./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec3_product07.cil.c --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 03d7b7b3 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_product07.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash a64b003b731919e31189fa64bb054d2c00bb1b0f73ef780cb3fb445d82092416 --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 18:08:33,710 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 18:08:33,711 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 18:08:33,729 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 18:08:33,730 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 18:08:33,730 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 18:08:33,731 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 18:08:33,733 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 18:08:33,734 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 18:08:33,735 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 18:08:33,735 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 18:08:33,736 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 18:08:33,736 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 18:08:33,737 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 18:08:33,738 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 18:08:33,739 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 18:08:33,739 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 18:08:33,740 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 18:08:33,741 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 18:08:33,742 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 18:08:33,743 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 18:08:33,744 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 18:08:33,745 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 18:08:33,745 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 18:08:33,747 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 18:08:33,747 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 18:08:33,747 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 18:08:33,748 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 18:08:33,748 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 18:08:33,749 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 18:08:33,749 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 18:08:33,750 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 18:08:33,750 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 18:08:33,751 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 18:08:33,752 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 18:08:33,752 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 18:08:33,752 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 18:08:33,753 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 18:08:33,753 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 18:08:33,754 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 18:08:33,754 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 18:08:33,755 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-02-20 18:08:33,768 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 18:08:33,768 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 18:08:33,769 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 18:08:33,769 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 18:08:33,769 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 18:08:33,770 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 18:08:33,770 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 18:08:33,770 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 18:08:33,770 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 18:08:33,771 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 18:08:33,771 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 18:08:33,771 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 18:08:33,771 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 18:08:33,771 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 18:08:33,771 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-02-20 18:08:33,772 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 18:08:33,772 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-02-20 18:08:33,772 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 18:08:33,772 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-02-20 18:08:33,772 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 18:08:33,772 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-02-20 18:08:33,773 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 18:08:33,773 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 18:08:33,773 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 18:08:33,773 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:08:33,773 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 18:08:33,773 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 18:08:33,773 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-02-20 18:08:33,774 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-02-20 18:08:33,774 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-02-20 18:08:33,774 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2022-02-20 18:08:33,774 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-02-20 18:08:33,774 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-02-20 18:08:33,774 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> a64b003b731919e31189fa64bb054d2c00bb1b0f73ef780cb3fb445d82092416 [2022-02-20 18:08:33,961 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 18:08:33,980 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 18:08:33,982 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 18:08:33,983 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 18:08:33,989 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 18:08:33,990 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_product07.cil.c [2022-02-20 18:08:34,060 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/60bfd4393/b801ce5dbb1c455aa9d26bb0486a6b15/FLAG109e92065 [2022-02-20 18:08:34,407 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 18:08:34,407 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product07.cil.c [2022-02-20 18:08:34,419 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/60bfd4393/b801ce5dbb1c455aa9d26bb0486a6b15/FLAG109e92065 [2022-02-20 18:08:34,797 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/60bfd4393/b801ce5dbb1c455aa9d26bb0486a6b15 [2022-02-20 18:08:34,799 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 18:08:34,800 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 18:08:34,803 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 18:08:34,804 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 18:08:34,806 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 18:08:34,807 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:08:34" (1/1) ... [2022-02-20 18:08:34,808 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@4acb9728 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:34, skipping insertion in model container [2022-02-20 18:08:34,809 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:08:34" (1/1) ... [2022-02-20 18:08:34,814 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 18:08:34,845 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:08:34,975 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product07.cil.c[1605,1618] [2022-02-20 18:08:35,109 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:08:35,121 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 18:08:35,134 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product07.cil.c[1605,1618] [2022-02-20 18:08:35,211 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:08:35,225 INFO L208 MainTranslator]: Completed translation [2022-02-20 18:08:35,227 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:35 WrapperNode [2022-02-20 18:08:35,227 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 18:08:35,229 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 18:08:35,229 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 18:08:35,229 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 18:08:35,234 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:35" (1/1) ... [2022-02-20 18:08:35,263 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:35" (1/1) ... [2022-02-20 18:08:35,294 INFO L137 Inliner]: procedures = 51, calls = 151, calls flagged for inlining = 19, calls inlined = 16, statements flattened = 216 [2022-02-20 18:08:35,298 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 18:08:35,299 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 18:08:35,299 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 18:08:35,299 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 18:08:35,305 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:35" (1/1) ... [2022-02-20 18:08:35,305 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:35" (1/1) ... [2022-02-20 18:08:35,309 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:35" (1/1) ... [2022-02-20 18:08:35,310 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:35" (1/1) ... [2022-02-20 18:08:35,317 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:35" (1/1) ... [2022-02-20 18:08:35,331 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:35" (1/1) ... [2022-02-20 18:08:35,332 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:35" (1/1) ... [2022-02-20 18:08:35,336 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 18:08:35,337 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 18:08:35,337 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 18:08:35,337 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 18:08:35,339 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:35" (1/1) ... [2022-02-20 18:08:35,344 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:08:35,351 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 18:08:35,361 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 18:08:35,366 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 18:08:35,388 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 18:08:35,388 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-02-20 18:08:35,388 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-02-20 18:08:35,388 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-02-20 18:08:35,389 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-02-20 18:08:35,389 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-02-20 18:08:35,389 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-02-20 18:08:35,389 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-02-20 18:08:35,389 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-02-20 18:08:35,389 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-02-20 18:08:35,389 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-02-20 18:08:35,390 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-02-20 18:08:35,390 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-02-20 18:08:35,390 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-02-20 18:08:35,390 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-02-20 18:08:35,390 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-02-20 18:08:35,390 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 18:08:35,390 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 18:08:35,444 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 18:08:35,446 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 18:08:35,733 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 18:08:35,738 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 18:08:35,739 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-02-20 18:08:35,741 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:08:35 BoogieIcfgContainer [2022-02-20 18:08:35,754 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 18:08:35,756 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 18:08:35,756 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 18:08:35,758 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 18:08:35,758 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 06:08:34" (1/3) ... [2022-02-20 18:08:35,759 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@559d79f5 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:08:35, skipping insertion in model container [2022-02-20 18:08:35,759 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:35" (2/3) ... [2022-02-20 18:08:35,759 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@559d79f5 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:08:35, skipping insertion in model container [2022-02-20 18:08:35,759 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:08:35" (3/3) ... [2022-02-20 18:08:35,760 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product07.cil.c [2022-02-20 18:08:35,764 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 18:08:35,774 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-02-20 18:08:35,810 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 18:08:35,814 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 18:08:35,814 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-02-20 18:08:35,845 INFO L276 IsEmpty]: Start isEmpty. Operand has 81 states, 60 states have (on average 1.3833333333333333) internal successors, (83), 67 states have internal predecessors, (83), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:08:35,849 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 18:08:35,851 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:35,851 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:35,851 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:35,855 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:35,855 INFO L85 PathProgramCache]: Analyzing trace with hash 1914579699, now seen corresponding path program 1 times [2022-02-20 18:08:35,861 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:08:35,862 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [76868908] [2022-02-20 18:08:35,862 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:35,863 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:08:35,951 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:36,026 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-02-20 18:08:36,035 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:36,046 INFO L290 TraceCheckUtils]: 0: Hoare triple {84#true} havoc ~retValue_acc~8;~retValue_acc~8 := ~methaneLevelCritical~0;#res := ~retValue_acc~8; {84#true} is VALID [2022-02-20 18:08:36,047 INFO L290 TraceCheckUtils]: 1: Hoare triple {84#true} assume true; {84#true} is VALID [2022-02-20 18:08:36,048 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {84#true} {85#false} #211#return; {85#false} is VALID [2022-02-20 18:08:36,056 INFO L290 TraceCheckUtils]: 0: Hoare triple {84#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(30, 4);call #Ultimate.allocInit(9, 5);call #Ultimate.allocInit(21, 6);call #Ultimate.allocInit(30, 7);call #Ultimate.allocInit(9, 8);call #Ultimate.allocInit(21, 9);call #Ultimate.allocInit(30, 10);call #Ultimate.allocInit(9, 11);call #Ultimate.allocInit(25, 12);call #Ultimate.allocInit(30, 13);call #Ultimate.allocInit(9, 14);call #Ultimate.allocInit(25, 15);call #Ultimate.allocInit(13, 16);call #Ultimate.allocInit(3, 17);call write~init~int(79, 17, 0, 1);call write~init~int(110, 17, 1, 1);call write~init~int(0, 17, 2, 1);call #Ultimate.allocInit(4, 18);call write~init~int(79, 18, 0, 1);call write~init~int(102, 18, 1, 1);call write~init~int(102, 18, 2, 1);call write~init~int(0, 18, 3, 1);call #Ultimate.allocInit(7, 19);call write~init~int(44, 19, 0, 1);call write~init~int(80, 19, 1, 1);call write~init~int(117, 19, 2, 1);call write~init~int(109, 19, 3, 1);call write~init~int(112, 19, 4, 1);call write~init~int(58, 19, 5, 1);call write~init~int(0, 19, 6, 1);call #Ultimate.allocInit(3, 20);call write~init~int(79, 20, 0, 1);call write~init~int(110, 20, 1, 1);call write~init~int(0, 20, 2, 1);call #Ultimate.allocInit(4, 21);call write~init~int(79, 21, 0, 1);call write~init~int(102, 21, 1, 1);call write~init~int(102, 21, 2, 1);call write~init~int(0, 21, 3, 1);call #Ultimate.allocInit(3, 22);call write~init~int(41, 22, 0, 1);call write~init~int(32, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(2, 23);call write~init~int(10, 23, 0, 1);call write~init~int(0, 23, 1, 1);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~cleanupTimeShifts~0 := 4;~head~0.base, ~head~0.offset := 0, 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0; {84#true} is VALID [2022-02-20 18:08:36,057 INFO L290 TraceCheckUtils]: 1: Hoare triple {84#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret5#1, main_~retValue_acc~2#1, main_~tmp~0#1;havoc main_~retValue_acc~2#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {84#true} is VALID [2022-02-20 18:08:36,057 INFO L290 TraceCheckUtils]: 2: Hoare triple {84#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {84#true} is VALID [2022-02-20 18:08:36,058 INFO L290 TraceCheckUtils]: 3: Hoare triple {84#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {84#true} is VALID [2022-02-20 18:08:36,058 INFO L290 TraceCheckUtils]: 4: Hoare triple {84#true} main_#t~ret5#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret5#1 && main_#t~ret5#1 <= 2147483647;main_~tmp~0#1 := main_#t~ret5#1;havoc main_#t~ret5#1; {84#true} is VALID [2022-02-20 18:08:36,059 INFO L290 TraceCheckUtils]: 5: Hoare triple {84#true} assume 0 != main_~tmp~0#1;assume { :begin_inline_setup } true; {84#true} is VALID [2022-02-20 18:08:36,059 INFO L290 TraceCheckUtils]: 6: Hoare triple {84#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet42#1, test_#t~nondet43#1, test_#t~nondet44#1, test_#t~nondet45#1, test_~splverifierCounter~0#1, test_~tmp~6#1, test_~tmp___0~1#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~6#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {84#true} is VALID [2022-02-20 18:08:36,060 INFO L290 TraceCheckUtils]: 7: Hoare triple {84#true} assume false; {85#false} is VALID [2022-02-20 18:08:36,061 INFO L272 TraceCheckUtils]: 8: Hoare triple {85#false} call cleanup(); {85#false} is VALID [2022-02-20 18:08:36,063 INFO L290 TraceCheckUtils]: 9: Hoare triple {85#false} havoc ~i~0;havoc ~__cil_tmp2~0; {85#false} is VALID [2022-02-20 18:08:36,064 INFO L272 TraceCheckUtils]: 10: Hoare triple {85#false} call timeShift(); {85#false} is VALID [2022-02-20 18:08:36,064 INFO L290 TraceCheckUtils]: 11: Hoare triple {85#false} assume !(0 != ~pumpRunning~0); {85#false} is VALID [2022-02-20 18:08:36,065 INFO L290 TraceCheckUtils]: 12: Hoare triple {85#false} assume !(0 != ~systemActive~0); {85#false} is VALID [2022-02-20 18:08:36,065 INFO L290 TraceCheckUtils]: 13: Hoare triple {85#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret29#1, __utac_acc__Specification3_spec__1_#t~ret30#1, __utac_acc__Specification3_spec__1_#t~ret31#1, __utac_acc__Specification3_spec__1_~tmp~4#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~4#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {85#false} is VALID [2022-02-20 18:08:36,065 INFO L272 TraceCheckUtils]: 14: Hoare triple {85#false} call __utac_acc__Specification3_spec__1_#t~ret29#1 := isMethaneLevelCritical(); {84#true} is VALID [2022-02-20 18:08:36,065 INFO L290 TraceCheckUtils]: 15: Hoare triple {84#true} havoc ~retValue_acc~8;~retValue_acc~8 := ~methaneLevelCritical~0;#res := ~retValue_acc~8; {84#true} is VALID [2022-02-20 18:08:36,065 INFO L290 TraceCheckUtils]: 16: Hoare triple {84#true} assume true; {84#true} is VALID [2022-02-20 18:08:36,066 INFO L284 TraceCheckUtils]: 17: Hoare quadruple {84#true} {85#false} #211#return; {85#false} is VALID [2022-02-20 18:08:36,066 INFO L290 TraceCheckUtils]: 18: Hoare triple {85#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret29#1 && __utac_acc__Specification3_spec__1_#t~ret29#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~4#1 := __utac_acc__Specification3_spec__1_#t~ret29#1;havoc __utac_acc__Specification3_spec__1_#t~ret29#1; {85#false} is VALID [2022-02-20 18:08:36,066 INFO L290 TraceCheckUtils]: 19: Hoare triple {85#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~4#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~9#1;havoc getWaterLevel_~retValue_acc~9#1;getWaterLevel_~retValue_acc~9#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~9#1; {85#false} is VALID [2022-02-20 18:08:36,067 INFO L290 TraceCheckUtils]: 20: Hoare triple {85#false} __utac_acc__Specification3_spec__1_#t~ret30#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret30#1 && __utac_acc__Specification3_spec__1_#t~ret30#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret30#1;havoc __utac_acc__Specification3_spec__1_#t~ret30#1; {85#false} is VALID [2022-02-20 18:08:36,067 INFO L290 TraceCheckUtils]: 21: Hoare triple {85#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {85#false} is VALID [2022-02-20 18:08:36,067 INFO L290 TraceCheckUtils]: 22: Hoare triple {85#false} __utac_acc__Specification3_spec__1_#t~ret31#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret31#1 && __utac_acc__Specification3_spec__1_#t~ret31#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret31#1;havoc __utac_acc__Specification3_spec__1_#t~ret31#1; {85#false} is VALID [2022-02-20 18:08:36,068 INFO L290 TraceCheckUtils]: 23: Hoare triple {85#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {85#false} is VALID [2022-02-20 18:08:36,068 INFO L290 TraceCheckUtils]: 24: Hoare triple {85#false} assume !false; {85#false} is VALID [2022-02-20 18:08:36,068 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:36,070 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:08:36,070 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [76868908] [2022-02-20 18:08:36,071 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [76868908] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:36,071 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:36,071 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:08:36,072 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [790462553] [2022-02-20 18:08:36,074 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:36,078 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:08:36,080 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:36,083 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:36,123 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:36,123 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-02-20 18:08:36,123 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:08:36,145 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-02-20 18:08:36,146 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:08:36,148 INFO L87 Difference]: Start difference. First operand has 81 states, 60 states have (on average 1.3833333333333333) internal successors, (83), 67 states have internal predecessors, (83), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:36,250 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:36,251 INFO L93 Difference]: Finished difference Result 154 states and 209 transitions. [2022-02-20 18:08:36,251 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-02-20 18:08:36,251 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:08:36,251 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:36,252 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:36,278 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 209 transitions. [2022-02-20 18:08:36,279 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:36,286 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 209 transitions. [2022-02-20 18:08:36,286 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 209 transitions. [2022-02-20 18:08:36,444 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 209 edges. 209 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:36,455 INFO L225 Difference]: With dead ends: 154 [2022-02-20 18:08:36,455 INFO L226 Difference]: Without dead ends: 72 [2022-02-20 18:08:36,458 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:08:36,460 INFO L933 BasicCegarLoop]: 101 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 101 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:36,462 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 101 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:36,476 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 72 states. [2022-02-20 18:08:36,494 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 72 to 72. [2022-02-20 18:08:36,495 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:36,498 INFO L82 GeneralOperation]: Start isEquivalent. First operand 72 states. Second operand has 72 states, 53 states have (on average 1.3018867924528301) internal successors, (69), 59 states have internal predecessors, (69), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:08:36,500 INFO L74 IsIncluded]: Start isIncluded. First operand 72 states. Second operand has 72 states, 53 states have (on average 1.3018867924528301) internal successors, (69), 59 states have internal predecessors, (69), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:08:36,500 INFO L87 Difference]: Start difference. First operand 72 states. Second operand has 72 states, 53 states have (on average 1.3018867924528301) internal successors, (69), 59 states have internal predecessors, (69), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:08:36,506 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:36,506 INFO L93 Difference]: Finished difference Result 72 states and 92 transitions. [2022-02-20 18:08:36,506 INFO L276 IsEmpty]: Start isEmpty. Operand 72 states and 92 transitions. [2022-02-20 18:08:36,507 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:36,507 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:36,507 INFO L74 IsIncluded]: Start isIncluded. First operand has 72 states, 53 states have (on average 1.3018867924528301) internal successors, (69), 59 states have internal predecessors, (69), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) Second operand 72 states. [2022-02-20 18:08:36,508 INFO L87 Difference]: Start difference. First operand has 72 states, 53 states have (on average 1.3018867924528301) internal successors, (69), 59 states have internal predecessors, (69), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) Second operand 72 states. [2022-02-20 18:08:36,512 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:36,513 INFO L93 Difference]: Finished difference Result 72 states and 92 transitions. [2022-02-20 18:08:36,513 INFO L276 IsEmpty]: Start isEmpty. Operand 72 states and 92 transitions. [2022-02-20 18:08:36,514 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:36,514 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:36,514 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:36,514 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:36,514 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 72 states, 53 states have (on average 1.3018867924528301) internal successors, (69), 59 states have internal predecessors, (69), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:08:36,517 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 72 states to 72 states and 92 transitions. [2022-02-20 18:08:36,518 INFO L78 Accepts]: Start accepts. Automaton has 72 states and 92 transitions. Word has length 25 [2022-02-20 18:08:36,519 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:36,519 INFO L470 AbstractCegarLoop]: Abstraction has 72 states and 92 transitions. [2022-02-20 18:08:36,519 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:36,519 INFO L276 IsEmpty]: Start isEmpty. Operand 72 states and 92 transitions. [2022-02-20 18:08:36,520 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-02-20 18:08:36,520 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:36,520 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:36,521 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-02-20 18:08:36,521 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:36,521 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:36,521 INFO L85 PathProgramCache]: Analyzing trace with hash 1832804488, now seen corresponding path program 1 times [2022-02-20 18:08:36,521 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:08:36,522 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2043446958] [2022-02-20 18:08:36,522 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:36,522 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:08:36,557 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:36,591 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2022-02-20 18:08:36,593 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:36,595 INFO L290 TraceCheckUtils]: 0: Hoare triple {562#true} havoc ~retValue_acc~8;~retValue_acc~8 := ~methaneLevelCritical~0;#res := ~retValue_acc~8; {562#true} is VALID [2022-02-20 18:08:36,595 INFO L290 TraceCheckUtils]: 1: Hoare triple {562#true} assume true; {562#true} is VALID [2022-02-20 18:08:36,596 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {562#true} {563#false} #211#return; {563#false} is VALID [2022-02-20 18:08:36,596 INFO L290 TraceCheckUtils]: 0: Hoare triple {562#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(30, 4);call #Ultimate.allocInit(9, 5);call #Ultimate.allocInit(21, 6);call #Ultimate.allocInit(30, 7);call #Ultimate.allocInit(9, 8);call #Ultimate.allocInit(21, 9);call #Ultimate.allocInit(30, 10);call #Ultimate.allocInit(9, 11);call #Ultimate.allocInit(25, 12);call #Ultimate.allocInit(30, 13);call #Ultimate.allocInit(9, 14);call #Ultimate.allocInit(25, 15);call #Ultimate.allocInit(13, 16);call #Ultimate.allocInit(3, 17);call write~init~int(79, 17, 0, 1);call write~init~int(110, 17, 1, 1);call write~init~int(0, 17, 2, 1);call #Ultimate.allocInit(4, 18);call write~init~int(79, 18, 0, 1);call write~init~int(102, 18, 1, 1);call write~init~int(102, 18, 2, 1);call write~init~int(0, 18, 3, 1);call #Ultimate.allocInit(7, 19);call write~init~int(44, 19, 0, 1);call write~init~int(80, 19, 1, 1);call write~init~int(117, 19, 2, 1);call write~init~int(109, 19, 3, 1);call write~init~int(112, 19, 4, 1);call write~init~int(58, 19, 5, 1);call write~init~int(0, 19, 6, 1);call #Ultimate.allocInit(3, 20);call write~init~int(79, 20, 0, 1);call write~init~int(110, 20, 1, 1);call write~init~int(0, 20, 2, 1);call #Ultimate.allocInit(4, 21);call write~init~int(79, 21, 0, 1);call write~init~int(102, 21, 1, 1);call write~init~int(102, 21, 2, 1);call write~init~int(0, 21, 3, 1);call #Ultimate.allocInit(3, 22);call write~init~int(41, 22, 0, 1);call write~init~int(32, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(2, 23);call write~init~int(10, 23, 0, 1);call write~init~int(0, 23, 1, 1);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~cleanupTimeShifts~0 := 4;~head~0.base, ~head~0.offset := 0, 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0; {562#true} is VALID [2022-02-20 18:08:36,596 INFO L290 TraceCheckUtils]: 1: Hoare triple {562#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret5#1, main_~retValue_acc~2#1, main_~tmp~0#1;havoc main_~retValue_acc~2#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {562#true} is VALID [2022-02-20 18:08:36,596 INFO L290 TraceCheckUtils]: 2: Hoare triple {562#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {562#true} is VALID [2022-02-20 18:08:36,596 INFO L290 TraceCheckUtils]: 3: Hoare triple {562#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {562#true} is VALID [2022-02-20 18:08:36,596 INFO L290 TraceCheckUtils]: 4: Hoare triple {562#true} main_#t~ret5#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret5#1 && main_#t~ret5#1 <= 2147483647;main_~tmp~0#1 := main_#t~ret5#1;havoc main_#t~ret5#1; {562#true} is VALID [2022-02-20 18:08:36,596 INFO L290 TraceCheckUtils]: 5: Hoare triple {562#true} assume 0 != main_~tmp~0#1;assume { :begin_inline_setup } true; {562#true} is VALID [2022-02-20 18:08:36,597 INFO L290 TraceCheckUtils]: 6: Hoare triple {562#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet42#1, test_#t~nondet43#1, test_#t~nondet44#1, test_#t~nondet45#1, test_~splverifierCounter~0#1, test_~tmp~6#1, test_~tmp___0~1#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~6#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {564#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:08:36,597 INFO L290 TraceCheckUtils]: 7: Hoare triple {564#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !false; {564#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:08:36,598 INFO L290 TraceCheckUtils]: 8: Hoare triple {564#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !(test_~splverifierCounter~0#1 < 4); {563#false} is VALID [2022-02-20 18:08:36,598 INFO L272 TraceCheckUtils]: 9: Hoare triple {563#false} call cleanup(); {563#false} is VALID [2022-02-20 18:08:36,598 INFO L290 TraceCheckUtils]: 10: Hoare triple {563#false} havoc ~i~0;havoc ~__cil_tmp2~0; {563#false} is VALID [2022-02-20 18:08:36,598 INFO L272 TraceCheckUtils]: 11: Hoare triple {563#false} call timeShift(); {563#false} is VALID [2022-02-20 18:08:36,598 INFO L290 TraceCheckUtils]: 12: Hoare triple {563#false} assume !(0 != ~pumpRunning~0); {563#false} is VALID [2022-02-20 18:08:36,598 INFO L290 TraceCheckUtils]: 13: Hoare triple {563#false} assume !(0 != ~systemActive~0); {563#false} is VALID [2022-02-20 18:08:36,598 INFO L290 TraceCheckUtils]: 14: Hoare triple {563#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret29#1, __utac_acc__Specification3_spec__1_#t~ret30#1, __utac_acc__Specification3_spec__1_#t~ret31#1, __utac_acc__Specification3_spec__1_~tmp~4#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~4#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {563#false} is VALID [2022-02-20 18:08:36,598 INFO L272 TraceCheckUtils]: 15: Hoare triple {563#false} call __utac_acc__Specification3_spec__1_#t~ret29#1 := isMethaneLevelCritical(); {562#true} is VALID [2022-02-20 18:08:36,599 INFO L290 TraceCheckUtils]: 16: Hoare triple {562#true} havoc ~retValue_acc~8;~retValue_acc~8 := ~methaneLevelCritical~0;#res := ~retValue_acc~8; {562#true} is VALID [2022-02-20 18:08:36,617 INFO L290 TraceCheckUtils]: 17: Hoare triple {562#true} assume true; {562#true} is VALID [2022-02-20 18:08:36,617 INFO L284 TraceCheckUtils]: 18: Hoare quadruple {562#true} {563#false} #211#return; {563#false} is VALID [2022-02-20 18:08:36,617 INFO L290 TraceCheckUtils]: 19: Hoare triple {563#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret29#1 && __utac_acc__Specification3_spec__1_#t~ret29#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~4#1 := __utac_acc__Specification3_spec__1_#t~ret29#1;havoc __utac_acc__Specification3_spec__1_#t~ret29#1; {563#false} is VALID [2022-02-20 18:08:36,617 INFO L290 TraceCheckUtils]: 20: Hoare triple {563#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~4#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~9#1;havoc getWaterLevel_~retValue_acc~9#1;getWaterLevel_~retValue_acc~9#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~9#1; {563#false} is VALID [2022-02-20 18:08:36,617 INFO L290 TraceCheckUtils]: 21: Hoare triple {563#false} __utac_acc__Specification3_spec__1_#t~ret30#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret30#1 && __utac_acc__Specification3_spec__1_#t~ret30#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret30#1;havoc __utac_acc__Specification3_spec__1_#t~ret30#1; {563#false} is VALID [2022-02-20 18:08:36,618 INFO L290 TraceCheckUtils]: 22: Hoare triple {563#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {563#false} is VALID [2022-02-20 18:08:36,618 INFO L290 TraceCheckUtils]: 23: Hoare triple {563#false} __utac_acc__Specification3_spec__1_#t~ret31#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret31#1 && __utac_acc__Specification3_spec__1_#t~ret31#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret31#1;havoc __utac_acc__Specification3_spec__1_#t~ret31#1; {563#false} is VALID [2022-02-20 18:08:36,618 INFO L290 TraceCheckUtils]: 24: Hoare triple {563#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {563#false} is VALID [2022-02-20 18:08:36,618 INFO L290 TraceCheckUtils]: 25: Hoare triple {563#false} assume !false; {563#false} is VALID [2022-02-20 18:08:36,618 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:36,618 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:08:36,618 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2043446958] [2022-02-20 18:08:36,619 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2043446958] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:36,619 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:36,619 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:08:36,619 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1651560393] [2022-02-20 18:08:36,619 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:36,620 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:08:36,620 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:36,620 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:36,637 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 26 edges. 26 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:36,638 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:08:36,638 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:08:36,638 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:08:36,638 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:36,638 INFO L87 Difference]: Start difference. First operand 72 states and 92 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:36,719 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:36,719 INFO L93 Difference]: Finished difference Result 106 states and 134 transitions. [2022-02-20 18:08:36,719 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:08:36,719 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:08:36,719 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:36,719 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:36,722 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 134 transitions. [2022-02-20 18:08:36,722 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:36,724 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 134 transitions. [2022-02-20 18:08:36,724 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 134 transitions. [2022-02-20 18:08:36,811 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 134 edges. 134 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:36,813 INFO L225 Difference]: With dead ends: 106 [2022-02-20 18:08:36,813 INFO L226 Difference]: Without dead ends: 63 [2022-02-20 18:08:36,813 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:36,814 INFO L933 BasicCegarLoop]: 79 mSDtfsCounter, 16 mSDsluCounter, 58 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 137 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:36,814 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [20 Valid, 137 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:36,815 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 63 states. [2022-02-20 18:08:36,819 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 63 to 63. [2022-02-20 18:08:36,819 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:36,819 INFO L82 GeneralOperation]: Start isEquivalent. First operand 63 states. Second operand has 63 states, 47 states have (on average 1.3191489361702127) internal successors, (62), 53 states have internal predecessors, (62), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:08:36,819 INFO L74 IsIncluded]: Start isIncluded. First operand 63 states. Second operand has 63 states, 47 states have (on average 1.3191489361702127) internal successors, (62), 53 states have internal predecessors, (62), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:08:36,820 INFO L87 Difference]: Start difference. First operand 63 states. Second operand has 63 states, 47 states have (on average 1.3191489361702127) internal successors, (62), 53 states have internal predecessors, (62), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:08:36,822 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:36,822 INFO L93 Difference]: Finished difference Result 63 states and 80 transitions. [2022-02-20 18:08:36,822 INFO L276 IsEmpty]: Start isEmpty. Operand 63 states and 80 transitions. [2022-02-20 18:08:36,822 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:36,822 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:36,823 INFO L74 IsIncluded]: Start isIncluded. First operand has 63 states, 47 states have (on average 1.3191489361702127) internal successors, (62), 53 states have internal predecessors, (62), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) Second operand 63 states. [2022-02-20 18:08:36,823 INFO L87 Difference]: Start difference. First operand has 63 states, 47 states have (on average 1.3191489361702127) internal successors, (62), 53 states have internal predecessors, (62), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) Second operand 63 states. [2022-02-20 18:08:36,825 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:36,825 INFO L93 Difference]: Finished difference Result 63 states and 80 transitions. [2022-02-20 18:08:36,825 INFO L276 IsEmpty]: Start isEmpty. Operand 63 states and 80 transitions. [2022-02-20 18:08:36,825 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:36,825 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:36,825 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:36,826 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:36,826 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 63 states, 47 states have (on average 1.3191489361702127) internal successors, (62), 53 states have internal predecessors, (62), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:08:36,827 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 63 states to 63 states and 80 transitions. [2022-02-20 18:08:36,828 INFO L78 Accepts]: Start accepts. Automaton has 63 states and 80 transitions. Word has length 26 [2022-02-20 18:08:36,828 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:36,828 INFO L470 AbstractCegarLoop]: Abstraction has 63 states and 80 transitions. [2022-02-20 18:08:36,828 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:36,828 INFO L276 IsEmpty]: Start isEmpty. Operand 63 states and 80 transitions. [2022-02-20 18:08:36,829 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-02-20 18:08:36,829 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:36,829 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:36,829 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-02-20 18:08:36,829 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:36,829 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:36,829 INFO L85 PathProgramCache]: Analyzing trace with hash 930685850, now seen corresponding path program 1 times [2022-02-20 18:08:36,830 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:08:36,830 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1709246679] [2022-02-20 18:08:36,830 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:36,830 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:08:36,852 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:36,890 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-02-20 18:08:36,892 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:36,894 INFO L290 TraceCheckUtils]: 0: Hoare triple {939#true} havoc ~retValue_acc~8;~retValue_acc~8 := ~methaneLevelCritical~0;#res := ~retValue_acc~8; {939#true} is VALID [2022-02-20 18:08:36,894 INFO L290 TraceCheckUtils]: 1: Hoare triple {939#true} assume true; {939#true} is VALID [2022-02-20 18:08:36,894 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {939#true} {940#false} #211#return; {940#false} is VALID [2022-02-20 18:08:36,896 INFO L290 TraceCheckUtils]: 0: Hoare triple {939#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(30, 4);call #Ultimate.allocInit(9, 5);call #Ultimate.allocInit(21, 6);call #Ultimate.allocInit(30, 7);call #Ultimate.allocInit(9, 8);call #Ultimate.allocInit(21, 9);call #Ultimate.allocInit(30, 10);call #Ultimate.allocInit(9, 11);call #Ultimate.allocInit(25, 12);call #Ultimate.allocInit(30, 13);call #Ultimate.allocInit(9, 14);call #Ultimate.allocInit(25, 15);call #Ultimate.allocInit(13, 16);call #Ultimate.allocInit(3, 17);call write~init~int(79, 17, 0, 1);call write~init~int(110, 17, 1, 1);call write~init~int(0, 17, 2, 1);call #Ultimate.allocInit(4, 18);call write~init~int(79, 18, 0, 1);call write~init~int(102, 18, 1, 1);call write~init~int(102, 18, 2, 1);call write~init~int(0, 18, 3, 1);call #Ultimate.allocInit(7, 19);call write~init~int(44, 19, 0, 1);call write~init~int(80, 19, 1, 1);call write~init~int(117, 19, 2, 1);call write~init~int(109, 19, 3, 1);call write~init~int(112, 19, 4, 1);call write~init~int(58, 19, 5, 1);call write~init~int(0, 19, 6, 1);call #Ultimate.allocInit(3, 20);call write~init~int(79, 20, 0, 1);call write~init~int(110, 20, 1, 1);call write~init~int(0, 20, 2, 1);call #Ultimate.allocInit(4, 21);call write~init~int(79, 21, 0, 1);call write~init~int(102, 21, 1, 1);call write~init~int(102, 21, 2, 1);call write~init~int(0, 21, 3, 1);call #Ultimate.allocInit(3, 22);call write~init~int(41, 22, 0, 1);call write~init~int(32, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(2, 23);call write~init~int(10, 23, 0, 1);call write~init~int(0, 23, 1, 1);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~cleanupTimeShifts~0 := 4;~head~0.base, ~head~0.offset := 0, 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0; {941#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:08:36,896 INFO L290 TraceCheckUtils]: 1: Hoare triple {941#(= 1 ~systemActive~0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret5#1, main_~retValue_acc~2#1, main_~tmp~0#1;havoc main_~retValue_acc~2#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {941#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:08:36,897 INFO L290 TraceCheckUtils]: 2: Hoare triple {941#(= 1 ~systemActive~0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {941#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:08:36,897 INFO L290 TraceCheckUtils]: 3: Hoare triple {941#(= 1 ~systemActive~0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {942#(= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)} is VALID [2022-02-20 18:08:36,898 INFO L290 TraceCheckUtils]: 4: Hoare triple {942#(= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)} main_#t~ret5#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret5#1 && main_#t~ret5#1 <= 2147483647;main_~tmp~0#1 := main_#t~ret5#1;havoc main_#t~ret5#1; {943#(= |ULTIMATE.start_main_~tmp~0#1| ~systemActive~0)} is VALID [2022-02-20 18:08:36,898 INFO L290 TraceCheckUtils]: 5: Hoare triple {943#(= |ULTIMATE.start_main_~tmp~0#1| ~systemActive~0)} assume 0 != main_~tmp~0#1;assume { :begin_inline_setup } true; {944#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:36,898 INFO L290 TraceCheckUtils]: 6: Hoare triple {944#(not (= 0 ~systemActive~0))} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet42#1, test_#t~nondet43#1, test_#t~nondet44#1, test_#t~nondet45#1, test_~splverifierCounter~0#1, test_~tmp~6#1, test_~tmp___0~1#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~6#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {944#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:36,899 INFO L290 TraceCheckUtils]: 7: Hoare triple {944#(not (= 0 ~systemActive~0))} assume !false; {944#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:36,899 INFO L290 TraceCheckUtils]: 8: Hoare triple {944#(not (= 0 ~systemActive~0))} assume test_~splverifierCounter~0#1 < 4; {944#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:36,900 INFO L290 TraceCheckUtils]: 9: Hoare triple {944#(not (= 0 ~systemActive~0))} assume -2147483648 <= test_#t~nondet42#1 && test_#t~nondet42#1 <= 2147483647;test_~tmp~6#1 := test_#t~nondet42#1;havoc test_#t~nondet42#1; {944#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:36,900 INFO L290 TraceCheckUtils]: 10: Hoare triple {944#(not (= 0 ~systemActive~0))} assume !(0 != test_~tmp~6#1); {944#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:36,900 INFO L290 TraceCheckUtils]: 11: Hoare triple {944#(not (= 0 ~systemActive~0))} assume -2147483648 <= test_#t~nondet43#1 && test_#t~nondet43#1 <= 2147483647;test_~tmp___0~1#1 := test_#t~nondet43#1;havoc test_#t~nondet43#1; {944#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:36,901 INFO L290 TraceCheckUtils]: 12: Hoare triple {944#(not (= 0 ~systemActive~0))} assume !(0 != test_~tmp___0~1#1); {944#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:36,901 INFO L290 TraceCheckUtils]: 13: Hoare triple {944#(not (= 0 ~systemActive~0))} assume -2147483648 <= test_#t~nondet44#1 && test_#t~nondet44#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet44#1;havoc test_#t~nondet44#1; {944#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:36,902 INFO L290 TraceCheckUtils]: 14: Hoare triple {944#(not (= 0 ~systemActive~0))} assume 0 != test_~tmp___2~0#1; {944#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:36,915 INFO L272 TraceCheckUtils]: 15: Hoare triple {944#(not (= 0 ~systemActive~0))} call timeShift(); {944#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:36,916 INFO L290 TraceCheckUtils]: 16: Hoare triple {944#(not (= 0 ~systemActive~0))} assume !(0 != ~pumpRunning~0); {944#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:36,916 INFO L290 TraceCheckUtils]: 17: Hoare triple {944#(not (= 0 ~systemActive~0))} assume !(0 != ~systemActive~0); {940#false} is VALID [2022-02-20 18:08:36,916 INFO L290 TraceCheckUtils]: 18: Hoare triple {940#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret29#1, __utac_acc__Specification3_spec__1_#t~ret30#1, __utac_acc__Specification3_spec__1_#t~ret31#1, __utac_acc__Specification3_spec__1_~tmp~4#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~4#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {940#false} is VALID [2022-02-20 18:08:36,916 INFO L272 TraceCheckUtils]: 19: Hoare triple {940#false} call __utac_acc__Specification3_spec__1_#t~ret29#1 := isMethaneLevelCritical(); {939#true} is VALID [2022-02-20 18:08:36,917 INFO L290 TraceCheckUtils]: 20: Hoare triple {939#true} havoc ~retValue_acc~8;~retValue_acc~8 := ~methaneLevelCritical~0;#res := ~retValue_acc~8; {939#true} is VALID [2022-02-20 18:08:36,917 INFO L290 TraceCheckUtils]: 21: Hoare triple {939#true} assume true; {939#true} is VALID [2022-02-20 18:08:36,917 INFO L284 TraceCheckUtils]: 22: Hoare quadruple {939#true} {940#false} #211#return; {940#false} is VALID [2022-02-20 18:08:36,917 INFO L290 TraceCheckUtils]: 23: Hoare triple {940#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret29#1 && __utac_acc__Specification3_spec__1_#t~ret29#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~4#1 := __utac_acc__Specification3_spec__1_#t~ret29#1;havoc __utac_acc__Specification3_spec__1_#t~ret29#1; {940#false} is VALID [2022-02-20 18:08:36,917 INFO L290 TraceCheckUtils]: 24: Hoare triple {940#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~4#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~9#1;havoc getWaterLevel_~retValue_acc~9#1;getWaterLevel_~retValue_acc~9#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~9#1; {940#false} is VALID [2022-02-20 18:08:36,917 INFO L290 TraceCheckUtils]: 25: Hoare triple {940#false} __utac_acc__Specification3_spec__1_#t~ret30#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret30#1 && __utac_acc__Specification3_spec__1_#t~ret30#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret30#1;havoc __utac_acc__Specification3_spec__1_#t~ret30#1; {940#false} is VALID [2022-02-20 18:08:36,917 INFO L290 TraceCheckUtils]: 26: Hoare triple {940#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {940#false} is VALID [2022-02-20 18:08:36,918 INFO L290 TraceCheckUtils]: 27: Hoare triple {940#false} __utac_acc__Specification3_spec__1_#t~ret31#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret31#1 && __utac_acc__Specification3_spec__1_#t~ret31#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret31#1;havoc __utac_acc__Specification3_spec__1_#t~ret31#1; {940#false} is VALID [2022-02-20 18:08:36,918 INFO L290 TraceCheckUtils]: 28: Hoare triple {940#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {940#false} is VALID [2022-02-20 18:08:36,918 INFO L290 TraceCheckUtils]: 29: Hoare triple {940#false} assume !false; {940#false} is VALID [2022-02-20 18:08:36,918 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:36,918 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:08:36,919 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1709246679] [2022-02-20 18:08:36,919 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1709246679] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:36,919 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:36,919 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 18:08:36,919 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [28494780] [2022-02-20 18:08:36,919 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:36,920 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:08:36,920 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:36,920 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:36,940 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 30 edges. 30 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:36,940 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 18:08:36,940 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:08:36,941 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 18:08:36,941 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-02-20 18:08:36,941 INFO L87 Difference]: Start difference. First operand 63 states and 80 transitions. Second operand has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:37,342 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:37,342 INFO L93 Difference]: Finished difference Result 218 states and 284 transitions. [2022-02-20 18:08:37,342 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 18:08:37,343 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:08:37,343 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:37,343 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:37,351 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 284 transitions. [2022-02-20 18:08:37,352 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:37,358 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 284 transitions. [2022-02-20 18:08:37,358 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 284 transitions. [2022-02-20 18:08:37,529 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 284 edges. 284 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:37,533 INFO L225 Difference]: With dead ends: 218 [2022-02-20 18:08:37,533 INFO L226 Difference]: Without dead ends: 162 [2022-02-20 18:08:37,534 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2022-02-20 18:08:37,535 INFO L933 BasicCegarLoop]: 102 mSDtfsCounter, 167 mSDsluCounter, 333 mSDsCounter, 0 mSdLazyCounter, 89 mSolverCounterSat, 14 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 167 SdHoareTripleChecker+Valid, 435 SdHoareTripleChecker+Invalid, 103 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 14 IncrementalHoareTripleChecker+Valid, 89 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:37,535 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [167 Valid, 435 Invalid, 103 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [14 Valid, 89 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 18:08:37,536 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 162 states. [2022-02-20 18:08:37,545 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 162 to 156. [2022-02-20 18:08:37,545 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:37,546 INFO L82 GeneralOperation]: Start isEquivalent. First operand 162 states. Second operand has 156 states, 115 states have (on average 1.3565217391304347) internal successors, (156), 129 states have internal predecessors, (156), 23 states have call successors, (23), 17 states have call predecessors, (23), 17 states have return successors, (24), 17 states have call predecessors, (24), 23 states have call successors, (24) [2022-02-20 18:08:37,546 INFO L74 IsIncluded]: Start isIncluded. First operand 162 states. Second operand has 156 states, 115 states have (on average 1.3565217391304347) internal successors, (156), 129 states have internal predecessors, (156), 23 states have call successors, (23), 17 states have call predecessors, (23), 17 states have return successors, (24), 17 states have call predecessors, (24), 23 states have call successors, (24) [2022-02-20 18:08:37,547 INFO L87 Difference]: Start difference. First operand 162 states. Second operand has 156 states, 115 states have (on average 1.3565217391304347) internal successors, (156), 129 states have internal predecessors, (156), 23 states have call successors, (23), 17 states have call predecessors, (23), 17 states have return successors, (24), 17 states have call predecessors, (24), 23 states have call successors, (24) [2022-02-20 18:08:37,551 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:37,551 INFO L93 Difference]: Finished difference Result 162 states and 207 transitions. [2022-02-20 18:08:37,551 INFO L276 IsEmpty]: Start isEmpty. Operand 162 states and 207 transitions. [2022-02-20 18:08:37,552 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:37,552 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:37,553 INFO L74 IsIncluded]: Start isIncluded. First operand has 156 states, 115 states have (on average 1.3565217391304347) internal successors, (156), 129 states have internal predecessors, (156), 23 states have call successors, (23), 17 states have call predecessors, (23), 17 states have return successors, (24), 17 states have call predecessors, (24), 23 states have call successors, (24) Second operand 162 states. [2022-02-20 18:08:37,553 INFO L87 Difference]: Start difference. First operand has 156 states, 115 states have (on average 1.3565217391304347) internal successors, (156), 129 states have internal predecessors, (156), 23 states have call successors, (23), 17 states have call predecessors, (23), 17 states have return successors, (24), 17 states have call predecessors, (24), 23 states have call successors, (24) Second operand 162 states. [2022-02-20 18:08:37,557 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:37,557 INFO L93 Difference]: Finished difference Result 162 states and 207 transitions. [2022-02-20 18:08:37,557 INFO L276 IsEmpty]: Start isEmpty. Operand 162 states and 207 transitions. [2022-02-20 18:08:37,558 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:37,558 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:37,558 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:37,558 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:37,559 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 156 states, 115 states have (on average 1.3565217391304347) internal successors, (156), 129 states have internal predecessors, (156), 23 states have call successors, (23), 17 states have call predecessors, (23), 17 states have return successors, (24), 17 states have call predecessors, (24), 23 states have call successors, (24) [2022-02-20 18:08:37,563 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 156 states to 156 states and 203 transitions. [2022-02-20 18:08:37,563 INFO L78 Accepts]: Start accepts. Automaton has 156 states and 203 transitions. Word has length 30 [2022-02-20 18:08:37,563 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:37,563 INFO L470 AbstractCegarLoop]: Abstraction has 156 states and 203 transitions. [2022-02-20 18:08:37,564 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:37,564 INFO L276 IsEmpty]: Start isEmpty. Operand 156 states and 203 transitions. [2022-02-20 18:08:37,564 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2022-02-20 18:08:37,564 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:37,564 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:37,565 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-02-20 18:08:37,565 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:37,565 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:37,565 INFO L85 PathProgramCache]: Analyzing trace with hash 1863079564, now seen corresponding path program 1 times [2022-02-20 18:08:37,565 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:08:37,565 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1111430413] [2022-02-20 18:08:37,566 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:37,566 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:08:37,585 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:37,617 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-02-20 18:08:37,618 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:37,620 INFO L290 TraceCheckUtils]: 0: Hoare triple {1803#true} assume true; {1803#true} is VALID [2022-02-20 18:08:37,620 INFO L284 TraceCheckUtils]: 1: Hoare quadruple {1803#true} {1805#(= ~waterLevel~0 1)} #209#return; {1805#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:37,621 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-02-20 18:08:37,622 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:37,624 INFO L290 TraceCheckUtils]: 0: Hoare triple {1803#true} havoc ~retValue_acc~8;~retValue_acc~8 := ~methaneLevelCritical~0;#res := ~retValue_acc~8; {1803#true} is VALID [2022-02-20 18:08:37,624 INFO L290 TraceCheckUtils]: 1: Hoare triple {1803#true} assume true; {1803#true} is VALID [2022-02-20 18:08:37,625 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1803#true} {1805#(= ~waterLevel~0 1)} #211#return; {1805#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:37,625 INFO L290 TraceCheckUtils]: 0: Hoare triple {1803#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(30, 4);call #Ultimate.allocInit(9, 5);call #Ultimate.allocInit(21, 6);call #Ultimate.allocInit(30, 7);call #Ultimate.allocInit(9, 8);call #Ultimate.allocInit(21, 9);call #Ultimate.allocInit(30, 10);call #Ultimate.allocInit(9, 11);call #Ultimate.allocInit(25, 12);call #Ultimate.allocInit(30, 13);call #Ultimate.allocInit(9, 14);call #Ultimate.allocInit(25, 15);call #Ultimate.allocInit(13, 16);call #Ultimate.allocInit(3, 17);call write~init~int(79, 17, 0, 1);call write~init~int(110, 17, 1, 1);call write~init~int(0, 17, 2, 1);call #Ultimate.allocInit(4, 18);call write~init~int(79, 18, 0, 1);call write~init~int(102, 18, 1, 1);call write~init~int(102, 18, 2, 1);call write~init~int(0, 18, 3, 1);call #Ultimate.allocInit(7, 19);call write~init~int(44, 19, 0, 1);call write~init~int(80, 19, 1, 1);call write~init~int(117, 19, 2, 1);call write~init~int(109, 19, 3, 1);call write~init~int(112, 19, 4, 1);call write~init~int(58, 19, 5, 1);call write~init~int(0, 19, 6, 1);call #Ultimate.allocInit(3, 20);call write~init~int(79, 20, 0, 1);call write~init~int(110, 20, 1, 1);call write~init~int(0, 20, 2, 1);call #Ultimate.allocInit(4, 21);call write~init~int(79, 21, 0, 1);call write~init~int(102, 21, 1, 1);call write~init~int(102, 21, 2, 1);call write~init~int(0, 21, 3, 1);call #Ultimate.allocInit(3, 22);call write~init~int(41, 22, 0, 1);call write~init~int(32, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(2, 23);call write~init~int(10, 23, 0, 1);call write~init~int(0, 23, 1, 1);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~cleanupTimeShifts~0 := 4;~head~0.base, ~head~0.offset := 0, 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0; {1805#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:37,625 INFO L290 TraceCheckUtils]: 1: Hoare triple {1805#(= ~waterLevel~0 1)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret5#1, main_~retValue_acc~2#1, main_~tmp~0#1;havoc main_~retValue_acc~2#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {1805#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:37,626 INFO L290 TraceCheckUtils]: 2: Hoare triple {1805#(= ~waterLevel~0 1)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1805#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:37,626 INFO L290 TraceCheckUtils]: 3: Hoare triple {1805#(= ~waterLevel~0 1)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {1805#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:37,626 INFO L290 TraceCheckUtils]: 4: Hoare triple {1805#(= ~waterLevel~0 1)} main_#t~ret5#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret5#1 && main_#t~ret5#1 <= 2147483647;main_~tmp~0#1 := main_#t~ret5#1;havoc main_#t~ret5#1; {1805#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:37,627 INFO L290 TraceCheckUtils]: 5: Hoare triple {1805#(= ~waterLevel~0 1)} assume 0 != main_~tmp~0#1;assume { :begin_inline_setup } true; {1805#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:37,627 INFO L290 TraceCheckUtils]: 6: Hoare triple {1805#(= ~waterLevel~0 1)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet42#1, test_#t~nondet43#1, test_#t~nondet44#1, test_#t~nondet45#1, test_~splverifierCounter~0#1, test_~tmp~6#1, test_~tmp___0~1#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~6#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {1805#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:37,628 INFO L290 TraceCheckUtils]: 7: Hoare triple {1805#(= ~waterLevel~0 1)} assume !false; {1805#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:37,628 INFO L290 TraceCheckUtils]: 8: Hoare triple {1805#(= ~waterLevel~0 1)} assume test_~splverifierCounter~0#1 < 4; {1805#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:37,628 INFO L290 TraceCheckUtils]: 9: Hoare triple {1805#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet42#1 && test_#t~nondet42#1 <= 2147483647;test_~tmp~6#1 := test_#t~nondet42#1;havoc test_#t~nondet42#1; {1805#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:37,628 INFO L290 TraceCheckUtils]: 10: Hoare triple {1805#(= ~waterLevel~0 1)} assume !(0 != test_~tmp~6#1); {1805#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:37,629 INFO L290 TraceCheckUtils]: 11: Hoare triple {1805#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet43#1 && test_#t~nondet43#1 <= 2147483647;test_~tmp___0~1#1 := test_#t~nondet43#1;havoc test_#t~nondet43#1; {1805#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:37,629 INFO L290 TraceCheckUtils]: 12: Hoare triple {1805#(= ~waterLevel~0 1)} assume !(0 != test_~tmp___0~1#1); {1805#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:37,629 INFO L290 TraceCheckUtils]: 13: Hoare triple {1805#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet44#1 && test_#t~nondet44#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet44#1;havoc test_#t~nondet44#1; {1805#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:37,630 INFO L290 TraceCheckUtils]: 14: Hoare triple {1805#(= ~waterLevel~0 1)} assume 0 != test_~tmp___2~0#1; {1805#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:37,630 INFO L272 TraceCheckUtils]: 15: Hoare triple {1805#(= ~waterLevel~0 1)} call timeShift(); {1805#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:37,631 INFO L290 TraceCheckUtils]: 16: Hoare triple {1805#(= ~waterLevel~0 1)} assume !(0 != ~pumpRunning~0); {1805#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:37,631 INFO L290 TraceCheckUtils]: 17: Hoare triple {1805#(= ~waterLevel~0 1)} assume 0 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret32#1, processEnvironment_~tmp~5#1;havoc processEnvironment_~tmp~5#1; {1805#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:37,631 INFO L290 TraceCheckUtils]: 18: Hoare triple {1805#(= ~waterLevel~0 1)} assume !(0 != ~pumpRunning~0); {1805#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:37,631 INFO L272 TraceCheckUtils]: 19: Hoare triple {1805#(= ~waterLevel~0 1)} call processEnvironment__wrappee__base(); {1803#true} is VALID [2022-02-20 18:08:37,631 INFO L290 TraceCheckUtils]: 20: Hoare triple {1803#true} assume true; {1803#true} is VALID [2022-02-20 18:08:37,632 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {1803#true} {1805#(= ~waterLevel~0 1)} #209#return; {1805#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:37,632 INFO L290 TraceCheckUtils]: 22: Hoare triple {1805#(= ~waterLevel~0 1)} assume { :end_inline_processEnvironment } true; {1805#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:37,632 INFO L290 TraceCheckUtils]: 23: Hoare triple {1805#(= ~waterLevel~0 1)} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret29#1, __utac_acc__Specification3_spec__1_#t~ret30#1, __utac_acc__Specification3_spec__1_#t~ret31#1, __utac_acc__Specification3_spec__1_~tmp~4#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~4#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {1805#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:37,633 INFO L272 TraceCheckUtils]: 24: Hoare triple {1805#(= ~waterLevel~0 1)} call __utac_acc__Specification3_spec__1_#t~ret29#1 := isMethaneLevelCritical(); {1803#true} is VALID [2022-02-20 18:08:37,633 INFO L290 TraceCheckUtils]: 25: Hoare triple {1803#true} havoc ~retValue_acc~8;~retValue_acc~8 := ~methaneLevelCritical~0;#res := ~retValue_acc~8; {1803#true} is VALID [2022-02-20 18:08:37,633 INFO L290 TraceCheckUtils]: 26: Hoare triple {1803#true} assume true; {1803#true} is VALID [2022-02-20 18:08:37,633 INFO L284 TraceCheckUtils]: 27: Hoare quadruple {1803#true} {1805#(= ~waterLevel~0 1)} #211#return; {1805#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:37,634 INFO L290 TraceCheckUtils]: 28: Hoare triple {1805#(= ~waterLevel~0 1)} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret29#1 && __utac_acc__Specification3_spec__1_#t~ret29#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~4#1 := __utac_acc__Specification3_spec__1_#t~ret29#1;havoc __utac_acc__Specification3_spec__1_#t~ret29#1; {1805#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:37,634 INFO L290 TraceCheckUtils]: 29: Hoare triple {1805#(= ~waterLevel~0 1)} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~4#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~9#1;havoc getWaterLevel_~retValue_acc~9#1;getWaterLevel_~retValue_acc~9#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~9#1; {1811#(= |timeShift_getWaterLevel_#res#1| 1)} is VALID [2022-02-20 18:08:37,635 INFO L290 TraceCheckUtils]: 30: Hoare triple {1811#(= |timeShift_getWaterLevel_#res#1| 1)} __utac_acc__Specification3_spec__1_#t~ret30#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret30#1 && __utac_acc__Specification3_spec__1_#t~ret30#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret30#1;havoc __utac_acc__Specification3_spec__1_#t~ret30#1; {1812#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1| 1)} is VALID [2022-02-20 18:08:37,635 INFO L290 TraceCheckUtils]: 31: Hoare triple {1812#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1| 1)} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {1804#false} is VALID [2022-02-20 18:08:37,635 INFO L290 TraceCheckUtils]: 32: Hoare triple {1804#false} __utac_acc__Specification3_spec__1_#t~ret31#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret31#1 && __utac_acc__Specification3_spec__1_#t~ret31#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret31#1;havoc __utac_acc__Specification3_spec__1_#t~ret31#1; {1804#false} is VALID [2022-02-20 18:08:37,636 INFO L290 TraceCheckUtils]: 33: Hoare triple {1804#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {1804#false} is VALID [2022-02-20 18:08:37,636 INFO L290 TraceCheckUtils]: 34: Hoare triple {1804#false} assume !false; {1804#false} is VALID [2022-02-20 18:08:37,636 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:37,636 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:08:37,636 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1111430413] [2022-02-20 18:08:37,636 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1111430413] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:37,636 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:37,636 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 18:08:37,637 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1034702061] [2022-02-20 18:08:37,637 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:37,637 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 35 [2022-02-20 18:08:37,637 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:37,637 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:37,658 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 35 edges. 35 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:37,658 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 18:08:37,658 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:08:37,659 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 18:08:37,659 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 18:08:37,659 INFO L87 Difference]: Start difference. First operand 156 states and 203 transitions. Second operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:37,824 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:37,824 INFO L93 Difference]: Finished difference Result 446 states and 600 transitions. [2022-02-20 18:08:37,824 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 18:08:37,824 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 35 [2022-02-20 18:08:37,824 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:37,824 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:37,835 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 226 transitions. [2022-02-20 18:08:37,836 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:37,838 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 226 transitions. [2022-02-20 18:08:37,838 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 226 transitions. [2022-02-20 18:08:37,955 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 226 edges. 226 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:37,961 INFO L225 Difference]: With dead ends: 446 [2022-02-20 18:08:37,961 INFO L226 Difference]: Without dead ends: 297 [2022-02-20 18:08:37,962 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-02-20 18:08:37,962 INFO L933 BasicCegarLoop]: 87 mSDtfsCounter, 51 mSDsluCounter, 239 mSDsCounter, 0 mSdLazyCounter, 21 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 51 SdHoareTripleChecker+Valid, 326 SdHoareTripleChecker+Invalid, 23 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 21 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:37,963 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [51 Valid, 326 Invalid, 23 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 21 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:37,963 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 297 states. [2022-02-20 18:08:37,990 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 297 to 288. [2022-02-20 18:08:37,990 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:37,991 INFO L82 GeneralOperation]: Start isEquivalent. First operand 297 states. Second operand has 288 states, 210 states have (on average 1.3333333333333333) internal successors, (280), 234 states have internal predecessors, (280), 46 states have call successors, (46), 34 states have call predecessors, (46), 31 states have return successors, (52), 31 states have call predecessors, (52), 46 states have call successors, (52) [2022-02-20 18:08:37,992 INFO L74 IsIncluded]: Start isIncluded. First operand 297 states. Second operand has 288 states, 210 states have (on average 1.3333333333333333) internal successors, (280), 234 states have internal predecessors, (280), 46 states have call successors, (46), 34 states have call predecessors, (46), 31 states have return successors, (52), 31 states have call predecessors, (52), 46 states have call successors, (52) [2022-02-20 18:08:37,993 INFO L87 Difference]: Start difference. First operand 297 states. Second operand has 288 states, 210 states have (on average 1.3333333333333333) internal successors, (280), 234 states have internal predecessors, (280), 46 states have call successors, (46), 34 states have call predecessors, (46), 31 states have return successors, (52), 31 states have call predecessors, (52), 46 states have call successors, (52) [2022-02-20 18:08:38,000 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:38,001 INFO L93 Difference]: Finished difference Result 297 states and 388 transitions. [2022-02-20 18:08:38,001 INFO L276 IsEmpty]: Start isEmpty. Operand 297 states and 388 transitions. [2022-02-20 18:08:38,001 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:38,002 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:38,002 INFO L74 IsIncluded]: Start isIncluded. First operand has 288 states, 210 states have (on average 1.3333333333333333) internal successors, (280), 234 states have internal predecessors, (280), 46 states have call successors, (46), 34 states have call predecessors, (46), 31 states have return successors, (52), 31 states have call predecessors, (52), 46 states have call successors, (52) Second operand 297 states. [2022-02-20 18:08:38,003 INFO L87 Difference]: Start difference. First operand has 288 states, 210 states have (on average 1.3333333333333333) internal successors, (280), 234 states have internal predecessors, (280), 46 states have call successors, (46), 34 states have call predecessors, (46), 31 states have return successors, (52), 31 states have call predecessors, (52), 46 states have call successors, (52) Second operand 297 states. [2022-02-20 18:08:38,011 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:38,011 INFO L93 Difference]: Finished difference Result 297 states and 388 transitions. [2022-02-20 18:08:38,011 INFO L276 IsEmpty]: Start isEmpty. Operand 297 states and 388 transitions. [2022-02-20 18:08:38,012 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:38,012 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:38,012 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:38,012 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:38,013 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 288 states, 210 states have (on average 1.3333333333333333) internal successors, (280), 234 states have internal predecessors, (280), 46 states have call successors, (46), 34 states have call predecessors, (46), 31 states have return successors, (52), 31 states have call predecessors, (52), 46 states have call successors, (52) [2022-02-20 18:08:38,020 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 288 states to 288 states and 378 transitions. [2022-02-20 18:08:38,021 INFO L78 Accepts]: Start accepts. Automaton has 288 states and 378 transitions. Word has length 35 [2022-02-20 18:08:38,021 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:38,021 INFO L470 AbstractCegarLoop]: Abstraction has 288 states and 378 transitions. [2022-02-20 18:08:38,021 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:38,021 INFO L276 IsEmpty]: Start isEmpty. Operand 288 states and 378 transitions. [2022-02-20 18:08:38,022 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 40 [2022-02-20 18:08:38,022 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:38,022 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:38,022 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-02-20 18:08:38,023 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:38,023 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:38,023 INFO L85 PathProgramCache]: Analyzing trace with hash -2031472666, now seen corresponding path program 1 times [2022-02-20 18:08:38,023 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:08:38,023 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [135820059] [2022-02-20 18:08:38,023 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:38,023 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:08:38,050 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:08:38,051 INFO L352 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2022-02-20 18:08:38,063 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:08:38,084 INFO L138 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2022-02-20 18:08:38,085 INFO L628 BasicCegarLoop]: Counterexample is feasible [2022-02-20 18:08:38,085 INFO L764 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-02-20 18:08:38,087 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-02-20 18:08:38,089 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1] [2022-02-20 18:08:38,090 INFO L180 ceAbstractionStarter]: Computing trace abstraction results [2022-02-20 18:08:38,106 FATAL L489 DefaultTranslator]: Callstack has procedure call flag but succeeding procedure is empty at [CALL] call waterRise(); [2022-02-20 18:08:38,107 FATAL L? ?]: The Plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction has thrown an exception: java.lang.AssertionError: callstack broken after backtranslation by InlinerBacktranslator at de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:216) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:206) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getProgramExecutionAsString(CounterExampleResult.java:155) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getLongDescription(CounterExampleResult.java:134) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ResultService.reportResult(ResultService.java:86) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.CegarLoopResultReporter.reportResult(CegarLoopResultReporter.java:141) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.reportLocationResults(TraceAbstractionStarter.java:607) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.runCegarLoops(TraceAbstractionStarter.java:182) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.(TraceAbstractionStarter.java:156) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver.finish(TraceAbstractionObserver.java:123) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runObserver(PluginConnector.java:168) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runTool(PluginConnector.java:151) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.run(PluginConnector.java:128) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.executePluginConnector(ToolchainWalker.java:232) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.processPlugin(ToolchainWalker.java:226) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walkUnprotected(ToolchainWalker.java:142) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walk(ToolchainWalker.java:104) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainManager$Toolchain.processToolchain(ToolchainManager.java:320) at de.uni_freiburg.informatik.ultimate.core.coreplugin.toolchain.DefaultToolchainJob.run(DefaultToolchainJob.java:145) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:63) [2022-02-20 18:08:38,109 INFO L158 Benchmark]: Toolchain (without parser) took 3309.01ms. Allocated memory was 88.1MB in the beginning and 138.4MB in the end (delta: 50.3MB). Free memory was 52.4MB in the beginning and 69.4MB in the end (delta: -17.0MB). Peak memory consumption was 33.3MB. Max. memory is 16.1GB. [2022-02-20 18:08:38,110 INFO L158 Benchmark]: CDTParser took 0.10ms. Allocated memory is still 88.1MB. Free memory was 57.9MB in the beginning and 57.9MB in the end (delta: 24.7kB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:08:38,110 INFO L158 Benchmark]: CACSL2BoogieTranslator took 424.17ms. Allocated memory was 88.1MB in the beginning and 107.0MB in the end (delta: 18.9MB). Free memory was 52.3MB in the beginning and 72.9MB in the end (delta: -20.6MB). Peak memory consumption was 5.7MB. Max. memory is 16.1GB. [2022-02-20 18:08:38,110 INFO L158 Benchmark]: Boogie Procedure Inliner took 69.74ms. Allocated memory is still 107.0MB. Free memory was 72.9MB in the beginning and 70.3MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:08:38,110 INFO L158 Benchmark]: Boogie Preprocessor took 37.24ms. Allocated memory is still 107.0MB. Free memory was 70.3MB in the beginning and 68.5MB in the end (delta: 1.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:08:38,111 INFO L158 Benchmark]: RCFGBuilder took 417.87ms. Allocated memory is still 107.0MB. Free memory was 68.5MB in the beginning and 77.0MB in the end (delta: -8.5MB). Peak memory consumption was 17.0MB. Max. memory is 16.1GB. [2022-02-20 18:08:38,111 INFO L158 Benchmark]: TraceAbstraction took 2352.92ms. Allocated memory was 107.0MB in the beginning and 138.4MB in the end (delta: 31.5MB). Free memory was 76.6MB in the beginning and 69.4MB in the end (delta: 7.1MB). Peak memory consumption was 37.8MB. Max. memory is 16.1GB. [2022-02-20 18:08:38,113 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.10ms. Allocated memory is still 88.1MB. Free memory was 57.9MB in the beginning and 57.9MB in the end (delta: 24.7kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 424.17ms. Allocated memory was 88.1MB in the beginning and 107.0MB in the end (delta: 18.9MB). Free memory was 52.3MB in the beginning and 72.9MB in the end (delta: -20.6MB). Peak memory consumption was 5.7MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 69.74ms. Allocated memory is still 107.0MB. Free memory was 72.9MB in the beginning and 70.3MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 37.24ms. Allocated memory is still 107.0MB. Free memory was 70.3MB in the beginning and 68.5MB in the end (delta: 1.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 417.87ms. Allocated memory is still 107.0MB. Free memory was 68.5MB in the beginning and 77.0MB in the end (delta: -8.5MB). Peak memory consumption was 17.0MB. Max. memory is 16.1GB. * TraceAbstraction took 2352.92ms. Allocated memory was 107.0MB in the beginning and 138.4MB in the end (delta: 31.5MB). Free memory was 76.6MB in the beginning and 69.4MB in the end (delta: 7.1MB). Peak memory consumption was 37.8MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: AssertionError: callstack broken after backtranslation by InlinerBacktranslator: de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) RESULT: Ultimate could not prove your program: Toolchain returned no result. [2022-02-20 18:08:38,158 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Using bit-precise analysis Retrying with bit-precise analysis ### Bit-precise run ### Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_product07.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Bitvector.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash a64b003b731919e31189fa64bb054d2c00bb1b0f73ef780cb3fb445d82092416 --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 18:08:40,493 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 18:08:40,496 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 18:08:40,528 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 18:08:40,528 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 18:08:40,531 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 18:08:40,533 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 18:08:40,537 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 18:08:40,539 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 18:08:40,540 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 18:08:40,541 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 18:08:40,542 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 18:08:40,542 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 18:08:40,546 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 18:08:40,547 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 18:08:40,553 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 18:08:40,554 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 18:08:40,554 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 18:08:40,556 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 18:08:40,561 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 18:08:40,562 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 18:08:40,564 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 18:08:40,565 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 18:08:40,566 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 18:08:40,569 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 18:08:40,570 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 18:08:40,570 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 18:08:40,570 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 18:08:40,570 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 18:08:40,571 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 18:08:40,571 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 18:08:40,572 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 18:08:40,572 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 18:08:40,572 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 18:08:40,573 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 18:08:40,573 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 18:08:40,573 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 18:08:40,574 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 18:08:40,574 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 18:08:40,574 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 18:08:40,575 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 18:08:40,581 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Bitvector.epf [2022-02-20 18:08:40,608 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 18:08:40,608 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 18:08:40,609 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 18:08:40,609 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 18:08:40,610 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 18:08:40,610 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 18:08:40,611 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 18:08:40,611 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 18:08:40,611 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 18:08:40,611 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 18:08:40,612 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 18:08:40,612 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 18:08:40,612 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 18:08:40,612 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-02-20 18:08:40,612 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 18:08:40,612 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-02-20 18:08:40,612 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-02-20 18:08:40,612 INFO L138 SettingsManager]: * Use bitvectors instead of ints=true [2022-02-20 18:08:40,613 INFO L138 SettingsManager]: * Memory model=HoenickeLindenmann_4ByteResolution [2022-02-20 18:08:40,613 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 18:08:40,613 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-02-20 18:08:40,613 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 18:08:40,613 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-02-20 18:08:40,613 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 18:08:40,613 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 18:08:40,613 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 18:08:40,613 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:08:40,617 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 18:08:40,618 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 18:08:40,618 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-02-20 18:08:40,618 INFO L138 SettingsManager]: * Trace refinement strategy=WOLF [2022-02-20 18:08:40,618 INFO L138 SettingsManager]: * Command for external solver=cvc4 --incremental --print-success --lang smt [2022-02-20 18:08:40,618 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2022-02-20 18:08:40,618 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-02-20 18:08:40,618 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-02-20 18:08:40,618 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2022-02-20 18:08:40,618 INFO L138 SettingsManager]: * Logic for external solver=AUFBV WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> a64b003b731919e31189fa64bb054d2c00bb1b0f73ef780cb3fb445d82092416 [2022-02-20 18:08:40,873 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 18:08:40,892 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 18:08:40,894 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 18:08:40,895 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 18:08:40,896 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 18:08:40,897 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_product07.cil.c [2022-02-20 18:08:40,946 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/ffffc3f68/8b9b0c99ac4a4c629bcf4c04797814c1/FLAGd41401905 [2022-02-20 18:08:41,405 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 18:08:41,406 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product07.cil.c [2022-02-20 18:08:41,415 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/ffffc3f68/8b9b0c99ac4a4c629bcf4c04797814c1/FLAGd41401905 [2022-02-20 18:08:41,426 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/ffffc3f68/8b9b0c99ac4a4c629bcf4c04797814c1 [2022-02-20 18:08:41,428 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 18:08:41,429 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 18:08:41,430 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 18:08:41,430 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 18:08:41,433 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 18:08:41,433 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:08:41" (1/1) ... [2022-02-20 18:08:41,434 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@23f815f5 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:41, skipping insertion in model container [2022-02-20 18:08:41,434 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:08:41" (1/1) ... [2022-02-20 18:08:41,440 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 18:08:41,474 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:08:41,588 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product07.cil.c[1605,1618] [2022-02-20 18:08:41,788 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:08:41,803 INFO L200 MainTranslator]: Restarting translation with changed settings: SettingsChange [mNewPreferredMemoryModel=HoenickeLindenmann_1ByteResolution] [2022-02-20 18:08:41,808 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:08:41,822 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product07.cil.c[1605,1618] [2022-02-20 18:08:41,893 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:08:41,897 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 18:08:41,907 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product07.cil.c[1605,1618] [2022-02-20 18:08:41,948 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:08:41,969 INFO L208 MainTranslator]: Completed translation [2022-02-20 18:08:41,970 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:41 WrapperNode [2022-02-20 18:08:41,970 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 18:08:41,972 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 18:08:41,972 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 18:08:41,972 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 18:08:41,977 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:41" (1/1) ... [2022-02-20 18:08:41,990 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:41" (1/1) ... [2022-02-20 18:08:42,013 INFO L137 Inliner]: procedures = 53, calls = 151, calls flagged for inlining = 19, calls inlined = 16, statements flattened = 206 [2022-02-20 18:08:42,014 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 18:08:42,015 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 18:08:42,016 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 18:08:42,016 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 18:08:42,023 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:41" (1/1) ... [2022-02-20 18:08:42,023 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:41" (1/1) ... [2022-02-20 18:08:42,028 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:41" (1/1) ... [2022-02-20 18:08:42,028 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:41" (1/1) ... [2022-02-20 18:08:42,039 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:41" (1/1) ... [2022-02-20 18:08:42,044 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:41" (1/1) ... [2022-02-20 18:08:42,045 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:41" (1/1) ... [2022-02-20 18:08:42,047 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 18:08:42,048 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 18:08:42,048 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 18:08:42,048 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 18:08:42,049 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:41" (1/1) ... [2022-02-20 18:08:42,055 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:08:42,064 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 18:08:42,082 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 18:08:42,084 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 18:08:42,119 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 18:08:42,119 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-02-20 18:08:42,131 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-02-20 18:08:42,131 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-02-20 18:08:42,132 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-02-20 18:08:42,132 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-02-20 18:08:42,132 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-02-20 18:08:42,132 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-02-20 18:08:42,132 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-02-20 18:08:42,132 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-02-20 18:08:42,132 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-02-20 18:08:42,133 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~intINTTYPE1 [2022-02-20 18:08:42,133 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-02-20 18:08:42,133 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-02-20 18:08:42,133 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-02-20 18:08:42,133 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-02-20 18:08:42,133 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 18:08:42,133 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 18:08:42,194 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 18:08:42,195 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 18:08:42,529 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 18:08:42,542 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 18:08:42,543 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-02-20 18:08:42,545 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:08:42 BoogieIcfgContainer [2022-02-20 18:08:42,546 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 18:08:42,547 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 18:08:42,548 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 18:08:42,551 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 18:08:42,551 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 06:08:41" (1/3) ... [2022-02-20 18:08:42,552 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@741112b4 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:08:42, skipping insertion in model container [2022-02-20 18:08:42,552 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:41" (2/3) ... [2022-02-20 18:08:42,552 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@741112b4 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:08:42, skipping insertion in model container [2022-02-20 18:08:42,552 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:08:42" (3/3) ... [2022-02-20 18:08:42,553 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product07.cil.c [2022-02-20 18:08:42,559 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 18:08:42,559 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-02-20 18:08:42,610 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 18:08:42,617 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 18:08:42,618 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-02-20 18:08:42,654 INFO L276 IsEmpty]: Start isEmpty. Operand has 81 states, 60 states have (on average 1.3833333333333333) internal successors, (83), 67 states have internal predecessors, (83), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:08:42,663 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 18:08:42,663 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:42,664 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:42,664 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:42,671 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:42,671 INFO L85 PathProgramCache]: Analyzing trace with hash 1914579699, now seen corresponding path program 1 times [2022-02-20 18:08:42,684 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:08:42,685 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1247798796] [2022-02-20 18:08:42,685 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:42,686 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:08:42,686 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:08:42,690 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:08:42,703 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Waiting until timeout for monitored process [2022-02-20 18:08:42,780 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:42,784 INFO L263 TraceCheckSpWp]: Trace formula consists of 154 conjuncts, 1 conjunts are in the unsatisfiable core [2022-02-20 18:08:42,809 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:42,812 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:08:42,921 INFO L290 TraceCheckUtils]: 0: Hoare triple {84#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(30bv32, 4bv32);call #Ultimate.allocInit(9bv32, 5bv32);call #Ultimate.allocInit(21bv32, 6bv32);call #Ultimate.allocInit(30bv32, 7bv32);call #Ultimate.allocInit(9bv32, 8bv32);call #Ultimate.allocInit(21bv32, 9bv32);call #Ultimate.allocInit(30bv32, 10bv32);call #Ultimate.allocInit(9bv32, 11bv32);call #Ultimate.allocInit(25bv32, 12bv32);call #Ultimate.allocInit(30bv32, 13bv32);call #Ultimate.allocInit(9bv32, 14bv32);call #Ultimate.allocInit(25bv32, 15bv32);call #Ultimate.allocInit(13bv32, 16bv32);call #Ultimate.allocInit(3bv32, 17bv32);call write~init~intINTTYPE1(79bv8, 17bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 17bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 17bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 18bv32);call write~init~intINTTYPE1(79bv8, 18bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 18bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 19bv32);call write~init~intINTTYPE1(44bv8, 19bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 19bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 19bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 19bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 19bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 19bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 19bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 20bv32);call write~init~intINTTYPE1(79bv8, 20bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 20bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 20bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 21bv32);call write~init~intINTTYPE1(79bv8, 21bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 21bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(41bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 23bv32);call write~init~intINTTYPE1(10bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 24bv32);call #Ultimate.allocInit(7bv32, 25bv32);call write~init~intINTTYPE1(44bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 25bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 25bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 25bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 25bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 26bv32);call write~init~intINTTYPE1(67bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 26bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(79bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(41bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~cleanupTimeShifts~0 := 4bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32; {84#true} is VALID [2022-02-20 18:08:42,928 INFO L290 TraceCheckUtils]: 1: Hoare triple {84#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret5#1, main_~retValue_acc~2#1, main_~tmp~0#1;havoc main_~retValue_acc~2#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {84#true} is VALID [2022-02-20 18:08:42,928 INFO L290 TraceCheckUtils]: 2: Hoare triple {84#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {84#true} is VALID [2022-02-20 18:08:42,928 INFO L290 TraceCheckUtils]: 3: Hoare triple {84#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {84#true} is VALID [2022-02-20 18:08:42,929 INFO L290 TraceCheckUtils]: 4: Hoare triple {84#true} main_#t~ret5#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~0#1 := main_#t~ret5#1;havoc main_#t~ret5#1; {84#true} is VALID [2022-02-20 18:08:42,929 INFO L290 TraceCheckUtils]: 5: Hoare triple {84#true} assume 0bv32 != main_~tmp~0#1;assume { :begin_inline_setup } true; {84#true} is VALID [2022-02-20 18:08:42,929 INFO L290 TraceCheckUtils]: 6: Hoare triple {84#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet42#1, test_#t~nondet43#1, test_#t~nondet44#1, test_#t~nondet45#1, test_~splverifierCounter~0#1, test_~tmp~6#1, test_~tmp___0~1#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~6#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {84#true} is VALID [2022-02-20 18:08:42,930 INFO L290 TraceCheckUtils]: 7: Hoare triple {84#true} assume false; {85#false} is VALID [2022-02-20 18:08:42,931 INFO L272 TraceCheckUtils]: 8: Hoare triple {85#false} call cleanup(); {85#false} is VALID [2022-02-20 18:08:42,931 INFO L290 TraceCheckUtils]: 9: Hoare triple {85#false} havoc ~i~0;havoc ~__cil_tmp2~0; {85#false} is VALID [2022-02-20 18:08:42,931 INFO L272 TraceCheckUtils]: 10: Hoare triple {85#false} call timeShift(); {85#false} is VALID [2022-02-20 18:08:42,931 INFO L290 TraceCheckUtils]: 11: Hoare triple {85#false} assume !(0bv32 != ~pumpRunning~0); {85#false} is VALID [2022-02-20 18:08:42,932 INFO L290 TraceCheckUtils]: 12: Hoare triple {85#false} assume !(0bv32 != ~systemActive~0); {85#false} is VALID [2022-02-20 18:08:42,932 INFO L290 TraceCheckUtils]: 13: Hoare triple {85#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret29#1, __utac_acc__Specification3_spec__1_#t~ret30#1, __utac_acc__Specification3_spec__1_#t~ret31#1, __utac_acc__Specification3_spec__1_~tmp~4#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~4#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {85#false} is VALID [2022-02-20 18:08:42,932 INFO L272 TraceCheckUtils]: 14: Hoare triple {85#false} call __utac_acc__Specification3_spec__1_#t~ret29#1 := isMethaneLevelCritical(); {85#false} is VALID [2022-02-20 18:08:42,932 INFO L290 TraceCheckUtils]: 15: Hoare triple {85#false} havoc ~retValue_acc~8;~retValue_acc~8 := ~methaneLevelCritical~0;#res := ~retValue_acc~8; {85#false} is VALID [2022-02-20 18:08:42,933 INFO L290 TraceCheckUtils]: 16: Hoare triple {85#false} assume true; {85#false} is VALID [2022-02-20 18:08:42,933 INFO L284 TraceCheckUtils]: 17: Hoare quadruple {85#false} {85#false} #211#return; {85#false} is VALID [2022-02-20 18:08:42,933 INFO L290 TraceCheckUtils]: 18: Hoare triple {85#false} __utac_acc__Specification3_spec__1_~tmp~4#1 := __utac_acc__Specification3_spec__1_#t~ret29#1;havoc __utac_acc__Specification3_spec__1_#t~ret29#1; {85#false} is VALID [2022-02-20 18:08:42,935 INFO L290 TraceCheckUtils]: 19: Hoare triple {85#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~4#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~9#1;havoc getWaterLevel_~retValue_acc~9#1;getWaterLevel_~retValue_acc~9#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~9#1; {85#false} is VALID [2022-02-20 18:08:42,935 INFO L290 TraceCheckUtils]: 20: Hoare triple {85#false} __utac_acc__Specification3_spec__1_#t~ret30#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret30#1;havoc __utac_acc__Specification3_spec__1_#t~ret30#1; {85#false} is VALID [2022-02-20 18:08:42,935 INFO L290 TraceCheckUtils]: 21: Hoare triple {85#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {85#false} is VALID [2022-02-20 18:08:42,935 INFO L290 TraceCheckUtils]: 22: Hoare triple {85#false} __utac_acc__Specification3_spec__1_#t~ret31#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret31#1;havoc __utac_acc__Specification3_spec__1_#t~ret31#1; {85#false} is VALID [2022-02-20 18:08:42,936 INFO L290 TraceCheckUtils]: 23: Hoare triple {85#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {85#false} is VALID [2022-02-20 18:08:42,936 INFO L290 TraceCheckUtils]: 24: Hoare triple {85#false} assume !false; {85#false} is VALID [2022-02-20 18:08:42,937 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:42,937 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:08:42,938 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:08:42,938 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1247798796] [2022-02-20 18:08:42,939 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1247798796] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:42,939 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:42,939 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:08:42,940 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [330219704] [2022-02-20 18:08:42,941 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:42,945 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:08:42,946 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:42,949 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:42,980 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:42,981 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-02-20 18:08:42,981 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:08:43,000 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-02-20 18:08:43,001 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:08:43,004 INFO L87 Difference]: Start difference. First operand has 81 states, 60 states have (on average 1.3833333333333333) internal successors, (83), 67 states have internal predecessors, (83), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:43,107 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:43,107 INFO L93 Difference]: Finished difference Result 154 states and 209 transitions. [2022-02-20 18:08:43,107 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-02-20 18:08:43,108 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:08:43,108 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:43,109 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:43,119 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 209 transitions. [2022-02-20 18:08:43,120 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:43,126 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 209 transitions. [2022-02-20 18:08:43,127 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 209 transitions. [2022-02-20 18:08:43,300 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 209 edges. 209 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:43,311 INFO L225 Difference]: With dead ends: 154 [2022-02-20 18:08:43,311 INFO L226 Difference]: Without dead ends: 72 [2022-02-20 18:08:43,314 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 24 GetRequests, 24 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:08:43,316 INFO L933 BasicCegarLoop]: 101 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 101 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:43,317 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 101 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:43,330 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 72 states. [2022-02-20 18:08:43,344 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 72 to 72. [2022-02-20 18:08:43,344 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:43,345 INFO L82 GeneralOperation]: Start isEquivalent. First operand 72 states. Second operand has 72 states, 53 states have (on average 1.3018867924528301) internal successors, (69), 59 states have internal predecessors, (69), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:08:43,346 INFO L74 IsIncluded]: Start isIncluded. First operand 72 states. Second operand has 72 states, 53 states have (on average 1.3018867924528301) internal successors, (69), 59 states have internal predecessors, (69), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:08:43,347 INFO L87 Difference]: Start difference. First operand 72 states. Second operand has 72 states, 53 states have (on average 1.3018867924528301) internal successors, (69), 59 states have internal predecessors, (69), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:08:43,353 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:43,354 INFO L93 Difference]: Finished difference Result 72 states and 92 transitions. [2022-02-20 18:08:43,354 INFO L276 IsEmpty]: Start isEmpty. Operand 72 states and 92 transitions. [2022-02-20 18:08:43,355 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:43,355 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:43,356 INFO L74 IsIncluded]: Start isIncluded. First operand has 72 states, 53 states have (on average 1.3018867924528301) internal successors, (69), 59 states have internal predecessors, (69), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) Second operand 72 states. [2022-02-20 18:08:43,357 INFO L87 Difference]: Start difference. First operand has 72 states, 53 states have (on average 1.3018867924528301) internal successors, (69), 59 states have internal predecessors, (69), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) Second operand 72 states. [2022-02-20 18:08:43,362 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:43,362 INFO L93 Difference]: Finished difference Result 72 states and 92 transitions. [2022-02-20 18:08:43,363 INFO L276 IsEmpty]: Start isEmpty. Operand 72 states and 92 transitions. [2022-02-20 18:08:43,364 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:43,364 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:43,364 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:43,364 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:43,365 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 72 states, 53 states have (on average 1.3018867924528301) internal successors, (69), 59 states have internal predecessors, (69), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:08:43,369 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 72 states to 72 states and 92 transitions. [2022-02-20 18:08:43,370 INFO L78 Accepts]: Start accepts. Automaton has 72 states and 92 transitions. Word has length 25 [2022-02-20 18:08:43,377 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:43,377 INFO L470 AbstractCegarLoop]: Abstraction has 72 states and 92 transitions. [2022-02-20 18:08:43,377 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:43,378 INFO L276 IsEmpty]: Start isEmpty. Operand 72 states and 92 transitions. [2022-02-20 18:08:43,379 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-02-20 18:08:43,379 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:43,379 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:43,404 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Ended with exit code 0 [2022-02-20 18:08:43,589 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:08:43,590 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:43,594 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:43,595 INFO L85 PathProgramCache]: Analyzing trace with hash 1832804488, now seen corresponding path program 1 times [2022-02-20 18:08:43,596 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:08:43,596 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1212365731] [2022-02-20 18:08:43,597 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:43,597 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:08:43,597 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:08:43,598 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:08:43,601 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Waiting until timeout for monitored process [2022-02-20 18:08:43,659 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:43,661 INFO L263 TraceCheckSpWp]: Trace formula consists of 155 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-20 18:08:43,676 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:43,677 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:08:43,768 INFO L290 TraceCheckUtils]: 0: Hoare triple {631#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(30bv32, 4bv32);call #Ultimate.allocInit(9bv32, 5bv32);call #Ultimate.allocInit(21bv32, 6bv32);call #Ultimate.allocInit(30bv32, 7bv32);call #Ultimate.allocInit(9bv32, 8bv32);call #Ultimate.allocInit(21bv32, 9bv32);call #Ultimate.allocInit(30bv32, 10bv32);call #Ultimate.allocInit(9bv32, 11bv32);call #Ultimate.allocInit(25bv32, 12bv32);call #Ultimate.allocInit(30bv32, 13bv32);call #Ultimate.allocInit(9bv32, 14bv32);call #Ultimate.allocInit(25bv32, 15bv32);call #Ultimate.allocInit(13bv32, 16bv32);call #Ultimate.allocInit(3bv32, 17bv32);call write~init~intINTTYPE1(79bv8, 17bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 17bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 17bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 18bv32);call write~init~intINTTYPE1(79bv8, 18bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 18bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 19bv32);call write~init~intINTTYPE1(44bv8, 19bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 19bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 19bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 19bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 19bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 19bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 19bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 20bv32);call write~init~intINTTYPE1(79bv8, 20bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 20bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 20bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 21bv32);call write~init~intINTTYPE1(79bv8, 21bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 21bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(41bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 23bv32);call write~init~intINTTYPE1(10bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 24bv32);call #Ultimate.allocInit(7bv32, 25bv32);call write~init~intINTTYPE1(44bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 25bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 25bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 25bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 25bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 26bv32);call write~init~intINTTYPE1(67bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 26bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(79bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(41bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~cleanupTimeShifts~0 := 4bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32; {631#true} is VALID [2022-02-20 18:08:43,768 INFO L290 TraceCheckUtils]: 1: Hoare triple {631#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret5#1, main_~retValue_acc~2#1, main_~tmp~0#1;havoc main_~retValue_acc~2#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {631#true} is VALID [2022-02-20 18:08:43,768 INFO L290 TraceCheckUtils]: 2: Hoare triple {631#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {631#true} is VALID [2022-02-20 18:08:43,768 INFO L290 TraceCheckUtils]: 3: Hoare triple {631#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {631#true} is VALID [2022-02-20 18:08:43,769 INFO L290 TraceCheckUtils]: 4: Hoare triple {631#true} main_#t~ret5#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~0#1 := main_#t~ret5#1;havoc main_#t~ret5#1; {631#true} is VALID [2022-02-20 18:08:43,769 INFO L290 TraceCheckUtils]: 5: Hoare triple {631#true} assume 0bv32 != main_~tmp~0#1;assume { :begin_inline_setup } true; {631#true} is VALID [2022-02-20 18:08:43,769 INFO L290 TraceCheckUtils]: 6: Hoare triple {631#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet42#1, test_#t~nondet43#1, test_#t~nondet44#1, test_#t~nondet45#1, test_~splverifierCounter~0#1, test_~tmp~6#1, test_~tmp___0~1#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~6#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {654#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} is VALID [2022-02-20 18:08:43,770 INFO L290 TraceCheckUtils]: 7: Hoare triple {654#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} assume !false; {654#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} is VALID [2022-02-20 18:08:43,770 INFO L290 TraceCheckUtils]: 8: Hoare triple {654#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} assume !~bvslt32(test_~splverifierCounter~0#1, 4bv32); {632#false} is VALID [2022-02-20 18:08:43,770 INFO L272 TraceCheckUtils]: 9: Hoare triple {632#false} call cleanup(); {632#false} is VALID [2022-02-20 18:08:43,770 INFO L290 TraceCheckUtils]: 10: Hoare triple {632#false} havoc ~i~0;havoc ~__cil_tmp2~0; {632#false} is VALID [2022-02-20 18:08:43,771 INFO L272 TraceCheckUtils]: 11: Hoare triple {632#false} call timeShift(); {632#false} is VALID [2022-02-20 18:08:43,771 INFO L290 TraceCheckUtils]: 12: Hoare triple {632#false} assume !(0bv32 != ~pumpRunning~0); {632#false} is VALID [2022-02-20 18:08:43,771 INFO L290 TraceCheckUtils]: 13: Hoare triple {632#false} assume !(0bv32 != ~systemActive~0); {632#false} is VALID [2022-02-20 18:08:43,771 INFO L290 TraceCheckUtils]: 14: Hoare triple {632#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret29#1, __utac_acc__Specification3_spec__1_#t~ret30#1, __utac_acc__Specification3_spec__1_#t~ret31#1, __utac_acc__Specification3_spec__1_~tmp~4#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~4#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {632#false} is VALID [2022-02-20 18:08:43,771 INFO L272 TraceCheckUtils]: 15: Hoare triple {632#false} call __utac_acc__Specification3_spec__1_#t~ret29#1 := isMethaneLevelCritical(); {632#false} is VALID [2022-02-20 18:08:43,771 INFO L290 TraceCheckUtils]: 16: Hoare triple {632#false} havoc ~retValue_acc~8;~retValue_acc~8 := ~methaneLevelCritical~0;#res := ~retValue_acc~8; {632#false} is VALID [2022-02-20 18:08:43,771 INFO L290 TraceCheckUtils]: 17: Hoare triple {632#false} assume true; {632#false} is VALID [2022-02-20 18:08:43,772 INFO L284 TraceCheckUtils]: 18: Hoare quadruple {632#false} {632#false} #211#return; {632#false} is VALID [2022-02-20 18:08:43,772 INFO L290 TraceCheckUtils]: 19: Hoare triple {632#false} __utac_acc__Specification3_spec__1_~tmp~4#1 := __utac_acc__Specification3_spec__1_#t~ret29#1;havoc __utac_acc__Specification3_spec__1_#t~ret29#1; {632#false} is VALID [2022-02-20 18:08:43,772 INFO L290 TraceCheckUtils]: 20: Hoare triple {632#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~4#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~9#1;havoc getWaterLevel_~retValue_acc~9#1;getWaterLevel_~retValue_acc~9#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~9#1; {632#false} is VALID [2022-02-20 18:08:43,772 INFO L290 TraceCheckUtils]: 21: Hoare triple {632#false} __utac_acc__Specification3_spec__1_#t~ret30#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret30#1;havoc __utac_acc__Specification3_spec__1_#t~ret30#1; {632#false} is VALID [2022-02-20 18:08:43,772 INFO L290 TraceCheckUtils]: 22: Hoare triple {632#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {632#false} is VALID [2022-02-20 18:08:43,772 INFO L290 TraceCheckUtils]: 23: Hoare triple {632#false} __utac_acc__Specification3_spec__1_#t~ret31#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret31#1;havoc __utac_acc__Specification3_spec__1_#t~ret31#1; {632#false} is VALID [2022-02-20 18:08:43,772 INFO L290 TraceCheckUtils]: 24: Hoare triple {632#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {632#false} is VALID [2022-02-20 18:08:43,773 INFO L290 TraceCheckUtils]: 25: Hoare triple {632#false} assume !false; {632#false} is VALID [2022-02-20 18:08:43,773 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:43,773 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:08:43,773 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:08:43,773 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1212365731] [2022-02-20 18:08:43,773 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1212365731] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:43,775 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:43,775 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:08:43,775 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1925086823] [2022-02-20 18:08:43,775 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:43,776 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:08:43,776 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:43,777 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:43,819 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 26 edges. 26 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:43,819 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:08:43,819 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:08:43,820 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:08:43,820 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:43,820 INFO L87 Difference]: Start difference. First operand 72 states and 92 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:43,932 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:43,937 INFO L93 Difference]: Finished difference Result 106 states and 134 transitions. [2022-02-20 18:08:43,937 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:08:43,938 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:08:43,938 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:43,938 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:43,942 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 134 transitions. [2022-02-20 18:08:43,958 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:43,961 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 134 transitions. [2022-02-20 18:08:43,962 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 134 transitions. [2022-02-20 18:08:44,126 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 134 edges. 134 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:44,129 INFO L225 Difference]: With dead ends: 106 [2022-02-20 18:08:44,129 INFO L226 Difference]: Without dead ends: 63 [2022-02-20 18:08:44,130 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 25 GetRequests, 24 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:44,131 INFO L933 BasicCegarLoop]: 79 mSDtfsCounter, 16 mSDsluCounter, 58 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 137 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:44,135 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [20 Valid, 137 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:44,136 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 63 states. [2022-02-20 18:08:44,142 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 63 to 63. [2022-02-20 18:08:44,144 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:44,146 INFO L82 GeneralOperation]: Start isEquivalent. First operand 63 states. Second operand has 63 states, 47 states have (on average 1.3191489361702127) internal successors, (62), 53 states have internal predecessors, (62), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:08:44,147 INFO L74 IsIncluded]: Start isIncluded. First operand 63 states. Second operand has 63 states, 47 states have (on average 1.3191489361702127) internal successors, (62), 53 states have internal predecessors, (62), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:08:44,148 INFO L87 Difference]: Start difference. First operand 63 states. Second operand has 63 states, 47 states have (on average 1.3191489361702127) internal successors, (62), 53 states have internal predecessors, (62), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:08:44,155 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:44,156 INFO L93 Difference]: Finished difference Result 63 states and 80 transitions. [2022-02-20 18:08:44,157 INFO L276 IsEmpty]: Start isEmpty. Operand 63 states and 80 transitions. [2022-02-20 18:08:44,157 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:44,160 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:44,161 INFO L74 IsIncluded]: Start isIncluded. First operand has 63 states, 47 states have (on average 1.3191489361702127) internal successors, (62), 53 states have internal predecessors, (62), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) Second operand 63 states. [2022-02-20 18:08:44,162 INFO L87 Difference]: Start difference. First operand has 63 states, 47 states have (on average 1.3191489361702127) internal successors, (62), 53 states have internal predecessors, (62), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) Second operand 63 states. [2022-02-20 18:08:44,165 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:44,167 INFO L93 Difference]: Finished difference Result 63 states and 80 transitions. [2022-02-20 18:08:44,168 INFO L276 IsEmpty]: Start isEmpty. Operand 63 states and 80 transitions. [2022-02-20 18:08:44,168 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:44,168 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:44,169 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:44,169 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:44,169 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 63 states, 47 states have (on average 1.3191489361702127) internal successors, (62), 53 states have internal predecessors, (62), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:08:44,172 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 63 states to 63 states and 80 transitions. [2022-02-20 18:08:44,172 INFO L78 Accepts]: Start accepts. Automaton has 63 states and 80 transitions. Word has length 26 [2022-02-20 18:08:44,172 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:44,172 INFO L470 AbstractCegarLoop]: Abstraction has 63 states and 80 transitions. [2022-02-20 18:08:44,173 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:44,173 INFO L276 IsEmpty]: Start isEmpty. Operand 63 states and 80 transitions. [2022-02-20 18:08:44,174 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-02-20 18:08:44,174 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:44,174 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:44,200 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Forceful destruction successful, exit code 0 [2022-02-20 18:08:44,384 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:08:44,384 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:44,400 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:44,401 INFO L85 PathProgramCache]: Analyzing trace with hash 930685850, now seen corresponding path program 1 times [2022-02-20 18:08:44,402 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:08:44,402 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [696986726] [2022-02-20 18:08:44,402 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:44,402 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:08:44,402 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:08:44,426 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:08:44,461 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Waiting until timeout for monitored process [2022-02-20 18:08:44,501 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:44,504 INFO L263 TraceCheckSpWp]: Trace formula consists of 155 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-20 18:08:44,513 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:44,514 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:08:44,586 INFO L290 TraceCheckUtils]: 0: Hoare triple {1080#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(30bv32, 4bv32);call #Ultimate.allocInit(9bv32, 5bv32);call #Ultimate.allocInit(21bv32, 6bv32);call #Ultimate.allocInit(30bv32, 7bv32);call #Ultimate.allocInit(9bv32, 8bv32);call #Ultimate.allocInit(21bv32, 9bv32);call #Ultimate.allocInit(30bv32, 10bv32);call #Ultimate.allocInit(9bv32, 11bv32);call #Ultimate.allocInit(25bv32, 12bv32);call #Ultimate.allocInit(30bv32, 13bv32);call #Ultimate.allocInit(9bv32, 14bv32);call #Ultimate.allocInit(25bv32, 15bv32);call #Ultimate.allocInit(13bv32, 16bv32);call #Ultimate.allocInit(3bv32, 17bv32);call write~init~intINTTYPE1(79bv8, 17bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 17bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 17bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 18bv32);call write~init~intINTTYPE1(79bv8, 18bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 18bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 19bv32);call write~init~intINTTYPE1(44bv8, 19bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 19bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 19bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 19bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 19bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 19bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 19bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 20bv32);call write~init~intINTTYPE1(79bv8, 20bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 20bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 20bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 21bv32);call write~init~intINTTYPE1(79bv8, 21bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 21bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(41bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 23bv32);call write~init~intINTTYPE1(10bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 24bv32);call #Ultimate.allocInit(7bv32, 25bv32);call write~init~intINTTYPE1(44bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 25bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 25bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 25bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 25bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 26bv32);call write~init~intINTTYPE1(67bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 26bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(79bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(41bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~cleanupTimeShifts~0 := 4bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32; {1085#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:44,586 INFO L290 TraceCheckUtils]: 1: Hoare triple {1085#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret5#1, main_~retValue_acc~2#1, main_~tmp~0#1;havoc main_~retValue_acc~2#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {1085#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:44,587 INFO L290 TraceCheckUtils]: 2: Hoare triple {1085#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1085#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:44,587 INFO L290 TraceCheckUtils]: 3: Hoare triple {1085#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {1085#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:44,588 INFO L290 TraceCheckUtils]: 4: Hoare triple {1085#(= ~systemActive~0 (_ bv1 32))} main_#t~ret5#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~0#1 := main_#t~ret5#1;havoc main_#t~ret5#1; {1085#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:44,588 INFO L290 TraceCheckUtils]: 5: Hoare triple {1085#(= ~systemActive~0 (_ bv1 32))} assume 0bv32 != main_~tmp~0#1;assume { :begin_inline_setup } true; {1085#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:44,589 INFO L290 TraceCheckUtils]: 6: Hoare triple {1085#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet42#1, test_#t~nondet43#1, test_#t~nondet44#1, test_#t~nondet45#1, test_~splverifierCounter~0#1, test_~tmp~6#1, test_~tmp___0~1#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~6#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {1085#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:44,589 INFO L290 TraceCheckUtils]: 7: Hoare triple {1085#(= ~systemActive~0 (_ bv1 32))} assume !false; {1085#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:44,589 INFO L290 TraceCheckUtils]: 8: Hoare triple {1085#(= ~systemActive~0 (_ bv1 32))} assume ~bvslt32(test_~splverifierCounter~0#1, 4bv32); {1085#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:44,590 INFO L290 TraceCheckUtils]: 9: Hoare triple {1085#(= ~systemActive~0 (_ bv1 32))} test_~tmp~6#1 := test_#t~nondet42#1;havoc test_#t~nondet42#1; {1085#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:44,590 INFO L290 TraceCheckUtils]: 10: Hoare triple {1085#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != test_~tmp~6#1); {1085#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:44,591 INFO L290 TraceCheckUtils]: 11: Hoare triple {1085#(= ~systemActive~0 (_ bv1 32))} test_~tmp___0~1#1 := test_#t~nondet43#1;havoc test_#t~nondet43#1; {1085#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:44,591 INFO L290 TraceCheckUtils]: 12: Hoare triple {1085#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___0~1#1); {1085#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:44,592 INFO L290 TraceCheckUtils]: 13: Hoare triple {1085#(= ~systemActive~0 (_ bv1 32))} test_~tmp___2~0#1 := test_#t~nondet44#1;havoc test_#t~nondet44#1; {1085#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:44,592 INFO L290 TraceCheckUtils]: 14: Hoare triple {1085#(= ~systemActive~0 (_ bv1 32))} assume 0bv32 != test_~tmp___2~0#1; {1085#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:44,593 INFO L272 TraceCheckUtils]: 15: Hoare triple {1085#(= ~systemActive~0 (_ bv1 32))} call timeShift(); {1085#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:44,593 INFO L290 TraceCheckUtils]: 16: Hoare triple {1085#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {1085#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:44,593 INFO L290 TraceCheckUtils]: 17: Hoare triple {1085#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != ~systemActive~0); {1081#false} is VALID [2022-02-20 18:08:44,594 INFO L290 TraceCheckUtils]: 18: Hoare triple {1081#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret29#1, __utac_acc__Specification3_spec__1_#t~ret30#1, __utac_acc__Specification3_spec__1_#t~ret31#1, __utac_acc__Specification3_spec__1_~tmp~4#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~4#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {1081#false} is VALID [2022-02-20 18:08:44,594 INFO L272 TraceCheckUtils]: 19: Hoare triple {1081#false} call __utac_acc__Specification3_spec__1_#t~ret29#1 := isMethaneLevelCritical(); {1081#false} is VALID [2022-02-20 18:08:44,594 INFO L290 TraceCheckUtils]: 20: Hoare triple {1081#false} havoc ~retValue_acc~8;~retValue_acc~8 := ~methaneLevelCritical~0;#res := ~retValue_acc~8; {1081#false} is VALID [2022-02-20 18:08:44,594 INFO L290 TraceCheckUtils]: 21: Hoare triple {1081#false} assume true; {1081#false} is VALID [2022-02-20 18:08:44,594 INFO L284 TraceCheckUtils]: 22: Hoare quadruple {1081#false} {1081#false} #211#return; {1081#false} is VALID [2022-02-20 18:08:44,595 INFO L290 TraceCheckUtils]: 23: Hoare triple {1081#false} __utac_acc__Specification3_spec__1_~tmp~4#1 := __utac_acc__Specification3_spec__1_#t~ret29#1;havoc __utac_acc__Specification3_spec__1_#t~ret29#1; {1081#false} is VALID [2022-02-20 18:08:44,595 INFO L290 TraceCheckUtils]: 24: Hoare triple {1081#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~4#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~9#1;havoc getWaterLevel_~retValue_acc~9#1;getWaterLevel_~retValue_acc~9#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~9#1; {1081#false} is VALID [2022-02-20 18:08:44,595 INFO L290 TraceCheckUtils]: 25: Hoare triple {1081#false} __utac_acc__Specification3_spec__1_#t~ret30#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret30#1;havoc __utac_acc__Specification3_spec__1_#t~ret30#1; {1081#false} is VALID [2022-02-20 18:08:44,595 INFO L290 TraceCheckUtils]: 26: Hoare triple {1081#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {1081#false} is VALID [2022-02-20 18:08:44,596 INFO L290 TraceCheckUtils]: 27: Hoare triple {1081#false} __utac_acc__Specification3_spec__1_#t~ret31#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret31#1;havoc __utac_acc__Specification3_spec__1_#t~ret31#1; {1081#false} is VALID [2022-02-20 18:08:44,596 INFO L290 TraceCheckUtils]: 28: Hoare triple {1081#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {1081#false} is VALID [2022-02-20 18:08:44,596 INFO L290 TraceCheckUtils]: 29: Hoare triple {1081#false} assume !false; {1081#false} is VALID [2022-02-20 18:08:44,596 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:44,596 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:08:44,597 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:08:44,597 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [696986726] [2022-02-20 18:08:44,597 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [696986726] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:44,597 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:44,597 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:08:44,598 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [648178164] [2022-02-20 18:08:44,598 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:44,598 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:08:44,599 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:44,599 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:44,627 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 30 edges. 30 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:44,627 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:08:44,627 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:08:44,628 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:08:44,628 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:44,628 INFO L87 Difference]: Start difference. First operand 63 states and 80 transitions. Second operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:44,758 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:44,758 INFO L93 Difference]: Finished difference Result 174 states and 226 transitions. [2022-02-20 18:08:44,758 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:08:44,758 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:08:44,759 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:44,759 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:44,763 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 226 transitions. [2022-02-20 18:08:44,763 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:44,766 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 226 transitions. [2022-02-20 18:08:44,766 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 226 transitions. [2022-02-20 18:08:44,951 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 226 edges. 226 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:44,954 INFO L225 Difference]: With dead ends: 174 [2022-02-20 18:08:44,954 INFO L226 Difference]: Without dead ends: 118 [2022-02-20 18:08:44,955 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 29 GetRequests, 28 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:44,956 INFO L933 BasicCegarLoop]: 102 mSDtfsCounter, 60 mSDsluCounter, 70 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 60 SdHoareTripleChecker+Valid, 172 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:44,956 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [60 Valid, 172 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:44,957 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 118 states. [2022-02-20 18:08:44,966 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 118 to 115. [2022-02-20 18:08:44,966 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:44,966 INFO L82 GeneralOperation]: Start isEquivalent. First operand 118 states. Second operand has 115 states, 84 states have (on average 1.3452380952380953) internal successors, (113), 95 states have internal predecessors, (113), 18 states have call successors, (18), 12 states have call predecessors, (18), 12 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) [2022-02-20 18:08:44,967 INFO L74 IsIncluded]: Start isIncluded. First operand 118 states. Second operand has 115 states, 84 states have (on average 1.3452380952380953) internal successors, (113), 95 states have internal predecessors, (113), 18 states have call successors, (18), 12 states have call predecessors, (18), 12 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) [2022-02-20 18:08:44,967 INFO L87 Difference]: Start difference. First operand 118 states. Second operand has 115 states, 84 states have (on average 1.3452380952380953) internal successors, (113), 95 states have internal predecessors, (113), 18 states have call successors, (18), 12 states have call predecessors, (18), 12 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) [2022-02-20 18:08:44,972 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:44,972 INFO L93 Difference]: Finished difference Result 118 states and 151 transitions. [2022-02-20 18:08:44,972 INFO L276 IsEmpty]: Start isEmpty. Operand 118 states and 151 transitions. [2022-02-20 18:08:44,973 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:44,973 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:44,973 INFO L74 IsIncluded]: Start isIncluded. First operand has 115 states, 84 states have (on average 1.3452380952380953) internal successors, (113), 95 states have internal predecessors, (113), 18 states have call successors, (18), 12 states have call predecessors, (18), 12 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) Second operand 118 states. [2022-02-20 18:08:44,974 INFO L87 Difference]: Start difference. First operand has 115 states, 84 states have (on average 1.3452380952380953) internal successors, (113), 95 states have internal predecessors, (113), 18 states have call successors, (18), 12 states have call predecessors, (18), 12 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) Second operand 118 states. [2022-02-20 18:08:44,978 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:44,978 INFO L93 Difference]: Finished difference Result 118 states and 151 transitions. [2022-02-20 18:08:44,978 INFO L276 IsEmpty]: Start isEmpty. Operand 118 states and 151 transitions. [2022-02-20 18:08:44,979 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:44,979 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:44,979 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:44,979 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:44,980 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 115 states, 84 states have (on average 1.3452380952380953) internal successors, (113), 95 states have internal predecessors, (113), 18 states have call successors, (18), 12 states have call predecessors, (18), 12 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) [2022-02-20 18:08:44,989 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 115 states to 115 states and 149 transitions. [2022-02-20 18:08:44,990 INFO L78 Accepts]: Start accepts. Automaton has 115 states and 149 transitions. Word has length 30 [2022-02-20 18:08:44,990 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:44,990 INFO L470 AbstractCegarLoop]: Abstraction has 115 states and 149 transitions. [2022-02-20 18:08:44,990 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:44,990 INFO L276 IsEmpty]: Start isEmpty. Operand 115 states and 149 transitions. [2022-02-20 18:08:44,991 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2022-02-20 18:08:44,991 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:44,992 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:45,027 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Forceful destruction successful, exit code 0 [2022-02-20 18:08:45,201 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:08:45,202 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:45,202 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:45,203 INFO L85 PathProgramCache]: Analyzing trace with hash 1863079564, now seen corresponding path program 1 times [2022-02-20 18:08:45,203 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:08:45,203 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [733192446] [2022-02-20 18:08:45,203 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:45,203 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:08:45,204 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:08:45,205 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:08:45,207 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Waiting until timeout for monitored process [2022-02-20 18:08:45,249 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:45,252 INFO L263 TraceCheckSpWp]: Trace formula consists of 162 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 18:08:45,260 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:45,262 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:08:45,370 INFO L290 TraceCheckUtils]: 0: Hoare triple {1818#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(30bv32, 4bv32);call #Ultimate.allocInit(9bv32, 5bv32);call #Ultimate.allocInit(21bv32, 6bv32);call #Ultimate.allocInit(30bv32, 7bv32);call #Ultimate.allocInit(9bv32, 8bv32);call #Ultimate.allocInit(21bv32, 9bv32);call #Ultimate.allocInit(30bv32, 10bv32);call #Ultimate.allocInit(9bv32, 11bv32);call #Ultimate.allocInit(25bv32, 12bv32);call #Ultimate.allocInit(30bv32, 13bv32);call #Ultimate.allocInit(9bv32, 14bv32);call #Ultimate.allocInit(25bv32, 15bv32);call #Ultimate.allocInit(13bv32, 16bv32);call #Ultimate.allocInit(3bv32, 17bv32);call write~init~intINTTYPE1(79bv8, 17bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 17bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 17bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 18bv32);call write~init~intINTTYPE1(79bv8, 18bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 18bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 19bv32);call write~init~intINTTYPE1(44bv8, 19bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 19bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 19bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 19bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 19bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 19bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 19bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 20bv32);call write~init~intINTTYPE1(79bv8, 20bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 20bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 20bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 21bv32);call write~init~intINTTYPE1(79bv8, 21bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 21bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(41bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 23bv32);call write~init~intINTTYPE1(10bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 24bv32);call #Ultimate.allocInit(7bv32, 25bv32);call write~init~intINTTYPE1(44bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 25bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 25bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 25bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 25bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 26bv32);call write~init~intINTTYPE1(67bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 26bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(79bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(41bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~cleanupTimeShifts~0 := 4bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32; {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,371 INFO L290 TraceCheckUtils]: 1: Hoare triple {1823#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret5#1, main_~retValue_acc~2#1, main_~tmp~0#1;havoc main_~retValue_acc~2#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,371 INFO L290 TraceCheckUtils]: 2: Hoare triple {1823#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,371 INFO L290 TraceCheckUtils]: 3: Hoare triple {1823#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,372 INFO L290 TraceCheckUtils]: 4: Hoare triple {1823#(= ~waterLevel~0 (_ bv1 32))} main_#t~ret5#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~0#1 := main_#t~ret5#1;havoc main_#t~ret5#1; {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,372 INFO L290 TraceCheckUtils]: 5: Hoare triple {1823#(= ~waterLevel~0 (_ bv1 32))} assume 0bv32 != main_~tmp~0#1;assume { :begin_inline_setup } true; {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,373 INFO L290 TraceCheckUtils]: 6: Hoare triple {1823#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet42#1, test_#t~nondet43#1, test_#t~nondet44#1, test_#t~nondet45#1, test_~splverifierCounter~0#1, test_~tmp~6#1, test_~tmp___0~1#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~6#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,373 INFO L290 TraceCheckUtils]: 7: Hoare triple {1823#(= ~waterLevel~0 (_ bv1 32))} assume !false; {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,373 INFO L290 TraceCheckUtils]: 8: Hoare triple {1823#(= ~waterLevel~0 (_ bv1 32))} assume ~bvslt32(test_~splverifierCounter~0#1, 4bv32); {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,374 INFO L290 TraceCheckUtils]: 9: Hoare triple {1823#(= ~waterLevel~0 (_ bv1 32))} test_~tmp~6#1 := test_#t~nondet42#1;havoc test_#t~nondet42#1; {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,374 INFO L290 TraceCheckUtils]: 10: Hoare triple {1823#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != test_~tmp~6#1); {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,375 INFO L290 TraceCheckUtils]: 11: Hoare triple {1823#(= ~waterLevel~0 (_ bv1 32))} test_~tmp___0~1#1 := test_#t~nondet43#1;havoc test_#t~nondet43#1; {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,375 INFO L290 TraceCheckUtils]: 12: Hoare triple {1823#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___0~1#1); {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,375 INFO L290 TraceCheckUtils]: 13: Hoare triple {1823#(= ~waterLevel~0 (_ bv1 32))} test_~tmp___2~0#1 := test_#t~nondet44#1;havoc test_#t~nondet44#1; {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,376 INFO L290 TraceCheckUtils]: 14: Hoare triple {1823#(= ~waterLevel~0 (_ bv1 32))} assume 0bv32 != test_~tmp___2~0#1; {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,376 INFO L272 TraceCheckUtils]: 15: Hoare triple {1823#(= ~waterLevel~0 (_ bv1 32))} call timeShift(); {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,377 INFO L290 TraceCheckUtils]: 16: Hoare triple {1823#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,377 INFO L290 TraceCheckUtils]: 17: Hoare triple {1823#(= ~waterLevel~0 (_ bv1 32))} assume 0bv32 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret32#1, processEnvironment_~tmp~5#1;havoc processEnvironment_~tmp~5#1; {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,377 INFO L290 TraceCheckUtils]: 18: Hoare triple {1823#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,378 INFO L272 TraceCheckUtils]: 19: Hoare triple {1823#(= ~waterLevel~0 (_ bv1 32))} call processEnvironment__wrappee__base(); {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,378 INFO L290 TraceCheckUtils]: 20: Hoare triple {1823#(= ~waterLevel~0 (_ bv1 32))} assume true; {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,379 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {1823#(= ~waterLevel~0 (_ bv1 32))} {1823#(= ~waterLevel~0 (_ bv1 32))} #209#return; {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,379 INFO L290 TraceCheckUtils]: 22: Hoare triple {1823#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_processEnvironment } true; {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,380 INFO L290 TraceCheckUtils]: 23: Hoare triple {1823#(= ~waterLevel~0 (_ bv1 32))} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret29#1, __utac_acc__Specification3_spec__1_#t~ret30#1, __utac_acc__Specification3_spec__1_#t~ret31#1, __utac_acc__Specification3_spec__1_~tmp~4#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~4#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,380 INFO L272 TraceCheckUtils]: 24: Hoare triple {1823#(= ~waterLevel~0 (_ bv1 32))} call __utac_acc__Specification3_spec__1_#t~ret29#1 := isMethaneLevelCritical(); {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,380 INFO L290 TraceCheckUtils]: 25: Hoare triple {1823#(= ~waterLevel~0 (_ bv1 32))} havoc ~retValue_acc~8;~retValue_acc~8 := ~methaneLevelCritical~0;#res := ~retValue_acc~8; {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,381 INFO L290 TraceCheckUtils]: 26: Hoare triple {1823#(= ~waterLevel~0 (_ bv1 32))} assume true; {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,381 INFO L284 TraceCheckUtils]: 27: Hoare quadruple {1823#(= ~waterLevel~0 (_ bv1 32))} {1823#(= ~waterLevel~0 (_ bv1 32))} #211#return; {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,382 INFO L290 TraceCheckUtils]: 28: Hoare triple {1823#(= ~waterLevel~0 (_ bv1 32))} __utac_acc__Specification3_spec__1_~tmp~4#1 := __utac_acc__Specification3_spec__1_#t~ret29#1;havoc __utac_acc__Specification3_spec__1_#t~ret29#1; {1823#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:45,382 INFO L290 TraceCheckUtils]: 29: Hoare triple {1823#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~4#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~9#1;havoc getWaterLevel_~retValue_acc~9#1;getWaterLevel_~retValue_acc~9#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~9#1; {1911#(= |timeShift_getWaterLevel_#res#1| (_ bv1 32))} is VALID [2022-02-20 18:08:45,383 INFO L290 TraceCheckUtils]: 30: Hoare triple {1911#(= |timeShift_getWaterLevel_#res#1| (_ bv1 32))} __utac_acc__Specification3_spec__1_#t~ret30#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret30#1;havoc __utac_acc__Specification3_spec__1_#t~ret30#1; {1915#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1| (_ bv1 32))} is VALID [2022-02-20 18:08:45,383 INFO L290 TraceCheckUtils]: 31: Hoare triple {1915#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1| (_ bv1 32))} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {1819#false} is VALID [2022-02-20 18:08:45,383 INFO L290 TraceCheckUtils]: 32: Hoare triple {1819#false} __utac_acc__Specification3_spec__1_#t~ret31#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret31#1;havoc __utac_acc__Specification3_spec__1_#t~ret31#1; {1819#false} is VALID [2022-02-20 18:08:45,384 INFO L290 TraceCheckUtils]: 33: Hoare triple {1819#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {1819#false} is VALID [2022-02-20 18:08:45,384 INFO L290 TraceCheckUtils]: 34: Hoare triple {1819#false} assume !false; {1819#false} is VALID [2022-02-20 18:08:45,384 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:45,384 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:08:45,385 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:08:45,385 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [733192446] [2022-02-20 18:08:45,385 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [733192446] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:45,385 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:45,385 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 18:08:45,385 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1861090151] [2022-02-20 18:08:45,386 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:45,386 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 35 [2022-02-20 18:08:45,386 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:45,387 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:45,421 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 35 edges. 35 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:45,421 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 18:08:45,421 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:08:45,422 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 18:08:45,422 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 18:08:45,422 INFO L87 Difference]: Start difference. First operand 115 states and 149 transitions. Second operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:45,684 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:45,684 INFO L93 Difference]: Finished difference Result 325 states and 434 transitions. [2022-02-20 18:08:45,684 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 18:08:45,685 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 35 [2022-02-20 18:08:45,685 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:45,685 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:45,689 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 226 transitions. [2022-02-20 18:08:45,690 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:45,693 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 226 transitions. [2022-02-20 18:08:45,694 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 226 transitions. [2022-02-20 18:08:45,884 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 226 edges. 226 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:45,891 INFO L225 Difference]: With dead ends: 325 [2022-02-20 18:08:45,891 INFO L226 Difference]: Without dead ends: 217 [2022-02-20 18:08:45,892 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 36 GetRequests, 31 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-02-20 18:08:45,893 INFO L933 BasicCegarLoop]: 87 mSDtfsCounter, 46 mSDsluCounter, 239 mSDsCounter, 0 mSdLazyCounter, 21 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 46 SdHoareTripleChecker+Valid, 326 SdHoareTripleChecker+Invalid, 23 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 21 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:45,893 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [46 Valid, 326 Invalid, 23 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 21 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:45,894 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 217 states. [2022-02-20 18:08:45,907 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 217 to 211. [2022-02-20 18:08:45,907 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:45,908 INFO L82 GeneralOperation]: Start isEquivalent. First operand 217 states. Second operand has 211 states, 152 states have (on average 1.3289473684210527) internal successors, (202), 171 states have internal predecessors, (202), 36 states have call successors, (36), 24 states have call predecessors, (36), 22 states have return successors, (38), 24 states have call predecessors, (38), 36 states have call successors, (38) [2022-02-20 18:08:45,909 INFO L74 IsIncluded]: Start isIncluded. First operand 217 states. Second operand has 211 states, 152 states have (on average 1.3289473684210527) internal successors, (202), 171 states have internal predecessors, (202), 36 states have call successors, (36), 24 states have call predecessors, (36), 22 states have return successors, (38), 24 states have call predecessors, (38), 36 states have call successors, (38) [2022-02-20 18:08:45,910 INFO L87 Difference]: Start difference. First operand 217 states. Second operand has 211 states, 152 states have (on average 1.3289473684210527) internal successors, (202), 171 states have internal predecessors, (202), 36 states have call successors, (36), 24 states have call predecessors, (36), 22 states have return successors, (38), 24 states have call predecessors, (38), 36 states have call successors, (38) [2022-02-20 18:08:45,919 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:45,919 INFO L93 Difference]: Finished difference Result 217 states and 282 transitions. [2022-02-20 18:08:45,919 INFO L276 IsEmpty]: Start isEmpty. Operand 217 states and 282 transitions. [2022-02-20 18:08:45,920 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:45,920 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:45,921 INFO L74 IsIncluded]: Start isIncluded. First operand has 211 states, 152 states have (on average 1.3289473684210527) internal successors, (202), 171 states have internal predecessors, (202), 36 states have call successors, (36), 24 states have call predecessors, (36), 22 states have return successors, (38), 24 states have call predecessors, (38), 36 states have call successors, (38) Second operand 217 states. [2022-02-20 18:08:45,922 INFO L87 Difference]: Start difference. First operand has 211 states, 152 states have (on average 1.3289473684210527) internal successors, (202), 171 states have internal predecessors, (202), 36 states have call successors, (36), 24 states have call predecessors, (36), 22 states have return successors, (38), 24 states have call predecessors, (38), 36 states have call successors, (38) Second operand 217 states. [2022-02-20 18:08:45,931 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:45,931 INFO L93 Difference]: Finished difference Result 217 states and 282 transitions. [2022-02-20 18:08:45,931 INFO L276 IsEmpty]: Start isEmpty. Operand 217 states and 282 transitions. [2022-02-20 18:08:45,932 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:45,932 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:45,932 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:45,932 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:45,933 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 211 states, 152 states have (on average 1.3289473684210527) internal successors, (202), 171 states have internal predecessors, (202), 36 states have call successors, (36), 24 states have call predecessors, (36), 22 states have return successors, (38), 24 states have call predecessors, (38), 36 states have call successors, (38) [2022-02-20 18:08:45,942 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 211 states to 211 states and 276 transitions. [2022-02-20 18:08:45,943 INFO L78 Accepts]: Start accepts. Automaton has 211 states and 276 transitions. Word has length 35 [2022-02-20 18:08:45,943 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:45,943 INFO L470 AbstractCegarLoop]: Abstraction has 211 states and 276 transitions. [2022-02-20 18:08:45,943 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:45,944 INFO L276 IsEmpty]: Start isEmpty. Operand 211 states and 276 transitions. [2022-02-20 18:08:45,945 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2022-02-20 18:08:45,945 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:45,945 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:45,957 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Forceful destruction successful, exit code 0 [2022-02-20 18:08:46,154 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:08:46,155 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:46,156 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:46,156 INFO L85 PathProgramCache]: Analyzing trace with hash 315866663, now seen corresponding path program 1 times [2022-02-20 18:08:46,156 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:08:46,156 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [953540259] [2022-02-20 18:08:46,157 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:46,157 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:08:46,157 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:08:46,158 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:08:46,160 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Waiting until timeout for monitored process [2022-02-20 18:08:46,203 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:46,205 INFO L263 TraceCheckSpWp]: Trace formula consists of 165 conjuncts, 4 conjunts are in the unsatisfiable core [2022-02-20 18:08:46,214 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:46,216 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:08:46,301 INFO L290 TraceCheckUtils]: 0: Hoare triple {3128#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(30bv32, 4bv32);call #Ultimate.allocInit(9bv32, 5bv32);call #Ultimate.allocInit(21bv32, 6bv32);call #Ultimate.allocInit(30bv32, 7bv32);call #Ultimate.allocInit(9bv32, 8bv32);call #Ultimate.allocInit(21bv32, 9bv32);call #Ultimate.allocInit(30bv32, 10bv32);call #Ultimate.allocInit(9bv32, 11bv32);call #Ultimate.allocInit(25bv32, 12bv32);call #Ultimate.allocInit(30bv32, 13bv32);call #Ultimate.allocInit(9bv32, 14bv32);call #Ultimate.allocInit(25bv32, 15bv32);call #Ultimate.allocInit(13bv32, 16bv32);call #Ultimate.allocInit(3bv32, 17bv32);call write~init~intINTTYPE1(79bv8, 17bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 17bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 17bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 18bv32);call write~init~intINTTYPE1(79bv8, 18bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 18bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 19bv32);call write~init~intINTTYPE1(44bv8, 19bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 19bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 19bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 19bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 19bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 19bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 19bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 20bv32);call write~init~intINTTYPE1(79bv8, 20bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 20bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 20bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 21bv32);call write~init~intINTTYPE1(79bv8, 21bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 21bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(41bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 23bv32);call write~init~intINTTYPE1(10bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 24bv32);call #Ultimate.allocInit(7bv32, 25bv32);call write~init~intINTTYPE1(44bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 25bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 25bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 25bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 25bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 26bv32);call write~init~intINTTYPE1(67bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 26bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(79bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(41bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~cleanupTimeShifts~0 := 4bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32; {3133#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:46,302 INFO L290 TraceCheckUtils]: 1: Hoare triple {3133#(= (_ bv0 32) ~pumpRunning~0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret5#1, main_~retValue_acc~2#1, main_~tmp~0#1;havoc main_~retValue_acc~2#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {3133#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:46,302 INFO L290 TraceCheckUtils]: 2: Hoare triple {3133#(= (_ bv0 32) ~pumpRunning~0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {3133#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:46,303 INFO L290 TraceCheckUtils]: 3: Hoare triple {3133#(= (_ bv0 32) ~pumpRunning~0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {3133#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:46,303 INFO L290 TraceCheckUtils]: 4: Hoare triple {3133#(= (_ bv0 32) ~pumpRunning~0)} main_#t~ret5#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~0#1 := main_#t~ret5#1;havoc main_#t~ret5#1; {3133#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:46,303 INFO L290 TraceCheckUtils]: 5: Hoare triple {3133#(= (_ bv0 32) ~pumpRunning~0)} assume 0bv32 != main_~tmp~0#1;assume { :begin_inline_setup } true; {3133#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:46,304 INFO L290 TraceCheckUtils]: 6: Hoare triple {3133#(= (_ bv0 32) ~pumpRunning~0)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet42#1, test_#t~nondet43#1, test_#t~nondet44#1, test_#t~nondet45#1, test_~splverifierCounter~0#1, test_~tmp~6#1, test_~tmp___0~1#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~6#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {3133#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:46,304 INFO L290 TraceCheckUtils]: 7: Hoare triple {3133#(= (_ bv0 32) ~pumpRunning~0)} assume !false; {3133#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:46,304 INFO L290 TraceCheckUtils]: 8: Hoare triple {3133#(= (_ bv0 32) ~pumpRunning~0)} assume ~bvslt32(test_~splverifierCounter~0#1, 4bv32); {3133#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:46,305 INFO L290 TraceCheckUtils]: 9: Hoare triple {3133#(= (_ bv0 32) ~pumpRunning~0)} test_~tmp~6#1 := test_#t~nondet42#1;havoc test_#t~nondet42#1; {3133#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:46,305 INFO L290 TraceCheckUtils]: 10: Hoare triple {3133#(= (_ bv0 32) ~pumpRunning~0)} assume !(0bv32 != test_~tmp~6#1); {3133#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:46,306 INFO L290 TraceCheckUtils]: 11: Hoare triple {3133#(= (_ bv0 32) ~pumpRunning~0)} test_~tmp___0~1#1 := test_#t~nondet43#1;havoc test_#t~nondet43#1; {3133#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:46,306 INFO L290 TraceCheckUtils]: 12: Hoare triple {3133#(= (_ bv0 32) ~pumpRunning~0)} assume !(0bv32 != test_~tmp___0~1#1); {3133#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:46,306 INFO L290 TraceCheckUtils]: 13: Hoare triple {3133#(= (_ bv0 32) ~pumpRunning~0)} test_~tmp___2~0#1 := test_#t~nondet44#1;havoc test_#t~nondet44#1; {3133#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:46,307 INFO L290 TraceCheckUtils]: 14: Hoare triple {3133#(= (_ bv0 32) ~pumpRunning~0)} assume 0bv32 != test_~tmp___2~0#1; {3133#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:46,307 INFO L272 TraceCheckUtils]: 15: Hoare triple {3133#(= (_ bv0 32) ~pumpRunning~0)} call timeShift(); {3133#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:46,308 INFO L290 TraceCheckUtils]: 16: Hoare triple {3133#(= (_ bv0 32) ~pumpRunning~0)} assume 0bv32 != ~pumpRunning~0;assume { :begin_inline_lowerWaterLevel } true; {3129#false} is VALID [2022-02-20 18:08:46,308 INFO L290 TraceCheckUtils]: 17: Hoare triple {3129#false} assume ~bvsgt32(~waterLevel~0, 0bv32);~waterLevel~0 := ~bvsub32(~waterLevel~0, 1bv32); {3129#false} is VALID [2022-02-20 18:08:46,308 INFO L290 TraceCheckUtils]: 18: Hoare triple {3129#false} assume { :end_inline_lowerWaterLevel } true; {3129#false} is VALID [2022-02-20 18:08:46,308 INFO L290 TraceCheckUtils]: 19: Hoare triple {3129#false} assume 0bv32 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret32#1, processEnvironment_~tmp~5#1;havoc processEnvironment_~tmp~5#1; {3129#false} is VALID [2022-02-20 18:08:46,308 INFO L290 TraceCheckUtils]: 20: Hoare triple {3129#false} assume !(0bv32 != ~pumpRunning~0); {3129#false} is VALID [2022-02-20 18:08:46,309 INFO L272 TraceCheckUtils]: 21: Hoare triple {3129#false} call processEnvironment__wrappee__base(); {3129#false} is VALID [2022-02-20 18:08:46,309 INFO L290 TraceCheckUtils]: 22: Hoare triple {3129#false} assume true; {3129#false} is VALID [2022-02-20 18:08:46,309 INFO L284 TraceCheckUtils]: 23: Hoare quadruple {3129#false} {3129#false} #209#return; {3129#false} is VALID [2022-02-20 18:08:46,309 INFO L290 TraceCheckUtils]: 24: Hoare triple {3129#false} assume { :end_inline_processEnvironment } true; {3129#false} is VALID [2022-02-20 18:08:46,309 INFO L290 TraceCheckUtils]: 25: Hoare triple {3129#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret29#1, __utac_acc__Specification3_spec__1_#t~ret30#1, __utac_acc__Specification3_spec__1_#t~ret31#1, __utac_acc__Specification3_spec__1_~tmp~4#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~4#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {3129#false} is VALID [2022-02-20 18:08:46,309 INFO L272 TraceCheckUtils]: 26: Hoare triple {3129#false} call __utac_acc__Specification3_spec__1_#t~ret29#1 := isMethaneLevelCritical(); {3129#false} is VALID [2022-02-20 18:08:46,310 INFO L290 TraceCheckUtils]: 27: Hoare triple {3129#false} havoc ~retValue_acc~8;~retValue_acc~8 := ~methaneLevelCritical~0;#res := ~retValue_acc~8; {3129#false} is VALID [2022-02-20 18:08:46,310 INFO L290 TraceCheckUtils]: 28: Hoare triple {3129#false} assume true; {3129#false} is VALID [2022-02-20 18:08:46,310 INFO L284 TraceCheckUtils]: 29: Hoare quadruple {3129#false} {3129#false} #211#return; {3129#false} is VALID [2022-02-20 18:08:46,310 INFO L290 TraceCheckUtils]: 30: Hoare triple {3129#false} __utac_acc__Specification3_spec__1_~tmp~4#1 := __utac_acc__Specification3_spec__1_#t~ret29#1;havoc __utac_acc__Specification3_spec__1_#t~ret29#1; {3129#false} is VALID [2022-02-20 18:08:46,310 INFO L290 TraceCheckUtils]: 31: Hoare triple {3129#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~4#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~9#1;havoc getWaterLevel_~retValue_acc~9#1;getWaterLevel_~retValue_acc~9#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~9#1; {3129#false} is VALID [2022-02-20 18:08:46,311 INFO L290 TraceCheckUtils]: 32: Hoare triple {3129#false} __utac_acc__Specification3_spec__1_#t~ret30#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret30#1;havoc __utac_acc__Specification3_spec__1_#t~ret30#1; {3129#false} is VALID [2022-02-20 18:08:46,311 INFO L290 TraceCheckUtils]: 33: Hoare triple {3129#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {3129#false} is VALID [2022-02-20 18:08:46,311 INFO L290 TraceCheckUtils]: 34: Hoare triple {3129#false} __utac_acc__Specification3_spec__1_#t~ret31#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret31#1;havoc __utac_acc__Specification3_spec__1_#t~ret31#1; {3129#false} is VALID [2022-02-20 18:08:46,311 INFO L290 TraceCheckUtils]: 35: Hoare triple {3129#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {3129#false} is VALID [2022-02-20 18:08:46,311 INFO L290 TraceCheckUtils]: 36: Hoare triple {3129#false} assume !false; {3129#false} is VALID [2022-02-20 18:08:46,312 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:46,312 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:08:46,312 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:08:46,312 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [953540259] [2022-02-20 18:08:46,312 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [953540259] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:46,312 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:46,313 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:08:46,313 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1801632532] [2022-02-20 18:08:46,313 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:46,314 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 2 states have internal predecessors, (32), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 37 [2022-02-20 18:08:46,314 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:46,314 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 2 states have internal predecessors, (32), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:46,348 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 37 edges. 37 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:46,348 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:08:46,348 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:08:46,349 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:08:46,349 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:46,349 INFO L87 Difference]: Start difference. First operand 211 states and 276 transitions. Second operand has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 2 states have internal predecessors, (32), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:46,458 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:46,461 INFO L93 Difference]: Finished difference Result 369 states and 485 transitions. [2022-02-20 18:08:46,461 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:08:46,461 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 2 states have internal predecessors, (32), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 37 [2022-02-20 18:08:46,462 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:46,462 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 2 states have internal predecessors, (32), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:46,464 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 137 transitions. [2022-02-20 18:08:46,479 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 2 states have internal predecessors, (32), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:46,482 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 137 transitions. [2022-02-20 18:08:46,482 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 137 transitions. [2022-02-20 18:08:46,641 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 137 edges. 137 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:46,644 INFO L225 Difference]: With dead ends: 369 [2022-02-20 18:08:46,645 INFO L226 Difference]: Without dead ends: 165 [2022-02-20 18:08:46,646 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 36 GetRequests, 35 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:46,646 INFO L933 BasicCegarLoop]: 56 mSDtfsCounter, 44 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 44 SdHoareTripleChecker+Valid, 56 SdHoareTripleChecker+Invalid, 6 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:46,647 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [44 Valid, 56 Invalid, 6 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:46,648 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 165 states. [2022-02-20 18:08:46,656 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 165 to 163. [2022-02-20 18:08:46,657 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:46,657 INFO L82 GeneralOperation]: Start isEquivalent. First operand 165 states. Second operand has 163 states, 124 states have (on average 1.2580645161290323) internal successors, (156), 131 states have internal predecessors, (156), 20 states have call successors, (20), 20 states have call predecessors, (20), 18 states have return successors, (20), 18 states have call predecessors, (20), 20 states have call successors, (20) [2022-02-20 18:08:46,658 INFO L74 IsIncluded]: Start isIncluded. First operand 165 states. Second operand has 163 states, 124 states have (on average 1.2580645161290323) internal successors, (156), 131 states have internal predecessors, (156), 20 states have call successors, (20), 20 states have call predecessors, (20), 18 states have return successors, (20), 18 states have call predecessors, (20), 20 states have call successors, (20) [2022-02-20 18:08:46,658 INFO L87 Difference]: Start difference. First operand 165 states. Second operand has 163 states, 124 states have (on average 1.2580645161290323) internal successors, (156), 131 states have internal predecessors, (156), 20 states have call successors, (20), 20 states have call predecessors, (20), 18 states have return successors, (20), 18 states have call predecessors, (20), 20 states have call successors, (20) [2022-02-20 18:08:46,663 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:46,663 INFO L93 Difference]: Finished difference Result 165 states and 198 transitions. [2022-02-20 18:08:46,664 INFO L276 IsEmpty]: Start isEmpty. Operand 165 states and 198 transitions. [2022-02-20 18:08:46,664 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:46,664 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:46,665 INFO L74 IsIncluded]: Start isIncluded. First operand has 163 states, 124 states have (on average 1.2580645161290323) internal successors, (156), 131 states have internal predecessors, (156), 20 states have call successors, (20), 20 states have call predecessors, (20), 18 states have return successors, (20), 18 states have call predecessors, (20), 20 states have call successors, (20) Second operand 165 states. [2022-02-20 18:08:46,666 INFO L87 Difference]: Start difference. First operand has 163 states, 124 states have (on average 1.2580645161290323) internal successors, (156), 131 states have internal predecessors, (156), 20 states have call successors, (20), 20 states have call predecessors, (20), 18 states have return successors, (20), 18 states have call predecessors, (20), 20 states have call successors, (20) Second operand 165 states. [2022-02-20 18:08:46,670 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:46,670 INFO L93 Difference]: Finished difference Result 165 states and 198 transitions. [2022-02-20 18:08:46,670 INFO L276 IsEmpty]: Start isEmpty. Operand 165 states and 198 transitions. [2022-02-20 18:08:46,671 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:46,671 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:46,671 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:46,671 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:46,672 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 163 states, 124 states have (on average 1.2580645161290323) internal successors, (156), 131 states have internal predecessors, (156), 20 states have call successors, (20), 20 states have call predecessors, (20), 18 states have return successors, (20), 18 states have call predecessors, (20), 20 states have call successors, (20) [2022-02-20 18:08:46,677 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 163 states to 163 states and 196 transitions. [2022-02-20 18:08:46,677 INFO L78 Accepts]: Start accepts. Automaton has 163 states and 196 transitions. Word has length 37 [2022-02-20 18:08:46,677 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:46,678 INFO L470 AbstractCegarLoop]: Abstraction has 163 states and 196 transitions. [2022-02-20 18:08:46,678 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 2 states have internal predecessors, (32), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:46,678 INFO L276 IsEmpty]: Start isEmpty. Operand 163 states and 196 transitions. [2022-02-20 18:08:46,679 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 40 [2022-02-20 18:08:46,679 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:46,679 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:46,691 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Forceful destruction successful, exit code 0 [2022-02-20 18:08:46,891 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:08:46,892 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:46,892 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:46,893 INFO L85 PathProgramCache]: Analyzing trace with hash -2031472666, now seen corresponding path program 1 times [2022-02-20 18:08:46,893 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:08:46,893 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1043627442] [2022-02-20 18:08:46,893 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:46,894 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:08:46,894 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:08:46,895 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:08:46,896 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Waiting until timeout for monitored process [2022-02-20 18:08:46,966 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:08:46,966 INFO L352 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2022-02-20 18:08:46,990 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:08:47,023 INFO L138 FreeRefinementEngine]: Strategy WOLF found a feasible trace [2022-02-20 18:08:47,024 INFO L628 BasicCegarLoop]: Counterexample is feasible [2022-02-20 18:08:47,025 INFO L764 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-02-20 18:08:47,074 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Forceful destruction successful, exit code 0 [2022-02-20 18:08:47,226 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:08:47,230 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1] [2022-02-20 18:08:47,233 INFO L180 ceAbstractionStarter]: Computing trace abstraction results [2022-02-20 18:08:47,253 FATAL L489 DefaultTranslator]: Callstack has procedure call flag but succeeding procedure is empty at [CALL] call waterRise(); [2022-02-20 18:08:47,254 FATAL L? ?]: The Plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction has thrown an exception: java.lang.AssertionError: callstack broken after backtranslation by InlinerBacktranslator at de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:216) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:206) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getProgramExecutionAsString(CounterExampleResult.java:155) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getLongDescription(CounterExampleResult.java:134) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ResultService.reportResult(ResultService.java:86) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.CegarLoopResultReporter.reportResult(CegarLoopResultReporter.java:141) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.reportLocationResults(TraceAbstractionStarter.java:607) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.runCegarLoops(TraceAbstractionStarter.java:182) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.(TraceAbstractionStarter.java:156) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver.finish(TraceAbstractionObserver.java:123) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runObserver(PluginConnector.java:168) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runTool(PluginConnector.java:151) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.run(PluginConnector.java:128) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.executePluginConnector(ToolchainWalker.java:232) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.processPlugin(ToolchainWalker.java:226) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walkUnprotected(ToolchainWalker.java:142) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walk(ToolchainWalker.java:104) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainManager$Toolchain.processToolchain(ToolchainManager.java:320) at de.uni_freiburg.informatik.ultimate.core.coreplugin.toolchain.DefaultToolchainJob.run(DefaultToolchainJob.java:145) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:63) [2022-02-20 18:08:47,258 INFO L158 Benchmark]: Toolchain (without parser) took 5829.55ms. Allocated memory was 50.3MB in the beginning and 130.0MB in the end (delta: 79.7MB). Free memory was 31.9MB in the beginning and 78.3MB in the end (delta: -46.4MB). Peak memory consumption was 34.3MB. Max. memory is 16.1GB. [2022-02-20 18:08:47,259 INFO L158 Benchmark]: CDTParser took 0.18ms. Allocated memory is still 41.9MB. Free memory was 23.8MB in the beginning and 23.8MB in the end (delta: 34.5kB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:08:47,259 INFO L158 Benchmark]: CACSL2BoogieTranslator took 540.55ms. Allocated memory was 50.3MB in the beginning and 69.2MB in the end (delta: 18.9MB). Free memory was 31.7MB in the beginning and 44.6MB in the end (delta: -13.0MB). Peak memory consumption was 9.7MB. Max. memory is 16.1GB. [2022-02-20 18:08:47,260 INFO L158 Benchmark]: Boogie Procedure Inliner took 42.61ms. Allocated memory is still 69.2MB. Free memory was 44.4MB in the beginning and 41.9MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:08:47,260 INFO L158 Benchmark]: Boogie Preprocessor took 32.76ms. Allocated memory is still 69.2MB. Free memory was 41.9MB in the beginning and 40.3MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:08:47,260 INFO L158 Benchmark]: RCFGBuilder took 497.85ms. Allocated memory is still 69.2MB. Free memory was 40.3MB in the beginning and 38.6MB in the end (delta: 1.7MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-02-20 18:08:47,261 INFO L158 Benchmark]: TraceAbstraction took 4710.11ms. Allocated memory was 69.2MB in the beginning and 130.0MB in the end (delta: 60.8MB). Free memory was 38.0MB in the beginning and 78.3MB in the end (delta: -40.4MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2022-02-20 18:08:47,262 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.18ms. Allocated memory is still 41.9MB. Free memory was 23.8MB in the beginning and 23.8MB in the end (delta: 34.5kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 540.55ms. Allocated memory was 50.3MB in the beginning and 69.2MB in the end (delta: 18.9MB). Free memory was 31.7MB in the beginning and 44.6MB in the end (delta: -13.0MB). Peak memory consumption was 9.7MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 42.61ms. Allocated memory is still 69.2MB. Free memory was 44.4MB in the beginning and 41.9MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 32.76ms. Allocated memory is still 69.2MB. Free memory was 41.9MB in the beginning and 40.3MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 497.85ms. Allocated memory is still 69.2MB. Free memory was 40.3MB in the beginning and 38.6MB in the end (delta: 1.7MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * TraceAbstraction took 4710.11ms. Allocated memory was 69.2MB in the beginning and 130.0MB in the end (delta: 60.8MB). Free memory was 38.0MB in the beginning and 78.3MB in the end (delta: -40.4MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: AssertionError: callstack broken after backtranslation by InlinerBacktranslator: de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) RESULT: Ultimate could not prove your program: Toolchain returned no result. [2022-02-20 18:08:47,298 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: ERROR: ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator