTYPE1(79bv8, 8bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 8bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 8bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 9bv32);call write~init~intINTTYPE1(79bv8, 9bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 9bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 9bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 9bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 10bv32);call write~init~intINTTYPE1(41bv8, 10bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 10bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 10bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 11bv32);call write~init~intINTTYPE1(10bv8, 11bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 11bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 12bv32);call #Ultimate.allocInit(7bv32, 13bv32);call write~init~intINTTYPE1(44bv8, 13bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 13bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 13bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 13bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 13bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 13bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 13bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 14bv32);call write~init~intINTTYPE1(67bv8, 14bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 14bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 14bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 14bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 14bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 15bv32);call write~init~intINTTYPE1(79bv8, 15bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 15bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 15bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 16bv32);call write~init~intINTTYPE1(41bv8, 16bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 16bv32, 1bv32, 1bv32);call #Ultimate.allocInit(30bv32, 17bv32);call #Ultimate.allocInit(9bv32, 18bv32);call #Ultimate.allocInit(21bv32, 19bv32);call #Ultimate.allocInit(30bv32, 20bv32);call #Ultimate.allocInit(9bv32, 21bv32);call #Ultimate.allocInit(21bv32, 22bv32);call #Ultimate.allocInit(30bv32, 23bv32);call #Ultimate.allocInit(9bv32, 24bv32);call #Ultimate.allocInit(25bv32, 25bv32);call #Ultimate.allocInit(30bv32, 26bv32);call #Ultimate.allocInit(9bv32, 27bv32);call #Ultimate.allocInit(25bv32, 28bv32);~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~cleanupTimeShifts~0 := 4bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {589#true} is VALID [2022-02-20 18:08:41,969 INFO L290 TraceCheckUtils]: 1: Hoare triple {589#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret24#1, main_~retValue_acc~6#1, main_~tmp~2#1;havoc main_~retValue_acc~6#1;havoc main_~tmp~2#1;assume { :begin_inline_select_helpers } true; {589#true} is VALID [2022-02-20 18:08:41,969 INFO L290 TraceCheckUtils]: 2: Hoare triple {589#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {589#true} is VALID [2022-02-20 18:08:41,970 INFO L290 TraceCheckUtils]: 3: Hoare triple {589#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {589#true} is VALID [2022-02-20 18:08:41,970 INFO L290 TraceCheckUtils]: 4: Hoare triple {589#true} main_#t~ret24#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~2#1 := main_#t~ret24#1;havoc main_#t~ret24#1; {589#true} is VALID [2022-02-20 18:08:41,970 INFO L290 TraceCheckUtils]: 5: Hoare triple {589#true} assume 0bv32 != main_~tmp~2#1;assume { :begin_inline_setup } true; {589#true} is VALID [2022-02-20 18:08:41,970 INFO L290 TraceCheckUtils]: 6: Hoare triple {589#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet15#1, test_#t~nondet16#1, test_#t~nondet17#1, test_#t~nondet18#1, test_~splverifierCounter~0#1, test_~tmp~1#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~1#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {612#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} is VALID [2022-02-20 18:08:41,971 INFO L290 TraceCheckUtils]: 7: Hoare triple {612#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} assume !false; {612#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} is VALID [2022-02-20 18:08:41,971 INFO L290 TraceCheckUtils]: 8: Hoare triple {612#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} assume !~bvslt32(test_~splverifierCounter~0#1, 4bv32); {590#false} is VALID [2022-02-20 18:08:41,971 INFO L272 TraceCheckUtils]: 9: Hoare triple {590#false} call cleanup(); {590#false} is VALID [2022-02-20 18:08:41,972 INFO L290 TraceCheckUtils]: 10: Hoare triple {590#false} havoc ~i~0;havoc ~__cil_tmp2~0; {590#false} is VALID [2022-02-20 18:08:41,972 INFO L272 TraceCheckUtils]: 11: Hoare triple {590#false} call timeShift(); {590#false} is VALID [2022-02-20 18:08:41,972 INFO L290 TraceCheckUtils]: 12: Hoare triple {590#false} assume !(0bv32 != ~pumpRunning~0); {590#false} is VALID [2022-02-20 18:08:41,972 INFO L290 TraceCheckUtils]: 13: Hoare triple {590#false} assume !(0bv32 != ~systemActive~0); {590#false} is VALID [2022-02-20 18:08:41,973 INFO L290 TraceCheckUtils]: 14: Hoare triple {590#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret48#1, __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_~tmp~6#1, __utac_acc__Specification3_spec__1_~tmp___0~1#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~6#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~1#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {590#false} is VALID [2022-02-20 18:08:41,973 INFO L272 TraceCheckUtils]: 15: Hoare triple {590#false} call __utac_acc__Specification3_spec__1_#t~ret48#1 := isMethaneLevelCritical(); {590#false} is VALID [2022-02-20 18:08:41,973 INFO L290 TraceCheckUtils]: 16: Hoare triple {590#false} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {590#false} is VALID [2022-02-20 18:08:41,973 INFO L290 TraceCheckUtils]: 17: Hoare triple {590#false} assume true; {590#false} is VALID [2022-02-20 18:08:41,973 INFO L284 TraceCheckUtils]: 18: Hoare quadruple {590#false} {590#false} #204#return; {590#false} is VALID [2022-02-20 18:08:41,973 INFO L290 TraceCheckUtils]: 19: Hoare triple {590#false} __utac_acc__Specification3_spec__1_~tmp~6#1 := __utac_acc__Specification3_spec__1_#t~ret48#1;havoc __utac_acc__Specification3_spec__1_#t~ret48#1; {590#false} is VALID [2022-02-20 18:08:41,974 INFO L290 TraceCheckUtils]: 20: Hoare triple {590#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~6#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~5#1;havoc getWaterLevel_~retValue_acc~5#1;getWaterLevel_~retValue_acc~5#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~5#1; {590#false} is VALID [2022-02-20 18:08:41,974 INFO L290 TraceCheckUtils]: 21: Hoare triple {590#false} __utac_acc__Specification3_spec__1_#t~ret49#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~1#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {590#false} is VALID [2022-02-20 18:08:41,974 INFO L290 TraceCheckUtils]: 22: Hoare triple {590#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~1#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~3#1;havoc isPumpRunning_~retValue_acc~3#1;isPumpRunning_~retValue_acc~3#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~3#1; {590#false} is VALID [2022-02-20 18:08:41,974 INFO L290 TraceCheckUtils]: 23: Hoare triple {590#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {590#false} is VALID [2022-02-20 18:08:41,977 INFO L290 TraceCheckUtils]: 24: Hoare triple {590#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {590#false} is VALID [2022-02-20 18:08:41,978 INFO L290 TraceCheckUtils]: 25: Hoare triple {590#false} assume !false; {590#false} is VALID [2022-02-20 18:08:41,978 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:41,978 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:08:41,978 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:08:41,978 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [847005929] [2022-02-20 18:08:41,979 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [847005929] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:41,979 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:41,979 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:08:41,982 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1093152429] [2022-02-20 18:08:41,983 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:41,984 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:08:41,986 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:41,986 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:42,009 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 26 edges. 26 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:42,009 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:08:42,009 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:08:42,010 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:08:42,010 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:42,011 INFO L87 Difference]: Start difference. First operand 66 states and 84 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:42,123 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:42,123 INFO L93 Difference]: Finished difference Result 97 states and 123 transitions. [2022-02-20 18:08:42,124 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:08:42,124 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:08:42,124 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:42,125 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:42,130 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 123 transitions. [2022-02-20 18:08:42,130 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:42,148 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 123 transitions. [2022-02-20 18:08:42,148 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 123 transitions. [2022-02-20 18:08:42,256 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 123 edges. 123 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:42,258 INFO L225 Difference]: With dead ends: 97 [2022-02-20 18:08:42,258 INFO L226 Difference]: Without dead ends: 57 [2022-02-20 18:08:42,259 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 25 GetRequests, 24 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:42,259 INFO L933 BasicCegarLoop]: 71 mSDtfsCounter, 13 mSDsluCounter, 54 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 125 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:42,260 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [16 Valid, 125 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:42,260 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 57 states. [2022-02-20 18:08:42,263 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 57 to 57. [2022-02-20 18:08:42,263 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:42,264 INFO L82 GeneralOperation]: Start isEquivalent. First operand 57 states. Second operand has 57 states, 44 states have (on average 1.3181818181818181) internal successors, (58), 49 states have internal predecessors, (58), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:08:42,264 INFO L74 IsIncluded]: Start isIncluded. First operand 57 states. Second operand has 57 states, 44 states have (on average 1.3181818181818181) internal successors, (58), 49 states have internal predecessors, (58), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:08:42,264 INFO L87 Difference]: Start difference. First operand 57 states. Second operand has 57 states, 44 states have (on average 1.3181818181818181) internal successors, (58), 49 states have internal predecessors, (58), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:08:42,266 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:42,266 INFO L93 Difference]: Finished difference Result 57 states and 72 transitions. [2022-02-20 18:08:42,266 INFO L276 IsEmpty]: Start isEmpty. Operand 57 states and 72 transitions. [2022-02-20 18:08:42,267 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:42,267 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:42,267 INFO L74 IsIncluded]: Start isIncluded. First operand has 57 states, 44 states have (on average 1.3181818181818181) internal successors, (58), 49 states have internal predecessors, (58), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) Second operand 57 states. [2022-02-20 18:08:42,268 INFO L87 Difference]: Start difference. First operand has 57 states, 44 states have (on average 1.3181818181818181) internal successors, (58), 49 states have internal predecessors, (58), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) Second operand 57 states. [2022-02-20 18:08:42,269 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:42,269 INFO L93 Difference]: Finished difference Result 57 states and 72 transitions. [2022-02-20 18:08:42,269 INFO L276 IsEmpty]: Start isEmpty. Operand 57 states and 72 transitions. [2022-02-20 18:08:42,270 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:42,270 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:42,270 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:42,270 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:42,271 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 57 states, 44 states have (on average 1.3181818181818181) internal successors, (58), 49 states have internal predecessors, (58), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:08:42,272 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 57 states to 57 states and 72 transitions. [2022-02-20 18:08:42,272 INFO L78 Accepts]: Start accepts. Automaton has 57 states and 72 transitions. Word has length 26 [2022-02-20 18:08:42,272 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:42,272 INFO L470 AbstractCegarLoop]: Abstraction has 57 states and 72 transitions. [2022-02-20 18:08:42,273 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:42,273 INFO L276 IsEmpty]: Start isEmpty. Operand 57 states and 72 transitions. [2022-02-20 18:08:42,273 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2022-02-20 18:08:42,273 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:42,274 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:42,283 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Ended with exit code 0 [2022-02-20 18:08:42,482 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:08:42,483 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:42,483 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:42,483 INFO L85 PathProgramCache]: Analyzing trace with hash -735726567, now seen corresponding path program 1 times [2022-02-20 18:08:42,483 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:08:42,483 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [611384046] [2022-02-20 18:08:42,484 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:42,484 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:08:42,484 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:08:42,485 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:08:42,486 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Waiting until timeout for monitored process [2022-02-20 18:08:42,531 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:42,533 INFO L263 TraceCheckSpWp]: Trace formula consists of 157 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-20 18:08:42,541 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:42,542 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:08:42,616 INFO L290 TraceCheckUtils]: 0: Hoare triple {1006#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(13bv32, 4bv32);call #Ultimate.allocInit(3bv32, 5bv32);call write~init~intINTTYPE1(79bv8, 5bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 5bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 5bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 6bv32);call write~init~intINTTYPE1(79bv8, 6bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 6bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 6bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 6bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 7bv32);call write~init~intINTTYPE1(44bv8, 7bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 7bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 7bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 7bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 7bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 7bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 7bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 8bv32);call write~init~intINTTYPE1(79bv8, 8bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 8bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 8bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 9bv32);call write~init~intINTTYPE1(79bv8, 9bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 9bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 9bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 9bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 10bv32);call write~init~intINTTYPE1(41bv8, 10bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 10bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 10bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 11bv32);call write~init~intINTTYPE1(10bv8, 11bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 11bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 12bv32);call #Ultimate.allocInit(7bv32, 13bv32);call write~init~intINTTYPE1(44bv8, 13bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 13bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 13bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 13bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 13bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 13bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 13bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 14bv32);call write~init~intINTTYPE1(67bv8, 14bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 14bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 14bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 14bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 14bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 15bv32);call write~init~intINTTYPE1(79bv8, 15bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 15bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 15bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 16bv32);call write~init~intINTTYPE1(41bv8, 16bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 16bv32, 1bv32, 1bv32);call #Ultimate.allocInit(30bv32, 17bv32);call #Ultimate.allocInit(9bv32, 18bv32);call #Ultimate.allocInit(21bv32, 19bv32);call #Ultimate.allocInit(30bv32, 20bv32);call #Ultimate.allocInit(9bv32, 21bv32);call #Ultimate.allocInit(21bv32, 22bv32);call #Ultimate.allocInit(30bv32, 23bv32);call #Ultimate.allocInit(9bv32, 24bv32);call #Ultimate.allocInit(25bv32, 25bv32);call #Ultimate.allocInit(30bv32, 26bv32);call #Ultimate.allocInit(9bv32, 27bv32);call #Ultimate.allocInit(25bv32, 28bv32);~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~cleanupTimeShifts~0 := 4bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {1011#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:42,617 INFO L290 TraceCheckUtils]: 1: Hoare triple {1011#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret24#1, main_~retValue_acc~6#1, main_~tmp~2#1;havoc main_~retValue_acc~6#1;havoc main_~tmp~2#1;assume { :begin_inline_select_helpers } true; {1011#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:42,617 INFO L290 TraceCheckUtils]: 2: Hoare triple {1011#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1011#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:42,618 INFO L290 TraceCheckUtils]: 3: Hoare triple {1011#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {1011#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:42,618 INFO L290 TraceCheckUtils]: 4: Hoare triple {1011#(= ~systemActive~0 (_ bv1 32))} main_#t~ret24#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~2#1 := main_#t~ret24#1;havoc main_#t~ret24#1; {1011#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:42,618 INFO L290 TraceCheckUtils]: 5: Hoare triple {1011#(= ~systemActive~0 (_ bv1 32))} assume 0bv32 != main_~tmp~2#1;assume { :begin_inline_setup } true; {1011#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:42,619 INFO L290 TraceCheckUtils]: 6: Hoare triple {1011#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet15#1, test_#t~nondet16#1, test_#t~nondet17#1, test_#t~nondet18#1, test_~splverifierCounter~0#1, test_~tmp~1#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~1#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {1011#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:42,619 INFO L290 TraceCheckUtils]: 7: Hoare triple {1011#(= ~systemActive~0 (_ bv1 32))} assume !false; {1011#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:42,619 INFO L290 TraceCheckUtils]: 8: Hoare triple {1011#(= ~systemActive~0 (_ bv1 32))} assume ~bvslt32(test_~splverifierCounter~0#1, 4bv32); {1011#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:42,620 INFO L290 TraceCheckUtils]: 9: Hoare triple {1011#(= ~systemActive~0 (_ bv1 32))} test_~tmp~1#1 := test_#t~nondet15#1;havoc test_#t~nondet15#1; {1011#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:42,620 INFO L290 TraceCheckUtils]: 10: Hoare triple {1011#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != test_~tmp~1#1); {1011#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:42,620 INFO L290 TraceCheckUtils]: 11: Hoare triple {1011#(= ~systemActive~0 (_ bv1 32))} test_~tmp___0~0#1 := test_#t~nondet16#1;havoc test_#t~nondet16#1; {1011#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:42,621 INFO L290 TraceCheckUtils]: 12: Hoare triple {1011#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___0~0#1); {1011#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:42,621 INFO L290 TraceCheckUtils]: 13: Hoare triple {1011#(= ~systemActive~0 (_ bv1 32))} test_~tmp___2~0#1 := test_#t~nondet17#1;havoc test_#t~nondet17#1; {1011#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:42,621 INFO L290 TraceCheckUtils]: 14: Hoare triple {1011#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___2~0#1);test_~tmp___1~0#1 := test_#t~nondet18#1;havoc test_#t~nondet18#1; {1011#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:42,622 INFO L290 TraceCheckUtils]: 15: Hoare triple {1011#(= ~systemActive~0 (_ bv1 32))} assume 0bv32 != test_~tmp___1~0#1; {1011#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:42,622 INFO L272 TraceCheckUtils]: 16: Hoare triple {1011#(= ~systemActive~0 (_ bv1 32))} call timeShift(); {1011#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:42,623 INFO L290 TraceCheckUtils]: 17: Hoare triple {1011#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {1011#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:42,623 INFO L290 TraceCheckUtils]: 18: Hoare triple {1011#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != ~systemActive~0); {1007#false} is VALID [2022-02-20 18:08:42,623 INFO L290 TraceCheckUtils]: 19: Hoare triple {1007#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret48#1, __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_~tmp~6#1, __utac_acc__Specification3_spec__1_~tmp___0~1#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~6#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~1#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {1007#false} is VALID [2022-02-20 18:08:42,623 INFO L272 TraceCheckUtils]: 20: Hoare triple {1007#false} call __utac_acc__Specification3_spec__1_#t~ret48#1 := isMethaneLevelCritical(); {1007#false} is VALID [2022-02-20 18:08:42,623 INFO L290 TraceCheckUtils]: 21: Hoare triple {1007#false} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {1007#false} is VALID [2022-02-20 18:08:42,624 INFO L290 TraceCheckUtils]: 22: Hoare triple {1007#false} assume true; {1007#false} is VALID [2022-02-20 18:08:42,624 INFO L284 TraceCheckUtils]: 23: Hoare quadruple {1007#false} {1007#false} #204#return; {1007#false} is VALID [2022-02-20 18:08:42,624 INFO L290 TraceCheckUtils]: 24: Hoare triple {1007#false} __utac_acc__Specification3_spec__1_~tmp~6#1 := __utac_acc__Specification3_spec__1_#t~ret48#1;havoc __utac_acc__Specification3_spec__1_#t~ret48#1; {1007#false} is VALID [2022-02-20 18:08:42,624 INFO L290 TraceCheckUtils]: 25: Hoare triple {1007#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~6#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~5#1;havoc getWaterLevel_~retValue_acc~5#1;getWaterLevel_~retValue_acc~5#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~5#1; {1007#false} is VALID [2022-02-20 18:08:42,624 INFO L290 TraceCheckUtils]: 26: Hoare triple {1007#false} __utac_acc__Specification3_spec__1_#t~ret49#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~1#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {1007#false} is VALID [2022-02-20 18:08:42,631 INFO L290 TraceCheckUtils]: 27: Hoare triple {1007#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~1#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~3#1;havoc isPumpRunning_~retValue_acc~3#1;isPumpRunning_~retValue_acc~3#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~3#1; {1007#false} is VALID [2022-02-20 18:08:42,631 INFO L290 TraceCheckUtils]: 28: Hoare triple {1007#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {1007#false} is VALID [2022-02-20 18:08:42,631 INFO L290 TraceCheckUtils]: 29: Hoare triple {1007#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {1007#false} is VALID [2022-02-20 18:08:42,632 INFO L290 TraceCheckUtils]: 30: Hoare triple {1007#false} assume !false; {1007#false} is VALID [2022-02-20 18:08:42,632 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:42,632 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:08:42,632 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:08:42,632 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [611384046] [2022-02-20 18:08:42,632 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [611384046] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:42,633 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:42,633 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:08:42,633 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [786058080] [2022-02-20 18:08:42,633 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:42,633 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 2 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 31 [2022-02-20 18:08:42,634 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:42,634 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 2 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:42,664 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 31 edges. 31 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:42,665 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:08:42,665 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:08:42,665 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:08:42,665 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:42,666 INFO L87 Difference]: Start difference. First operand 57 states and 72 transitions. Second operand has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 2 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:42,731 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:42,731 INFO L93 Difference]: Finished difference Result 107 states and 138 transitions. [2022-02-20 18:08:42,731 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:08:42,732 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 2 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 31 [2022-02-20 18:08:42,732 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:42,732 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 2 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:42,733 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 138 transitions. [2022-02-20 18:08:42,734 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 2 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:42,736 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 138 transitions. [2022-02-20 18:08:42,736 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 138 transitions. [2022-02-20 18:08:42,835 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 138 edges. 138 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:42,836 INFO L225 Difference]: With dead ends: 107 [2022-02-20 18:08:42,836 INFO L226 Difference]: Without dead ends: 57 [2022-02-20 18:08:42,836 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 30 GetRequests, 29 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:42,837 INFO L933 BasicCegarLoop]: 70 mSDtfsCounter, 52 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 52 SdHoareTripleChecker+Valid, 70 SdHoareTripleChecker+Invalid, 2 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:42,837 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [52 Valid, 70 Invalid, 2 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:42,838 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 57 states. [2022-02-20 18:08:42,850 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 57 to 57. [2022-02-20 18:08:42,850 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:42,851 INFO L82 GeneralOperation]: Start isEquivalent. First operand 57 states. Second operand has 57 states, 44 states have (on average 1.2954545454545454) internal successors, (57), 49 states have internal predecessors, (57), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:08:42,851 INFO L74 IsIncluded]: Start isIncluded. First operand 57 states. Second operand has 57 states, 44 states have (on average 1.2954545454545454) internal successors, (57), 49 states have internal predecessors, (57), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:08:42,851 INFO L87 Difference]: Start difference. First operand 57 states. Second operand has 57 states, 44 states have (on average 1.2954545454545454) internal successors, (57), 49 states have internal predecessors, (57), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:08:42,854 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:42,854 INFO L93 Difference]: Finished difference Result 57 states and 71 transitions. [2022-02-20 18:08:42,854 INFO L276 IsEmpty]: Start isEmpty. Operand 57 states and 71 transitions. [2022-02-20 18:08:42,856 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:42,856 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:42,857 INFO L74 IsIncluded]: Start isIncluded. First operand has 57 states, 44 states have (on average 1.2954545454545454) internal successors, (57), 49 states have internal predecessors, (57), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) Second operand 57 states. [2022-02-20 18:08:42,857 INFO L87 Difference]: Start difference. First operand has 57 states, 44 states have (on average 1.2954545454545454) internal successors, (57), 49 states have internal predecessors, (57), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) Second operand 57 states. [2022-02-20 18:08:42,859 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:42,859 INFO L93 Difference]: Finished difference Result 57 states and 71 transitions. [2022-02-20 18:08:42,859 INFO L276 IsEmpty]: Start isEmpty. Operand 57 states and 71 transitions. [2022-02-20 18:08:42,860 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:42,860 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:42,860 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:42,860 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:42,861 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 57 states, 44 states have (on average 1.2954545454545454) internal successors, (57), 49 states have internal predecessors, (57), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:08:42,862 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 57 states to 57 states and 71 transitions. [2022-02-20 18:08:42,863 INFO L78 Accepts]: Start accepts. Automaton has 57 states and 71 transitions. Word has length 31 [2022-02-20 18:08:42,863 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:42,863 INFO L470 AbstractCegarLoop]: Abstraction has 57 states and 71 transitions. [2022-02-20 18:08:42,863 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 2 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:42,863 INFO L276 IsEmpty]: Start isEmpty. Operand 57 states and 71 transitions. [2022-02-20 18:08:42,864 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 37 [2022-02-20 18:08:42,864 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:42,864 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:42,884 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Forceful destruction successful, exit code 0 [2022-02-20 18:08:43,073 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:08:43,073 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:43,073 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:43,074 INFO L85 PathProgramCache]: Analyzing trace with hash -499241908, now seen corresponding path program 1 times [2022-02-20 18:08:43,074 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:08:43,074 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [2041663996] [2022-02-20 18:08:43,074 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:43,074 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:08:43,074 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:08:43,075 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:08:43,077 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Waiting until timeout for monitored process [2022-02-20 18:08:43,116 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:43,118 INFO L263 TraceCheckSpWp]: Trace formula consists of 164 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 18:08:43,133 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:43,135 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:08:43,252 INFO L290 TraceCheckUtils]: 0: Hoare triple {1450#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(13bv32, 4bv32);call #Ultimate.allocInit(3bv32, 5bv32);call write~init~intINTTYPE1(79bv8, 5bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 5bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 5bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 6bv32);call write~init~intINTTYPE1(79bv8, 6bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 6bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 6bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 6bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 7bv32);call write~init~intINTTYPE1(44bv8, 7bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 7bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 7bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 7bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 7bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 7bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 7bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 8bv32);call write~init~intINTTYPE1(79bv8, 8bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 8bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 8bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 9bv32);call write~init~intINTTYPE1(79bv8, 9bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 9bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 9bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 9bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 10bv32);call write~init~intINTTYPE1(41bv8, 10bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 10bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 10bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 11bv32);call write~init~intINTTYPE1(10bv8, 11bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 11bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 12bv32);call #Ultimate.allocInit(7bv32, 13bv32);call write~init~intINTTYPE1(44bv8, 13bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 13bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 13bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 13bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 13bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 13bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 13bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 14bv32);call write~init~intINTTYPE1(67bv8, 14bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 14bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 14bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 14bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 14bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 15bv32);call write~init~intINTTYPE1(79bv8, 15bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 15bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 15bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 16bv32);call write~init~intINTTYPE1(41bv8, 16bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 16bv32, 1bv32, 1bv32);call #Ultimate.allocInit(30bv32, 17bv32);call #Ultimate.allocInit(9bv32, 18bv32);call #Ultimate.allocInit(21bv32, 19bv32);call #Ultimate.allocInit(30bv32, 20bv32);call #Ultimate.allocInit(9bv32, 21bv32);call #Ultimate.allocInit(21bv32, 22bv32);call #Ultimate.allocInit(30bv32, 23bv32);call #Ultimate.allocInit(9bv32, 24bv32);call #Ultimate.allocInit(25bv32, 25bv32);call #Ultimate.allocInit(30bv32, 26bv32);call #Ultimate.allocInit(9bv32, 27bv32);call #Ultimate.allocInit(25bv32, 28bv32);~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~cleanupTimeShifts~0 := 4bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,252 INFO L290 TraceCheckUtils]: 1: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret24#1, main_~retValue_acc~6#1, main_~tmp~2#1;havoc main_~retValue_acc~6#1;havoc main_~tmp~2#1;assume { :begin_inline_select_helpers } true; {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,253 INFO L290 TraceCheckUtils]: 2: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,253 INFO L290 TraceCheckUtils]: 3: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,253 INFO L290 TraceCheckUtils]: 4: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} main_#t~ret24#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~2#1 := main_#t~ret24#1;havoc main_#t~ret24#1; {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,254 INFO L290 TraceCheckUtils]: 5: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} assume 0bv32 != main_~tmp~2#1;assume { :begin_inline_setup } true; {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,254 INFO L290 TraceCheckUtils]: 6: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet15#1, test_#t~nondet16#1, test_#t~nondet17#1, test_#t~nondet18#1, test_~splverifierCounter~0#1, test_~tmp~1#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~1#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,254 INFO L290 TraceCheckUtils]: 7: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} assume !false; {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,255 INFO L290 TraceCheckUtils]: 8: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} assume ~bvslt32(test_~splverifierCounter~0#1, 4bv32); {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,255 INFO L290 TraceCheckUtils]: 9: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} test_~tmp~1#1 := test_#t~nondet15#1;havoc test_#t~nondet15#1; {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,255 INFO L290 TraceCheckUtils]: 10: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != test_~tmp~1#1); {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,255 INFO L290 TraceCheckUtils]: 11: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} test_~tmp___0~0#1 := test_#t~nondet16#1;havoc test_#t~nondet16#1; {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,256 INFO L290 TraceCheckUtils]: 12: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___0~0#1); {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,256 INFO L290 TraceCheckUtils]: 13: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} test_~tmp___2~0#1 := test_#t~nondet17#1;havoc test_#t~nondet17#1; {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,256 INFO L290 TraceCheckUtils]: 14: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___2~0#1);test_~tmp___1~0#1 := test_#t~nondet18#1;havoc test_#t~nondet18#1; {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,257 INFO L290 TraceCheckUtils]: 15: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} assume 0bv32 != test_~tmp___1~0#1; {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,257 INFO L272 TraceCheckUtils]: 16: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} call timeShift(); {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,258 INFO L290 TraceCheckUtils]: 17: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,258 INFO L290 TraceCheckUtils]: 18: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} assume 0bv32 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret5#1, processEnvironment_~tmp~0#1;havoc processEnvironment_~tmp~0#1; {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,258 INFO L290 TraceCheckUtils]: 19: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,259 INFO L272 TraceCheckUtils]: 20: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} call processEnvironment__wrappee__base(); {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,259 INFO L290 TraceCheckUtils]: 21: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} assume true; {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,261 INFO L284 TraceCheckUtils]: 22: Hoare quadruple {1455#(= ~waterLevel~0 (_ bv1 32))} {1455#(= ~waterLevel~0 (_ bv1 32))} #202#return; {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,261 INFO L290 TraceCheckUtils]: 23: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_processEnvironment } true; {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,262 INFO L290 TraceCheckUtils]: 24: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret48#1, __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_~tmp~6#1, __utac_acc__Specification3_spec__1_~tmp___0~1#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~6#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~1#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,262 INFO L272 TraceCheckUtils]: 25: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} call __utac_acc__Specification3_spec__1_#t~ret48#1 := isMethaneLevelCritical(); {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,262 INFO L290 TraceCheckUtils]: 26: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,263 INFO L290 TraceCheckUtils]: 27: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} assume true; {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,264 INFO L284 TraceCheckUtils]: 28: Hoare quadruple {1455#(= ~waterLevel~0 (_ bv1 32))} {1455#(= ~waterLevel~0 (_ bv1 32))} #204#return; {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,264 INFO L290 TraceCheckUtils]: 29: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} __utac_acc__Specification3_spec__1_~tmp~6#1 := __utac_acc__Specification3_spec__1_#t~ret48#1;havoc __utac_acc__Specification3_spec__1_#t~ret48#1; {1455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:43,265 INFO L290 TraceCheckUtils]: 30: Hoare triple {1455#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~6#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~5#1;havoc getWaterLevel_~retValue_acc~5#1;getWaterLevel_~retValue_acc~5#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~5#1; {1546#(= |timeShift_getWaterLevel_#res#1| (_ bv1 32))} is VALID [2022-02-20 18:08:43,266 INFO L290 TraceCheckUtils]: 31: Hoare triple {1546#(= |timeShift_getWaterLevel_#res#1| (_ bv1 32))} __utac_acc__Specification3_spec__1_#t~ret49#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~1#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {1550#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~1#1| (_ bv1 32))} is VALID [2022-02-20 18:08:43,266 INFO L290 TraceCheckUtils]: 32: Hoare triple {1550#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~1#1| (_ bv1 32))} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~1#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~3#1;havoc isPumpRunning_~retValue_acc~3#1;isPumpRunning_~retValue_acc~3#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~3#1; {1451#false} is VALID [2022-02-20 18:08:43,274 INFO L290 TraceCheckUtils]: 33: Hoare triple {1451#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {1451#false} is VALID [2022-02-20 18:08:43,274 INFO L290 TraceCheckUtils]: 34: Hoare triple {1451#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {1451#false} is VALID [2022-02-20 18:08:43,276 INFO L290 TraceCheckUtils]: 35: Hoare triple {1451#false} assume !false; {1451#false} is VALID [2022-02-20 18:08:43,276 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:43,276 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:08:43,276 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:08:43,276 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [2041663996] [2022-02-20 18:08:43,276 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [2041663996] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:43,276 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:43,276 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 18:08:43,277 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1605602698] [2022-02-20 18:08:43,277 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:43,277 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 36 [2022-02-20 18:08:43,277 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:43,278 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:43,303 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 36 edges. 36 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:43,304 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 18:08:43,305 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:08:43,306 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 18:08:43,306 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 18:08:43,306 INFO L87 Difference]: Start difference. First operand 57 states and 71 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:43,534 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:43,534 INFO L93 Difference]: Finished difference Result 153 states and 199 transitions. [2022-02-20 18:08:43,535 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 18:08:43,535 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 36 [2022-02-20 18:08:43,535 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:43,535 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:43,542 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 199 transitions. [2022-02-20 18:08:43,542 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:43,545 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 199 transitions. [2022-02-20 18:08:43,545 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 199 transitions. [2022-02-20 18:08:43,706 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 199 edges. 199 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:43,710 INFO L225 Difference]: With dead ends: 153 [2022-02-20 18:08:43,710 INFO L226 Difference]: Without dead ends: 103 [2022-02-20 18:08:43,710 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 37 GetRequests, 32 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-02-20 18:08:43,711 INFO L933 BasicCegarLoop]: 76 mSDtfsCounter, 36 mSDsluCounter, 208 mSDsCounter, 0 mSdLazyCounter, 21 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 36 SdHoareTripleChecker+Valid, 284 SdHoareTripleChecker+Invalid, 23 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 21 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:43,712 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [36 Valid, 284 Invalid, 23 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 21 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:43,712 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 103 states. [2022-02-20 18:08:43,720 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 103 to 100. [2022-02-20 18:08:43,720 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:43,720 INFO L82 GeneralOperation]: Start isEquivalent. First operand 103 states. Second operand has 100 states, 76 states have (on average 1.2894736842105263) internal successors, (98), 84 states have internal predecessors, (98), 14 states have call successors, (14), 10 states have call predecessors, (14), 9 states have return successors, (15), 11 states have call predecessors, (15), 14 states have call successors, (15) [2022-02-20 18:08:43,721 INFO L74 IsIncluded]: Start isIncluded. First operand 103 states. Second operand has 100 states, 76 states have (on average 1.2894736842105263) internal successors, (98), 84 states have internal predecessors, (98), 14 states have call successors, (14), 10 states have call predecessors, (14), 9 states have return successors, (15), 11 states have call predecessors, (15), 14 states have call successors, (15) [2022-02-20 18:08:43,721 INFO L87 Difference]: Start difference. First operand 103 states. Second operand has 100 states, 76 states have (on average 1.2894736842105263) internal successors, (98), 84 states have internal predecessors, (98), 14 states have call successors, (14), 10 states have call predecessors, (14), 9 states have return successors, (15), 11 states have call predecessors, (15), 14 states have call successors, (15) [2022-02-20 18:08:43,725 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:43,725 INFO L93 Difference]: Finished difference Result 103 states and 130 transitions. [2022-02-20 18:08:43,725 INFO L276 IsEmpty]: Start isEmpty. Operand 103 states and 130 transitions. [2022-02-20 18:08:43,725 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:43,726 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:43,726 INFO L74 IsIncluded]: Start isIncluded. First operand has 100 states, 76 states have (on average 1.2894736842105263) internal successors, (98), 84 states have internal predecessors, (98), 14 states have call successors, (14), 10 states have call predecessors, (14), 9 states have return successors, (15), 11 states have call predecessors, (15), 14 states have call successors, (15) Second operand 103 states. [2022-02-20 18:08:43,727 INFO L87 Difference]: Start difference. First operand has 100 states, 76 states have (on average 1.2894736842105263) internal successors, (98), 84 states have internal predecessors, (98), 14 states have call successors, (14), 10 states have call predecessors, (14), 9 states have return successors, (15), 11 states have call predecessors, (15), 14 states have call successors, (15) Second operand 103 states. [2022-02-20 18:08:43,731 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:43,731 INFO L93 Difference]: Finished difference Result 103 states and 130 transitions. [2022-02-20 18:08:43,731 INFO L276 IsEmpty]: Start isEmpty. Operand 103 states and 130 transitions. [2022-02-20 18:08:43,731 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:43,731 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:43,731 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:43,732 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:43,732 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 100 states, 76 states have (on average 1.2894736842105263) internal successors, (98), 84 states have internal predecessors, (98), 14 states have call successors, (14), 10 states have call predecessors, (14), 9 states have return successors, (15), 11 states have call predecessors, (15), 14 states have call successors, (15) [2022-02-20 18:08:43,736 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 100 states to 100 states and 127 transitions. [2022-02-20 18:08:43,736 INFO L78 Accepts]: Start accepts. Automaton has 100 states and 127 transitions. Word has length 36 [2022-02-20 18:08:43,736 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:43,736 INFO L470 AbstractCegarLoop]: Abstraction has 100 states and 127 transitions. [2022-02-20 18:08:43,736 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:43,736 INFO L276 IsEmpty]: Start isEmpty. Operand 100 states and 127 transitions. [2022-02-20 18:08:43,737 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2022-02-20 18:08:43,737 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:43,737 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:43,746 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Forceful destruction successful, exit code 0 [2022-02-20 18:08:43,943 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:08:43,944 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:43,944 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:43,944 INFO L85 PathProgramCache]: Analyzing trace with hash 810891442, now seen corresponding path program 1 times [2022-02-20 18:08:43,944 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:08:43,944 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [868525489] [2022-02-20 18:08:43,944 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:43,944 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:08:43,945 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:08:43,945 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:08:43,947 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Waiting until timeout for monitored process [2022-02-20 18:08:43,987 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:08:43,987 INFO L352 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2022-02-20 18:08:44,008 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:08:44,036 INFO L138 FreeRefinementEngine]: Strategy WOLF found a feasible trace [2022-02-20 18:08:44,037 INFO L628 BasicCegarLoop]: Counterexample is feasible [2022-02-20 18:08:44,037 INFO L764 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-02-20 18:08:44,071 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Forceful destruction successful, exit code 0 [2022-02-20 18:08:44,245 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:08:44,248 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1] [2022-02-20 18:08:44,249 INFO L180 ceAbstractionStarter]: Computing trace abstraction results [2022-02-20 18:08:44,266 FATAL L489 DefaultTranslator]: Callstack has procedure call flag but succeeding procedure is empty at [CALL] call waterRise(); [2022-02-20 18:08:44,267 FATAL L? ?]: The Plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction has thrown an exception: java.lang.AssertionError: callstack broken after backtranslation by InlinerBacktranslator at de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:216) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:206) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getProgramExecutionAsString(CounterExampleResult.java:155) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getLongDescription(CounterExampleResult.java:134) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ResultService.reportResult(ResultService.java:86) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.CegarLoopResultReporter.reportResult(CegarLoopResultReporter.java:141) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.reportLocationResults(TraceAbstractionStarter.java:607) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.runCegarLoops(TraceAbstractionStarter.java:182) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.(TraceAbstractionStarter.java:156) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver.finish(TraceAbstractionObserver.java:123) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runObserver(PluginConnector.java:168) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runTool(PluginConnector.java:151) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.run(PluginConnector.java:128) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.executePluginConnector(ToolchainWalker.java:232) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.processPlugin(ToolchainWalker.java:226) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walkUnprotected(ToolchainWalker.java:142) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walk(ToolchainWalker.java:104) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainManager$Toolchain.processToolchain(ToolchainManager.java:320) at de.uni_freiburg.informatik.ultimate.core.coreplugin.toolchain.DefaultToolchainJob.run(DefaultToolchainJob.java:145) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:63) [2022-02-20 18:08:44,269 INFO L158 Benchmark]: Toolchain (without parser) took 4391.76ms. Allocated memory was 50.3MB in the beginning and 92.3MB in the end (delta: 41.9MB). Free memory was 25.8MB in the beginning and 38.3MB in the end (delta: -12.6MB). Peak memory consumption was 29.9MB. Max. memory is 16.1GB. [2022-02-20 18:08:44,269 INFO L158 Benchmark]: CDTParser took 0.15ms. Allocated memory is still 50.3MB. Free memory was 31.5MB in the beginning and 31.4MB in the end (delta: 43.4kB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:08:44,269 INFO L158 Benchmark]: CACSL2BoogieTranslator took 533.95ms. Allocated memory was 50.3MB in the beginning and 62.9MB in the end (delta: 12.6MB). Free memory was 25.6MB in the beginning and 39.9MB in the end (delta: -14.3MB). Peak memory consumption was 10.1MB. Max. memory is 16.1GB. [2022-02-20 18:08:44,270 INFO L158 Benchmark]: Boogie Procedure Inliner took 61.64ms. Allocated memory is still 62.9MB. Free memory was 39.9MB in the beginning and 37.5MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:08:44,270 INFO L158 Benchmark]: Boogie Preprocessor took 39.19ms. Allocated memory is still 62.9MB. Free memory was 37.5MB in the beginning and 35.8MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:08:44,270 INFO L158 Benchmark]: RCFGBuilder took 353.00ms. Allocated memory is still 62.9MB. Free memory was 35.6MB in the beginning and 34.8MB in the end (delta: 767.0kB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2022-02-20 18:08:44,270 INFO L158 Benchmark]: TraceAbstraction took 3399.07ms. Allocated memory was 62.9MB in the beginning and 92.3MB in the end (delta: 29.4MB). Free memory was 34.3MB in the beginning and 38.3MB in the end (delta: -4.0MB). Peak memory consumption was 24.8MB. Max. memory is 16.1GB. [2022-02-20 18:08:44,271 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.15ms. Allocated memory is still 50.3MB. Free memory was 31.5MB in the beginning and 31.4MB in the end (delta: 43.4kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 533.95ms. Allocated memory was 50.3MB in the beginning and 62.9MB in the end (delta: 12.6MB). Free memory was 25.6MB in the beginning and 39.9MB in the end (delta: -14.3MB). Peak memory consumption was 10.1MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 61.64ms. Allocated memory is still 62.9MB. Free memory was 39.9MB in the beginning and 37.5MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 39.19ms. Allocated memory is still 62.9MB. Free memory was 37.5MB in the beginning and 35.8MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 353.00ms. Allocated memory is still 62.9MB. Free memory was 35.6MB in the beginning and 34.8MB in the end (delta: 767.0kB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * TraceAbstraction took 3399.07ms. Allocated memory was 62.9MB in the beginning and 92.3MB in the end (delta: 29.4MB). Free memory was 34.3MB in the beginning and 38.3MB in the end (delta: -4.0MB). Peak memory consumption was 24.8MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: AssertionError: callstack broken after backtranslation by InlinerBacktranslator: de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) RESULT: Ultimate could not prove your program: Toolchain returned no result. [2022-02-20 18:08:44,300 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: ERROR: ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator