./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec3_product13.cil.c --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 03d7b7b3 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_product13.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 4e8d46dd9ecc40481581770f17d7ff7eeb44cf0ae7cc4edb04be6d125fad45fc --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 18:08:40,918 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 18:08:40,920 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 18:08:40,944 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 18:08:40,944 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 18:08:40,945 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 18:08:40,946 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 18:08:40,948 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 18:08:40,950 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 18:08:40,951 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 18:08:40,951 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 18:08:40,952 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 18:08:40,953 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 18:08:40,954 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 18:08:40,955 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 18:08:40,956 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 18:08:40,956 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 18:08:40,957 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 18:08:40,959 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 18:08:40,961 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 18:08:40,962 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 18:08:40,965 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 18:08:40,966 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 18:08:40,967 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 18:08:40,972 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 18:08:40,973 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 18:08:40,973 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 18:08:40,974 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 18:08:40,974 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 18:08:40,975 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 18:08:40,975 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 18:08:40,976 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 18:08:40,977 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 18:08:40,977 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 18:08:40,978 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 18:08:40,978 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 18:08:40,979 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 18:08:40,979 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 18:08:40,980 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 18:08:40,980 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 18:08:40,981 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 18:08:40,987 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-02-20 18:08:41,014 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 18:08:41,015 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 18:08:41,015 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 18:08:41,015 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 18:08:41,016 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 18:08:41,016 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 18:08:41,017 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 18:08:41,017 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 18:08:41,017 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 18:08:41,017 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 18:08:41,018 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 18:08:41,018 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 18:08:41,018 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 18:08:41,019 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 18:08:41,019 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-02-20 18:08:41,019 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 18:08:41,019 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-02-20 18:08:41,019 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 18:08:41,020 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-02-20 18:08:41,020 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 18:08:41,020 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-02-20 18:08:41,020 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 18:08:41,020 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 18:08:41,020 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 18:08:41,021 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:08:41,021 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 18:08:41,021 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 18:08:41,021 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-02-20 18:08:41,021 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-02-20 18:08:41,022 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-02-20 18:08:41,022 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2022-02-20 18:08:41,022 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-02-20 18:08:41,022 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-02-20 18:08:41,022 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 4e8d46dd9ecc40481581770f17d7ff7eeb44cf0ae7cc4edb04be6d125fad45fc [2022-02-20 18:08:41,239 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 18:08:41,259 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 18:08:41,261 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 18:08:41,262 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 18:08:41,262 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 18:08:41,263 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_product13.cil.c [2022-02-20 18:08:41,320 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/89971dc33/551a8429b98249cb9ec3de6f7da10f97/FLAGc433b4c33 [2022-02-20 18:08:41,795 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 18:08:41,796 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product13.cil.c [2022-02-20 18:08:41,811 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/89971dc33/551a8429b98249cb9ec3de6f7da10f97/FLAGc433b4c33 [2022-02-20 18:08:41,828 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/89971dc33/551a8429b98249cb9ec3de6f7da10f97 [2022-02-20 18:08:41,829 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 18:08:41,831 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 18:08:41,832 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 18:08:41,832 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 18:08:41,841 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 18:08:41,842 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:08:41" (1/1) ... [2022-02-20 18:08:41,843 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6efa209c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:41, skipping insertion in model container [2022-02-20 18:08:41,843 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:08:41" (1/1) ... [2022-02-20 18:08:41,849 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 18:08:41,886 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:08:42,074 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product13.cil.c[3343,3356] [2022-02-20 18:08:42,151 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:08:42,159 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 18:08:42,179 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product13.cil.c[3343,3356] [2022-02-20 18:08:42,253 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:08:42,277 INFO L208 MainTranslator]: Completed translation [2022-02-20 18:08:42,278 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:42 WrapperNode [2022-02-20 18:08:42,278 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 18:08:42,279 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 18:08:42,280 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 18:08:42,280 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 18:08:42,286 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:42" (1/1) ... [2022-02-20 18:08:42,297 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:42" (1/1) ... [2022-02-20 18:08:42,333 INFO L137 Inliner]: procedures = 51, calls = 151, calls flagged for inlining = 19, calls inlined = 15, statements flattened = 204 [2022-02-20 18:08:42,335 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 18:08:42,336 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 18:08:42,336 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 18:08:42,337 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 18:08:42,344 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:42" (1/1) ... [2022-02-20 18:08:42,344 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:42" (1/1) ... [2022-02-20 18:08:42,358 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:42" (1/1) ... [2022-02-20 18:08:42,360 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:42" (1/1) ... [2022-02-20 18:08:42,364 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:42" (1/1) ... [2022-02-20 18:08:42,372 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:42" (1/1) ... [2022-02-20 18:08:42,373 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:42" (1/1) ... [2022-02-20 18:08:42,375 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 18:08:42,376 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 18:08:42,376 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 18:08:42,376 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 18:08:42,377 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:42" (1/1) ... [2022-02-20 18:08:42,384 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:08:42,392 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 18:08:42,411 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 18:08:42,436 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 18:08:42,457 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 18:08:42,457 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-02-20 18:08:42,457 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-02-20 18:08:42,458 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-02-20 18:08:42,458 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-02-20 18:08:42,458 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-02-20 18:08:42,458 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-02-20 18:08:42,458 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-02-20 18:08:42,459 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-02-20 18:08:42,460 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2022-02-20 18:08:42,460 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2022-02-20 18:08:42,460 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2022-02-20 18:08:42,460 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2022-02-20 18:08:42,460 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-02-20 18:08:42,460 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-02-20 18:08:42,461 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-02-20 18:08:42,461 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 18:08:42,461 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 18:08:42,551 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 18:08:42,553 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 18:08:42,879 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 18:08:42,885 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 18:08:42,886 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-02-20 18:08:42,887 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:08:42 BoogieIcfgContainer [2022-02-20 18:08:42,887 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 18:08:42,889 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 18:08:42,889 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 18:08:42,891 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 18:08:42,891 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 06:08:41" (1/3) ... [2022-02-20 18:08:42,892 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@79e7a5b6 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:08:42, skipping insertion in model container [2022-02-20 18:08:42,892 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:42" (2/3) ... [2022-02-20 18:08:42,893 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@79e7a5b6 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:08:42, skipping insertion in model container [2022-02-20 18:08:42,893 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:08:42" (3/3) ... [2022-02-20 18:08:42,894 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product13.cil.c [2022-02-20 18:08:42,898 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 18:08:42,898 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-02-20 18:08:42,946 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 18:08:42,953 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 18:08:42,953 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-02-20 18:08:42,981 INFO L276 IsEmpty]: Start isEmpty. Operand has 78 states, 58 states have (on average 1.3793103448275863) internal successors, (80), 64 states have internal predecessors, (80), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 10 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:08:42,989 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 18:08:42,989 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:42,990 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:42,991 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:42,997 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:42,997 INFO L85 PathProgramCache]: Analyzing trace with hash -427148648, now seen corresponding path program 1 times [2022-02-20 18:08:43,005 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:08:43,006 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [889033782] [2022-02-20 18:08:43,006 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:43,007 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:08:43,175 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:43,280 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-02-20 18:08:43,287 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:43,303 INFO L290 TraceCheckUtils]: 0: Hoare triple {81#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {81#true} is VALID [2022-02-20 18:08:43,304 INFO L290 TraceCheckUtils]: 1: Hoare triple {81#true} assume true; {81#true} is VALID [2022-02-20 18:08:43,305 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {81#true} {82#false} #200#return; {82#false} is VALID [2022-02-20 18:08:43,311 INFO L290 TraceCheckUtils]: 0: Hoare triple {81#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(13, 9);call #Ultimate.allocInit(3, 10);call write~init~int(79, 10, 0, 1);call write~init~int(110, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(4, 11);call write~init~int(79, 11, 0, 1);call write~init~int(102, 11, 1, 1);call write~init~int(102, 11, 2, 1);call write~init~int(0, 11, 3, 1);call #Ultimate.allocInit(7, 12);call write~init~int(44, 12, 0, 1);call write~init~int(80, 12, 1, 1);call write~init~int(117, 12, 2, 1);call write~init~int(109, 12, 3, 1);call write~init~int(112, 12, 4, 1);call write~init~int(58, 12, 5, 1);call write~init~int(0, 12, 6, 1);call #Ultimate.allocInit(3, 13);call write~init~int(79, 13, 0, 1);call write~init~int(110, 13, 1, 1);call write~init~int(0, 13, 2, 1);call #Ultimate.allocInit(4, 14);call write~init~int(79, 14, 0, 1);call write~init~int(102, 14, 1, 1);call write~init~int(102, 14, 2, 1);call write~init~int(0, 14, 3, 1);call #Ultimate.allocInit(3, 15);call write~init~int(41, 15, 0, 1);call write~init~int(32, 15, 1, 1);call write~init~int(0, 15, 2, 1);call #Ultimate.allocInit(2, 16);call write~init~int(10, 16, 0, 1);call write~init~int(0, 16, 1, 1);call #Ultimate.allocInit(30, 17);call #Ultimate.allocInit(9, 18);call #Ultimate.allocInit(21, 19);call #Ultimate.allocInit(30, 20);call #Ultimate.allocInit(9, 21);call #Ultimate.allocInit(21, 22);call #Ultimate.allocInit(30, 23);call #Ultimate.allocInit(9, 24);call #Ultimate.allocInit(25, 25);call #Ultimate.allocInit(30, 26);call #Ultimate.allocInit(9, 27);call #Ultimate.allocInit(25, 28);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~cleanupTimeShifts~0 := 4;~pumpRunning~0 := 0;~systemActive~0 := 1;~head~0.base, ~head~0.offset := 0, 0; {81#true} is VALID [2022-02-20 18:08:43,311 INFO L290 TraceCheckUtils]: 1: Hoare triple {81#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret10#1, main_~retValue_acc~4#1, main_~tmp~0#1;havoc main_~retValue_acc~4#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {81#true} is VALID [2022-02-20 18:08:43,312 INFO L290 TraceCheckUtils]: 2: Hoare triple {81#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {81#true} is VALID [2022-02-20 18:08:43,312 INFO L290 TraceCheckUtils]: 3: Hoare triple {81#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~3#1;havoc valid_product_~retValue_acc~3#1;valid_product_~retValue_acc~3#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~3#1; {81#true} is VALID [2022-02-20 18:08:43,312 INFO L290 TraceCheckUtils]: 4: Hoare triple {81#true} main_#t~ret10#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret10#1 && main_#t~ret10#1 <= 2147483647;main_~tmp~0#1 := main_#t~ret10#1;havoc main_#t~ret10#1; {81#true} is VALID [2022-02-20 18:08:43,313 INFO L290 TraceCheckUtils]: 5: Hoare triple {81#true} assume 0 != main_~tmp~0#1;assume { :begin_inline_setup } true; {81#true} is VALID [2022-02-20 18:08:43,313 INFO L290 TraceCheckUtils]: 6: Hoare triple {81#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet25#1, test_#t~nondet26#1, test_#t~nondet27#1, test_#t~nondet28#1, test_~splverifierCounter~0#1, test_~tmp~4#1, test_~tmp___0~1#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~4#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {81#true} is VALID [2022-02-20 18:08:43,314 INFO L290 TraceCheckUtils]: 7: Hoare triple {81#true} assume !true; {82#false} is VALID [2022-02-20 18:08:43,314 INFO L272 TraceCheckUtils]: 8: Hoare triple {82#false} call cleanup(); {82#false} is VALID [2022-02-20 18:08:43,317 INFO L290 TraceCheckUtils]: 9: Hoare triple {82#false} havoc ~i~0;havoc ~__cil_tmp2~0; {82#false} is VALID [2022-02-20 18:08:43,317 INFO L272 TraceCheckUtils]: 10: Hoare triple {82#false} call timeShift(); {82#false} is VALID [2022-02-20 18:08:43,318 INFO L290 TraceCheckUtils]: 11: Hoare triple {82#false} assume !(0 != ~pumpRunning~0); {82#false} is VALID [2022-02-20 18:08:43,318 INFO L290 TraceCheckUtils]: 12: Hoare triple {82#false} assume !(0 != ~systemActive~0); {82#false} is VALID [2022-02-20 18:08:43,318 INFO L290 TraceCheckUtils]: 13: Hoare triple {82#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret22#1, __utac_acc__Specification3_spec__1_#t~ret23#1, __utac_acc__Specification3_spec__1_#t~ret24#1, __utac_acc__Specification3_spec__1_~tmp~3#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {82#false} is VALID [2022-02-20 18:08:43,319 INFO L272 TraceCheckUtils]: 14: Hoare triple {82#false} call __utac_acc__Specification3_spec__1_#t~ret22#1 := isMethaneLevelCritical(); {81#true} is VALID [2022-02-20 18:08:43,319 INFO L290 TraceCheckUtils]: 15: Hoare triple {81#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {81#true} is VALID [2022-02-20 18:08:43,319 INFO L290 TraceCheckUtils]: 16: Hoare triple {81#true} assume true; {81#true} is VALID [2022-02-20 18:08:43,320 INFO L284 TraceCheckUtils]: 17: Hoare quadruple {81#true} {82#false} #200#return; {82#false} is VALID [2022-02-20 18:08:43,320 INFO L290 TraceCheckUtils]: 18: Hoare triple {82#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret22#1 && __utac_acc__Specification3_spec__1_#t~ret22#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~3#1 := __utac_acc__Specification3_spec__1_#t~ret22#1;havoc __utac_acc__Specification3_spec__1_#t~ret22#1; {82#false} is VALID [2022-02-20 18:08:43,320 INFO L290 TraceCheckUtils]: 19: Hoare triple {82#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~3#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~1#1;havoc getWaterLevel_~retValue_acc~1#1;getWaterLevel_~retValue_acc~1#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; {82#false} is VALID [2022-02-20 18:08:43,320 INFO L290 TraceCheckUtils]: 20: Hoare triple {82#false} __utac_acc__Specification3_spec__1_#t~ret23#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret23#1 && __utac_acc__Specification3_spec__1_#t~ret23#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret23#1;havoc __utac_acc__Specification3_spec__1_#t~ret23#1; {82#false} is VALID [2022-02-20 18:08:43,322 INFO L290 TraceCheckUtils]: 21: Hoare triple {82#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~6#1;havoc isPumpRunning_~retValue_acc~6#1;isPumpRunning_~retValue_acc~6#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~6#1; {82#false} is VALID [2022-02-20 18:08:43,322 INFO L290 TraceCheckUtils]: 22: Hoare triple {82#false} __utac_acc__Specification3_spec__1_#t~ret24#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret24#1 && __utac_acc__Specification3_spec__1_#t~ret24#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret24#1;havoc __utac_acc__Specification3_spec__1_#t~ret24#1; {82#false} is VALID [2022-02-20 18:08:43,322 INFO L290 TraceCheckUtils]: 23: Hoare triple {82#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {82#false} is VALID [2022-02-20 18:08:43,323 INFO L290 TraceCheckUtils]: 24: Hoare triple {82#false} assume !false; {82#false} is VALID [2022-02-20 18:08:43,323 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:43,324 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:08:43,324 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [889033782] [2022-02-20 18:08:43,325 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [889033782] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:43,325 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:43,325 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:08:43,328 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [206962088] [2022-02-20 18:08:43,329 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:43,334 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:08:43,336 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:43,338 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:43,394 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:43,395 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-02-20 18:08:43,396 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:08:43,417 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-02-20 18:08:43,418 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:08:43,421 INFO L87 Difference]: Start difference. First operand has 78 states, 58 states have (on average 1.3793103448275863) internal successors, (80), 64 states have internal predecessors, (80), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 10 states have call predecessors, (11), 11 states have call successors, (11) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:43,534 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:43,535 INFO L93 Difference]: Finished difference Result 148 states and 199 transitions. [2022-02-20 18:08:43,535 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-02-20 18:08:43,536 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:08:43,536 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:43,537 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:43,556 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 199 transitions. [2022-02-20 18:08:43,567 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:43,582 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 199 transitions. [2022-02-20 18:08:43,590 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 199 transitions. [2022-02-20 18:08:43,808 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 199 edges. 199 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:43,818 INFO L225 Difference]: With dead ends: 148 [2022-02-20 18:08:43,818 INFO L226 Difference]: Without dead ends: 69 [2022-02-20 18:08:43,822 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:08:43,824 INFO L933 BasicCegarLoop]: 96 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 96 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:43,825 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 96 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:43,847 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 69 states. [2022-02-20 18:08:43,861 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 69 to 69. [2022-02-20 18:08:43,861 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:43,862 INFO L82 GeneralOperation]: Start isEquivalent. First operand 69 states. Second operand has 69 states, 51 states have (on average 1.2941176470588236) internal successors, (66), 56 states have internal predecessors, (66), 11 states have call successors, (11), 7 states have call predecessors, (11), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 18:08:43,864 INFO L74 IsIncluded]: Start isIncluded. First operand 69 states. Second operand has 69 states, 51 states have (on average 1.2941176470588236) internal successors, (66), 56 states have internal predecessors, (66), 11 states have call successors, (11), 7 states have call predecessors, (11), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 18:08:43,865 INFO L87 Difference]: Start difference. First operand 69 states. Second operand has 69 states, 51 states have (on average 1.2941176470588236) internal successors, (66), 56 states have internal predecessors, (66), 11 states have call successors, (11), 7 states have call predecessors, (11), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 18:08:43,871 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:43,871 INFO L93 Difference]: Finished difference Result 69 states and 87 transitions. [2022-02-20 18:08:43,872 INFO L276 IsEmpty]: Start isEmpty. Operand 69 states and 87 transitions. [2022-02-20 18:08:43,873 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:43,873 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:43,874 INFO L74 IsIncluded]: Start isIncluded. First operand has 69 states, 51 states have (on average 1.2941176470588236) internal successors, (66), 56 states have internal predecessors, (66), 11 states have call successors, (11), 7 states have call predecessors, (11), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand 69 states. [2022-02-20 18:08:43,874 INFO L87 Difference]: Start difference. First operand has 69 states, 51 states have (on average 1.2941176470588236) internal successors, (66), 56 states have internal predecessors, (66), 11 states have call successors, (11), 7 states have call predecessors, (11), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand 69 states. [2022-02-20 18:08:43,882 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:43,886 INFO L93 Difference]: Finished difference Result 69 states and 87 transitions. [2022-02-20 18:08:43,886 INFO L276 IsEmpty]: Start isEmpty. Operand 69 states and 87 transitions. [2022-02-20 18:08:43,888 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:43,889 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:43,890 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:43,890 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:43,892 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 69 states, 51 states have (on average 1.2941176470588236) internal successors, (66), 56 states have internal predecessors, (66), 11 states have call successors, (11), 7 states have call predecessors, (11), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 18:08:43,896 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 69 states to 69 states and 87 transitions. [2022-02-20 18:08:43,897 INFO L78 Accepts]: Start accepts. Automaton has 69 states and 87 transitions. Word has length 25 [2022-02-20 18:08:43,898 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:43,898 INFO L470 AbstractCegarLoop]: Abstraction has 69 states and 87 transitions. [2022-02-20 18:08:43,898 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:43,899 INFO L276 IsEmpty]: Start isEmpty. Operand 69 states and 87 transitions. [2022-02-20 18:08:43,900 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-02-20 18:08:43,900 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:43,900 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:43,900 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-02-20 18:08:43,901 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:43,901 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:43,901 INFO L85 PathProgramCache]: Analyzing trace with hash 595185369, now seen corresponding path program 1 times [2022-02-20 18:08:43,902 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:08:43,902 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [170330131] [2022-02-20 18:08:43,902 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:43,902 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:08:43,931 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:43,978 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2022-02-20 18:08:43,980 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:43,987 INFO L290 TraceCheckUtils]: 0: Hoare triple {538#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {538#true} is VALID [2022-02-20 18:08:43,987 INFO L290 TraceCheckUtils]: 1: Hoare triple {538#true} assume true; {538#true} is VALID [2022-02-20 18:08:43,987 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {538#true} {539#false} #200#return; {539#false} is VALID [2022-02-20 18:08:43,988 INFO L290 TraceCheckUtils]: 0: Hoare triple {538#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(13, 9);call #Ultimate.allocInit(3, 10);call write~init~int(79, 10, 0, 1);call write~init~int(110, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(4, 11);call write~init~int(79, 11, 0, 1);call write~init~int(102, 11, 1, 1);call write~init~int(102, 11, 2, 1);call write~init~int(0, 11, 3, 1);call #Ultimate.allocInit(7, 12);call write~init~int(44, 12, 0, 1);call write~init~int(80, 12, 1, 1);call write~init~int(117, 12, 2, 1);call write~init~int(109, 12, 3, 1);call write~init~int(112, 12, 4, 1);call write~init~int(58, 12, 5, 1);call write~init~int(0, 12, 6, 1);call #Ultimate.allocInit(3, 13);call write~init~int(79, 13, 0, 1);call write~init~int(110, 13, 1, 1);call write~init~int(0, 13, 2, 1);call #Ultimate.allocInit(4, 14);call write~init~int(79, 14, 0, 1);call write~init~int(102, 14, 1, 1);call write~init~int(102, 14, 2, 1);call write~init~int(0, 14, 3, 1);call #Ultimate.allocInit(3, 15);call write~init~int(41, 15, 0, 1);call write~init~int(32, 15, 1, 1);call write~init~int(0, 15, 2, 1);call #Ultimate.allocInit(2, 16);call write~init~int(10, 16, 0, 1);call write~init~int(0, 16, 1, 1);call #Ultimate.allocInit(30, 17);call #Ultimate.allocInit(9, 18);call #Ultimate.allocInit(21, 19);call #Ultimate.allocInit(30, 20);call #Ultimate.allocInit(9, 21);call #Ultimate.allocInit(21, 22);call #Ultimate.allocInit(30, 23);call #Ultimate.allocInit(9, 24);call #Ultimate.allocInit(25, 25);call #Ultimate.allocInit(30, 26);call #Ultimate.allocInit(9, 27);call #Ultimate.allocInit(25, 28);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~cleanupTimeShifts~0 := 4;~pumpRunning~0 := 0;~systemActive~0 := 1;~head~0.base, ~head~0.offset := 0, 0; {538#true} is VALID [2022-02-20 18:08:43,988 INFO L290 TraceCheckUtils]: 1: Hoare triple {538#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret10#1, main_~retValue_acc~4#1, main_~tmp~0#1;havoc main_~retValue_acc~4#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {538#true} is VALID [2022-02-20 18:08:43,988 INFO L290 TraceCheckUtils]: 2: Hoare triple {538#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {538#true} is VALID [2022-02-20 18:08:43,989 INFO L290 TraceCheckUtils]: 3: Hoare triple {538#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~3#1;havoc valid_product_~retValue_acc~3#1;valid_product_~retValue_acc~3#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~3#1; {538#true} is VALID [2022-02-20 18:08:43,989 INFO L290 TraceCheckUtils]: 4: Hoare triple {538#true} main_#t~ret10#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret10#1 && main_#t~ret10#1 <= 2147483647;main_~tmp~0#1 := main_#t~ret10#1;havoc main_#t~ret10#1; {538#true} is VALID [2022-02-20 18:08:43,989 INFO L290 TraceCheckUtils]: 5: Hoare triple {538#true} assume 0 != main_~tmp~0#1;assume { :begin_inline_setup } true; {538#true} is VALID [2022-02-20 18:08:43,990 INFO L290 TraceCheckUtils]: 6: Hoare triple {538#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet25#1, test_#t~nondet26#1, test_#t~nondet27#1, test_#t~nondet28#1, test_~splverifierCounter~0#1, test_~tmp~4#1, test_~tmp___0~1#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~4#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {540#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:08:43,990 INFO L290 TraceCheckUtils]: 7: Hoare triple {540#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !false; {540#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:08:43,991 INFO L290 TraceCheckUtils]: 8: Hoare triple {540#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !(test_~splverifierCounter~0#1 < 4); {539#false} is VALID [2022-02-20 18:08:43,991 INFO L272 TraceCheckUtils]: 9: Hoare triple {539#false} call cleanup(); {539#false} is VALID [2022-02-20 18:08:43,991 INFO L290 TraceCheckUtils]: 10: Hoare triple {539#false} havoc ~i~0;havoc ~__cil_tmp2~0; {539#false} is VALID [2022-02-20 18:08:43,992 INFO L272 TraceCheckUtils]: 11: Hoare triple {539#false} call timeShift(); {539#false} is VALID [2022-02-20 18:08:43,992 INFO L290 TraceCheckUtils]: 12: Hoare triple {539#false} assume !(0 != ~pumpRunning~0); {539#false} is VALID [2022-02-20 18:08:43,992 INFO L290 TraceCheckUtils]: 13: Hoare triple {539#false} assume !(0 != ~systemActive~0); {539#false} is VALID [2022-02-20 18:08:43,992 INFO L290 TraceCheckUtils]: 14: Hoare triple {539#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret22#1, __utac_acc__Specification3_spec__1_#t~ret23#1, __utac_acc__Specification3_spec__1_#t~ret24#1, __utac_acc__Specification3_spec__1_~tmp~3#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {539#false} is VALID [2022-02-20 18:08:43,993 INFO L272 TraceCheckUtils]: 15: Hoare triple {539#false} call __utac_acc__Specification3_spec__1_#t~ret22#1 := isMethaneLevelCritical(); {538#true} is VALID [2022-02-20 18:08:43,993 INFO L290 TraceCheckUtils]: 16: Hoare triple {538#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {538#true} is VALID [2022-02-20 18:08:43,993 INFO L290 TraceCheckUtils]: 17: Hoare triple {538#true} assume true; {538#true} is VALID [2022-02-20 18:08:43,996 INFO L284 TraceCheckUtils]: 18: Hoare quadruple {538#true} {539#false} #200#return; {539#false} is VALID [2022-02-20 18:08:43,996 INFO L290 TraceCheckUtils]: 19: Hoare triple {539#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret22#1 && __utac_acc__Specification3_spec__1_#t~ret22#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~3#1 := __utac_acc__Specification3_spec__1_#t~ret22#1;havoc __utac_acc__Specification3_spec__1_#t~ret22#1; {539#false} is VALID [2022-02-20 18:08:43,996 INFO L290 TraceCheckUtils]: 20: Hoare triple {539#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~3#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~1#1;havoc getWaterLevel_~retValue_acc~1#1;getWaterLevel_~retValue_acc~1#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; {539#false} is VALID [2022-02-20 18:08:43,997 INFO L290 TraceCheckUtils]: 21: Hoare triple {539#false} __utac_acc__Specification3_spec__1_#t~ret23#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret23#1 && __utac_acc__Specification3_spec__1_#t~ret23#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret23#1;havoc __utac_acc__Specification3_spec__1_#t~ret23#1; {539#false} is VALID [2022-02-20 18:08:43,997 INFO L290 TraceCheckUtils]: 22: Hoare triple {539#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~6#1;havoc isPumpRunning_~retValue_acc~6#1;isPumpRunning_~retValue_acc~6#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~6#1; {539#false} is VALID [2022-02-20 18:08:43,998 INFO L290 TraceCheckUtils]: 23: Hoare triple {539#false} __utac_acc__Specification3_spec__1_#t~ret24#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret24#1 && __utac_acc__Specification3_spec__1_#t~ret24#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret24#1;havoc __utac_acc__Specification3_spec__1_#t~ret24#1; {539#false} is VALID [2022-02-20 18:08:43,998 INFO L290 TraceCheckUtils]: 24: Hoare triple {539#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {539#false} is VALID [2022-02-20 18:08:43,999 INFO L290 TraceCheckUtils]: 25: Hoare triple {539#false} assume !false; {539#false} is VALID [2022-02-20 18:08:44,000 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:44,001 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:08:44,001 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [170330131] [2022-02-20 18:08:44,001 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [170330131] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:44,001 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:44,002 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:08:44,002 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1069203317] [2022-02-20 18:08:44,002 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:44,003 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:08:44,005 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:44,005 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:44,028 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 26 edges. 26 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:44,028 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:08:44,029 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:08:44,030 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:08:44,030 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:44,030 INFO L87 Difference]: Start difference. First operand 69 states and 87 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:44,138 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:44,138 INFO L93 Difference]: Finished difference Result 104 states and 130 transitions. [2022-02-20 18:08:44,138 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:08:44,139 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:08:44,139 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:44,139 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:44,143 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 130 transitions. [2022-02-20 18:08:44,144 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:44,147 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 130 transitions. [2022-02-20 18:08:44,147 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 130 transitions. [2022-02-20 18:08:44,261 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 130 edges. 130 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:44,264 INFO L225 Difference]: With dead ends: 104 [2022-02-20 18:08:44,264 INFO L226 Difference]: Without dead ends: 60 [2022-02-20 18:08:44,265 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:44,266 INFO L933 BasicCegarLoop]: 74 mSDtfsCounter, 12 mSDsluCounter, 58 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 132 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:44,267 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [15 Valid, 132 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:44,267 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 60 states. [2022-02-20 18:08:44,272 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 60 to 60. [2022-02-20 18:08:44,272 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:44,273 INFO L82 GeneralOperation]: Start isEquivalent. First operand 60 states. Second operand has 60 states, 45 states have (on average 1.3111111111111111) internal successors, (59), 50 states have internal predecessors, (59), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:08:44,273 INFO L74 IsIncluded]: Start isIncluded. First operand 60 states. Second operand has 60 states, 45 states have (on average 1.3111111111111111) internal successors, (59), 50 states have internal predecessors, (59), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:08:44,274 INFO L87 Difference]: Start difference. First operand 60 states. Second operand has 60 states, 45 states have (on average 1.3111111111111111) internal successors, (59), 50 states have internal predecessors, (59), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:08:44,277 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:44,277 INFO L93 Difference]: Finished difference Result 60 states and 75 transitions. [2022-02-20 18:08:44,277 INFO L276 IsEmpty]: Start isEmpty. Operand 60 states and 75 transitions. [2022-02-20 18:08:44,278 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:44,278 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:44,278 INFO L74 IsIncluded]: Start isIncluded. First operand has 60 states, 45 states have (on average 1.3111111111111111) internal successors, (59), 50 states have internal predecessors, (59), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) Second operand 60 states. [2022-02-20 18:08:44,279 INFO L87 Difference]: Start difference. First operand has 60 states, 45 states have (on average 1.3111111111111111) internal successors, (59), 50 states have internal predecessors, (59), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) Second operand 60 states. [2022-02-20 18:08:44,281 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:44,281 INFO L93 Difference]: Finished difference Result 60 states and 75 transitions. [2022-02-20 18:08:44,281 INFO L276 IsEmpty]: Start isEmpty. Operand 60 states and 75 transitions. [2022-02-20 18:08:44,282 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:44,282 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:44,282 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:44,282 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:44,283 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 60 states, 45 states have (on average 1.3111111111111111) internal successors, (59), 50 states have internal predecessors, (59), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:08:44,285 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 60 states to 60 states and 75 transitions. [2022-02-20 18:08:44,285 INFO L78 Accepts]: Start accepts. Automaton has 60 states and 75 transitions. Word has length 26 [2022-02-20 18:08:44,285 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:44,286 INFO L470 AbstractCegarLoop]: Abstraction has 60 states and 75 transitions. [2022-02-20 18:08:44,286 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:44,286 INFO L276 IsEmpty]: Start isEmpty. Operand 60 states and 75 transitions. [2022-02-20 18:08:44,287 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-02-20 18:08:44,287 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:44,287 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:44,287 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-02-20 18:08:44,288 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:44,288 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:44,288 INFO L85 PathProgramCache]: Analyzing trace with hash -2103466448, now seen corresponding path program 1 times [2022-02-20 18:08:44,289 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:08:44,289 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1666740319] [2022-02-20 18:08:44,289 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:44,289 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:08:44,318 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:44,368 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-02-20 18:08:44,370 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:44,372 INFO L290 TraceCheckUtils]: 0: Hoare triple {900#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {900#true} is VALID [2022-02-20 18:08:44,373 INFO L290 TraceCheckUtils]: 1: Hoare triple {900#true} assume true; {900#true} is VALID [2022-02-20 18:08:44,373 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {900#true} {901#false} #200#return; {901#false} is VALID [2022-02-20 18:08:44,375 INFO L290 TraceCheckUtils]: 0: Hoare triple {900#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(13, 9);call #Ultimate.allocInit(3, 10);call write~init~int(79, 10, 0, 1);call write~init~int(110, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(4, 11);call write~init~int(79, 11, 0, 1);call write~init~int(102, 11, 1, 1);call write~init~int(102, 11, 2, 1);call write~init~int(0, 11, 3, 1);call #Ultimate.allocInit(7, 12);call write~init~int(44, 12, 0, 1);call write~init~int(80, 12, 1, 1);call write~init~int(117, 12, 2, 1);call write~init~int(109, 12, 3, 1);call write~init~int(112, 12, 4, 1);call write~init~int(58, 12, 5, 1);call write~init~int(0, 12, 6, 1);call #Ultimate.allocInit(3, 13);call write~init~int(79, 13, 0, 1);call write~init~int(110, 13, 1, 1);call write~init~int(0, 13, 2, 1);call #Ultimate.allocInit(4, 14);call write~init~int(79, 14, 0, 1);call write~init~int(102, 14, 1, 1);call write~init~int(102, 14, 2, 1);call write~init~int(0, 14, 3, 1);call #Ultimate.allocInit(3, 15);call write~init~int(41, 15, 0, 1);call write~init~int(32, 15, 1, 1);call write~init~int(0, 15, 2, 1);call #Ultimate.allocInit(2, 16);call write~init~int(10, 16, 0, 1);call write~init~int(0, 16, 1, 1);call #Ultimate.allocInit(30, 17);call #Ultimate.allocInit(9, 18);call #Ultimate.allocInit(21, 19);call #Ultimate.allocInit(30, 20);call #Ultimate.allocInit(9, 21);call #Ultimate.allocInit(21, 22);call #Ultimate.allocInit(30, 23);call #Ultimate.allocInit(9, 24);call #Ultimate.allocInit(25, 25);call #Ultimate.allocInit(30, 26);call #Ultimate.allocInit(9, 27);call #Ultimate.allocInit(25, 28);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~cleanupTimeShifts~0 := 4;~pumpRunning~0 := 0;~systemActive~0 := 1;~head~0.base, ~head~0.offset := 0, 0; {902#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:08:44,376 INFO L290 TraceCheckUtils]: 1: Hoare triple {902#(= 1 ~systemActive~0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret10#1, main_~retValue_acc~4#1, main_~tmp~0#1;havoc main_~retValue_acc~4#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {902#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:08:44,377 INFO L290 TraceCheckUtils]: 2: Hoare triple {902#(= 1 ~systemActive~0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {902#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:08:44,377 INFO L290 TraceCheckUtils]: 3: Hoare triple {902#(= 1 ~systemActive~0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~3#1;havoc valid_product_~retValue_acc~3#1;valid_product_~retValue_acc~3#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~3#1; {903#(= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)} is VALID [2022-02-20 18:08:44,378 INFO L290 TraceCheckUtils]: 4: Hoare triple {903#(= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)} main_#t~ret10#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret10#1 && main_#t~ret10#1 <= 2147483647;main_~tmp~0#1 := main_#t~ret10#1;havoc main_#t~ret10#1; {904#(= |ULTIMATE.start_main_~tmp~0#1| ~systemActive~0)} is VALID [2022-02-20 18:08:44,378 INFO L290 TraceCheckUtils]: 5: Hoare triple {904#(= |ULTIMATE.start_main_~tmp~0#1| ~systemActive~0)} assume 0 != main_~tmp~0#1;assume { :begin_inline_setup } true; {905#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:44,379 INFO L290 TraceCheckUtils]: 6: Hoare triple {905#(not (= 0 ~systemActive~0))} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet25#1, test_#t~nondet26#1, test_#t~nondet27#1, test_#t~nondet28#1, test_~splverifierCounter~0#1, test_~tmp~4#1, test_~tmp___0~1#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~4#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {905#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:44,379 INFO L290 TraceCheckUtils]: 7: Hoare triple {905#(not (= 0 ~systemActive~0))} assume !false; {905#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:44,380 INFO L290 TraceCheckUtils]: 8: Hoare triple {905#(not (= 0 ~systemActive~0))} assume test_~splverifierCounter~0#1 < 4; {905#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:44,380 INFO L290 TraceCheckUtils]: 9: Hoare triple {905#(not (= 0 ~systemActive~0))} assume -2147483648 <= test_#t~nondet25#1 && test_#t~nondet25#1 <= 2147483647;test_~tmp~4#1 := test_#t~nondet25#1;havoc test_#t~nondet25#1; {905#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:44,381 INFO L290 TraceCheckUtils]: 10: Hoare triple {905#(not (= 0 ~systemActive~0))} assume !(0 != test_~tmp~4#1); {905#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:44,382 INFO L290 TraceCheckUtils]: 11: Hoare triple {905#(not (= 0 ~systemActive~0))} assume -2147483648 <= test_#t~nondet26#1 && test_#t~nondet26#1 <= 2147483647;test_~tmp___0~1#1 := test_#t~nondet26#1;havoc test_#t~nondet26#1; {905#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:44,382 INFO L290 TraceCheckUtils]: 12: Hoare triple {905#(not (= 0 ~systemActive~0))} assume !(0 != test_~tmp___0~1#1); {905#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:44,383 INFO L290 TraceCheckUtils]: 13: Hoare triple {905#(not (= 0 ~systemActive~0))} assume -2147483648 <= test_#t~nondet27#1 && test_#t~nondet27#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet27#1;havoc test_#t~nondet27#1; {905#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:44,383 INFO L290 TraceCheckUtils]: 14: Hoare triple {905#(not (= 0 ~systemActive~0))} assume 0 != test_~tmp___2~0#1; {905#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:44,384 INFO L272 TraceCheckUtils]: 15: Hoare triple {905#(not (= 0 ~systemActive~0))} call timeShift(); {905#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:44,384 INFO L290 TraceCheckUtils]: 16: Hoare triple {905#(not (= 0 ~systemActive~0))} assume !(0 != ~pumpRunning~0); {905#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:08:44,385 INFO L290 TraceCheckUtils]: 17: Hoare triple {905#(not (= 0 ~systemActive~0))} assume !(0 != ~systemActive~0); {901#false} is VALID [2022-02-20 18:08:44,385 INFO L290 TraceCheckUtils]: 18: Hoare triple {901#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret22#1, __utac_acc__Specification3_spec__1_#t~ret23#1, __utac_acc__Specification3_spec__1_#t~ret24#1, __utac_acc__Specification3_spec__1_~tmp~3#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {901#false} is VALID [2022-02-20 18:08:44,385 INFO L272 TraceCheckUtils]: 19: Hoare triple {901#false} call __utac_acc__Specification3_spec__1_#t~ret22#1 := isMethaneLevelCritical(); {900#true} is VALID [2022-02-20 18:08:44,386 INFO L290 TraceCheckUtils]: 20: Hoare triple {900#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {900#true} is VALID [2022-02-20 18:08:44,386 INFO L290 TraceCheckUtils]: 21: Hoare triple {900#true} assume true; {900#true} is VALID [2022-02-20 18:08:44,386 INFO L284 TraceCheckUtils]: 22: Hoare quadruple {900#true} {901#false} #200#return; {901#false} is VALID [2022-02-20 18:08:44,386 INFO L290 TraceCheckUtils]: 23: Hoare triple {901#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret22#1 && __utac_acc__Specification3_spec__1_#t~ret22#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~3#1 := __utac_acc__Specification3_spec__1_#t~ret22#1;havoc __utac_acc__Specification3_spec__1_#t~ret22#1; {901#false} is VALID [2022-02-20 18:08:44,386 INFO L290 TraceCheckUtils]: 24: Hoare triple {901#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~3#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~1#1;havoc getWaterLevel_~retValue_acc~1#1;getWaterLevel_~retValue_acc~1#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; {901#false} is VALID [2022-02-20 18:08:44,387 INFO L290 TraceCheckUtils]: 25: Hoare triple {901#false} __utac_acc__Specification3_spec__1_#t~ret23#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret23#1 && __utac_acc__Specification3_spec__1_#t~ret23#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret23#1;havoc __utac_acc__Specification3_spec__1_#t~ret23#1; {901#false} is VALID [2022-02-20 18:08:44,387 INFO L290 TraceCheckUtils]: 26: Hoare triple {901#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~6#1;havoc isPumpRunning_~retValue_acc~6#1;isPumpRunning_~retValue_acc~6#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~6#1; {901#false} is VALID [2022-02-20 18:08:44,387 INFO L290 TraceCheckUtils]: 27: Hoare triple {901#false} __utac_acc__Specification3_spec__1_#t~ret24#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret24#1 && __utac_acc__Specification3_spec__1_#t~ret24#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret24#1;havoc __utac_acc__Specification3_spec__1_#t~ret24#1; {901#false} is VALID [2022-02-20 18:08:44,387 INFO L290 TraceCheckUtils]: 28: Hoare triple {901#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {901#false} is VALID [2022-02-20 18:08:44,388 INFO L290 TraceCheckUtils]: 29: Hoare triple {901#false} assume !false; {901#false} is VALID [2022-02-20 18:08:44,388 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:44,388 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:08:44,389 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1666740319] [2022-02-20 18:08:44,389 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1666740319] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:44,389 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:44,389 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 18:08:44,389 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1248199288] [2022-02-20 18:08:44,390 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:44,390 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:08:44,390 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:44,391 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:44,416 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 30 edges. 30 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:44,417 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 18:08:44,417 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:08:44,418 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 18:08:44,418 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-02-20 18:08:44,418 INFO L87 Difference]: Start difference. First operand 60 states and 75 transitions. Second operand has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:44,702 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:44,703 INFO L93 Difference]: Finished difference Result 113 states and 144 transitions. [2022-02-20 18:08:44,703 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 18:08:44,703 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:08:44,703 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:44,704 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:44,710 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 144 transitions. [2022-02-20 18:08:44,710 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:44,716 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 144 transitions. [2022-02-20 18:08:44,717 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 144 transitions. [2022-02-20 18:08:44,840 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 144 edges. 144 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:44,842 INFO L225 Difference]: With dead ends: 113 [2022-02-20 18:08:44,842 INFO L226 Difference]: Without dead ends: 60 [2022-02-20 18:08:44,843 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2022-02-20 18:08:44,844 INFO L933 BasicCegarLoop]: 68 mSDtfsCounter, 101 mSDsluCounter, 78 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 101 SdHoareTripleChecker+Valid, 146 SdHoareTripleChecker+Invalid, 47 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:44,845 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [101 Valid, 146 Invalid, 47 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 18:08:44,846 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 60 states. [2022-02-20 18:08:44,850 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 60 to 60. [2022-02-20 18:08:44,850 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:44,851 INFO L82 GeneralOperation]: Start isEquivalent. First operand 60 states. Second operand has 60 states, 45 states have (on average 1.288888888888889) internal successors, (58), 50 states have internal predecessors, (58), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:08:44,851 INFO L74 IsIncluded]: Start isIncluded. First operand 60 states. Second operand has 60 states, 45 states have (on average 1.288888888888889) internal successors, (58), 50 states have internal predecessors, (58), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:08:44,851 INFO L87 Difference]: Start difference. First operand 60 states. Second operand has 60 states, 45 states have (on average 1.288888888888889) internal successors, (58), 50 states have internal predecessors, (58), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:08:44,854 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:44,854 INFO L93 Difference]: Finished difference Result 60 states and 74 transitions. [2022-02-20 18:08:44,854 INFO L276 IsEmpty]: Start isEmpty. Operand 60 states and 74 transitions. [2022-02-20 18:08:44,855 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:44,855 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:44,855 INFO L74 IsIncluded]: Start isIncluded. First operand has 60 states, 45 states have (on average 1.288888888888889) internal successors, (58), 50 states have internal predecessors, (58), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) Second operand 60 states. [2022-02-20 18:08:44,856 INFO L87 Difference]: Start difference. First operand has 60 states, 45 states have (on average 1.288888888888889) internal successors, (58), 50 states have internal predecessors, (58), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) Second operand 60 states. [2022-02-20 18:08:44,858 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:44,858 INFO L93 Difference]: Finished difference Result 60 states and 74 transitions. [2022-02-20 18:08:44,858 INFO L276 IsEmpty]: Start isEmpty. Operand 60 states and 74 transitions. [2022-02-20 18:08:44,859 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:44,859 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:44,859 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:44,859 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:44,860 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 60 states, 45 states have (on average 1.288888888888889) internal successors, (58), 50 states have internal predecessors, (58), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:08:44,862 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 60 states to 60 states and 74 transitions. [2022-02-20 18:08:44,862 INFO L78 Accepts]: Start accepts. Automaton has 60 states and 74 transitions. Word has length 30 [2022-02-20 18:08:44,862 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:44,862 INFO L470 AbstractCegarLoop]: Abstraction has 60 states and 74 transitions. [2022-02-20 18:08:44,863 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:44,863 INFO L276 IsEmpty]: Start isEmpty. Operand 60 states and 74 transitions. [2022-02-20 18:08:44,864 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2022-02-20 18:08:44,864 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:44,864 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:44,864 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-02-20 18:08:44,865 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:44,865 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:44,865 INFO L85 PathProgramCache]: Analyzing trace with hash -911409767, now seen corresponding path program 1 times [2022-02-20 18:08:44,865 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:08:44,866 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [696525703] [2022-02-20 18:08:44,866 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:44,866 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:08:44,892 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:44,957 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-02-20 18:08:44,959 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:44,962 INFO L290 TraceCheckUtils]: 0: Hoare triple {1279#true} assume true; {1279#true} is VALID [2022-02-20 18:08:44,963 INFO L284 TraceCheckUtils]: 1: Hoare quadruple {1279#true} {1281#(= ~waterLevel~0 1)} #198#return; {1281#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:44,963 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-02-20 18:08:44,968 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:44,971 INFO L290 TraceCheckUtils]: 0: Hoare triple {1279#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {1279#true} is VALID [2022-02-20 18:08:44,972 INFO L290 TraceCheckUtils]: 1: Hoare triple {1279#true} assume true; {1279#true} is VALID [2022-02-20 18:08:44,973 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1279#true} {1281#(= ~waterLevel~0 1)} #200#return; {1281#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:44,974 INFO L290 TraceCheckUtils]: 0: Hoare triple {1279#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(13, 9);call #Ultimate.allocInit(3, 10);call write~init~int(79, 10, 0, 1);call write~init~int(110, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(4, 11);call write~init~int(79, 11, 0, 1);call write~init~int(102, 11, 1, 1);call write~init~int(102, 11, 2, 1);call write~init~int(0, 11, 3, 1);call #Ultimate.allocInit(7, 12);call write~init~int(44, 12, 0, 1);call write~init~int(80, 12, 1, 1);call write~init~int(117, 12, 2, 1);call write~init~int(109, 12, 3, 1);call write~init~int(112, 12, 4, 1);call write~init~int(58, 12, 5, 1);call write~init~int(0, 12, 6, 1);call #Ultimate.allocInit(3, 13);call write~init~int(79, 13, 0, 1);call write~init~int(110, 13, 1, 1);call write~init~int(0, 13, 2, 1);call #Ultimate.allocInit(4, 14);call write~init~int(79, 14, 0, 1);call write~init~int(102, 14, 1, 1);call write~init~int(102, 14, 2, 1);call write~init~int(0, 14, 3, 1);call #Ultimate.allocInit(3, 15);call write~init~int(41, 15, 0, 1);call write~init~int(32, 15, 1, 1);call write~init~int(0, 15, 2, 1);call #Ultimate.allocInit(2, 16);call write~init~int(10, 16, 0, 1);call write~init~int(0, 16, 1, 1);call #Ultimate.allocInit(30, 17);call #Ultimate.allocInit(9, 18);call #Ultimate.allocInit(21, 19);call #Ultimate.allocInit(30, 20);call #Ultimate.allocInit(9, 21);call #Ultimate.allocInit(21, 22);call #Ultimate.allocInit(30, 23);call #Ultimate.allocInit(9, 24);call #Ultimate.allocInit(25, 25);call #Ultimate.allocInit(30, 26);call #Ultimate.allocInit(9, 27);call #Ultimate.allocInit(25, 28);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~cleanupTimeShifts~0 := 4;~pumpRunning~0 := 0;~systemActive~0 := 1;~head~0.base, ~head~0.offset := 0, 0; {1281#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:44,978 INFO L290 TraceCheckUtils]: 1: Hoare triple {1281#(= ~waterLevel~0 1)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret10#1, main_~retValue_acc~4#1, main_~tmp~0#1;havoc main_~retValue_acc~4#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {1281#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:44,978 INFO L290 TraceCheckUtils]: 2: Hoare triple {1281#(= ~waterLevel~0 1)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1281#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:44,979 INFO L290 TraceCheckUtils]: 3: Hoare triple {1281#(= ~waterLevel~0 1)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~3#1;havoc valid_product_~retValue_acc~3#1;valid_product_~retValue_acc~3#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~3#1; {1281#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:44,979 INFO L290 TraceCheckUtils]: 4: Hoare triple {1281#(= ~waterLevel~0 1)} main_#t~ret10#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret10#1 && main_#t~ret10#1 <= 2147483647;main_~tmp~0#1 := main_#t~ret10#1;havoc main_#t~ret10#1; {1281#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:44,979 INFO L290 TraceCheckUtils]: 5: Hoare triple {1281#(= ~waterLevel~0 1)} assume 0 != main_~tmp~0#1;assume { :begin_inline_setup } true; {1281#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:44,980 INFO L290 TraceCheckUtils]: 6: Hoare triple {1281#(= ~waterLevel~0 1)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet25#1, test_#t~nondet26#1, test_#t~nondet27#1, test_#t~nondet28#1, test_~splverifierCounter~0#1, test_~tmp~4#1, test_~tmp___0~1#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~4#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {1281#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:44,980 INFO L290 TraceCheckUtils]: 7: Hoare triple {1281#(= ~waterLevel~0 1)} assume !false; {1281#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:44,981 INFO L290 TraceCheckUtils]: 8: Hoare triple {1281#(= ~waterLevel~0 1)} assume test_~splverifierCounter~0#1 < 4; {1281#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:44,982 INFO L290 TraceCheckUtils]: 9: Hoare triple {1281#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet25#1 && test_#t~nondet25#1 <= 2147483647;test_~tmp~4#1 := test_#t~nondet25#1;havoc test_#t~nondet25#1; {1281#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:44,982 INFO L290 TraceCheckUtils]: 10: Hoare triple {1281#(= ~waterLevel~0 1)} assume !(0 != test_~tmp~4#1); {1281#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:44,983 INFO L290 TraceCheckUtils]: 11: Hoare triple {1281#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet26#1 && test_#t~nondet26#1 <= 2147483647;test_~tmp___0~1#1 := test_#t~nondet26#1;havoc test_#t~nondet26#1; {1281#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:44,983 INFO L290 TraceCheckUtils]: 12: Hoare triple {1281#(= ~waterLevel~0 1)} assume !(0 != test_~tmp___0~1#1); {1281#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:44,984 INFO L290 TraceCheckUtils]: 13: Hoare triple {1281#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet27#1 && test_#t~nondet27#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet27#1;havoc test_#t~nondet27#1; {1281#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:44,984 INFO L290 TraceCheckUtils]: 14: Hoare triple {1281#(= ~waterLevel~0 1)} assume 0 != test_~tmp___2~0#1; {1281#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:44,984 INFO L272 TraceCheckUtils]: 15: Hoare triple {1281#(= ~waterLevel~0 1)} call timeShift(); {1281#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:44,990 INFO L290 TraceCheckUtils]: 16: Hoare triple {1281#(= ~waterLevel~0 1)} assume !(0 != ~pumpRunning~0); {1281#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:44,991 INFO L290 TraceCheckUtils]: 17: Hoare triple {1281#(= ~waterLevel~0 1)} assume 0 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret11#1, processEnvironment_~tmp~1#1;havoc processEnvironment_~tmp~1#1; {1281#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:44,991 INFO L290 TraceCheckUtils]: 18: Hoare triple {1281#(= ~waterLevel~0 1)} assume !(0 != ~pumpRunning~0); {1281#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:44,991 INFO L272 TraceCheckUtils]: 19: Hoare triple {1281#(= ~waterLevel~0 1)} call processEnvironment__wrappee__methaneQuery(); {1279#true} is VALID [2022-02-20 18:08:44,991 INFO L290 TraceCheckUtils]: 20: Hoare triple {1279#true} assume true; {1279#true} is VALID [2022-02-20 18:08:44,992 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {1279#true} {1281#(= ~waterLevel~0 1)} #198#return; {1281#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:44,992 INFO L290 TraceCheckUtils]: 22: Hoare triple {1281#(= ~waterLevel~0 1)} assume { :end_inline_processEnvironment } true; {1281#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:44,993 INFO L290 TraceCheckUtils]: 23: Hoare triple {1281#(= ~waterLevel~0 1)} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret22#1, __utac_acc__Specification3_spec__1_#t~ret23#1, __utac_acc__Specification3_spec__1_#t~ret24#1, __utac_acc__Specification3_spec__1_~tmp~3#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {1281#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:44,993 INFO L272 TraceCheckUtils]: 24: Hoare triple {1281#(= ~waterLevel~0 1)} call __utac_acc__Specification3_spec__1_#t~ret22#1 := isMethaneLevelCritical(); {1279#true} is VALID [2022-02-20 18:08:44,993 INFO L290 TraceCheckUtils]: 25: Hoare triple {1279#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {1279#true} is VALID [2022-02-20 18:08:44,994 INFO L290 TraceCheckUtils]: 26: Hoare triple {1279#true} assume true; {1279#true} is VALID [2022-02-20 18:08:44,994 INFO L284 TraceCheckUtils]: 27: Hoare quadruple {1279#true} {1281#(= ~waterLevel~0 1)} #200#return; {1281#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:44,995 INFO L290 TraceCheckUtils]: 28: Hoare triple {1281#(= ~waterLevel~0 1)} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret22#1 && __utac_acc__Specification3_spec__1_#t~ret22#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~3#1 := __utac_acc__Specification3_spec__1_#t~ret22#1;havoc __utac_acc__Specification3_spec__1_#t~ret22#1; {1281#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:44,995 INFO L290 TraceCheckUtils]: 29: Hoare triple {1281#(= ~waterLevel~0 1)} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~3#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~1#1;havoc getWaterLevel_~retValue_acc~1#1;getWaterLevel_~retValue_acc~1#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; {1287#(= |timeShift_getWaterLevel_#res#1| 1)} is VALID [2022-02-20 18:08:44,996 INFO L290 TraceCheckUtils]: 30: Hoare triple {1287#(= |timeShift_getWaterLevel_#res#1| 1)} __utac_acc__Specification3_spec__1_#t~ret23#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret23#1 && __utac_acc__Specification3_spec__1_#t~ret23#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret23#1;havoc __utac_acc__Specification3_spec__1_#t~ret23#1; {1288#(= (+ (- 1) |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1|) 0)} is VALID [2022-02-20 18:08:44,996 INFO L290 TraceCheckUtils]: 31: Hoare triple {1288#(= (+ (- 1) |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1|) 0)} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~6#1;havoc isPumpRunning_~retValue_acc~6#1;isPumpRunning_~retValue_acc~6#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~6#1; {1280#false} is VALID [2022-02-20 18:08:44,997 INFO L290 TraceCheckUtils]: 32: Hoare triple {1280#false} __utac_acc__Specification3_spec__1_#t~ret24#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret24#1 && __utac_acc__Specification3_spec__1_#t~ret24#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret24#1;havoc __utac_acc__Specification3_spec__1_#t~ret24#1; {1280#false} is VALID [2022-02-20 18:08:44,997 INFO L290 TraceCheckUtils]: 33: Hoare triple {1280#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {1280#false} is VALID [2022-02-20 18:08:44,997 INFO L290 TraceCheckUtils]: 34: Hoare triple {1280#false} assume !false; {1280#false} is VALID [2022-02-20 18:08:44,998 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:44,998 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:08:45,001 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [696525703] [2022-02-20 18:08:45,001 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [696525703] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:45,001 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:45,001 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 18:08:45,002 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1403094955] [2022-02-20 18:08:45,002 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:45,002 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 35 [2022-02-20 18:08:45,003 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:45,003 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:45,028 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 35 edges. 35 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:45,029 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 18:08:45,029 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:08:45,029 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 18:08:45,030 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 18:08:45,030 INFO L87 Difference]: Start difference. First operand 60 states and 74 transitions. Second operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:45,263 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:45,263 INFO L93 Difference]: Finished difference Result 162 states and 208 transitions. [2022-02-20 18:08:45,263 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 18:08:45,263 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 35 [2022-02-20 18:08:45,264 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:45,264 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:45,267 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 208 transitions. [2022-02-20 18:08:45,267 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:45,271 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 208 transitions. [2022-02-20 18:08:45,271 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 208 transitions. [2022-02-20 18:08:45,437 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 208 edges. 208 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:45,444 INFO L225 Difference]: With dead ends: 162 [2022-02-20 18:08:45,444 INFO L226 Difference]: Without dead ends: 109 [2022-02-20 18:08:45,446 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-02-20 18:08:45,456 INFO L933 BasicCegarLoop]: 80 mSDtfsCounter, 45 mSDsluCounter, 219 mSDsCounter, 0 mSdLazyCounter, 21 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 45 SdHoareTripleChecker+Valid, 299 SdHoareTripleChecker+Invalid, 23 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 21 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:45,457 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [45 Valid, 299 Invalid, 23 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 21 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:45,458 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 109 states. [2022-02-20 18:08:45,468 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 109 to 106. [2022-02-20 18:08:45,471 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:45,472 INFO L82 GeneralOperation]: Start isEquivalent. First operand 109 states. Second operand has 106 states, 78 states have (on average 1.2820512820512822) internal successors, (100), 86 states have internal predecessors, (100), 16 states have call successors, (16), 12 states have call predecessors, (16), 11 states have return successors, (17), 13 states have call predecessors, (17), 16 states have call successors, (17) [2022-02-20 18:08:45,473 INFO L74 IsIncluded]: Start isIncluded. First operand 109 states. Second operand has 106 states, 78 states have (on average 1.2820512820512822) internal successors, (100), 86 states have internal predecessors, (100), 16 states have call successors, (16), 12 states have call predecessors, (16), 11 states have return successors, (17), 13 states have call predecessors, (17), 16 states have call successors, (17) [2022-02-20 18:08:45,474 INFO L87 Difference]: Start difference. First operand 109 states. Second operand has 106 states, 78 states have (on average 1.2820512820512822) internal successors, (100), 86 states have internal predecessors, (100), 16 states have call successors, (16), 12 states have call predecessors, (16), 11 states have return successors, (17), 13 states have call predecessors, (17), 16 states have call successors, (17) [2022-02-20 18:08:45,479 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:45,479 INFO L93 Difference]: Finished difference Result 109 states and 136 transitions. [2022-02-20 18:08:45,479 INFO L276 IsEmpty]: Start isEmpty. Operand 109 states and 136 transitions. [2022-02-20 18:08:45,480 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:45,480 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:45,481 INFO L74 IsIncluded]: Start isIncluded. First operand has 106 states, 78 states have (on average 1.2820512820512822) internal successors, (100), 86 states have internal predecessors, (100), 16 states have call successors, (16), 12 states have call predecessors, (16), 11 states have return successors, (17), 13 states have call predecessors, (17), 16 states have call successors, (17) Second operand 109 states. [2022-02-20 18:08:45,481 INFO L87 Difference]: Start difference. First operand has 106 states, 78 states have (on average 1.2820512820512822) internal successors, (100), 86 states have internal predecessors, (100), 16 states have call successors, (16), 12 states have call predecessors, (16), 11 states have return successors, (17), 13 states have call predecessors, (17), 16 states have call successors, (17) Second operand 109 states. [2022-02-20 18:08:45,487 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:45,488 INFO L93 Difference]: Finished difference Result 109 states and 136 transitions. [2022-02-20 18:08:45,488 INFO L276 IsEmpty]: Start isEmpty. Operand 109 states and 136 transitions. [2022-02-20 18:08:45,488 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:45,489 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:45,489 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:45,489 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:45,490 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 106 states, 78 states have (on average 1.2820512820512822) internal successors, (100), 86 states have internal predecessors, (100), 16 states have call successors, (16), 12 states have call predecessors, (16), 11 states have return successors, (17), 13 states have call predecessors, (17), 16 states have call successors, (17) [2022-02-20 18:08:45,495 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 106 states to 106 states and 133 transitions. [2022-02-20 18:08:45,495 INFO L78 Accepts]: Start accepts. Automaton has 106 states and 133 transitions. Word has length 35 [2022-02-20 18:08:45,495 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:45,495 INFO L470 AbstractCegarLoop]: Abstraction has 106 states and 133 transitions. [2022-02-20 18:08:45,496 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:45,496 INFO L276 IsEmpty]: Start isEmpty. Operand 106 states and 133 transitions. [2022-02-20 18:08:45,499 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 40 [2022-02-20 18:08:45,499 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:45,499 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:45,499 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-02-20 18:08:45,499 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:45,500 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:45,500 INFO L85 PathProgramCache]: Analyzing trace with hash -1779490157, now seen corresponding path program 1 times [2022-02-20 18:08:45,500 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:08:45,500 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1630902971] [2022-02-20 18:08:45,501 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:45,501 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:08:45,564 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:08:45,564 INFO L352 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2022-02-20 18:08:45,582 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:08:45,611 INFO L138 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2022-02-20 18:08:45,612 INFO L628 BasicCegarLoop]: Counterexample is feasible [2022-02-20 18:08:45,613 INFO L764 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-02-20 18:08:45,614 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-02-20 18:08:45,617 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1] [2022-02-20 18:08:45,619 INFO L180 ceAbstractionStarter]: Computing trace abstraction results [2022-02-20 18:08:45,639 FATAL L489 DefaultTranslator]: Callstack has procedure call flag but succeeding procedure is empty at [CALL] call waterRise(); [2022-02-20 18:08:45,640 FATAL L? ?]: The Plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction has thrown an exception: java.lang.AssertionError: callstack broken after backtranslation by InlinerBacktranslator at de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:216) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:206) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getProgramExecutionAsString(CounterExampleResult.java:155) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getLongDescription(CounterExampleResult.java:134) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ResultService.reportResult(ResultService.java:86) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.CegarLoopResultReporter.reportResult(CegarLoopResultReporter.java:141) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.reportLocationResults(TraceAbstractionStarter.java:607) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.runCegarLoops(TraceAbstractionStarter.java:182) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.(TraceAbstractionStarter.java:156) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver.finish(TraceAbstractionObserver.java:123) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runObserver(PluginConnector.java:168) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runTool(PluginConnector.java:151) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.run(PluginConnector.java:128) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.executePluginConnector(ToolchainWalker.java:232) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.processPlugin(ToolchainWalker.java:226) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walkUnprotected(ToolchainWalker.java:142) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walk(ToolchainWalker.java:104) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainManager$Toolchain.processToolchain(ToolchainManager.java:320) at de.uni_freiburg.informatik.ultimate.core.coreplugin.toolchain.DefaultToolchainJob.run(DefaultToolchainJob.java:145) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:63) [2022-02-20 18:08:45,643 INFO L158 Benchmark]: Toolchain (without parser) took 3812.41ms. Allocated memory was 88.1MB in the beginning and 136.3MB in the end (delta: 48.2MB). Free memory was 56.5MB in the beginning and 67.9MB in the end (delta: -11.4MB). Peak memory consumption was 36.7MB. Max. memory is 16.1GB. [2022-02-20 18:08:45,643 INFO L158 Benchmark]: CDTParser took 0.20ms. Allocated memory is still 88.1MB. Free memory is still 45.0MB. There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:08:45,644 INFO L158 Benchmark]: CACSL2BoogieTranslator took 446.83ms. Allocated memory was 88.1MB in the beginning and 111.1MB in the end (delta: 23.1MB). Free memory was 56.4MB in the beginning and 75.3MB in the end (delta: -19.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2022-02-20 18:08:45,644 INFO L158 Benchmark]: Boogie Procedure Inliner took 56.13ms. Allocated memory is still 111.1MB. Free memory was 75.3MB in the beginning and 72.8MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:08:45,645 INFO L158 Benchmark]: Boogie Preprocessor took 39.11ms. Allocated memory is still 111.1MB. Free memory was 72.8MB in the beginning and 71.1MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:08:45,645 INFO L158 Benchmark]: RCFGBuilder took 511.41ms. Allocated memory is still 111.1MB. Free memory was 71.1MB in the beginning and 84.2MB in the end (delta: -13.0MB). Peak memory consumption was 19.2MB. Max. memory is 16.1GB. [2022-02-20 18:08:45,645 INFO L158 Benchmark]: TraceAbstraction took 2753.65ms. Allocated memory was 111.1MB in the beginning and 136.3MB in the end (delta: 25.2MB). Free memory was 83.4MB in the beginning and 67.9MB in the end (delta: 15.5MB). Peak memory consumption was 39.3MB. Max. memory is 16.1GB. [2022-02-20 18:08:45,647 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.20ms. Allocated memory is still 88.1MB. Free memory is still 45.0MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 446.83ms. Allocated memory was 88.1MB in the beginning and 111.1MB in the end (delta: 23.1MB). Free memory was 56.4MB in the beginning and 75.3MB in the end (delta: -19.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 56.13ms. Allocated memory is still 111.1MB. Free memory was 75.3MB in the beginning and 72.8MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 39.11ms. Allocated memory is still 111.1MB. Free memory was 72.8MB in the beginning and 71.1MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 511.41ms. Allocated memory is still 111.1MB. Free memory was 71.1MB in the beginning and 84.2MB in the end (delta: -13.0MB). Peak memory consumption was 19.2MB. Max. memory is 16.1GB. * TraceAbstraction took 2753.65ms. Allocated memory was 111.1MB in the beginning and 136.3MB in the end (delta: 25.2MB). Free memory was 83.4MB in the beginning and 67.9MB in the end (delta: 15.5MB). Peak memory consumption was 39.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: AssertionError: callstack broken after backtranslation by InlinerBacktranslator: de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) RESULT: Ultimate could not prove your program: Toolchain returned no result. [2022-02-20 18:08:45,683 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Using bit-precise analysis Retrying with bit-precise analysis ### Bit-precise run ### Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_product13.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Bitvector.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 4e8d46dd9ecc40481581770f17d7ff7eeb44cf0ae7cc4edb04be6d125fad45fc --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 18:08:47,644 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 18:08:47,646 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 18:08:47,679 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 18:08:47,679 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 18:08:47,683 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 18:08:47,684 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 18:08:47,689 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 18:08:47,691 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 18:08:47,695 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 18:08:47,697 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 18:08:47,700 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 18:08:47,705 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 18:08:47,708 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 18:08:47,709 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 18:08:47,712 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 18:08:47,713 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 18:08:47,714 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 18:08:47,720 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 18:08:47,722 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 18:08:47,723 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 18:08:47,724 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 18:08:47,725 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 18:08:47,727 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 18:08:47,735 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 18:08:47,735 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 18:08:47,736 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 18:08:47,737 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 18:08:47,738 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 18:08:47,739 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 18:08:47,739 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 18:08:47,740 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 18:08:47,741 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 18:08:47,742 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 18:08:47,743 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 18:08:47,743 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 18:08:47,744 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 18:08:47,744 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 18:08:47,745 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 18:08:47,746 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 18:08:47,746 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 18:08:47,747 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Bitvector.epf [2022-02-20 18:08:47,790 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 18:08:47,791 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 18:08:47,792 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 18:08:47,792 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 18:08:47,793 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 18:08:47,793 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 18:08:47,794 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 18:08:47,795 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 18:08:47,795 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 18:08:47,795 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 18:08:47,796 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 18:08:47,796 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 18:08:47,796 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 18:08:47,796 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-02-20 18:08:47,796 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 18:08:47,797 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-02-20 18:08:47,797 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-02-20 18:08:47,797 INFO L138 SettingsManager]: * Use bitvectors instead of ints=true [2022-02-20 18:08:47,797 INFO L138 SettingsManager]: * Memory model=HoenickeLindenmann_4ByteResolution [2022-02-20 18:08:47,797 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 18:08:47,798 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-02-20 18:08:47,798 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 18:08:47,798 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-02-20 18:08:47,798 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 18:08:47,798 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 18:08:47,799 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 18:08:47,799 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:08:47,799 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 18:08:47,799 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 18:08:47,799 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-02-20 18:08:47,800 INFO L138 SettingsManager]: * Trace refinement strategy=WOLF [2022-02-20 18:08:47,800 INFO L138 SettingsManager]: * Command for external solver=cvc4 --incremental --print-success --lang smt [2022-02-20 18:08:47,800 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2022-02-20 18:08:47,800 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-02-20 18:08:47,801 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-02-20 18:08:47,801 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2022-02-20 18:08:47,801 INFO L138 SettingsManager]: * Logic for external solver=AUFBV WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 4e8d46dd9ecc40481581770f17d7ff7eeb44cf0ae7cc4edb04be6d125fad45fc [2022-02-20 18:08:48,145 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 18:08:48,168 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 18:08:48,171 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 18:08:48,172 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 18:08:48,172 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 18:08:48,174 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_product13.cil.c [2022-02-20 18:08:48,236 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/4a935b1b0/a15bf065ce534cbca9679102e94a2d6c/FLAG9c9487616 [2022-02-20 18:08:48,736 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 18:08:48,737 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product13.cil.c [2022-02-20 18:08:48,748 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/4a935b1b0/a15bf065ce534cbca9679102e94a2d6c/FLAG9c9487616 [2022-02-20 18:08:49,235 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/4a935b1b0/a15bf065ce534cbca9679102e94a2d6c [2022-02-20 18:08:49,237 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 18:08:49,238 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 18:08:49,242 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 18:08:49,242 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 18:08:49,245 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 18:08:49,246 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:08:49" (1/1) ... [2022-02-20 18:08:49,247 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@630f9854 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:49, skipping insertion in model container [2022-02-20 18:08:49,247 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:08:49" (1/1) ... [2022-02-20 18:08:49,253 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 18:08:49,298 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:08:49,440 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product13.cil.c[3343,3356] [2022-02-20 18:08:49,586 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:08:49,602 INFO L200 MainTranslator]: Restarting translation with changed settings: SettingsChange [mNewPreferredMemoryModel=HoenickeLindenmann_1ByteResolution] [2022-02-20 18:08:49,608 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:08:49,620 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product13.cil.c[3343,3356] [2022-02-20 18:08:49,682 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:08:49,701 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 18:08:49,739 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product13.cil.c[3343,3356] [2022-02-20 18:08:49,805 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:08:49,823 INFO L208 MainTranslator]: Completed translation [2022-02-20 18:08:49,824 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:49 WrapperNode [2022-02-20 18:08:49,824 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 18:08:49,825 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 18:08:49,825 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 18:08:49,825 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 18:08:49,831 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:49" (1/1) ... [2022-02-20 18:08:49,859 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:49" (1/1) ... [2022-02-20 18:08:49,889 INFO L137 Inliner]: procedures = 53, calls = 151, calls flagged for inlining = 19, calls inlined = 15, statements flattened = 195 [2022-02-20 18:08:49,890 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 18:08:49,890 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 18:08:49,890 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 18:08:49,891 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 18:08:49,898 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:49" (1/1) ... [2022-02-20 18:08:49,899 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:49" (1/1) ... [2022-02-20 18:08:49,901 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:49" (1/1) ... [2022-02-20 18:08:49,902 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:49" (1/1) ... [2022-02-20 18:08:49,907 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:49" (1/1) ... [2022-02-20 18:08:49,911 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:49" (1/1) ... [2022-02-20 18:08:49,913 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:49" (1/1) ... [2022-02-20 18:08:49,915 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 18:08:49,916 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 18:08:49,916 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 18:08:49,916 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 18:08:49,917 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:49" (1/1) ... [2022-02-20 18:08:49,923 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:08:49,934 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 18:08:49,945 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 18:08:49,955 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 18:08:49,977 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 18:08:49,977 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-02-20 18:08:49,978 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-02-20 18:08:49,978 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-02-20 18:08:49,978 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-02-20 18:08:49,978 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-02-20 18:08:49,978 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-02-20 18:08:49,978 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-02-20 18:08:49,978 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-02-20 18:08:49,979 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~intINTTYPE1 [2022-02-20 18:08:49,979 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2022-02-20 18:08:49,979 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2022-02-20 18:08:49,979 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2022-02-20 18:08:49,979 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2022-02-20 18:08:49,979 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-02-20 18:08:49,980 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-02-20 18:08:49,980 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 18:08:49,980 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 18:08:50,088 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 18:08:50,089 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 18:08:50,420 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 18:08:50,428 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 18:08:50,433 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-02-20 18:08:50,435 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:08:50 BoogieIcfgContainer [2022-02-20 18:08:50,436 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 18:08:50,437 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 18:08:50,437 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 18:08:50,440 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 18:08:50,440 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 06:08:49" (1/3) ... [2022-02-20 18:08:50,441 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@e242244 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:08:50, skipping insertion in model container [2022-02-20 18:08:50,441 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:49" (2/3) ... [2022-02-20 18:08:50,441 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@e242244 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:08:50, skipping insertion in model container [2022-02-20 18:08:50,441 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:08:50" (3/3) ... [2022-02-20 18:08:50,442 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product13.cil.c [2022-02-20 18:08:50,450 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 18:08:50,451 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-02-20 18:08:50,505 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 18:08:50,512 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 18:08:50,512 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-02-20 18:08:50,537 INFO L276 IsEmpty]: Start isEmpty. Operand has 78 states, 58 states have (on average 1.3793103448275863) internal successors, (80), 64 states have internal predecessors, (80), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 10 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:08:50,542 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 18:08:50,542 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:50,543 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:50,544 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:50,548 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:50,548 INFO L85 PathProgramCache]: Analyzing trace with hash -427148648, now seen corresponding path program 1 times [2022-02-20 18:08:50,557 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:08:50,558 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [844167361] [2022-02-20 18:08:50,558 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:50,558 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:08:50,559 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:08:50,561 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:08:50,562 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Waiting until timeout for monitored process [2022-02-20 18:08:50,674 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:50,678 INFO L263 TraceCheckSpWp]: Trace formula consists of 154 conjuncts, 1 conjunts are in the unsatisfiable core [2022-02-20 18:08:50,700 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:50,704 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:08:50,820 INFO L290 TraceCheckUtils]: 0: Hoare triple {81#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(13bv32, 4bv32);call #Ultimate.allocInit(7bv32, 5bv32);call write~init~intINTTYPE1(44bv8, 5bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 5bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 5bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 5bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 5bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 5bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 5bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 6bv32);call write~init~intINTTYPE1(67bv8, 6bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 6bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 6bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 6bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 6bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 7bv32);call write~init~intINTTYPE1(79bv8, 7bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 7bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 7bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 8bv32);call write~init~intINTTYPE1(41bv8, 8bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 8bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 9bv32);call #Ultimate.allocInit(3bv32, 10bv32);call write~init~intINTTYPE1(79bv8, 10bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 10bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 10bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 11bv32);call write~init~intINTTYPE1(79bv8, 11bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 11bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 11bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 11bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 12bv32);call write~init~intINTTYPE1(44bv8, 12bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 12bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 12bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 12bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 12bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 12bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 12bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 13bv32);call write~init~intINTTYPE1(79bv8, 13bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 13bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 13bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 14bv32);call write~init~intINTTYPE1(79bv8, 14bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 14bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 14bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 14bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 15bv32);call write~init~intINTTYPE1(41bv8, 15bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 15bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 15bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 16bv32);call write~init~intINTTYPE1(10bv8, 16bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 16bv32, 1bv32, 1bv32);call #Ultimate.allocInit(30bv32, 17bv32);call #Ultimate.allocInit(9bv32, 18bv32);call #Ultimate.allocInit(21bv32, 19bv32);call #Ultimate.allocInit(30bv32, 20bv32);call #Ultimate.allocInit(9bv32, 21bv32);call #Ultimate.allocInit(21bv32, 22bv32);call #Ultimate.allocInit(30bv32, 23bv32);call #Ultimate.allocInit(9bv32, 24bv32);call #Ultimate.allocInit(25bv32, 25bv32);call #Ultimate.allocInit(30bv32, 26bv32);call #Ultimate.allocInit(9bv32, 27bv32);call #Ultimate.allocInit(25bv32, 28bv32);~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~cleanupTimeShifts~0 := 4bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {81#true} is VALID [2022-02-20 18:08:50,823 INFO L290 TraceCheckUtils]: 1: Hoare triple {81#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret10#1, main_~retValue_acc~4#1, main_~tmp~0#1;havoc main_~retValue_acc~4#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {81#true} is VALID [2022-02-20 18:08:50,824 INFO L290 TraceCheckUtils]: 2: Hoare triple {81#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {81#true} is VALID [2022-02-20 18:08:50,824 INFO L290 TraceCheckUtils]: 3: Hoare triple {81#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~3#1;havoc valid_product_~retValue_acc~3#1;valid_product_~retValue_acc~3#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~3#1; {81#true} is VALID [2022-02-20 18:08:50,824 INFO L290 TraceCheckUtils]: 4: Hoare triple {81#true} main_#t~ret10#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~0#1 := main_#t~ret10#1;havoc main_#t~ret10#1; {81#true} is VALID [2022-02-20 18:08:50,824 INFO L290 TraceCheckUtils]: 5: Hoare triple {81#true} assume 0bv32 != main_~tmp~0#1;assume { :begin_inline_setup } true; {81#true} is VALID [2022-02-20 18:08:50,825 INFO L290 TraceCheckUtils]: 6: Hoare triple {81#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet25#1, test_#t~nondet26#1, test_#t~nondet27#1, test_#t~nondet28#1, test_~splverifierCounter~0#1, test_~tmp~4#1, test_~tmp___0~1#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~4#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {81#true} is VALID [2022-02-20 18:08:50,826 INFO L290 TraceCheckUtils]: 7: Hoare triple {81#true} assume !true; {82#false} is VALID [2022-02-20 18:08:50,826 INFO L272 TraceCheckUtils]: 8: Hoare triple {82#false} call cleanup(); {82#false} is VALID [2022-02-20 18:08:50,826 INFO L290 TraceCheckUtils]: 9: Hoare triple {82#false} havoc ~i~0;havoc ~__cil_tmp2~0; {82#false} is VALID [2022-02-20 18:08:50,826 INFO L272 TraceCheckUtils]: 10: Hoare triple {82#false} call timeShift(); {82#false} is VALID [2022-02-20 18:08:50,827 INFO L290 TraceCheckUtils]: 11: Hoare triple {82#false} assume !(0bv32 != ~pumpRunning~0); {82#false} is VALID [2022-02-20 18:08:50,827 INFO L290 TraceCheckUtils]: 12: Hoare triple {82#false} assume !(0bv32 != ~systemActive~0); {82#false} is VALID [2022-02-20 18:08:50,827 INFO L290 TraceCheckUtils]: 13: Hoare triple {82#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret22#1, __utac_acc__Specification3_spec__1_#t~ret23#1, __utac_acc__Specification3_spec__1_#t~ret24#1, __utac_acc__Specification3_spec__1_~tmp~3#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {82#false} is VALID [2022-02-20 18:08:50,827 INFO L272 TraceCheckUtils]: 14: Hoare triple {82#false} call __utac_acc__Specification3_spec__1_#t~ret22#1 := isMethaneLevelCritical(); {82#false} is VALID [2022-02-20 18:08:50,828 INFO L290 TraceCheckUtils]: 15: Hoare triple {82#false} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {82#false} is VALID [2022-02-20 18:08:50,828 INFO L290 TraceCheckUtils]: 16: Hoare triple {82#false} assume true; {82#false} is VALID [2022-02-20 18:08:50,828 INFO L284 TraceCheckUtils]: 17: Hoare quadruple {82#false} {82#false} #200#return; {82#false} is VALID [2022-02-20 18:08:50,828 INFO L290 TraceCheckUtils]: 18: Hoare triple {82#false} __utac_acc__Specification3_spec__1_~tmp~3#1 := __utac_acc__Specification3_spec__1_#t~ret22#1;havoc __utac_acc__Specification3_spec__1_#t~ret22#1; {82#false} is VALID [2022-02-20 18:08:50,829 INFO L290 TraceCheckUtils]: 19: Hoare triple {82#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~3#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~1#1;havoc getWaterLevel_~retValue_acc~1#1;getWaterLevel_~retValue_acc~1#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; {82#false} is VALID [2022-02-20 18:08:50,829 INFO L290 TraceCheckUtils]: 20: Hoare triple {82#false} __utac_acc__Specification3_spec__1_#t~ret23#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret23#1;havoc __utac_acc__Specification3_spec__1_#t~ret23#1; {82#false} is VALID [2022-02-20 18:08:50,829 INFO L290 TraceCheckUtils]: 21: Hoare triple {82#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~6#1;havoc isPumpRunning_~retValue_acc~6#1;isPumpRunning_~retValue_acc~6#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~6#1; {82#false} is VALID [2022-02-20 18:08:50,829 INFO L290 TraceCheckUtils]: 22: Hoare triple {82#false} __utac_acc__Specification3_spec__1_#t~ret24#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret24#1;havoc __utac_acc__Specification3_spec__1_#t~ret24#1; {82#false} is VALID [2022-02-20 18:08:50,830 INFO L290 TraceCheckUtils]: 23: Hoare triple {82#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {82#false} is VALID [2022-02-20 18:08:50,830 INFO L290 TraceCheckUtils]: 24: Hoare triple {82#false} assume !false; {82#false} is VALID [2022-02-20 18:08:50,831 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:50,832 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:08:50,832 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:08:50,833 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [844167361] [2022-02-20 18:08:50,833 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [844167361] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:50,833 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:50,833 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:08:50,835 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1796276352] [2022-02-20 18:08:50,836 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:50,840 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:08:50,841 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:50,844 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:50,890 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:50,891 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-02-20 18:08:50,891 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:08:50,913 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-02-20 18:08:50,914 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:08:50,917 INFO L87 Difference]: Start difference. First operand has 78 states, 58 states have (on average 1.3793103448275863) internal successors, (80), 64 states have internal predecessors, (80), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 10 states have call predecessors, (11), 11 states have call successors, (11) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:51,006 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:51,006 INFO L93 Difference]: Finished difference Result 148 states and 199 transitions. [2022-02-20 18:08:51,007 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-02-20 18:08:51,007 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:08:51,007 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:51,008 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:51,019 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 199 transitions. [2022-02-20 18:08:51,020 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:51,027 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 199 transitions. [2022-02-20 18:08:51,027 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 199 transitions. [2022-02-20 18:08:51,226 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 199 edges. 199 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:51,243 INFO L225 Difference]: With dead ends: 148 [2022-02-20 18:08:51,243 INFO L226 Difference]: Without dead ends: 69 [2022-02-20 18:08:51,246 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 24 GetRequests, 24 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:08:51,249 INFO L933 BasicCegarLoop]: 96 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 96 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:51,250 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 96 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:51,262 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 69 states. [2022-02-20 18:08:51,278 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 69 to 69. [2022-02-20 18:08:51,279 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:51,284 INFO L82 GeneralOperation]: Start isEquivalent. First operand 69 states. Second operand has 69 states, 51 states have (on average 1.2941176470588236) internal successors, (66), 56 states have internal predecessors, (66), 11 states have call successors, (11), 7 states have call predecessors, (11), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 18:08:51,285 INFO L74 IsIncluded]: Start isIncluded. First operand 69 states. Second operand has 69 states, 51 states have (on average 1.2941176470588236) internal successors, (66), 56 states have internal predecessors, (66), 11 states have call successors, (11), 7 states have call predecessors, (11), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 18:08:51,286 INFO L87 Difference]: Start difference. First operand 69 states. Second operand has 69 states, 51 states have (on average 1.2941176470588236) internal successors, (66), 56 states have internal predecessors, (66), 11 states have call successors, (11), 7 states have call predecessors, (11), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 18:08:51,292 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:51,292 INFO L93 Difference]: Finished difference Result 69 states and 87 transitions. [2022-02-20 18:08:51,292 INFO L276 IsEmpty]: Start isEmpty. Operand 69 states and 87 transitions. [2022-02-20 18:08:51,294 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:51,294 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:51,295 INFO L74 IsIncluded]: Start isIncluded. First operand has 69 states, 51 states have (on average 1.2941176470588236) internal successors, (66), 56 states have internal predecessors, (66), 11 states have call successors, (11), 7 states have call predecessors, (11), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand 69 states. [2022-02-20 18:08:51,295 INFO L87 Difference]: Start difference. First operand has 69 states, 51 states have (on average 1.2941176470588236) internal successors, (66), 56 states have internal predecessors, (66), 11 states have call successors, (11), 7 states have call predecessors, (11), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand 69 states. [2022-02-20 18:08:51,300 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:51,300 INFO L93 Difference]: Finished difference Result 69 states and 87 transitions. [2022-02-20 18:08:51,300 INFO L276 IsEmpty]: Start isEmpty. Operand 69 states and 87 transitions. [2022-02-20 18:08:51,301 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:51,302 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:51,302 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:51,302 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:51,302 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 69 states, 51 states have (on average 1.2941176470588236) internal successors, (66), 56 states have internal predecessors, (66), 11 states have call successors, (11), 7 states have call predecessors, (11), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 18:08:51,306 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 69 states to 69 states and 87 transitions. [2022-02-20 18:08:51,309 INFO L78 Accepts]: Start accepts. Automaton has 69 states and 87 transitions. Word has length 25 [2022-02-20 18:08:51,309 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:51,310 INFO L470 AbstractCegarLoop]: Abstraction has 69 states and 87 transitions. [2022-02-20 18:08:51,310 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:51,310 INFO L276 IsEmpty]: Start isEmpty. Operand 69 states and 87 transitions. [2022-02-20 18:08:51,312 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-02-20 18:08:51,314 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:51,315 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:51,326 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Forceful destruction successful, exit code 0 [2022-02-20 18:08:51,526 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:08:51,527 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:51,528 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:51,528 INFO L85 PathProgramCache]: Analyzing trace with hash 595185369, now seen corresponding path program 1 times [2022-02-20 18:08:51,529 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:08:51,529 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1008700287] [2022-02-20 18:08:51,529 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:51,529 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:08:51,530 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:08:51,531 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:08:51,533 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Waiting until timeout for monitored process [2022-02-20 18:08:51,583 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:51,586 INFO L263 TraceCheckSpWp]: Trace formula consists of 155 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-20 18:08:51,599 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:51,601 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:08:51,691 INFO L290 TraceCheckUtils]: 0: Hoare triple {607#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(13bv32, 4bv32);call #Ultimate.allocInit(7bv32, 5bv32);call write~init~intINTTYPE1(44bv8, 5bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 5bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 5bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 5bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 5bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 5bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 5bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 6bv32);call write~init~intINTTYPE1(67bv8, 6bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 6bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 6bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 6bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 6bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 7bv32);call write~init~intINTTYPE1(79bv8, 7bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 7bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 7bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 8bv32);call write~init~intINTTYPE1(41bv8, 8bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 8bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 9bv32);call #Ultimate.allocInit(3bv32, 10bv32);call write~init~intINTTYPE1(79bv8, 10bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 10bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 10bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 11bv32);call write~init~intINTTYPE1(79bv8, 11bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 11bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 11bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 11bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 12bv32);call write~init~intINTTYPE1(44bv8, 12bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 12bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 12bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 12bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 12bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 12bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 12bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 13bv32);call write~init~intINTTYPE1(79bv8, 13bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 13bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 13bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 14bv32);call write~init~intINTTYPE1(79bv8, 14bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 14bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 14bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 14bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 15bv32);call write~init~intINTTYPE1(41bv8, 15bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 15bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 15bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 16bv32);call write~init~intINTTYPE1(10bv8, 16bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 16bv32, 1bv32, 1bv32);call #Ultimate.allocInit(30bv32, 17bv32);call #Ultimate.allocInit(9bv32, 18bv32);call #Ultimate.allocInit(21bv32, 19bv32);call #Ultimate.allocInit(30bv32, 20bv32);call #Ultimate.allocInit(9bv32, 21bv32);call #Ultimate.allocInit(21bv32, 22bv32);call #Ultimate.allocInit(30bv32, 23bv32);call #Ultimate.allocInit(9bv32, 24bv32);call #Ultimate.allocInit(25bv32, 25bv32);call #Ultimate.allocInit(30bv32, 26bv32);call #Ultimate.allocInit(9bv32, 27bv32);call #Ultimate.allocInit(25bv32, 28bv32);~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~cleanupTimeShifts~0 := 4bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {607#true} is VALID [2022-02-20 18:08:51,695 INFO L290 TraceCheckUtils]: 1: Hoare triple {607#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret10#1, main_~retValue_acc~4#1, main_~tmp~0#1;havoc main_~retValue_acc~4#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {607#true} is VALID [2022-02-20 18:08:51,696 INFO L290 TraceCheckUtils]: 2: Hoare triple {607#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {607#true} is VALID [2022-02-20 18:08:51,696 INFO L290 TraceCheckUtils]: 3: Hoare triple {607#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~3#1;havoc valid_product_~retValue_acc~3#1;valid_product_~retValue_acc~3#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~3#1; {607#true} is VALID [2022-02-20 18:08:51,696 INFO L290 TraceCheckUtils]: 4: Hoare triple {607#true} main_#t~ret10#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~0#1 := main_#t~ret10#1;havoc main_#t~ret10#1; {607#true} is VALID [2022-02-20 18:08:51,697 INFO L290 TraceCheckUtils]: 5: Hoare triple {607#true} assume 0bv32 != main_~tmp~0#1;assume { :begin_inline_setup } true; {607#true} is VALID [2022-02-20 18:08:51,699 INFO L290 TraceCheckUtils]: 6: Hoare triple {607#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet25#1, test_#t~nondet26#1, test_#t~nondet27#1, test_#t~nondet28#1, test_~splverifierCounter~0#1, test_~tmp~4#1, test_~tmp___0~1#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~4#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {630#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} is VALID [2022-02-20 18:08:51,700 INFO L290 TraceCheckUtils]: 7: Hoare triple {630#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} assume !false; {630#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} is VALID [2022-02-20 18:08:51,700 INFO L290 TraceCheckUtils]: 8: Hoare triple {630#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} assume !~bvslt32(test_~splverifierCounter~0#1, 4bv32); {608#false} is VALID [2022-02-20 18:08:51,700 INFO L272 TraceCheckUtils]: 9: Hoare triple {608#false} call cleanup(); {608#false} is VALID [2022-02-20 18:08:51,701 INFO L290 TraceCheckUtils]: 10: Hoare triple {608#false} havoc ~i~0;havoc ~__cil_tmp2~0; {608#false} is VALID [2022-02-20 18:08:51,701 INFO L272 TraceCheckUtils]: 11: Hoare triple {608#false} call timeShift(); {608#false} is VALID [2022-02-20 18:08:51,701 INFO L290 TraceCheckUtils]: 12: Hoare triple {608#false} assume !(0bv32 != ~pumpRunning~0); {608#false} is VALID [2022-02-20 18:08:51,701 INFO L290 TraceCheckUtils]: 13: Hoare triple {608#false} assume !(0bv32 != ~systemActive~0); {608#false} is VALID [2022-02-20 18:08:51,701 INFO L290 TraceCheckUtils]: 14: Hoare triple {608#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret22#1, __utac_acc__Specification3_spec__1_#t~ret23#1, __utac_acc__Specification3_spec__1_#t~ret24#1, __utac_acc__Specification3_spec__1_~tmp~3#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {608#false} is VALID [2022-02-20 18:08:51,702 INFO L272 TraceCheckUtils]: 15: Hoare triple {608#false} call __utac_acc__Specification3_spec__1_#t~ret22#1 := isMethaneLevelCritical(); {608#false} is VALID [2022-02-20 18:08:51,702 INFO L290 TraceCheckUtils]: 16: Hoare triple {608#false} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {608#false} is VALID [2022-02-20 18:08:51,702 INFO L290 TraceCheckUtils]: 17: Hoare triple {608#false} assume true; {608#false} is VALID [2022-02-20 18:08:51,702 INFO L284 TraceCheckUtils]: 18: Hoare quadruple {608#false} {608#false} #200#return; {608#false} is VALID [2022-02-20 18:08:51,702 INFO L290 TraceCheckUtils]: 19: Hoare triple {608#false} __utac_acc__Specification3_spec__1_~tmp~3#1 := __utac_acc__Specification3_spec__1_#t~ret22#1;havoc __utac_acc__Specification3_spec__1_#t~ret22#1; {608#false} is VALID [2022-02-20 18:08:51,702 INFO L290 TraceCheckUtils]: 20: Hoare triple {608#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~3#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~1#1;havoc getWaterLevel_~retValue_acc~1#1;getWaterLevel_~retValue_acc~1#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; {608#false} is VALID [2022-02-20 18:08:51,703 INFO L290 TraceCheckUtils]: 21: Hoare triple {608#false} __utac_acc__Specification3_spec__1_#t~ret23#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret23#1;havoc __utac_acc__Specification3_spec__1_#t~ret23#1; {608#false} is VALID [2022-02-20 18:08:51,703 INFO L290 TraceCheckUtils]: 22: Hoare triple {608#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~6#1;havoc isPumpRunning_~retValue_acc~6#1;isPumpRunning_~retValue_acc~6#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~6#1; {608#false} is VALID [2022-02-20 18:08:51,703 INFO L290 TraceCheckUtils]: 23: Hoare triple {608#false} __utac_acc__Specification3_spec__1_#t~ret24#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret24#1;havoc __utac_acc__Specification3_spec__1_#t~ret24#1; {608#false} is VALID [2022-02-20 18:08:51,703 INFO L290 TraceCheckUtils]: 24: Hoare triple {608#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {608#false} is VALID [2022-02-20 18:08:51,703 INFO L290 TraceCheckUtils]: 25: Hoare triple {608#false} assume !false; {608#false} is VALID [2022-02-20 18:08:51,703 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:51,704 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:08:51,704 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:08:51,704 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1008700287] [2022-02-20 18:08:51,704 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1008700287] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:51,704 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:51,704 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:08:51,705 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1383512583] [2022-02-20 18:08:51,705 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:51,706 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:08:51,706 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:51,706 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:51,731 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 26 edges. 26 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:51,731 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:08:51,731 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:08:51,732 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:08:51,732 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:51,732 INFO L87 Difference]: Start difference. First operand 69 states and 87 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:51,839 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:51,840 INFO L93 Difference]: Finished difference Result 104 states and 130 transitions. [2022-02-20 18:08:51,840 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:08:51,841 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:08:51,841 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:51,841 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:51,851 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 130 transitions. [2022-02-20 18:08:51,852 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:51,857 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 130 transitions. [2022-02-20 18:08:51,858 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 130 transitions. [2022-02-20 18:08:51,991 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 130 edges. 130 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:51,996 INFO L225 Difference]: With dead ends: 104 [2022-02-20 18:08:51,996 INFO L226 Difference]: Without dead ends: 60 [2022-02-20 18:08:51,997 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 25 GetRequests, 24 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:51,998 INFO L933 BasicCegarLoop]: 74 mSDtfsCounter, 12 mSDsluCounter, 58 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 132 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:51,999 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [15 Valid, 132 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:52,000 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 60 states. [2022-02-20 18:08:52,005 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 60 to 60. [2022-02-20 18:08:52,005 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:52,006 INFO L82 GeneralOperation]: Start isEquivalent. First operand 60 states. Second operand has 60 states, 45 states have (on average 1.3111111111111111) internal successors, (59), 50 states have internal predecessors, (59), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:08:52,006 INFO L74 IsIncluded]: Start isIncluded. First operand 60 states. Second operand has 60 states, 45 states have (on average 1.3111111111111111) internal successors, (59), 50 states have internal predecessors, (59), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:08:52,007 INFO L87 Difference]: Start difference. First operand 60 states. Second operand has 60 states, 45 states have (on average 1.3111111111111111) internal successors, (59), 50 states have internal predecessors, (59), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:08:52,013 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:52,013 INFO L93 Difference]: Finished difference Result 60 states and 75 transitions. [2022-02-20 18:08:52,013 INFO L276 IsEmpty]: Start isEmpty. Operand 60 states and 75 transitions. [2022-02-20 18:08:52,013 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:52,014 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:52,014 INFO L74 IsIncluded]: Start isIncluded. First operand has 60 states, 45 states have (on average 1.3111111111111111) internal successors, (59), 50 states have internal predecessors, (59), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) Second operand 60 states. [2022-02-20 18:08:52,014 INFO L87 Difference]: Start difference. First operand has 60 states, 45 states have (on average 1.3111111111111111) internal successors, (59), 50 states have internal predecessors, (59), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) Second operand 60 states. [2022-02-20 18:08:52,017 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:52,017 INFO L93 Difference]: Finished difference Result 60 states and 75 transitions. [2022-02-20 18:08:52,017 INFO L276 IsEmpty]: Start isEmpty. Operand 60 states and 75 transitions. [2022-02-20 18:08:52,018 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:52,018 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:52,018 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:52,018 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:52,018 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 60 states, 45 states have (on average 1.3111111111111111) internal successors, (59), 50 states have internal predecessors, (59), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:08:52,020 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 60 states to 60 states and 75 transitions. [2022-02-20 18:08:52,021 INFO L78 Accepts]: Start accepts. Automaton has 60 states and 75 transitions. Word has length 26 [2022-02-20 18:08:52,021 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:52,021 INFO L470 AbstractCegarLoop]: Abstraction has 60 states and 75 transitions. [2022-02-20 18:08:52,021 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:52,021 INFO L276 IsEmpty]: Start isEmpty. Operand 60 states and 75 transitions. [2022-02-20 18:08:52,022 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-02-20 18:08:52,022 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:52,022 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:52,038 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Forceful destruction successful, exit code 0 [2022-02-20 18:08:52,236 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:08:52,237 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:52,237 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:52,237 INFO L85 PathProgramCache]: Analyzing trace with hash -2103466448, now seen corresponding path program 1 times [2022-02-20 18:08:52,238 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:08:52,238 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [342922279] [2022-02-20 18:08:52,238 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:52,239 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:08:52,240 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:08:52,241 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:08:52,243 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Waiting until timeout for monitored process [2022-02-20 18:08:52,299 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:52,301 INFO L263 TraceCheckSpWp]: Trace formula consists of 155 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-20 18:08:52,312 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:52,314 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:08:52,405 INFO L290 TraceCheckUtils]: 0: Hoare triple {1041#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(13bv32, 4bv32);call #Ultimate.allocInit(7bv32, 5bv32);call write~init~intINTTYPE1(44bv8, 5bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 5bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 5bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 5bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 5bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 5bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 5bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 6bv32);call write~init~intINTTYPE1(67bv8, 6bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 6bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 6bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 6bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 6bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 7bv32);call write~init~intINTTYPE1(79bv8, 7bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 7bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 7bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 8bv32);call write~init~intINTTYPE1(41bv8, 8bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 8bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 9bv32);call #Ultimate.allocInit(3bv32, 10bv32);call write~init~intINTTYPE1(79bv8, 10bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 10bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 10bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 11bv32);call write~init~intINTTYPE1(79bv8, 11bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 11bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 11bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 11bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 12bv32);call write~init~intINTTYPE1(44bv8, 12bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 12bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 12bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 12bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 12bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 12bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 12bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 13bv32);call write~init~intINTTYPE1(79bv8, 13bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 13bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 13bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 14bv32);call write~init~intINTTYPE1(79bv8, 14bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 14bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 14bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 14bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 15bv32);call write~init~intINTTYPE1(41bv8, 15bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 15bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 15bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 16bv32);call write~init~intINTTYPE1(10bv8, 16bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 16bv32, 1bv32, 1bv32);call #Ultimate.allocInit(30bv32, 17bv32);call #Ultimate.allocInit(9bv32, 18bv32);call #Ultimate.allocInit(21bv32, 19bv32);call #Ultimate.allocInit(30bv32, 20bv32);call #Ultimate.allocInit(9bv32, 21bv32);call #Ultimate.allocInit(21bv32, 22bv32);call #Ultimate.allocInit(30bv32, 23bv32);call #Ultimate.allocInit(9bv32, 24bv32);call #Ultimate.allocInit(25bv32, 25bv32);call #Ultimate.allocInit(30bv32, 26bv32);call #Ultimate.allocInit(9bv32, 27bv32);call #Ultimate.allocInit(25bv32, 28bv32);~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~cleanupTimeShifts~0 := 4bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {1046#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:52,405 INFO L290 TraceCheckUtils]: 1: Hoare triple {1046#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret10#1, main_~retValue_acc~4#1, main_~tmp~0#1;havoc main_~retValue_acc~4#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {1046#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:52,406 INFO L290 TraceCheckUtils]: 2: Hoare triple {1046#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1046#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:52,407 INFO L290 TraceCheckUtils]: 3: Hoare triple {1046#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~3#1;havoc valid_product_~retValue_acc~3#1;valid_product_~retValue_acc~3#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~3#1; {1046#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:52,408 INFO L290 TraceCheckUtils]: 4: Hoare triple {1046#(= ~systemActive~0 (_ bv1 32))} main_#t~ret10#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~0#1 := main_#t~ret10#1;havoc main_#t~ret10#1; {1046#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:52,408 INFO L290 TraceCheckUtils]: 5: Hoare triple {1046#(= ~systemActive~0 (_ bv1 32))} assume 0bv32 != main_~tmp~0#1;assume { :begin_inline_setup } true; {1046#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:52,409 INFO L290 TraceCheckUtils]: 6: Hoare triple {1046#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet25#1, test_#t~nondet26#1, test_#t~nondet27#1, test_#t~nondet28#1, test_~splverifierCounter~0#1, test_~tmp~4#1, test_~tmp___0~1#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~4#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {1046#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:52,409 INFO L290 TraceCheckUtils]: 7: Hoare triple {1046#(= ~systemActive~0 (_ bv1 32))} assume !false; {1046#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:52,410 INFO L290 TraceCheckUtils]: 8: Hoare triple {1046#(= ~systemActive~0 (_ bv1 32))} assume ~bvslt32(test_~splverifierCounter~0#1, 4bv32); {1046#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:52,410 INFO L290 TraceCheckUtils]: 9: Hoare triple {1046#(= ~systemActive~0 (_ bv1 32))} test_~tmp~4#1 := test_#t~nondet25#1;havoc test_#t~nondet25#1; {1046#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:52,410 INFO L290 TraceCheckUtils]: 10: Hoare triple {1046#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != test_~tmp~4#1); {1046#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:52,411 INFO L290 TraceCheckUtils]: 11: Hoare triple {1046#(= ~systemActive~0 (_ bv1 32))} test_~tmp___0~1#1 := test_#t~nondet26#1;havoc test_#t~nondet26#1; {1046#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:52,412 INFO L290 TraceCheckUtils]: 12: Hoare triple {1046#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___0~1#1); {1046#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:52,412 INFO L290 TraceCheckUtils]: 13: Hoare triple {1046#(= ~systemActive~0 (_ bv1 32))} test_~tmp___2~0#1 := test_#t~nondet27#1;havoc test_#t~nondet27#1; {1046#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:52,412 INFO L290 TraceCheckUtils]: 14: Hoare triple {1046#(= ~systemActive~0 (_ bv1 32))} assume 0bv32 != test_~tmp___2~0#1; {1046#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:52,413 INFO L272 TraceCheckUtils]: 15: Hoare triple {1046#(= ~systemActive~0 (_ bv1 32))} call timeShift(); {1046#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:52,413 INFO L290 TraceCheckUtils]: 16: Hoare triple {1046#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {1046#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:08:52,414 INFO L290 TraceCheckUtils]: 17: Hoare triple {1046#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != ~systemActive~0); {1042#false} is VALID [2022-02-20 18:08:52,414 INFO L290 TraceCheckUtils]: 18: Hoare triple {1042#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret22#1, __utac_acc__Specification3_spec__1_#t~ret23#1, __utac_acc__Specification3_spec__1_#t~ret24#1, __utac_acc__Specification3_spec__1_~tmp~3#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {1042#false} is VALID [2022-02-20 18:08:52,414 INFO L272 TraceCheckUtils]: 19: Hoare triple {1042#false} call __utac_acc__Specification3_spec__1_#t~ret22#1 := isMethaneLevelCritical(); {1042#false} is VALID [2022-02-20 18:08:52,414 INFO L290 TraceCheckUtils]: 20: Hoare triple {1042#false} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {1042#false} is VALID [2022-02-20 18:08:52,414 INFO L290 TraceCheckUtils]: 21: Hoare triple {1042#false} assume true; {1042#false} is VALID [2022-02-20 18:08:52,415 INFO L284 TraceCheckUtils]: 22: Hoare quadruple {1042#false} {1042#false} #200#return; {1042#false} is VALID [2022-02-20 18:08:52,415 INFO L290 TraceCheckUtils]: 23: Hoare triple {1042#false} __utac_acc__Specification3_spec__1_~tmp~3#1 := __utac_acc__Specification3_spec__1_#t~ret22#1;havoc __utac_acc__Specification3_spec__1_#t~ret22#1; {1042#false} is VALID [2022-02-20 18:08:52,415 INFO L290 TraceCheckUtils]: 24: Hoare triple {1042#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~3#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~1#1;havoc getWaterLevel_~retValue_acc~1#1;getWaterLevel_~retValue_acc~1#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; {1042#false} is VALID [2022-02-20 18:08:52,415 INFO L290 TraceCheckUtils]: 25: Hoare triple {1042#false} __utac_acc__Specification3_spec__1_#t~ret23#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret23#1;havoc __utac_acc__Specification3_spec__1_#t~ret23#1; {1042#false} is VALID [2022-02-20 18:08:52,415 INFO L290 TraceCheckUtils]: 26: Hoare triple {1042#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~6#1;havoc isPumpRunning_~retValue_acc~6#1;isPumpRunning_~retValue_acc~6#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~6#1; {1042#false} is VALID [2022-02-20 18:08:52,415 INFO L290 TraceCheckUtils]: 27: Hoare triple {1042#false} __utac_acc__Specification3_spec__1_#t~ret24#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret24#1;havoc __utac_acc__Specification3_spec__1_#t~ret24#1; {1042#false} is VALID [2022-02-20 18:08:52,416 INFO L290 TraceCheckUtils]: 28: Hoare triple {1042#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {1042#false} is VALID [2022-02-20 18:08:52,416 INFO L290 TraceCheckUtils]: 29: Hoare triple {1042#false} assume !false; {1042#false} is VALID [2022-02-20 18:08:52,416 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:52,416 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:08:52,416 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:08:52,417 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [342922279] [2022-02-20 18:08:52,417 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [342922279] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:52,417 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:52,417 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:08:52,417 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1376319101] [2022-02-20 18:08:52,417 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:52,418 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:08:52,418 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:52,418 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:52,452 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 30 edges. 30 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:52,453 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:08:52,453 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:08:52,453 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:08:52,453 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:52,454 INFO L87 Difference]: Start difference. First operand 60 states and 75 transitions. Second operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:52,539 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:52,540 INFO L93 Difference]: Finished difference Result 113 states and 144 transitions. [2022-02-20 18:08:52,540 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:08:52,540 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:08:52,540 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:52,540 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:52,543 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 144 transitions. [2022-02-20 18:08:52,543 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:52,545 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 144 transitions. [2022-02-20 18:08:52,545 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 144 transitions. [2022-02-20 18:08:52,673 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 144 edges. 144 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:52,675 INFO L225 Difference]: With dead ends: 113 [2022-02-20 18:08:52,675 INFO L226 Difference]: Without dead ends: 60 [2022-02-20 18:08:52,675 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 29 GetRequests, 28 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:52,676 INFO L933 BasicCegarLoop]: 73 mSDtfsCounter, 57 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 57 SdHoareTripleChecker+Valid, 73 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:52,677 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [57 Valid, 73 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:52,677 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 60 states. [2022-02-20 18:08:52,685 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 60 to 60. [2022-02-20 18:08:52,685 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:52,686 INFO L82 GeneralOperation]: Start isEquivalent. First operand 60 states. Second operand has 60 states, 45 states have (on average 1.288888888888889) internal successors, (58), 50 states have internal predecessors, (58), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:08:52,686 INFO L74 IsIncluded]: Start isIncluded. First operand 60 states. Second operand has 60 states, 45 states have (on average 1.288888888888889) internal successors, (58), 50 states have internal predecessors, (58), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:08:52,687 INFO L87 Difference]: Start difference. First operand 60 states. Second operand has 60 states, 45 states have (on average 1.288888888888889) internal successors, (58), 50 states have internal predecessors, (58), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:08:52,693 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:52,693 INFO L93 Difference]: Finished difference Result 60 states and 74 transitions. [2022-02-20 18:08:52,693 INFO L276 IsEmpty]: Start isEmpty. Operand 60 states and 74 transitions. [2022-02-20 18:08:52,694 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:52,694 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:52,694 INFO L74 IsIncluded]: Start isIncluded. First operand has 60 states, 45 states have (on average 1.288888888888889) internal successors, (58), 50 states have internal predecessors, (58), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) Second operand 60 states. [2022-02-20 18:08:52,695 INFO L87 Difference]: Start difference. First operand has 60 states, 45 states have (on average 1.288888888888889) internal successors, (58), 50 states have internal predecessors, (58), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) Second operand 60 states. [2022-02-20 18:08:52,697 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:52,697 INFO L93 Difference]: Finished difference Result 60 states and 74 transitions. [2022-02-20 18:08:52,697 INFO L276 IsEmpty]: Start isEmpty. Operand 60 states and 74 transitions. [2022-02-20 18:08:52,698 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:52,698 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:52,698 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:52,698 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:52,698 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 60 states, 45 states have (on average 1.288888888888889) internal successors, (58), 50 states have internal predecessors, (58), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:08:52,700 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 60 states to 60 states and 74 transitions. [2022-02-20 18:08:52,700 INFO L78 Accepts]: Start accepts. Automaton has 60 states and 74 transitions. Word has length 30 [2022-02-20 18:08:52,700 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:52,701 INFO L470 AbstractCegarLoop]: Abstraction has 60 states and 74 transitions. [2022-02-20 18:08:52,701 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:52,701 INFO L276 IsEmpty]: Start isEmpty. Operand 60 states and 74 transitions. [2022-02-20 18:08:52,702 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2022-02-20 18:08:52,702 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:52,702 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:52,713 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Forceful destruction successful, exit code 0 [2022-02-20 18:08:52,911 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:08:52,912 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:52,913 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:52,913 INFO L85 PathProgramCache]: Analyzing trace with hash -911409767, now seen corresponding path program 1 times [2022-02-20 18:08:52,913 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:08:52,914 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1200557737] [2022-02-20 18:08:52,914 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:52,914 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:08:52,914 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:08:52,915 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:08:52,917 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Waiting until timeout for monitored process [2022-02-20 18:08:52,963 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:52,965 INFO L263 TraceCheckSpWp]: Trace formula consists of 162 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 18:08:52,975 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:52,976 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:08:53,111 INFO L290 TraceCheckUtils]: 0: Hoare triple {1497#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(13bv32, 4bv32);call #Ultimate.allocInit(7bv32, 5bv32);call write~init~intINTTYPE1(44bv8, 5bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 5bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 5bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 5bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 5bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 5bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 5bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 6bv32);call write~init~intINTTYPE1(67bv8, 6bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 6bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 6bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 6bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 6bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 7bv32);call write~init~intINTTYPE1(79bv8, 7bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 7bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 7bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 8bv32);call write~init~intINTTYPE1(41bv8, 8bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 8bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 9bv32);call #Ultimate.allocInit(3bv32, 10bv32);call write~init~intINTTYPE1(79bv8, 10bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 10bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 10bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 11bv32);call write~init~intINTTYPE1(79bv8, 11bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 11bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 11bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 11bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 12bv32);call write~init~intINTTYPE1(44bv8, 12bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 12bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 12bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 12bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 12bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 12bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 12bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 13bv32);call write~init~intINTTYPE1(79bv8, 13bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 13bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 13bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 14bv32);call write~init~intINTTYPE1(79bv8, 14bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 14bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 14bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 14bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 15bv32);call write~init~intINTTYPE1(41bv8, 15bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 15bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 15bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 16bv32);call write~init~intINTTYPE1(10bv8, 16bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 16bv32, 1bv32, 1bv32);call #Ultimate.allocInit(30bv32, 17bv32);call #Ultimate.allocInit(9bv32, 18bv32);call #Ultimate.allocInit(21bv32, 19bv32);call #Ultimate.allocInit(30bv32, 20bv32);call #Ultimate.allocInit(9bv32, 21bv32);call #Ultimate.allocInit(21bv32, 22bv32);call #Ultimate.allocInit(30bv32, 23bv32);call #Ultimate.allocInit(9bv32, 24bv32);call #Ultimate.allocInit(25bv32, 25bv32);call #Ultimate.allocInit(30bv32, 26bv32);call #Ultimate.allocInit(9bv32, 27bv32);call #Ultimate.allocInit(25bv32, 28bv32);~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~cleanupTimeShifts~0 := 4bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,112 INFO L290 TraceCheckUtils]: 1: Hoare triple {1502#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret10#1, main_~retValue_acc~4#1, main_~tmp~0#1;havoc main_~retValue_acc~4#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,113 INFO L290 TraceCheckUtils]: 2: Hoare triple {1502#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,113 INFO L290 TraceCheckUtils]: 3: Hoare triple {1502#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~3#1;havoc valid_product_~retValue_acc~3#1;valid_product_~retValue_acc~3#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~3#1; {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,113 INFO L290 TraceCheckUtils]: 4: Hoare triple {1502#(= ~waterLevel~0 (_ bv1 32))} main_#t~ret10#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~0#1 := main_#t~ret10#1;havoc main_#t~ret10#1; {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,114 INFO L290 TraceCheckUtils]: 5: Hoare triple {1502#(= ~waterLevel~0 (_ bv1 32))} assume 0bv32 != main_~tmp~0#1;assume { :begin_inline_setup } true; {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,114 INFO L290 TraceCheckUtils]: 6: Hoare triple {1502#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet25#1, test_#t~nondet26#1, test_#t~nondet27#1, test_#t~nondet28#1, test_~splverifierCounter~0#1, test_~tmp~4#1, test_~tmp___0~1#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~4#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,115 INFO L290 TraceCheckUtils]: 7: Hoare triple {1502#(= ~waterLevel~0 (_ bv1 32))} assume !false; {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,115 INFO L290 TraceCheckUtils]: 8: Hoare triple {1502#(= ~waterLevel~0 (_ bv1 32))} assume ~bvslt32(test_~splverifierCounter~0#1, 4bv32); {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,116 INFO L290 TraceCheckUtils]: 9: Hoare triple {1502#(= ~waterLevel~0 (_ bv1 32))} test_~tmp~4#1 := test_#t~nondet25#1;havoc test_#t~nondet25#1; {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,116 INFO L290 TraceCheckUtils]: 10: Hoare triple {1502#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != test_~tmp~4#1); {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,116 INFO L290 TraceCheckUtils]: 11: Hoare triple {1502#(= ~waterLevel~0 (_ bv1 32))} test_~tmp___0~1#1 := test_#t~nondet26#1;havoc test_#t~nondet26#1; {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,117 INFO L290 TraceCheckUtils]: 12: Hoare triple {1502#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___0~1#1); {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,117 INFO L290 TraceCheckUtils]: 13: Hoare triple {1502#(= ~waterLevel~0 (_ bv1 32))} test_~tmp___2~0#1 := test_#t~nondet27#1;havoc test_#t~nondet27#1; {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,118 INFO L290 TraceCheckUtils]: 14: Hoare triple {1502#(= ~waterLevel~0 (_ bv1 32))} assume 0bv32 != test_~tmp___2~0#1; {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,118 INFO L272 TraceCheckUtils]: 15: Hoare triple {1502#(= ~waterLevel~0 (_ bv1 32))} call timeShift(); {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,119 INFO L290 TraceCheckUtils]: 16: Hoare triple {1502#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,119 INFO L290 TraceCheckUtils]: 17: Hoare triple {1502#(= ~waterLevel~0 (_ bv1 32))} assume 0bv32 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret11#1, processEnvironment_~tmp~1#1;havoc processEnvironment_~tmp~1#1; {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,120 INFO L290 TraceCheckUtils]: 18: Hoare triple {1502#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,120 INFO L272 TraceCheckUtils]: 19: Hoare triple {1502#(= ~waterLevel~0 (_ bv1 32))} call processEnvironment__wrappee__methaneQuery(); {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,120 INFO L290 TraceCheckUtils]: 20: Hoare triple {1502#(= ~waterLevel~0 (_ bv1 32))} assume true; {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,121 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {1502#(= ~waterLevel~0 (_ bv1 32))} {1502#(= ~waterLevel~0 (_ bv1 32))} #198#return; {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,121 INFO L290 TraceCheckUtils]: 22: Hoare triple {1502#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_processEnvironment } true; {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,122 INFO L290 TraceCheckUtils]: 23: Hoare triple {1502#(= ~waterLevel~0 (_ bv1 32))} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret22#1, __utac_acc__Specification3_spec__1_#t~ret23#1, __utac_acc__Specification3_spec__1_#t~ret24#1, __utac_acc__Specification3_spec__1_~tmp~3#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,127 INFO L272 TraceCheckUtils]: 24: Hoare triple {1502#(= ~waterLevel~0 (_ bv1 32))} call __utac_acc__Specification3_spec__1_#t~ret22#1 := isMethaneLevelCritical(); {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,128 INFO L290 TraceCheckUtils]: 25: Hoare triple {1502#(= ~waterLevel~0 (_ bv1 32))} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,128 INFO L290 TraceCheckUtils]: 26: Hoare triple {1502#(= ~waterLevel~0 (_ bv1 32))} assume true; {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,129 INFO L284 TraceCheckUtils]: 27: Hoare quadruple {1502#(= ~waterLevel~0 (_ bv1 32))} {1502#(= ~waterLevel~0 (_ bv1 32))} #200#return; {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,131 INFO L290 TraceCheckUtils]: 28: Hoare triple {1502#(= ~waterLevel~0 (_ bv1 32))} __utac_acc__Specification3_spec__1_~tmp~3#1 := __utac_acc__Specification3_spec__1_#t~ret22#1;havoc __utac_acc__Specification3_spec__1_#t~ret22#1; {1502#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:08:53,131 INFO L290 TraceCheckUtils]: 29: Hoare triple {1502#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~3#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~1#1;havoc getWaterLevel_~retValue_acc~1#1;getWaterLevel_~retValue_acc~1#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; {1590#(= |timeShift_getWaterLevel_#res#1| (_ bv1 32))} is VALID [2022-02-20 18:08:53,132 INFO L290 TraceCheckUtils]: 30: Hoare triple {1590#(= |timeShift_getWaterLevel_#res#1| (_ bv1 32))} __utac_acc__Specification3_spec__1_#t~ret23#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret23#1;havoc __utac_acc__Specification3_spec__1_#t~ret23#1; {1594#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1| (_ bv1 32))} is VALID [2022-02-20 18:08:53,133 INFO L290 TraceCheckUtils]: 31: Hoare triple {1594#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1| (_ bv1 32))} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~6#1;havoc isPumpRunning_~retValue_acc~6#1;isPumpRunning_~retValue_acc~6#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~6#1; {1498#false} is VALID [2022-02-20 18:08:53,134 INFO L290 TraceCheckUtils]: 32: Hoare triple {1498#false} __utac_acc__Specification3_spec__1_#t~ret24#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret24#1;havoc __utac_acc__Specification3_spec__1_#t~ret24#1; {1498#false} is VALID [2022-02-20 18:08:53,134 INFO L290 TraceCheckUtils]: 33: Hoare triple {1498#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {1498#false} is VALID [2022-02-20 18:08:53,147 INFO L290 TraceCheckUtils]: 34: Hoare triple {1498#false} assume !false; {1498#false} is VALID [2022-02-20 18:08:53,147 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:53,147 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:08:53,148 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:08:53,148 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1200557737] [2022-02-20 18:08:53,148 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1200557737] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:53,148 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:53,148 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 18:08:53,148 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [443973076] [2022-02-20 18:08:53,149 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:53,149 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 35 [2022-02-20 18:08:53,149 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:53,150 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:53,188 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 35 edges. 35 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:53,188 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 18:08:53,188 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:08:53,189 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 18:08:53,189 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 18:08:53,189 INFO L87 Difference]: Start difference. First operand 60 states and 74 transitions. Second operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:53,475 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:53,477 INFO L93 Difference]: Finished difference Result 162 states and 208 transitions. [2022-02-20 18:08:53,477 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 18:08:53,477 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 35 [2022-02-20 18:08:53,479 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:53,479 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:53,482 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 208 transitions. [2022-02-20 18:08:53,483 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:53,488 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 208 transitions. [2022-02-20 18:08:53,488 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 208 transitions. [2022-02-20 18:08:53,665 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 208 edges. 208 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:53,668 INFO L225 Difference]: With dead ends: 162 [2022-02-20 18:08:53,668 INFO L226 Difference]: Without dead ends: 109 [2022-02-20 18:08:53,669 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 36 GetRequests, 31 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-02-20 18:08:53,670 INFO L933 BasicCegarLoop]: 80 mSDtfsCounter, 40 mSDsluCounter, 219 mSDsCounter, 0 mSdLazyCounter, 21 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 40 SdHoareTripleChecker+Valid, 299 SdHoareTripleChecker+Invalid, 23 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 21 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:53,670 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [40 Valid, 299 Invalid, 23 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 21 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:53,671 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 109 states. [2022-02-20 18:08:53,679 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 109 to 106. [2022-02-20 18:08:53,679 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:53,680 INFO L82 GeneralOperation]: Start isEquivalent. First operand 109 states. Second operand has 106 states, 78 states have (on average 1.2820512820512822) internal successors, (100), 86 states have internal predecessors, (100), 16 states have call successors, (16), 12 states have call predecessors, (16), 11 states have return successors, (17), 13 states have call predecessors, (17), 16 states have call successors, (17) [2022-02-20 18:08:53,680 INFO L74 IsIncluded]: Start isIncluded. First operand 109 states. Second operand has 106 states, 78 states have (on average 1.2820512820512822) internal successors, (100), 86 states have internal predecessors, (100), 16 states have call successors, (16), 12 states have call predecessors, (16), 11 states have return successors, (17), 13 states have call predecessors, (17), 16 states have call successors, (17) [2022-02-20 18:08:53,681 INFO L87 Difference]: Start difference. First operand 109 states. Second operand has 106 states, 78 states have (on average 1.2820512820512822) internal successors, (100), 86 states have internal predecessors, (100), 16 states have call successors, (16), 12 states have call predecessors, (16), 11 states have return successors, (17), 13 states have call predecessors, (17), 16 states have call successors, (17) [2022-02-20 18:08:53,685 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:53,685 INFO L93 Difference]: Finished difference Result 109 states and 136 transitions. [2022-02-20 18:08:53,685 INFO L276 IsEmpty]: Start isEmpty. Operand 109 states and 136 transitions. [2022-02-20 18:08:53,686 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:53,686 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:53,686 INFO L74 IsIncluded]: Start isIncluded. First operand has 106 states, 78 states have (on average 1.2820512820512822) internal successors, (100), 86 states have internal predecessors, (100), 16 states have call successors, (16), 12 states have call predecessors, (16), 11 states have return successors, (17), 13 states have call predecessors, (17), 16 states have call successors, (17) Second operand 109 states. [2022-02-20 18:08:53,687 INFO L87 Difference]: Start difference. First operand has 106 states, 78 states have (on average 1.2820512820512822) internal successors, (100), 86 states have internal predecessors, (100), 16 states have call successors, (16), 12 states have call predecessors, (16), 11 states have return successors, (17), 13 states have call predecessors, (17), 16 states have call successors, (17) Second operand 109 states. [2022-02-20 18:08:53,690 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:53,690 INFO L93 Difference]: Finished difference Result 109 states and 136 transitions. [2022-02-20 18:08:53,691 INFO L276 IsEmpty]: Start isEmpty. Operand 109 states and 136 transitions. [2022-02-20 18:08:53,691 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:53,691 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:53,691 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:53,691 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:53,692 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 106 states, 78 states have (on average 1.2820512820512822) internal successors, (100), 86 states have internal predecessors, (100), 16 states have call successors, (16), 12 states have call predecessors, (16), 11 states have return successors, (17), 13 states have call predecessors, (17), 16 states have call successors, (17) [2022-02-20 18:08:53,695 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 106 states to 106 states and 133 transitions. [2022-02-20 18:08:53,696 INFO L78 Accepts]: Start accepts. Automaton has 106 states and 133 transitions. Word has length 35 [2022-02-20 18:08:53,696 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:53,696 INFO L470 AbstractCegarLoop]: Abstraction has 106 states and 133 transitions. [2022-02-20 18:08:53,696 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:53,696 INFO L276 IsEmpty]: Start isEmpty. Operand 106 states and 133 transitions. [2022-02-20 18:08:53,697 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2022-02-20 18:08:53,697 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:53,697 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:53,708 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Forceful destruction successful, exit code 0 [2022-02-20 18:08:53,906 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:08:53,906 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:53,907 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:53,907 INFO L85 PathProgramCache]: Analyzing trace with hash -1013292140, now seen corresponding path program 1 times [2022-02-20 18:08:53,907 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:08:53,907 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1924865396] [2022-02-20 18:08:53,907 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:53,908 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:08:53,908 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:08:53,909 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:08:53,910 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Waiting until timeout for monitored process [2022-02-20 18:08:53,976 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:53,978 INFO L263 TraceCheckSpWp]: Trace formula consists of 165 conjuncts, 4 conjunts are in the unsatisfiable core [2022-02-20 18:08:53,991 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:53,993 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:08:54,099 INFO L290 TraceCheckUtils]: 0: Hoare triple {2206#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(13bv32, 4bv32);call #Ultimate.allocInit(7bv32, 5bv32);call write~init~intINTTYPE1(44bv8, 5bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 5bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 5bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 5bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 5bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 5bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 5bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 6bv32);call write~init~intINTTYPE1(67bv8, 6bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 6bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 6bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 6bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 6bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 7bv32);call write~init~intINTTYPE1(79bv8, 7bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 7bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 7bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 8bv32);call write~init~intINTTYPE1(41bv8, 8bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 8bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 9bv32);call #Ultimate.allocInit(3bv32, 10bv32);call write~init~intINTTYPE1(79bv8, 10bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 10bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 10bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 11bv32);call write~init~intINTTYPE1(79bv8, 11bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 11bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 11bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 11bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 12bv32);call write~init~intINTTYPE1(44bv8, 12bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 12bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 12bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 12bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 12bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 12bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 12bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 13bv32);call write~init~intINTTYPE1(79bv8, 13bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 13bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 13bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 14bv32);call write~init~intINTTYPE1(79bv8, 14bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 14bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 14bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 14bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 15bv32);call write~init~intINTTYPE1(41bv8, 15bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 15bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 15bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 16bv32);call write~init~intINTTYPE1(10bv8, 16bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 16bv32, 1bv32, 1bv32);call #Ultimate.allocInit(30bv32, 17bv32);call #Ultimate.allocInit(9bv32, 18bv32);call #Ultimate.allocInit(21bv32, 19bv32);call #Ultimate.allocInit(30bv32, 20bv32);call #Ultimate.allocInit(9bv32, 21bv32);call #Ultimate.allocInit(21bv32, 22bv32);call #Ultimate.allocInit(30bv32, 23bv32);call #Ultimate.allocInit(9bv32, 24bv32);call #Ultimate.allocInit(25bv32, 25bv32);call #Ultimate.allocInit(30bv32, 26bv32);call #Ultimate.allocInit(9bv32, 27bv32);call #Ultimate.allocInit(25bv32, 28bv32);~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~cleanupTimeShifts~0 := 4bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {2211#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:54,100 INFO L290 TraceCheckUtils]: 1: Hoare triple {2211#(= (_ bv0 32) ~pumpRunning~0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret10#1, main_~retValue_acc~4#1, main_~tmp~0#1;havoc main_~retValue_acc~4#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {2211#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:54,102 INFO L290 TraceCheckUtils]: 2: Hoare triple {2211#(= (_ bv0 32) ~pumpRunning~0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {2211#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:54,102 INFO L290 TraceCheckUtils]: 3: Hoare triple {2211#(= (_ bv0 32) ~pumpRunning~0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~3#1;havoc valid_product_~retValue_acc~3#1;valid_product_~retValue_acc~3#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~3#1; {2211#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:54,103 INFO L290 TraceCheckUtils]: 4: Hoare triple {2211#(= (_ bv0 32) ~pumpRunning~0)} main_#t~ret10#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~0#1 := main_#t~ret10#1;havoc main_#t~ret10#1; {2211#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:54,103 INFO L290 TraceCheckUtils]: 5: Hoare triple {2211#(= (_ bv0 32) ~pumpRunning~0)} assume 0bv32 != main_~tmp~0#1;assume { :begin_inline_setup } true; {2211#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:54,104 INFO L290 TraceCheckUtils]: 6: Hoare triple {2211#(= (_ bv0 32) ~pumpRunning~0)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet25#1, test_#t~nondet26#1, test_#t~nondet27#1, test_#t~nondet28#1, test_~splverifierCounter~0#1, test_~tmp~4#1, test_~tmp___0~1#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~4#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {2211#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:54,104 INFO L290 TraceCheckUtils]: 7: Hoare triple {2211#(= (_ bv0 32) ~pumpRunning~0)} assume !false; {2211#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:54,105 INFO L290 TraceCheckUtils]: 8: Hoare triple {2211#(= (_ bv0 32) ~pumpRunning~0)} assume ~bvslt32(test_~splverifierCounter~0#1, 4bv32); {2211#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:54,105 INFO L290 TraceCheckUtils]: 9: Hoare triple {2211#(= (_ bv0 32) ~pumpRunning~0)} test_~tmp~4#1 := test_#t~nondet25#1;havoc test_#t~nondet25#1; {2211#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:54,106 INFO L290 TraceCheckUtils]: 10: Hoare triple {2211#(= (_ bv0 32) ~pumpRunning~0)} assume !(0bv32 != test_~tmp~4#1); {2211#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:54,106 INFO L290 TraceCheckUtils]: 11: Hoare triple {2211#(= (_ bv0 32) ~pumpRunning~0)} test_~tmp___0~1#1 := test_#t~nondet26#1;havoc test_#t~nondet26#1; {2211#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:54,106 INFO L290 TraceCheckUtils]: 12: Hoare triple {2211#(= (_ bv0 32) ~pumpRunning~0)} assume !(0bv32 != test_~tmp___0~1#1); {2211#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:54,107 INFO L290 TraceCheckUtils]: 13: Hoare triple {2211#(= (_ bv0 32) ~pumpRunning~0)} test_~tmp___2~0#1 := test_#t~nondet27#1;havoc test_#t~nondet27#1; {2211#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:54,107 INFO L290 TraceCheckUtils]: 14: Hoare triple {2211#(= (_ bv0 32) ~pumpRunning~0)} assume 0bv32 != test_~tmp___2~0#1; {2211#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:54,108 INFO L272 TraceCheckUtils]: 15: Hoare triple {2211#(= (_ bv0 32) ~pumpRunning~0)} call timeShift(); {2211#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:08:54,108 INFO L290 TraceCheckUtils]: 16: Hoare triple {2211#(= (_ bv0 32) ~pumpRunning~0)} assume 0bv32 != ~pumpRunning~0;assume { :begin_inline_lowerWaterLevel } true; {2207#false} is VALID [2022-02-20 18:08:54,108 INFO L290 TraceCheckUtils]: 17: Hoare triple {2207#false} assume ~bvsgt32(~waterLevel~0, 0bv32);~waterLevel~0 := ~bvsub32(~waterLevel~0, 1bv32); {2207#false} is VALID [2022-02-20 18:08:54,108 INFO L290 TraceCheckUtils]: 18: Hoare triple {2207#false} assume { :end_inline_lowerWaterLevel } true; {2207#false} is VALID [2022-02-20 18:08:54,109 INFO L290 TraceCheckUtils]: 19: Hoare triple {2207#false} assume 0bv32 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret11#1, processEnvironment_~tmp~1#1;havoc processEnvironment_~tmp~1#1; {2207#false} is VALID [2022-02-20 18:08:54,109 INFO L290 TraceCheckUtils]: 20: Hoare triple {2207#false} assume !(0bv32 != ~pumpRunning~0); {2207#false} is VALID [2022-02-20 18:08:54,109 INFO L272 TraceCheckUtils]: 21: Hoare triple {2207#false} call processEnvironment__wrappee__methaneQuery(); {2207#false} is VALID [2022-02-20 18:08:54,109 INFO L290 TraceCheckUtils]: 22: Hoare triple {2207#false} assume true; {2207#false} is VALID [2022-02-20 18:08:54,109 INFO L284 TraceCheckUtils]: 23: Hoare quadruple {2207#false} {2207#false} #198#return; {2207#false} is VALID [2022-02-20 18:08:54,109 INFO L290 TraceCheckUtils]: 24: Hoare triple {2207#false} assume { :end_inline_processEnvironment } true; {2207#false} is VALID [2022-02-20 18:08:54,109 INFO L290 TraceCheckUtils]: 25: Hoare triple {2207#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret22#1, __utac_acc__Specification3_spec__1_#t~ret23#1, __utac_acc__Specification3_spec__1_#t~ret24#1, __utac_acc__Specification3_spec__1_~tmp~3#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {2207#false} is VALID [2022-02-20 18:08:54,110 INFO L272 TraceCheckUtils]: 26: Hoare triple {2207#false} call __utac_acc__Specification3_spec__1_#t~ret22#1 := isMethaneLevelCritical(); {2207#false} is VALID [2022-02-20 18:08:54,110 INFO L290 TraceCheckUtils]: 27: Hoare triple {2207#false} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {2207#false} is VALID [2022-02-20 18:08:54,110 INFO L290 TraceCheckUtils]: 28: Hoare triple {2207#false} assume true; {2207#false} is VALID [2022-02-20 18:08:54,110 INFO L284 TraceCheckUtils]: 29: Hoare quadruple {2207#false} {2207#false} #200#return; {2207#false} is VALID [2022-02-20 18:08:54,110 INFO L290 TraceCheckUtils]: 30: Hoare triple {2207#false} __utac_acc__Specification3_spec__1_~tmp~3#1 := __utac_acc__Specification3_spec__1_#t~ret22#1;havoc __utac_acc__Specification3_spec__1_#t~ret22#1; {2207#false} is VALID [2022-02-20 18:08:54,110 INFO L290 TraceCheckUtils]: 31: Hoare triple {2207#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~3#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~1#1;havoc getWaterLevel_~retValue_acc~1#1;getWaterLevel_~retValue_acc~1#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; {2207#false} is VALID [2022-02-20 18:08:54,110 INFO L290 TraceCheckUtils]: 32: Hoare triple {2207#false} __utac_acc__Specification3_spec__1_#t~ret23#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret23#1;havoc __utac_acc__Specification3_spec__1_#t~ret23#1; {2207#false} is VALID [2022-02-20 18:08:54,111 INFO L290 TraceCheckUtils]: 33: Hoare triple {2207#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~6#1;havoc isPumpRunning_~retValue_acc~6#1;isPumpRunning_~retValue_acc~6#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~6#1; {2207#false} is VALID [2022-02-20 18:08:54,111 INFO L290 TraceCheckUtils]: 34: Hoare triple {2207#false} __utac_acc__Specification3_spec__1_#t~ret24#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret24#1;havoc __utac_acc__Specification3_spec__1_#t~ret24#1; {2207#false} is VALID [2022-02-20 18:08:54,111 INFO L290 TraceCheckUtils]: 35: Hoare triple {2207#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {2207#false} is VALID [2022-02-20 18:08:54,111 INFO L290 TraceCheckUtils]: 36: Hoare triple {2207#false} assume !false; {2207#false} is VALID [2022-02-20 18:08:54,111 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:54,111 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:08:54,112 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:08:54,112 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1924865396] [2022-02-20 18:08:54,112 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1924865396] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:54,112 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:54,112 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:08:54,112 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1105173939] [2022-02-20 18:08:54,112 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:54,113 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 2 states have internal predecessors, (32), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 37 [2022-02-20 18:08:54,113 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:54,113 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 2 states have internal predecessors, (32), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:54,144 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 37 edges. 37 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:54,144 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:08:54,144 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:08:54,145 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:08:54,145 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:54,145 INFO L87 Difference]: Start difference. First operand 106 states and 133 transitions. Second operand has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 2 states have internal predecessors, (32), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:54,207 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:54,208 INFO L93 Difference]: Finished difference Result 182 states and 231 transitions. [2022-02-20 18:08:54,208 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:08:54,208 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 2 states have internal predecessors, (32), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 37 [2022-02-20 18:08:54,208 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:54,208 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 2 states have internal predecessors, (32), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:54,210 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 126 transitions. [2022-02-20 18:08:54,210 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 2 states have internal predecessors, (32), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:54,212 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 126 transitions. [2022-02-20 18:08:54,212 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 126 transitions. [2022-02-20 18:08:54,309 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 126 edges. 126 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:54,311 INFO L225 Difference]: With dead ends: 182 [2022-02-20 18:08:54,311 INFO L226 Difference]: Without dead ends: 83 [2022-02-20 18:08:54,312 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 36 GetRequests, 35 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:54,313 INFO L933 BasicCegarLoop]: 53 mSDtfsCounter, 40 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 40 SdHoareTripleChecker+Valid, 53 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:54,313 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [40 Valid, 53 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:54,314 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 83 states. [2022-02-20 18:08:54,320 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 83 to 83. [2022-02-20 18:08:54,320 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:54,321 INFO L82 GeneralOperation]: Start isEquivalent. First operand 83 states. Second operand has 83 states, 63 states have (on average 1.2380952380952381) internal successors, (78), 67 states have internal predecessors, (78), 10 states have call successors, (10), 10 states have call predecessors, (10), 9 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 18:08:54,321 INFO L74 IsIncluded]: Start isIncluded. First operand 83 states. Second operand has 83 states, 63 states have (on average 1.2380952380952381) internal successors, (78), 67 states have internal predecessors, (78), 10 states have call successors, (10), 10 states have call predecessors, (10), 9 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 18:08:54,322 INFO L87 Difference]: Start difference. First operand 83 states. Second operand has 83 states, 63 states have (on average 1.2380952380952381) internal successors, (78), 67 states have internal predecessors, (78), 10 states have call successors, (10), 10 states have call predecessors, (10), 9 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 18:08:54,324 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:54,324 INFO L93 Difference]: Finished difference Result 83 states and 98 transitions. [2022-02-20 18:08:54,325 INFO L276 IsEmpty]: Start isEmpty. Operand 83 states and 98 transitions. [2022-02-20 18:08:54,325 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:54,325 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:54,325 INFO L74 IsIncluded]: Start isIncluded. First operand has 83 states, 63 states have (on average 1.2380952380952381) internal successors, (78), 67 states have internal predecessors, (78), 10 states have call successors, (10), 10 states have call predecessors, (10), 9 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand 83 states. [2022-02-20 18:08:54,326 INFO L87 Difference]: Start difference. First operand has 83 states, 63 states have (on average 1.2380952380952381) internal successors, (78), 67 states have internal predecessors, (78), 10 states have call successors, (10), 10 states have call predecessors, (10), 9 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand 83 states. [2022-02-20 18:08:54,328 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:54,328 INFO L93 Difference]: Finished difference Result 83 states and 98 transitions. [2022-02-20 18:08:54,329 INFO L276 IsEmpty]: Start isEmpty. Operand 83 states and 98 transitions. [2022-02-20 18:08:54,329 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:54,329 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:54,329 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:54,329 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:54,330 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 83 states, 63 states have (on average 1.2380952380952381) internal successors, (78), 67 states have internal predecessors, (78), 10 states have call successors, (10), 10 states have call predecessors, (10), 9 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 18:08:54,341 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 83 states to 83 states and 98 transitions. [2022-02-20 18:08:54,341 INFO L78 Accepts]: Start accepts. Automaton has 83 states and 98 transitions. Word has length 37 [2022-02-20 18:08:54,342 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:54,342 INFO L470 AbstractCegarLoop]: Abstraction has 83 states and 98 transitions. [2022-02-20 18:08:54,342 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 2 states have internal predecessors, (32), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:08:54,342 INFO L276 IsEmpty]: Start isEmpty. Operand 83 states and 98 transitions. [2022-02-20 18:08:54,343 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 40 [2022-02-20 18:08:54,343 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:54,343 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:54,355 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Forceful destruction successful, exit code 0 [2022-02-20 18:08:54,552 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:08:54,553 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:54,553 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:54,553 INFO L85 PathProgramCache]: Analyzing trace with hash -1779490157, now seen corresponding path program 1 times [2022-02-20 18:08:54,554 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:08:54,554 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [202205689] [2022-02-20 18:08:54,554 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:54,554 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:08:54,554 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:08:54,555 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:08:54,556 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Waiting until timeout for monitored process [2022-02-20 18:08:54,605 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:08:54,605 INFO L352 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2022-02-20 18:08:54,628 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:08:54,664 INFO L138 FreeRefinementEngine]: Strategy WOLF found a feasible trace [2022-02-20 18:08:54,665 INFO L628 BasicCegarLoop]: Counterexample is feasible [2022-02-20 18:08:54,666 INFO L764 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-02-20 18:08:54,679 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Forceful destruction successful, exit code 0 [2022-02-20 18:08:54,867 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:08:54,870 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1] [2022-02-20 18:08:54,872 INFO L180 ceAbstractionStarter]: Computing trace abstraction results [2022-02-20 18:08:54,894 FATAL L489 DefaultTranslator]: Callstack has procedure call flag but succeeding procedure is empty at [CALL] call waterRise(); [2022-02-20 18:08:54,896 FATAL L? ?]: The Plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction has thrown an exception: java.lang.AssertionError: callstack broken after backtranslation by InlinerBacktranslator at de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:216) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:206) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getProgramExecutionAsString(CounterExampleResult.java:155) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getLongDescription(CounterExampleResult.java:134) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ResultService.reportResult(ResultService.java:86) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.CegarLoopResultReporter.reportResult(CegarLoopResultReporter.java:141) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.reportLocationResults(TraceAbstractionStarter.java:607) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.runCegarLoops(TraceAbstractionStarter.java:182) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.(TraceAbstractionStarter.java:156) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver.finish(TraceAbstractionObserver.java:123) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runObserver(PluginConnector.java:168) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runTool(PluginConnector.java:151) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.run(PluginConnector.java:128) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.executePluginConnector(ToolchainWalker.java:232) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.processPlugin(ToolchainWalker.java:226) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walkUnprotected(ToolchainWalker.java:142) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walk(ToolchainWalker.java:104) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainManager$Toolchain.processToolchain(ToolchainManager.java:320) at de.uni_freiburg.informatik.ultimate.core.coreplugin.toolchain.DefaultToolchainJob.run(DefaultToolchainJob.java:145) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:63) [2022-02-20 18:08:54,898 INFO L158 Benchmark]: Toolchain (without parser) took 5659.08ms. Allocated memory was 54.5MB in the beginning and 81.8MB in the end (delta: 27.3MB). Free memory was 30.4MB in the beginning and 47.3MB in the end (delta: -16.9MB). Peak memory consumption was 8.7MB. Max. memory is 16.1GB. [2022-02-20 18:08:54,898 INFO L158 Benchmark]: CDTParser took 0.18ms. Allocated memory is still 54.5MB. Free memory is still 35.5MB. There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:08:54,898 INFO L158 Benchmark]: CACSL2BoogieTranslator took 582.44ms. Allocated memory was 54.5MB in the beginning and 67.1MB in the end (delta: 12.6MB). Free memory was 30.1MB in the beginning and 47.6MB in the end (delta: -17.5MB). Peak memory consumption was 10.6MB. Max. memory is 16.1GB. [2022-02-20 18:08:54,898 INFO L158 Benchmark]: Boogie Procedure Inliner took 64.46ms. Allocated memory is still 67.1MB. Free memory was 47.6MB in the beginning and 44.9MB in the end (delta: 2.7MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-02-20 18:08:54,899 INFO L158 Benchmark]: Boogie Preprocessor took 25.10ms. Allocated memory is still 67.1MB. Free memory was 44.9MB in the beginning and 43.4MB in the end (delta: 1.5MB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:08:54,899 INFO L158 Benchmark]: RCFGBuilder took 519.72ms. Allocated memory is still 67.1MB. Free memory was 43.4MB in the beginning and 45.0MB in the end (delta: -1.5MB). Peak memory consumption was 17.5MB. Max. memory is 16.1GB. [2022-02-20 18:08:54,899 INFO L158 Benchmark]: TraceAbstraction took 4459.68ms. Allocated memory was 67.1MB in the beginning and 81.8MB in the end (delta: 14.7MB). Free memory was 44.5MB in the beginning and 47.3MB in the end (delta: -2.8MB). Peak memory consumption was 12.1MB. Max. memory is 16.1GB. [2022-02-20 18:08:54,901 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.18ms. Allocated memory is still 54.5MB. Free memory is still 35.5MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 582.44ms. Allocated memory was 54.5MB in the beginning and 67.1MB in the end (delta: 12.6MB). Free memory was 30.1MB in the beginning and 47.6MB in the end (delta: -17.5MB). Peak memory consumption was 10.6MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 64.46ms. Allocated memory is still 67.1MB. Free memory was 47.6MB in the beginning and 44.9MB in the end (delta: 2.7MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 25.10ms. Allocated memory is still 67.1MB. Free memory was 44.9MB in the beginning and 43.4MB in the end (delta: 1.5MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 519.72ms. Allocated memory is still 67.1MB. Free memory was 43.4MB in the beginning and 45.0MB in the end (delta: -1.5MB). Peak memory consumption was 17.5MB. Max. memory is 16.1GB. * TraceAbstraction took 4459.68ms. Allocated memory was 67.1MB in the beginning and 81.8MB in the end (delta: 14.7MB). Free memory was 44.5MB in the beginning and 47.3MB in the end (delta: -2.8MB). Peak memory consumption was 12.1MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: AssertionError: callstack broken after backtranslation by InlinerBacktranslator: de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) RESULT: Ultimate could not prove your program: Toolchain returned no result. [2022-02-20 18:08:54,931 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: ERROR: ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator