./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec3_product21.cil.c --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 03d7b7b3 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_product21.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash cb1c81112da7426f28a4c2690555e17bdc3cfadcaf288b3cb23a3bbf0c5e9fe6 --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 18:08:50,780 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 18:08:50,782 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 18:08:50,817 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 18:08:50,817 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 18:08:50,820 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 18:08:50,821 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 18:08:50,823 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 18:08:50,824 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 18:08:50,828 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 18:08:50,828 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 18:08:50,829 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 18:08:50,829 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 18:08:50,831 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 18:08:50,832 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 18:08:50,835 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 18:08:50,835 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 18:08:50,836 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 18:08:50,838 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 18:08:50,841 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 18:08:50,842 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 18:08:50,844 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 18:08:50,844 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 18:08:50,845 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 18:08:50,846 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 18:08:50,847 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 18:08:50,847 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 18:08:50,847 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 18:08:50,848 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 18:08:50,848 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 18:08:50,849 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 18:08:50,849 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 18:08:50,850 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 18:08:50,850 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 18:08:50,851 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 18:08:50,851 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 18:08:50,852 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 18:08:50,852 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 18:08:50,852 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 18:08:50,852 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 18:08:50,853 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 18:08:50,854 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-02-20 18:08:50,867 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 18:08:50,867 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 18:08:50,868 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 18:08:50,868 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 18:08:50,869 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 18:08:50,869 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 18:08:50,869 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 18:08:50,869 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 18:08:50,869 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 18:08:50,870 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 18:08:50,870 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 18:08:50,870 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 18:08:50,870 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 18:08:50,870 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 18:08:50,870 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-02-20 18:08:50,870 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 18:08:50,871 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-02-20 18:08:50,871 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 18:08:50,871 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-02-20 18:08:50,871 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 18:08:50,871 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-02-20 18:08:50,872 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 18:08:50,872 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 18:08:50,872 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 18:08:50,872 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:08:50,872 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 18:08:50,872 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 18:08:50,872 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-02-20 18:08:50,873 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-02-20 18:08:50,873 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-02-20 18:08:50,873 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2022-02-20 18:08:50,873 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-02-20 18:08:50,873 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-02-20 18:08:50,873 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> cb1c81112da7426f28a4c2690555e17bdc3cfadcaf288b3cb23a3bbf0c5e9fe6 [2022-02-20 18:08:51,059 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 18:08:51,078 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 18:08:51,080 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 18:08:51,081 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 18:08:51,082 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 18:08:51,083 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_product21.cil.c [2022-02-20 18:08:51,122 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/592df2a08/febf4c85af674455986e96321fadb02b/FLAGbf1d25e08 [2022-02-20 18:08:51,543 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 18:08:51,543 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product21.cil.c [2022-02-20 18:08:51,557 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/592df2a08/febf4c85af674455986e96321fadb02b/FLAGbf1d25e08 [2022-02-20 18:08:51,951 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/592df2a08/febf4c85af674455986e96321fadb02b [2022-02-20 18:08:51,953 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 18:08:51,954 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 18:08:51,957 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 18:08:51,957 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 18:08:51,960 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 18:08:51,960 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:08:51" (1/1) ... [2022-02-20 18:08:51,961 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6430aa8d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:51, skipping insertion in model container [2022-02-20 18:08:51,961 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:08:51" (1/1) ... [2022-02-20 18:08:51,966 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 18:08:51,988 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:08:52,237 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product21.cil.c[13817,13830] [2022-02-20 18:08:52,254 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:08:52,267 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 18:08:52,338 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product21.cil.c[13817,13830] [2022-02-20 18:08:52,357 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:08:52,377 INFO L208 MainTranslator]: Completed translation [2022-02-20 18:08:52,377 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:52 WrapperNode [2022-02-20 18:08:52,378 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 18:08:52,379 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 18:08:52,379 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 18:08:52,379 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 18:08:52,384 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:52" (1/1) ... [2022-02-20 18:08:52,409 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:52" (1/1) ... [2022-02-20 18:08:52,438 INFO L137 Inliner]: procedures = 53, calls = 154, calls flagged for inlining = 20, calls inlined = 17, statements flattened = 243 [2022-02-20 18:08:52,443 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 18:08:52,444 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 18:08:52,444 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 18:08:52,444 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 18:08:52,450 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:52" (1/1) ... [2022-02-20 18:08:52,451 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:52" (1/1) ... [2022-02-20 18:08:52,457 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:52" (1/1) ... [2022-02-20 18:08:52,458 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:52" (1/1) ... [2022-02-20 18:08:52,469 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:52" (1/1) ... [2022-02-20 18:08:52,477 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:52" (1/1) ... [2022-02-20 18:08:52,479 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:52" (1/1) ... [2022-02-20 18:08:52,481 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 18:08:52,484 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 18:08:52,485 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 18:08:52,485 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 18:08:52,486 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:52" (1/1) ... [2022-02-20 18:08:52,491 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:08:52,498 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 18:08:52,510 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 18:08:52,533 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 18:08:52,576 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 18:08:52,576 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-02-20 18:08:52,576 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-02-20 18:08:52,577 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-02-20 18:08:52,577 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-02-20 18:08:52,577 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-02-20 18:08:52,577 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-02-20 18:08:52,577 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-02-20 18:08:52,577 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-02-20 18:08:52,577 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-02-20 18:08:52,577 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-02-20 18:08:52,578 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2022-02-20 18:08:52,578 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2022-02-20 18:08:52,578 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-02-20 18:08:52,578 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-02-20 18:08:52,578 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-02-20 18:08:52,578 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-02-20 18:08:52,578 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-02-20 18:08:52,578 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 18:08:52,578 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 18:08:52,627 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 18:08:52,628 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 18:08:52,944 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 18:08:52,950 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 18:08:52,950 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-02-20 18:08:52,952 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:08:52 BoogieIcfgContainer [2022-02-20 18:08:52,952 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 18:08:52,953 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 18:08:52,953 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 18:08:52,957 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 18:08:52,957 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 06:08:51" (1/3) ... [2022-02-20 18:08:52,958 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4ce3a642 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:08:52, skipping insertion in model container [2022-02-20 18:08:52,958 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:52" (2/3) ... [2022-02-20 18:08:52,958 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4ce3a642 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:08:52, skipping insertion in model container [2022-02-20 18:08:52,959 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:08:52" (3/3) ... [2022-02-20 18:08:52,960 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product21.cil.c [2022-02-20 18:08:52,963 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 18:08:52,964 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-02-20 18:08:52,996 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 18:08:53,001 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 18:08:53,001 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-02-20 18:08:53,026 INFO L276 IsEmpty]: Start isEmpty. Operand has 89 states, 65 states have (on average 1.3846153846153846) internal successors, (90), 73 states have internal predecessors, (90), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 10 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 18:08:53,031 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 18:08:53,031 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:53,032 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:53,032 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:53,036 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:53,036 INFO L85 PathProgramCache]: Analyzing trace with hash 1281352950, now seen corresponding path program 1 times [2022-02-20 18:08:53,043 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:08:53,043 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1495021244] [2022-02-20 18:08:53,044 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:53,044 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:08:53,149 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:53,197 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-02-20 18:08:53,199 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:53,207 INFO L290 TraceCheckUtils]: 0: Hoare triple {92#true} havoc ~retValue_acc~6;~retValue_acc~6 := ~methaneLevelCritical~0;#res := ~retValue_acc~6; {92#true} is VALID [2022-02-20 18:08:53,207 INFO L290 TraceCheckUtils]: 1: Hoare triple {92#true} assume true; {92#true} is VALID [2022-02-20 18:08:53,207 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {92#true} {93#false} #233#return; {93#false} is VALID [2022-02-20 18:08:53,208 INFO L290 TraceCheckUtils]: 0: Hoare triple {92#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(30, 4);call #Ultimate.allocInit(9, 5);call #Ultimate.allocInit(21, 6);call #Ultimate.allocInit(30, 7);call #Ultimate.allocInit(9, 8);call #Ultimate.allocInit(21, 9);call #Ultimate.allocInit(30, 10);call #Ultimate.allocInit(9, 11);call #Ultimate.allocInit(25, 12);call #Ultimate.allocInit(30, 13);call #Ultimate.allocInit(9, 14);call #Ultimate.allocInit(25, 15);call #Ultimate.allocInit(13, 16);call #Ultimate.allocInit(3, 17);call write~init~int(79, 17, 0, 1);call write~init~int(110, 17, 1, 1);call write~init~int(0, 17, 2, 1);call #Ultimate.allocInit(4, 18);call write~init~int(79, 18, 0, 1);call write~init~int(102, 18, 1, 1);call write~init~int(102, 18, 2, 1);call write~init~int(0, 18, 3, 1);call #Ultimate.allocInit(7, 19);call write~init~int(44, 19, 0, 1);call write~init~int(80, 19, 1, 1);call write~init~int(117, 19, 2, 1);call write~init~int(109, 19, 3, 1);call write~init~int(112, 19, 4, 1);call write~init~int(58, 19, 5, 1);call write~init~int(0, 19, 6, 1);call #Ultimate.allocInit(3, 20);call write~init~int(79, 20, 0, 1);call write~init~int(110, 20, 1, 1);call write~init~int(0, 20, 2, 1);call #Ultimate.allocInit(4, 21);call write~init~int(79, 21, 0, 1);call write~init~int(102, 21, 1, 1);call write~init~int(102, 21, 2, 1);call write~init~int(0, 21, 3, 1);call #Ultimate.allocInit(3, 22);call write~init~int(41, 22, 0, 1);call write~init~int(32, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(2, 23);call write~init~int(10, 23, 0, 1);call write~init~int(0, 23, 1, 1);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~head~0.base, ~head~0.offset := 0, 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~cleanupTimeShifts~0 := 4; {92#true} is VALID [2022-02-20 18:08:53,209 INFO L290 TraceCheckUtils]: 1: Hoare triple {92#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret48#1, main_~retValue_acc~9#1, main_~tmp~7#1;havoc main_~retValue_acc~9#1;havoc main_~tmp~7#1;assume { :begin_inline_select_helpers } true; {92#true} is VALID [2022-02-20 18:08:53,209 INFO L290 TraceCheckUtils]: 2: Hoare triple {92#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {92#true} is VALID [2022-02-20 18:08:53,209 INFO L290 TraceCheckUtils]: 3: Hoare triple {92#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~11#1;havoc valid_product_~retValue_acc~11#1;valid_product_~retValue_acc~11#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~11#1; {92#true} is VALID [2022-02-20 18:08:53,209 INFO L290 TraceCheckUtils]: 4: Hoare triple {92#true} main_#t~ret48#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret48#1 && main_#t~ret48#1 <= 2147483647;main_~tmp~7#1 := main_#t~ret48#1;havoc main_#t~ret48#1; {92#true} is VALID [2022-02-20 18:08:53,209 INFO L290 TraceCheckUtils]: 5: Hoare triple {92#true} assume 0 != main_~tmp~7#1;assume { :begin_inline_setup } true; {92#true} is VALID [2022-02-20 18:08:53,210 INFO L290 TraceCheckUtils]: 6: Hoare triple {92#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet39#1, test_#t~nondet40#1, test_#t~nondet41#1, test_#t~nondet42#1, test_~splverifierCounter~0#1, test_~tmp~6#1, test_~tmp___0~1#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~6#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {92#true} is VALID [2022-02-20 18:08:53,210 INFO L290 TraceCheckUtils]: 7: Hoare triple {92#true} assume false; {93#false} is VALID [2022-02-20 18:08:53,211 INFO L272 TraceCheckUtils]: 8: Hoare triple {93#false} call cleanup(); {93#false} is VALID [2022-02-20 18:08:53,211 INFO L290 TraceCheckUtils]: 9: Hoare triple {93#false} havoc ~i~0;havoc ~__cil_tmp2~0; {93#false} is VALID [2022-02-20 18:08:53,211 INFO L272 TraceCheckUtils]: 10: Hoare triple {93#false} call timeShift(); {93#false} is VALID [2022-02-20 18:08:53,211 INFO L290 TraceCheckUtils]: 11: Hoare triple {93#false} assume !(0 != ~pumpRunning~0); {93#false} is VALID [2022-02-20 18:08:53,212 INFO L290 TraceCheckUtils]: 12: Hoare triple {93#false} assume !(0 != ~systemActive~0); {93#false} is VALID [2022-02-20 18:08:53,212 INFO L290 TraceCheckUtils]: 13: Hoare triple {93#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_#t~ret51#1, __utac_acc__Specification3_spec__1_~tmp~8#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~8#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {93#false} is VALID [2022-02-20 18:08:53,212 INFO L272 TraceCheckUtils]: 14: Hoare triple {93#false} call __utac_acc__Specification3_spec__1_#t~ret49#1 := isMethaneLevelCritical(); {92#true} is VALID [2022-02-20 18:08:53,212 INFO L290 TraceCheckUtils]: 15: Hoare triple {92#true} havoc ~retValue_acc~6;~retValue_acc~6 := ~methaneLevelCritical~0;#res := ~retValue_acc~6; {92#true} is VALID [2022-02-20 18:08:53,213 INFO L290 TraceCheckUtils]: 16: Hoare triple {92#true} assume true; {92#true} is VALID [2022-02-20 18:08:53,213 INFO L284 TraceCheckUtils]: 17: Hoare quadruple {92#true} {93#false} #233#return; {93#false} is VALID [2022-02-20 18:08:53,213 INFO L290 TraceCheckUtils]: 18: Hoare triple {93#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret49#1 && __utac_acc__Specification3_spec__1_#t~ret49#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~8#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {93#false} is VALID [2022-02-20 18:08:53,213 INFO L290 TraceCheckUtils]: 19: Hoare triple {93#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~8#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~7#1;havoc getWaterLevel_~retValue_acc~7#1;getWaterLevel_~retValue_acc~7#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~7#1; {93#false} is VALID [2022-02-20 18:08:53,214 INFO L290 TraceCheckUtils]: 20: Hoare triple {93#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret50#1 && __utac_acc__Specification3_spec__1_#t~ret50#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {93#false} is VALID [2022-02-20 18:08:53,214 INFO L290 TraceCheckUtils]: 21: Hoare triple {93#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~4#1;havoc isPumpRunning_~retValue_acc~4#1;isPumpRunning_~retValue_acc~4#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~4#1; {93#false} is VALID [2022-02-20 18:08:53,214 INFO L290 TraceCheckUtils]: 22: Hoare triple {93#false} __utac_acc__Specification3_spec__1_#t~ret51#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret51#1 && __utac_acc__Specification3_spec__1_#t~ret51#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret51#1;havoc __utac_acc__Specification3_spec__1_#t~ret51#1; {93#false} is VALID [2022-02-20 18:08:53,214 INFO L290 TraceCheckUtils]: 23: Hoare triple {93#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {93#false} is VALID [2022-02-20 18:08:53,215 INFO L290 TraceCheckUtils]: 24: Hoare triple {93#false} assume !false; {93#false} is VALID [2022-02-20 18:08:53,215 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:53,215 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:08:53,216 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1495021244] [2022-02-20 18:08:53,216 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1495021244] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:53,216 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:53,216 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:08:53,218 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [622891054] [2022-02-20 18:08:53,218 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:53,222 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:08:53,223 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:53,225 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:53,249 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:53,250 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-02-20 18:08:53,250 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:08:53,264 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-02-20 18:08:53,264 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:08:53,267 INFO L87 Difference]: Start difference. First operand has 89 states, 65 states have (on average 1.3846153846153846) internal successors, (90), 73 states have internal predecessors, (90), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 10 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:53,386 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:53,387 INFO L93 Difference]: Finished difference Result 170 states and 231 transitions. [2022-02-20 18:08:53,387 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-02-20 18:08:53,387 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:08:53,388 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:53,389 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:53,399 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 231 transitions. [2022-02-20 18:08:53,400 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:53,406 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 231 transitions. [2022-02-20 18:08:53,408 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 231 transitions. [2022-02-20 18:08:53,561 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 231 edges. 231 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:53,569 INFO L225 Difference]: With dead ends: 170 [2022-02-20 18:08:53,569 INFO L226 Difference]: Without dead ends: 80 [2022-02-20 18:08:53,572 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:08:53,574 INFO L933 BasicCegarLoop]: 112 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 112 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:53,575 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 112 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:53,585 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 80 states. [2022-02-20 18:08:53,597 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 80 to 80. [2022-02-20 18:08:53,597 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:53,599 INFO L82 GeneralOperation]: Start isEquivalent. First operand 80 states. Second operand has 80 states, 58 states have (on average 1.3103448275862069) internal successors, (76), 65 states have internal predecessors, (76), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) [2022-02-20 18:08:53,599 INFO L74 IsIncluded]: Start isIncluded. First operand 80 states. Second operand has 80 states, 58 states have (on average 1.3103448275862069) internal successors, (76), 65 states have internal predecessors, (76), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) [2022-02-20 18:08:53,600 INFO L87 Difference]: Start difference. First operand 80 states. Second operand has 80 states, 58 states have (on average 1.3103448275862069) internal successors, (76), 65 states have internal predecessors, (76), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) [2022-02-20 18:08:53,605 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:53,606 INFO L93 Difference]: Finished difference Result 80 states and 103 transitions. [2022-02-20 18:08:53,606 INFO L276 IsEmpty]: Start isEmpty. Operand 80 states and 103 transitions. [2022-02-20 18:08:53,607 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:53,607 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:53,608 INFO L74 IsIncluded]: Start isIncluded. First operand has 80 states, 58 states have (on average 1.3103448275862069) internal successors, (76), 65 states have internal predecessors, (76), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) Second operand 80 states. [2022-02-20 18:08:53,608 INFO L87 Difference]: Start difference. First operand has 80 states, 58 states have (on average 1.3103448275862069) internal successors, (76), 65 states have internal predecessors, (76), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) Second operand 80 states. [2022-02-20 18:08:53,613 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:53,613 INFO L93 Difference]: Finished difference Result 80 states and 103 transitions. [2022-02-20 18:08:53,613 INFO L276 IsEmpty]: Start isEmpty. Operand 80 states and 103 transitions. [2022-02-20 18:08:53,614 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:53,614 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:53,614 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:53,614 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:53,615 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 80 states, 58 states have (on average 1.3103448275862069) internal successors, (76), 65 states have internal predecessors, (76), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) [2022-02-20 18:08:53,618 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 80 states to 80 states and 103 transitions. [2022-02-20 18:08:53,620 INFO L78 Accepts]: Start accepts. Automaton has 80 states and 103 transitions. Word has length 25 [2022-02-20 18:08:53,620 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:53,620 INFO L470 AbstractCegarLoop]: Abstraction has 80 states and 103 transitions. [2022-02-20 18:08:53,620 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:53,621 INFO L276 IsEmpty]: Start isEmpty. Operand 80 states and 103 transitions. [2022-02-20 18:08:53,622 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-02-20 18:08:53,622 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:53,622 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:53,622 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-02-20 18:08:53,622 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:53,623 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:53,623 INFO L85 PathProgramCache]: Analyzing trace with hash 1199577739, now seen corresponding path program 1 times [2022-02-20 18:08:53,623 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:08:53,624 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1965971475] [2022-02-20 18:08:53,624 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:53,624 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:08:53,649 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:53,679 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2022-02-20 18:08:53,681 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:53,684 INFO L290 TraceCheckUtils]: 0: Hoare triple {622#true} havoc ~retValue_acc~6;~retValue_acc~6 := ~methaneLevelCritical~0;#res := ~retValue_acc~6; {622#true} is VALID [2022-02-20 18:08:53,684 INFO L290 TraceCheckUtils]: 1: Hoare triple {622#true} assume true; {622#true} is VALID [2022-02-20 18:08:53,684 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {622#true} {623#false} #233#return; {623#false} is VALID [2022-02-20 18:08:53,684 INFO L290 TraceCheckUtils]: 0: Hoare triple {622#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(30, 4);call #Ultimate.allocInit(9, 5);call #Ultimate.allocInit(21, 6);call #Ultimate.allocInit(30, 7);call #Ultimate.allocInit(9, 8);call #Ultimate.allocInit(21, 9);call #Ultimate.allocInit(30, 10);call #Ultimate.allocInit(9, 11);call #Ultimate.allocInit(25, 12);call #Ultimate.allocInit(30, 13);call #Ultimate.allocInit(9, 14);call #Ultimate.allocInit(25, 15);call #Ultimate.allocInit(13, 16);call #Ultimate.allocInit(3, 17);call write~init~int(79, 17, 0, 1);call write~init~int(110, 17, 1, 1);call write~init~int(0, 17, 2, 1);call #Ultimate.allocInit(4, 18);call write~init~int(79, 18, 0, 1);call write~init~int(102, 18, 1, 1);call write~init~int(102, 18, 2, 1);call write~init~int(0, 18, 3, 1);call #Ultimate.allocInit(7, 19);call write~init~int(44, 19, 0, 1);call write~init~int(80, 19, 1, 1);call write~init~int(117, 19, 2, 1);call write~init~int(109, 19, 3, 1);call write~init~int(112, 19, 4, 1);call write~init~int(58, 19, 5, 1);call write~init~int(0, 19, 6, 1);call #Ultimate.allocInit(3, 20);call write~init~int(79, 20, 0, 1);call write~init~int(110, 20, 1, 1);call write~init~int(0, 20, 2, 1);call #Ultimate.allocInit(4, 21);call write~init~int(79, 21, 0, 1);call write~init~int(102, 21, 1, 1);call write~init~int(102, 21, 2, 1);call write~init~int(0, 21, 3, 1);call #Ultimate.allocInit(3, 22);call write~init~int(41, 22, 0, 1);call write~init~int(32, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(2, 23);call write~init~int(10, 23, 0, 1);call write~init~int(0, 23, 1, 1);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~head~0.base, ~head~0.offset := 0, 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~cleanupTimeShifts~0 := 4; {622#true} is VALID [2022-02-20 18:08:53,685 INFO L290 TraceCheckUtils]: 1: Hoare triple {622#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret48#1, main_~retValue_acc~9#1, main_~tmp~7#1;havoc main_~retValue_acc~9#1;havoc main_~tmp~7#1;assume { :begin_inline_select_helpers } true; {622#true} is VALID [2022-02-20 18:08:53,685 INFO L290 TraceCheckUtils]: 2: Hoare triple {622#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {622#true} is VALID [2022-02-20 18:08:53,685 INFO L290 TraceCheckUtils]: 3: Hoare triple {622#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~11#1;havoc valid_product_~retValue_acc~11#1;valid_product_~retValue_acc~11#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~11#1; {622#true} is VALID [2022-02-20 18:08:53,685 INFO L290 TraceCheckUtils]: 4: Hoare triple {622#true} main_#t~ret48#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret48#1 && main_#t~ret48#1 <= 2147483647;main_~tmp~7#1 := main_#t~ret48#1;havoc main_#t~ret48#1; {622#true} is VALID [2022-02-20 18:08:53,686 INFO L290 TraceCheckUtils]: 5: Hoare triple {622#true} assume 0 != main_~tmp~7#1;assume { :begin_inline_setup } true; {622#true} is VALID [2022-02-20 18:08:53,686 INFO L290 TraceCheckUtils]: 6: Hoare triple {622#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet39#1, test_#t~nondet40#1, test_#t~nondet41#1, test_#t~nondet42#1, test_~splverifierCounter~0#1, test_~tmp~6#1, test_~tmp___0~1#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~6#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {624#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:08:53,687 INFO L290 TraceCheckUtils]: 7: Hoare triple {624#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !false; {624#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:08:53,687 INFO L290 TraceCheckUtils]: 8: Hoare triple {624#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !(test_~splverifierCounter~0#1 < 4); {623#false} is VALID [2022-02-20 18:08:53,687 INFO L272 TraceCheckUtils]: 9: Hoare triple {623#false} call cleanup(); {623#false} is VALID [2022-02-20 18:08:53,687 INFO L290 TraceCheckUtils]: 10: Hoare triple {623#false} havoc ~i~0;havoc ~__cil_tmp2~0; {623#false} is VALID [2022-02-20 18:08:53,688 INFO L272 TraceCheckUtils]: 11: Hoare triple {623#false} call timeShift(); {623#false} is VALID [2022-02-20 18:08:53,688 INFO L290 TraceCheckUtils]: 12: Hoare triple {623#false} assume !(0 != ~pumpRunning~0); {623#false} is VALID [2022-02-20 18:08:53,688 INFO L290 TraceCheckUtils]: 13: Hoare triple {623#false} assume !(0 != ~systemActive~0); {623#false} is VALID [2022-02-20 18:08:53,688 INFO L290 TraceCheckUtils]: 14: Hoare triple {623#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_#t~ret51#1, __utac_acc__Specification3_spec__1_~tmp~8#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~8#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {623#false} is VALID [2022-02-20 18:08:53,688 INFO L272 TraceCheckUtils]: 15: Hoare triple {623#false} call __utac_acc__Specification3_spec__1_#t~ret49#1 := isMethaneLevelCritical(); {622#true} is VALID [2022-02-20 18:08:53,689 INFO L290 TraceCheckUtils]: 16: Hoare triple {622#true} havoc ~retValue_acc~6;~retValue_acc~6 := ~methaneLevelCritical~0;#res := ~retValue_acc~6; {622#true} is VALID [2022-02-20 18:08:53,689 INFO L290 TraceCheckUtils]: 17: Hoare triple {622#true} assume true; {622#true} is VALID [2022-02-20 18:08:53,689 INFO L284 TraceCheckUtils]: 18: Hoare quadruple {622#true} {623#false} #233#return; {623#false} is VALID [2022-02-20 18:08:53,689 INFO L290 TraceCheckUtils]: 19: Hoare triple {623#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret49#1 && __utac_acc__Specification3_spec__1_#t~ret49#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~8#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {623#false} is VALID [2022-02-20 18:08:53,689 INFO L290 TraceCheckUtils]: 20: Hoare triple {623#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~8#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~7#1;havoc getWaterLevel_~retValue_acc~7#1;getWaterLevel_~retValue_acc~7#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~7#1; {623#false} is VALID [2022-02-20 18:08:53,690 INFO L290 TraceCheckUtils]: 21: Hoare triple {623#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret50#1 && __utac_acc__Specification3_spec__1_#t~ret50#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {623#false} is VALID [2022-02-20 18:08:53,690 INFO L290 TraceCheckUtils]: 22: Hoare triple {623#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~4#1;havoc isPumpRunning_~retValue_acc~4#1;isPumpRunning_~retValue_acc~4#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~4#1; {623#false} is VALID [2022-02-20 18:08:53,690 INFO L290 TraceCheckUtils]: 23: Hoare triple {623#false} __utac_acc__Specification3_spec__1_#t~ret51#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret51#1 && __utac_acc__Specification3_spec__1_#t~ret51#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret51#1;havoc __utac_acc__Specification3_spec__1_#t~ret51#1; {623#false} is VALID [2022-02-20 18:08:53,690 INFO L290 TraceCheckUtils]: 24: Hoare triple {623#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {623#false} is VALID [2022-02-20 18:08:53,690 INFO L290 TraceCheckUtils]: 25: Hoare triple {623#false} assume !false; {623#false} is VALID [2022-02-20 18:08:53,691 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:53,691 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:08:53,691 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1965971475] [2022-02-20 18:08:53,691 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1965971475] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:53,691 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:53,692 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:08:53,692 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1267176245] [2022-02-20 18:08:53,692 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:53,693 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:08:53,693 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:53,693 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:53,711 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 26 edges. 26 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:53,711 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:08:53,711 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:08:53,712 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:08:53,712 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:53,713 INFO L87 Difference]: Start difference. First operand 80 states and 103 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:53,794 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:53,795 INFO L93 Difference]: Finished difference Result 126 states and 162 transitions. [2022-02-20 18:08:53,795 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:08:53,795 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:08:53,795 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:53,795 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:53,798 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 162 transitions. [2022-02-20 18:08:53,799 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:53,801 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 162 transitions. [2022-02-20 18:08:53,802 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 162 transitions. [2022-02-20 18:08:53,915 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 162 edges. 162 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:53,917 INFO L225 Difference]: With dead ends: 126 [2022-02-20 18:08:53,917 INFO L226 Difference]: Without dead ends: 71 [2022-02-20 18:08:53,918 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:53,919 INFO L933 BasicCegarLoop]: 90 mSDtfsCounter, 12 mSDsluCounter, 74 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 164 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:53,920 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [15 Valid, 164 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:53,920 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 71 states. [2022-02-20 18:08:53,924 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 71 to 71. [2022-02-20 18:08:53,925 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:53,925 INFO L82 GeneralOperation]: Start isEquivalent. First operand 71 states. Second operand has 71 states, 52 states have (on average 1.3269230769230769) internal successors, (69), 59 states have internal predecessors, (69), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:08:53,926 INFO L74 IsIncluded]: Start isIncluded. First operand 71 states. Second operand has 71 states, 52 states have (on average 1.3269230769230769) internal successors, (69), 59 states have internal predecessors, (69), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:08:53,926 INFO L87 Difference]: Start difference. First operand 71 states. Second operand has 71 states, 52 states have (on average 1.3269230769230769) internal successors, (69), 59 states have internal predecessors, (69), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:08:53,929 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:53,929 INFO L93 Difference]: Finished difference Result 71 states and 91 transitions. [2022-02-20 18:08:53,929 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 91 transitions. [2022-02-20 18:08:53,930 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:53,930 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:53,930 INFO L74 IsIncluded]: Start isIncluded. First operand has 71 states, 52 states have (on average 1.3269230769230769) internal successors, (69), 59 states have internal predecessors, (69), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) Second operand 71 states. [2022-02-20 18:08:53,931 INFO L87 Difference]: Start difference. First operand has 71 states, 52 states have (on average 1.3269230769230769) internal successors, (69), 59 states have internal predecessors, (69), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) Second operand 71 states. [2022-02-20 18:08:53,933 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:53,933 INFO L93 Difference]: Finished difference Result 71 states and 91 transitions. [2022-02-20 18:08:53,933 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 91 transitions. [2022-02-20 18:08:53,934 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:53,934 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:53,934 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:53,934 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:53,935 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 71 states, 52 states have (on average 1.3269230769230769) internal successors, (69), 59 states have internal predecessors, (69), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:08:53,937 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 71 states to 71 states and 91 transitions. [2022-02-20 18:08:53,937 INFO L78 Accepts]: Start accepts. Automaton has 71 states and 91 transitions. Word has length 26 [2022-02-20 18:08:53,937 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:53,938 INFO L470 AbstractCegarLoop]: Abstraction has 71 states and 91 transitions. [2022-02-20 18:08:53,938 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:53,938 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 91 transitions. [2022-02-20 18:08:53,939 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-02-20 18:08:53,939 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:53,939 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:53,939 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-02-20 18:08:53,940 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:53,940 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:53,940 INFO L85 PathProgramCache]: Analyzing trace with hash -340504598, now seen corresponding path program 1 times [2022-02-20 18:08:53,940 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:08:53,941 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [58968209] [2022-02-20 18:08:53,941 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:53,941 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:08:53,967 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:53,994 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-02-20 18:08:53,996 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:53,998 INFO L290 TraceCheckUtils]: 0: Hoare triple {1057#true} havoc ~retValue_acc~6;~retValue_acc~6 := ~methaneLevelCritical~0;#res := ~retValue_acc~6; {1057#true} is VALID [2022-02-20 18:08:53,999 INFO L290 TraceCheckUtils]: 1: Hoare triple {1057#true} assume true; {1057#true} is VALID [2022-02-20 18:08:53,999 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1057#true} {1058#false} #233#return; {1058#false} is VALID [2022-02-20 18:08:54,001 INFO L290 TraceCheckUtils]: 0: Hoare triple {1057#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(30, 4);call #Ultimate.allocInit(9, 5);call #Ultimate.allocInit(21, 6);call #Ultimate.allocInit(30, 7);call #Ultimate.allocInit(9, 8);call #Ultimate.allocInit(21, 9);call #Ultimate.allocInit(30, 10);call #Ultimate.allocInit(9, 11);call #Ultimate.allocInit(25, 12);call #Ultimate.allocInit(30, 13);call #Ultimate.allocInit(9, 14);call #Ultimate.allocInit(25, 15);call #Ultimate.allocInit(13, 16);call #Ultimate.allocInit(3, 17);call write~init~int(79, 17, 0, 1);call write~init~int(110, 17, 1, 1);call write~init~int(0, 17, 2, 1);call #Ultimate.allocInit(4, 18);call write~init~int(79, 18, 0, 1);call write~init~int(102, 18, 1, 1);call write~init~int(102, 18, 2, 1);call write~init~int(0, 18, 3, 1);call #Ultimate.allocInit(7, 19);call write~init~int(44, 19, 0, 1);call write~init~int(80, 19, 1, 1);call write~init~int(117, 19, 2, 1);call write~init~int(109, 19, 3, 1);call write~init~int(112, 19, 4, 1);call write~init~int(58, 19, 5, 1);call write~init~int(0, 19, 6, 1);call #Ultimate.allocInit(3, 20);call write~init~int(79, 20, 0, 1);call write~init~int(110, 20, 1, 1);call write~init~int(0, 20, 2, 1);call #Ultimate.allocInit(4, 21);call write~init~int(79, 21, 0, 1);call write~init~int(102, 21, 1, 1);call write~init~int(102, 21, 2, 1);call write~init~int(0, 21, 3, 1);call #Ultimate.allocInit(3, 22);call write~init~int(41, 22, 0, 1);call write~init~int(32, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(2, 23);call write~init~int(10, 23, 0, 1);call write~init~int(0, 23, 1, 1);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~head~0.base, ~head~0.offset := 0, 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~cleanupTimeShifts~0 := 4; {1059#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:08:54,002 INFO L290 TraceCheckUtils]: 1: Hoare triple {1059#(= 1 ~systemActive~0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret48#1, main_~retValue_acc~9#1, main_~tmp~7#1;havoc main_~retValue_acc~9#1;havoc main_~tmp~7#1;assume { :begin_inline_select_helpers } true; {1059#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:08:54,002 INFO L290 TraceCheckUtils]: 2: Hoare triple {1059#(= 1 ~systemActive~0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1059#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:08:54,002 INFO L290 TraceCheckUtils]: 3: Hoare triple {1059#(= 1 ~systemActive~0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~11#1;havoc valid_product_~retValue_acc~11#1;valid_product_~retValue_acc~11#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~11#1; {1059#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:08:54,003 INFO L290 TraceCheckUtils]: 4: Hoare triple {1059#(= 1 ~systemActive~0)} main_#t~ret48#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret48#1 && main_#t~ret48#1 <= 2147483647;main_~tmp~7#1 := main_#t~ret48#1;havoc main_#t~ret48#1; {1059#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:08:54,003 INFO L290 TraceCheckUtils]: 5: Hoare triple {1059#(= 1 ~systemActive~0)} assume 0 != main_~tmp~7#1;assume { :begin_inline_setup } true; {1059#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:08:54,012 INFO L290 TraceCheckUtils]: 6: Hoare triple {1059#(= 1 ~systemActive~0)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet39#1, test_#t~nondet40#1, test_#t~nondet41#1, test_#t~nondet42#1, test_~splverifierCounter~0#1, test_~tmp~6#1, test_~tmp___0~1#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~6#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {1059#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:08:54,013 INFO L290 TraceCheckUtils]: 7: Hoare triple {1059#(= 1 ~systemActive~0)} assume !false; {1059#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:08:54,013 INFO L290 TraceCheckUtils]: 8: Hoare triple {1059#(= 1 ~systemActive~0)} assume test_~splverifierCounter~0#1 < 4; {1059#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:08:54,014 INFO L290 TraceCheckUtils]: 9: Hoare triple {1059#(= 1 ~systemActive~0)} assume -2147483648 <= test_#t~nondet39#1 && test_#t~nondet39#1 <= 2147483647;test_~tmp~6#1 := test_#t~nondet39#1;havoc test_#t~nondet39#1; {1059#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:08:54,014 INFO L290 TraceCheckUtils]: 10: Hoare triple {1059#(= 1 ~systemActive~0)} assume !(0 != test_~tmp~6#1); {1059#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:08:54,015 INFO L290 TraceCheckUtils]: 11: Hoare triple {1059#(= 1 ~systemActive~0)} assume -2147483648 <= test_#t~nondet40#1 && test_#t~nondet40#1 <= 2147483647;test_~tmp___0~1#1 := test_#t~nondet40#1;havoc test_#t~nondet40#1; {1059#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:08:54,015 INFO L290 TraceCheckUtils]: 12: Hoare triple {1059#(= 1 ~systemActive~0)} assume !(0 != test_~tmp___0~1#1); {1059#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:08:54,016 INFO L290 TraceCheckUtils]: 13: Hoare triple {1059#(= 1 ~systemActive~0)} assume -2147483648 <= test_#t~nondet41#1 && test_#t~nondet41#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet41#1;havoc test_#t~nondet41#1; {1059#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:08:54,016 INFO L290 TraceCheckUtils]: 14: Hoare triple {1059#(= 1 ~systemActive~0)} assume 0 != test_~tmp___2~0#1; {1059#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:08:54,017 INFO L272 TraceCheckUtils]: 15: Hoare triple {1059#(= 1 ~systemActive~0)} call timeShift(); {1059#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:08:54,017 INFO L290 TraceCheckUtils]: 16: Hoare triple {1059#(= 1 ~systemActive~0)} assume !(0 != ~pumpRunning~0); {1059#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:08:54,018 INFO L290 TraceCheckUtils]: 17: Hoare triple {1059#(= 1 ~systemActive~0)} assume !(0 != ~systemActive~0); {1058#false} is VALID [2022-02-20 18:08:54,018 INFO L290 TraceCheckUtils]: 18: Hoare triple {1058#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_#t~ret51#1, __utac_acc__Specification3_spec__1_~tmp~8#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~8#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {1058#false} is VALID [2022-02-20 18:08:54,018 INFO L272 TraceCheckUtils]: 19: Hoare triple {1058#false} call __utac_acc__Specification3_spec__1_#t~ret49#1 := isMethaneLevelCritical(); {1057#true} is VALID [2022-02-20 18:08:54,018 INFO L290 TraceCheckUtils]: 20: Hoare triple {1057#true} havoc ~retValue_acc~6;~retValue_acc~6 := ~methaneLevelCritical~0;#res := ~retValue_acc~6; {1057#true} is VALID [2022-02-20 18:08:54,018 INFO L290 TraceCheckUtils]: 21: Hoare triple {1057#true} assume true; {1057#true} is VALID [2022-02-20 18:08:54,018 INFO L284 TraceCheckUtils]: 22: Hoare quadruple {1057#true} {1058#false} #233#return; {1058#false} is VALID [2022-02-20 18:08:54,018 INFO L290 TraceCheckUtils]: 23: Hoare triple {1058#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret49#1 && __utac_acc__Specification3_spec__1_#t~ret49#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~8#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {1058#false} is VALID [2022-02-20 18:08:54,019 INFO L290 TraceCheckUtils]: 24: Hoare triple {1058#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~8#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~7#1;havoc getWaterLevel_~retValue_acc~7#1;getWaterLevel_~retValue_acc~7#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~7#1; {1058#false} is VALID [2022-02-20 18:08:54,019 INFO L290 TraceCheckUtils]: 25: Hoare triple {1058#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret50#1 && __utac_acc__Specification3_spec__1_#t~ret50#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {1058#false} is VALID [2022-02-20 18:08:54,019 INFO L290 TraceCheckUtils]: 26: Hoare triple {1058#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~4#1;havoc isPumpRunning_~retValue_acc~4#1;isPumpRunning_~retValue_acc~4#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~4#1; {1058#false} is VALID [2022-02-20 18:08:54,019 INFO L290 TraceCheckUtils]: 27: Hoare triple {1058#false} __utac_acc__Specification3_spec__1_#t~ret51#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret51#1 && __utac_acc__Specification3_spec__1_#t~ret51#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret51#1;havoc __utac_acc__Specification3_spec__1_#t~ret51#1; {1058#false} is VALID [2022-02-20 18:08:54,019 INFO L290 TraceCheckUtils]: 28: Hoare triple {1058#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {1058#false} is VALID [2022-02-20 18:08:54,019 INFO L290 TraceCheckUtils]: 29: Hoare triple {1058#false} assume !false; {1058#false} is VALID [2022-02-20 18:08:54,020 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:54,020 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:08:54,020 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [58968209] [2022-02-20 18:08:54,020 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [58968209] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:54,021 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:54,021 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:08:54,021 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1045417868] [2022-02-20 18:08:54,021 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:54,022 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:08:54,022 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:54,022 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:54,047 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 30 edges. 30 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:54,047 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:08:54,048 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:08:54,048 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:08:54,048 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:54,048 INFO L87 Difference]: Start difference. First operand 71 states and 91 transitions. Second operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:54,112 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:54,113 INFO L93 Difference]: Finished difference Result 135 states and 176 transitions. [2022-02-20 18:08:54,113 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:08:54,113 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:08:54,114 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:54,114 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:54,116 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 176 transitions. [2022-02-20 18:08:54,116 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:54,118 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 176 transitions. [2022-02-20 18:08:54,118 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 176 transitions. [2022-02-20 18:08:54,233 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 176 edges. 176 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:54,235 INFO L225 Difference]: With dead ends: 135 [2022-02-20 18:08:54,235 INFO L226 Difference]: Without dead ends: 71 [2022-02-20 18:08:54,236 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:08:54,237 INFO L933 BasicCegarLoop]: 89 mSDtfsCounter, 73 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 73 SdHoareTripleChecker+Valid, 89 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:54,237 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [73 Valid, 89 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:54,238 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 71 states. [2022-02-20 18:08:54,242 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 71 to 71. [2022-02-20 18:08:54,242 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:54,242 INFO L82 GeneralOperation]: Start isEquivalent. First operand 71 states. Second operand has 71 states, 52 states have (on average 1.3076923076923077) internal successors, (68), 59 states have internal predecessors, (68), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:08:54,243 INFO L74 IsIncluded]: Start isIncluded. First operand 71 states. Second operand has 71 states, 52 states have (on average 1.3076923076923077) internal successors, (68), 59 states have internal predecessors, (68), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:08:54,243 INFO L87 Difference]: Start difference. First operand 71 states. Second operand has 71 states, 52 states have (on average 1.3076923076923077) internal successors, (68), 59 states have internal predecessors, (68), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:08:54,245 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:54,246 INFO L93 Difference]: Finished difference Result 71 states and 90 transitions. [2022-02-20 18:08:54,246 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 90 transitions. [2022-02-20 18:08:54,246 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:54,247 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:54,247 INFO L74 IsIncluded]: Start isIncluded. First operand has 71 states, 52 states have (on average 1.3076923076923077) internal successors, (68), 59 states have internal predecessors, (68), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) Second operand 71 states. [2022-02-20 18:08:54,247 INFO L87 Difference]: Start difference. First operand has 71 states, 52 states have (on average 1.3076923076923077) internal successors, (68), 59 states have internal predecessors, (68), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) Second operand 71 states. [2022-02-20 18:08:54,249 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:54,249 INFO L93 Difference]: Finished difference Result 71 states and 90 transitions. [2022-02-20 18:08:54,250 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 90 transitions. [2022-02-20 18:08:54,250 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:54,250 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:54,250 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:54,250 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:54,251 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 71 states, 52 states have (on average 1.3076923076923077) internal successors, (68), 59 states have internal predecessors, (68), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:08:54,253 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 71 states to 71 states and 90 transitions. [2022-02-20 18:08:54,253 INFO L78 Accepts]: Start accepts. Automaton has 71 states and 90 transitions. Word has length 30 [2022-02-20 18:08:54,253 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:54,253 INFO L470 AbstractCegarLoop]: Abstraction has 71 states and 90 transitions. [2022-02-20 18:08:54,254 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:08:54,254 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 90 transitions. [2022-02-20 18:08:54,255 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2022-02-20 18:08:54,255 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:54,255 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:54,255 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-02-20 18:08:54,256 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:54,256 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:54,256 INFO L85 PathProgramCache]: Analyzing trace with hash 258812542, now seen corresponding path program 1 times [2022-02-20 18:08:54,257 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:08:54,257 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [457317972] [2022-02-20 18:08:54,257 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:54,257 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:08:54,280 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:54,319 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-02-20 18:08:54,321 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:54,325 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-02-20 18:08:54,326 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:54,328 INFO L290 TraceCheckUtils]: 0: Hoare triple {1502#true} assume true; {1502#true} is VALID [2022-02-20 18:08:54,328 INFO L284 TraceCheckUtils]: 1: Hoare quadruple {1502#true} {1502#true} #247#return; {1502#true} is VALID [2022-02-20 18:08:54,329 INFO L290 TraceCheckUtils]: 0: Hoare triple {1517#(= ~pumpRunning~0 |old(~pumpRunning~0)|)} havoc ~tmp~3#1; {1502#true} is VALID [2022-02-20 18:08:54,329 INFO L290 TraceCheckUtils]: 1: Hoare triple {1502#true} assume !(0 != ~pumpRunning~0); {1502#true} is VALID [2022-02-20 18:08:54,329 INFO L272 TraceCheckUtils]: 2: Hoare triple {1502#true} call processEnvironment__wrappee__base(); {1502#true} is VALID [2022-02-20 18:08:54,329 INFO L290 TraceCheckUtils]: 3: Hoare triple {1502#true} assume true; {1502#true} is VALID [2022-02-20 18:08:54,330 INFO L284 TraceCheckUtils]: 4: Hoare quadruple {1502#true} {1502#true} #247#return; {1502#true} is VALID [2022-02-20 18:08:54,330 INFO L290 TraceCheckUtils]: 5: Hoare triple {1502#true} assume true; {1502#true} is VALID [2022-02-20 18:08:54,330 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {1502#true} {1504#(= ~waterLevel~0 1)} #231#return; {1504#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:54,331 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2022-02-20 18:08:54,332 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:54,335 INFO L290 TraceCheckUtils]: 0: Hoare triple {1502#true} havoc ~retValue_acc~6;~retValue_acc~6 := ~methaneLevelCritical~0;#res := ~retValue_acc~6; {1502#true} is VALID [2022-02-20 18:08:54,335 INFO L290 TraceCheckUtils]: 1: Hoare triple {1502#true} assume true; {1502#true} is VALID [2022-02-20 18:08:54,336 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1502#true} {1504#(= ~waterLevel~0 1)} #233#return; {1504#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:54,337 INFO L290 TraceCheckUtils]: 0: Hoare triple {1502#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(30, 4);call #Ultimate.allocInit(9, 5);call #Ultimate.allocInit(21, 6);call #Ultimate.allocInit(30, 7);call #Ultimate.allocInit(9, 8);call #Ultimate.allocInit(21, 9);call #Ultimate.allocInit(30, 10);call #Ultimate.allocInit(9, 11);call #Ultimate.allocInit(25, 12);call #Ultimate.allocInit(30, 13);call #Ultimate.allocInit(9, 14);call #Ultimate.allocInit(25, 15);call #Ultimate.allocInit(13, 16);call #Ultimate.allocInit(3, 17);call write~init~int(79, 17, 0, 1);call write~init~int(110, 17, 1, 1);call write~init~int(0, 17, 2, 1);call #Ultimate.allocInit(4, 18);call write~init~int(79, 18, 0, 1);call write~init~int(102, 18, 1, 1);call write~init~int(102, 18, 2, 1);call write~init~int(0, 18, 3, 1);call #Ultimate.allocInit(7, 19);call write~init~int(44, 19, 0, 1);call write~init~int(80, 19, 1, 1);call write~init~int(117, 19, 2, 1);call write~init~int(109, 19, 3, 1);call write~init~int(112, 19, 4, 1);call write~init~int(58, 19, 5, 1);call write~init~int(0, 19, 6, 1);call #Ultimate.allocInit(3, 20);call write~init~int(79, 20, 0, 1);call write~init~int(110, 20, 1, 1);call write~init~int(0, 20, 2, 1);call #Ultimate.allocInit(4, 21);call write~init~int(79, 21, 0, 1);call write~init~int(102, 21, 1, 1);call write~init~int(102, 21, 2, 1);call write~init~int(0, 21, 3, 1);call #Ultimate.allocInit(3, 22);call write~init~int(41, 22, 0, 1);call write~init~int(32, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(2, 23);call write~init~int(10, 23, 0, 1);call write~init~int(0, 23, 1, 1);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~head~0.base, ~head~0.offset := 0, 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~cleanupTimeShifts~0 := 4; {1504#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:54,337 INFO L290 TraceCheckUtils]: 1: Hoare triple {1504#(= ~waterLevel~0 1)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret48#1, main_~retValue_acc~9#1, main_~tmp~7#1;havoc main_~retValue_acc~9#1;havoc main_~tmp~7#1;assume { :begin_inline_select_helpers } true; {1504#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:54,337 INFO L290 TraceCheckUtils]: 2: Hoare triple {1504#(= ~waterLevel~0 1)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1504#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:54,338 INFO L290 TraceCheckUtils]: 3: Hoare triple {1504#(= ~waterLevel~0 1)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~11#1;havoc valid_product_~retValue_acc~11#1;valid_product_~retValue_acc~11#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~11#1; {1504#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:54,338 INFO L290 TraceCheckUtils]: 4: Hoare triple {1504#(= ~waterLevel~0 1)} main_#t~ret48#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret48#1 && main_#t~ret48#1 <= 2147483647;main_~tmp~7#1 := main_#t~ret48#1;havoc main_#t~ret48#1; {1504#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:54,338 INFO L290 TraceCheckUtils]: 5: Hoare triple {1504#(= ~waterLevel~0 1)} assume 0 != main_~tmp~7#1;assume { :begin_inline_setup } true; {1504#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:54,339 INFO L290 TraceCheckUtils]: 6: Hoare triple {1504#(= ~waterLevel~0 1)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet39#1, test_#t~nondet40#1, test_#t~nondet41#1, test_#t~nondet42#1, test_~splverifierCounter~0#1, test_~tmp~6#1, test_~tmp___0~1#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~6#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {1504#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:54,339 INFO L290 TraceCheckUtils]: 7: Hoare triple {1504#(= ~waterLevel~0 1)} assume !false; {1504#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:54,339 INFO L290 TraceCheckUtils]: 8: Hoare triple {1504#(= ~waterLevel~0 1)} assume test_~splverifierCounter~0#1 < 4; {1504#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:54,340 INFO L290 TraceCheckUtils]: 9: Hoare triple {1504#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet39#1 && test_#t~nondet39#1 <= 2147483647;test_~tmp~6#1 := test_#t~nondet39#1;havoc test_#t~nondet39#1; {1504#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:54,340 INFO L290 TraceCheckUtils]: 10: Hoare triple {1504#(= ~waterLevel~0 1)} assume !(0 != test_~tmp~6#1); {1504#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:54,341 INFO L290 TraceCheckUtils]: 11: Hoare triple {1504#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet40#1 && test_#t~nondet40#1 <= 2147483647;test_~tmp___0~1#1 := test_#t~nondet40#1;havoc test_#t~nondet40#1; {1504#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:54,341 INFO L290 TraceCheckUtils]: 12: Hoare triple {1504#(= ~waterLevel~0 1)} assume !(0 != test_~tmp___0~1#1); {1504#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:54,341 INFO L290 TraceCheckUtils]: 13: Hoare triple {1504#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet41#1 && test_#t~nondet41#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet41#1;havoc test_#t~nondet41#1; {1504#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:54,342 INFO L290 TraceCheckUtils]: 14: Hoare triple {1504#(= ~waterLevel~0 1)} assume 0 != test_~tmp___2~0#1; {1504#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:54,342 INFO L272 TraceCheckUtils]: 15: Hoare triple {1504#(= ~waterLevel~0 1)} call timeShift(); {1504#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:54,342 INFO L290 TraceCheckUtils]: 16: Hoare triple {1504#(= ~waterLevel~0 1)} assume !(0 != ~pumpRunning~0); {1504#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:54,343 INFO L290 TraceCheckUtils]: 17: Hoare triple {1504#(= ~waterLevel~0 1)} assume 0 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret28#1, processEnvironment_~tmp~4#1;havoc processEnvironment_~tmp~4#1; {1504#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:54,343 INFO L290 TraceCheckUtils]: 18: Hoare triple {1504#(= ~waterLevel~0 1)} assume !(0 != ~pumpRunning~0); {1504#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:54,344 INFO L272 TraceCheckUtils]: 19: Hoare triple {1504#(= ~waterLevel~0 1)} call processEnvironment__wrappee__lowWaterSensor(); {1517#(= ~pumpRunning~0 |old(~pumpRunning~0)|)} is VALID [2022-02-20 18:08:54,344 INFO L290 TraceCheckUtils]: 20: Hoare triple {1517#(= ~pumpRunning~0 |old(~pumpRunning~0)|)} havoc ~tmp~3#1; {1502#true} is VALID [2022-02-20 18:08:54,344 INFO L290 TraceCheckUtils]: 21: Hoare triple {1502#true} assume !(0 != ~pumpRunning~0); {1502#true} is VALID [2022-02-20 18:08:54,344 INFO L272 TraceCheckUtils]: 22: Hoare triple {1502#true} call processEnvironment__wrappee__base(); {1502#true} is VALID [2022-02-20 18:08:54,345 INFO L290 TraceCheckUtils]: 23: Hoare triple {1502#true} assume true; {1502#true} is VALID [2022-02-20 18:08:54,345 INFO L284 TraceCheckUtils]: 24: Hoare quadruple {1502#true} {1502#true} #247#return; {1502#true} is VALID [2022-02-20 18:08:54,345 INFO L290 TraceCheckUtils]: 25: Hoare triple {1502#true} assume true; {1502#true} is VALID [2022-02-20 18:08:54,345 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {1502#true} {1504#(= ~waterLevel~0 1)} #231#return; {1504#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:54,346 INFO L290 TraceCheckUtils]: 27: Hoare triple {1504#(= ~waterLevel~0 1)} assume { :end_inline_processEnvironment } true; {1504#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:54,346 INFO L290 TraceCheckUtils]: 28: Hoare triple {1504#(= ~waterLevel~0 1)} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_#t~ret51#1, __utac_acc__Specification3_spec__1_~tmp~8#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~8#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {1504#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:54,346 INFO L272 TraceCheckUtils]: 29: Hoare triple {1504#(= ~waterLevel~0 1)} call __utac_acc__Specification3_spec__1_#t~ret49#1 := isMethaneLevelCritical(); {1502#true} is VALID [2022-02-20 18:08:54,346 INFO L290 TraceCheckUtils]: 30: Hoare triple {1502#true} havoc ~retValue_acc~6;~retValue_acc~6 := ~methaneLevelCritical~0;#res := ~retValue_acc~6; {1502#true} is VALID [2022-02-20 18:08:54,347 INFO L290 TraceCheckUtils]: 31: Hoare triple {1502#true} assume true; {1502#true} is VALID [2022-02-20 18:08:54,347 INFO L284 TraceCheckUtils]: 32: Hoare quadruple {1502#true} {1504#(= ~waterLevel~0 1)} #233#return; {1504#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:54,348 INFO L290 TraceCheckUtils]: 33: Hoare triple {1504#(= ~waterLevel~0 1)} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret49#1 && __utac_acc__Specification3_spec__1_#t~ret49#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~8#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {1504#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:08:54,348 INFO L290 TraceCheckUtils]: 34: Hoare triple {1504#(= ~waterLevel~0 1)} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~8#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~7#1;havoc getWaterLevel_~retValue_acc~7#1;getWaterLevel_~retValue_acc~7#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~7#1; {1515#(= |timeShift_getWaterLevel_#res#1| 1)} is VALID [2022-02-20 18:08:54,349 INFO L290 TraceCheckUtils]: 35: Hoare triple {1515#(= |timeShift_getWaterLevel_#res#1| 1)} __utac_acc__Specification3_spec__1_#t~ret50#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret50#1 && __utac_acc__Specification3_spec__1_#t~ret50#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {1516#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~2#1| 1)} is VALID [2022-02-20 18:08:54,349 INFO L290 TraceCheckUtils]: 36: Hoare triple {1516#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~2#1| 1)} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~4#1;havoc isPumpRunning_~retValue_acc~4#1;isPumpRunning_~retValue_acc~4#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~4#1; {1503#false} is VALID [2022-02-20 18:08:54,349 INFO L290 TraceCheckUtils]: 37: Hoare triple {1503#false} __utac_acc__Specification3_spec__1_#t~ret51#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret51#1 && __utac_acc__Specification3_spec__1_#t~ret51#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret51#1;havoc __utac_acc__Specification3_spec__1_#t~ret51#1; {1503#false} is VALID [2022-02-20 18:08:54,349 INFO L290 TraceCheckUtils]: 38: Hoare triple {1503#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {1503#false} is VALID [2022-02-20 18:08:54,350 INFO L290 TraceCheckUtils]: 39: Hoare triple {1503#false} assume !false; {1503#false} is VALID [2022-02-20 18:08:54,350 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:54,350 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:08:54,350 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [457317972] [2022-02-20 18:08:54,351 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [457317972] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:54,351 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:54,351 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 18:08:54,351 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1405914316] [2022-02-20 18:08:54,351 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:54,352 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.5) internal successors, (33), 5 states have internal predecessors, (33), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 40 [2022-02-20 18:08:54,352 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:54,352 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 5.5) internal successors, (33), 5 states have internal predecessors, (33), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 18:08:54,376 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 40 edges. 40 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:54,376 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 18:08:54,377 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:08:54,377 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 18:08:54,377 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 18:08:54,378 INFO L87 Difference]: Start difference. First operand 71 states and 90 transitions. Second operand has 6 states, 6 states have (on average 5.5) internal successors, (33), 5 states have internal predecessors, (33), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 18:08:54,872 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:54,873 INFO L93 Difference]: Finished difference Result 226 states and 296 transitions. [2022-02-20 18:08:54,873 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2022-02-20 18:08:54,873 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.5) internal successors, (33), 5 states have internal predecessors, (33), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 40 [2022-02-20 18:08:54,874 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:54,874 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 5.5) internal successors, (33), 5 states have internal predecessors, (33), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 18:08:54,877 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 296 transitions. [2022-02-20 18:08:54,878 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 5.5) internal successors, (33), 5 states have internal predecessors, (33), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 18:08:54,881 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 296 transitions. [2022-02-20 18:08:54,881 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states and 296 transitions. [2022-02-20 18:08:55,093 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 296 edges. 296 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:55,097 INFO L225 Difference]: With dead ends: 226 [2022-02-20 18:08:55,097 INFO L226 Difference]: Without dead ends: 162 [2022-02-20 18:08:55,098 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=40, Invalid=70, Unknown=0, NotChecked=0, Total=110 [2022-02-20 18:08:55,098 INFO L933 BasicCegarLoop]: 88 mSDtfsCounter, 132 mSDsluCounter, 232 mSDsCounter, 0 mSdLazyCounter, 162 mSolverCounterSat, 47 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 137 SdHoareTripleChecker+Valid, 320 SdHoareTripleChecker+Invalid, 209 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 47 IncrementalHoareTripleChecker+Valid, 162 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:55,099 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [137 Valid, 320 Invalid, 209 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [47 Valid, 162 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 18:08:55,099 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 162 states. [2022-02-20 18:08:55,109 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 162 to 128. [2022-02-20 18:08:55,109 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:55,109 INFO L82 GeneralOperation]: Start isEquivalent. First operand 162 states. Second operand has 128 states, 92 states have (on average 1.3043478260869565) internal successors, (120), 104 states have internal predecessors, (120), 22 states have call successors, (22), 14 states have call predecessors, (22), 13 states have return successors, (23), 13 states have call predecessors, (23), 22 states have call successors, (23) [2022-02-20 18:08:55,110 INFO L74 IsIncluded]: Start isIncluded. First operand 162 states. Second operand has 128 states, 92 states have (on average 1.3043478260869565) internal successors, (120), 104 states have internal predecessors, (120), 22 states have call successors, (22), 14 states have call predecessors, (22), 13 states have return successors, (23), 13 states have call predecessors, (23), 22 states have call successors, (23) [2022-02-20 18:08:55,110 INFO L87 Difference]: Start difference. First operand 162 states. Second operand has 128 states, 92 states have (on average 1.3043478260869565) internal successors, (120), 104 states have internal predecessors, (120), 22 states have call successors, (22), 14 states have call predecessors, (22), 13 states have return successors, (23), 13 states have call predecessors, (23), 22 states have call successors, (23) [2022-02-20 18:08:55,115 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:55,115 INFO L93 Difference]: Finished difference Result 162 states and 207 transitions. [2022-02-20 18:08:55,115 INFO L276 IsEmpty]: Start isEmpty. Operand 162 states and 207 transitions. [2022-02-20 18:08:55,116 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:55,116 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:55,116 INFO L74 IsIncluded]: Start isIncluded. First operand has 128 states, 92 states have (on average 1.3043478260869565) internal successors, (120), 104 states have internal predecessors, (120), 22 states have call successors, (22), 14 states have call predecessors, (22), 13 states have return successors, (23), 13 states have call predecessors, (23), 22 states have call successors, (23) Second operand 162 states. [2022-02-20 18:08:55,117 INFO L87 Difference]: Start difference. First operand has 128 states, 92 states have (on average 1.3043478260869565) internal successors, (120), 104 states have internal predecessors, (120), 22 states have call successors, (22), 14 states have call predecessors, (22), 13 states have return successors, (23), 13 states have call predecessors, (23), 22 states have call successors, (23) Second operand 162 states. [2022-02-20 18:08:55,121 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:55,121 INFO L93 Difference]: Finished difference Result 162 states and 207 transitions. [2022-02-20 18:08:55,121 INFO L276 IsEmpty]: Start isEmpty. Operand 162 states and 207 transitions. [2022-02-20 18:08:55,122 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:55,122 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:55,122 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:55,122 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:55,123 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 128 states, 92 states have (on average 1.3043478260869565) internal successors, (120), 104 states have internal predecessors, (120), 22 states have call successors, (22), 14 states have call predecessors, (22), 13 states have return successors, (23), 13 states have call predecessors, (23), 22 states have call successors, (23) [2022-02-20 18:08:55,126 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 128 states to 128 states and 165 transitions. [2022-02-20 18:08:55,126 INFO L78 Accepts]: Start accepts. Automaton has 128 states and 165 transitions. Word has length 40 [2022-02-20 18:08:55,127 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:55,127 INFO L470 AbstractCegarLoop]: Abstraction has 128 states and 165 transitions. [2022-02-20 18:08:55,127 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.5) internal successors, (33), 5 states have internal predecessors, (33), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 18:08:55,127 INFO L276 IsEmpty]: Start isEmpty. Operand 128 states and 165 transitions. [2022-02-20 18:08:55,128 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2022-02-20 18:08:55,128 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:55,128 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:55,128 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-02-20 18:08:55,128 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:55,129 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:55,129 INFO L85 PathProgramCache]: Analyzing trace with hash 1790167811, now seen corresponding path program 1 times [2022-02-20 18:08:55,129 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:08:55,129 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2116112714] [2022-02-20 18:08:55,129 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:55,130 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:08:55,163 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:55,185 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2022-02-20 18:08:55,186 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:55,189 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-02-20 18:08:55,190 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:55,192 INFO L290 TraceCheckUtils]: 0: Hoare triple {2361#true} assume true; {2361#true} is VALID [2022-02-20 18:08:55,192 INFO L284 TraceCheckUtils]: 1: Hoare quadruple {2361#true} {2361#true} #247#return; {2361#true} is VALID [2022-02-20 18:08:55,192 INFO L290 TraceCheckUtils]: 0: Hoare triple {2374#(= ~pumpRunning~0 |old(~pumpRunning~0)|)} havoc ~tmp~3#1; {2361#true} is VALID [2022-02-20 18:08:55,192 INFO L290 TraceCheckUtils]: 1: Hoare triple {2361#true} assume !(0 != ~pumpRunning~0); {2361#true} is VALID [2022-02-20 18:08:55,192 INFO L272 TraceCheckUtils]: 2: Hoare triple {2361#true} call processEnvironment__wrappee__base(); {2361#true} is VALID [2022-02-20 18:08:55,192 INFO L290 TraceCheckUtils]: 3: Hoare triple {2361#true} assume true; {2361#true} is VALID [2022-02-20 18:08:55,193 INFO L284 TraceCheckUtils]: 4: Hoare quadruple {2361#true} {2361#true} #247#return; {2361#true} is VALID [2022-02-20 18:08:55,193 INFO L290 TraceCheckUtils]: 5: Hoare triple {2361#true} assume true; {2361#true} is VALID [2022-02-20 18:08:55,193 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {2361#true} {2362#false} #231#return; {2362#false} is VALID [2022-02-20 18:08:55,193 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2022-02-20 18:08:55,194 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:08:55,196 INFO L290 TraceCheckUtils]: 0: Hoare triple {2361#true} havoc ~retValue_acc~6;~retValue_acc~6 := ~methaneLevelCritical~0;#res := ~retValue_acc~6; {2361#true} is VALID [2022-02-20 18:08:55,196 INFO L290 TraceCheckUtils]: 1: Hoare triple {2361#true} assume true; {2361#true} is VALID [2022-02-20 18:08:55,197 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {2361#true} {2362#false} #233#return; {2362#false} is VALID [2022-02-20 18:08:55,197 INFO L290 TraceCheckUtils]: 0: Hoare triple {2361#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(30, 4);call #Ultimate.allocInit(9, 5);call #Ultimate.allocInit(21, 6);call #Ultimate.allocInit(30, 7);call #Ultimate.allocInit(9, 8);call #Ultimate.allocInit(21, 9);call #Ultimate.allocInit(30, 10);call #Ultimate.allocInit(9, 11);call #Ultimate.allocInit(25, 12);call #Ultimate.allocInit(30, 13);call #Ultimate.allocInit(9, 14);call #Ultimate.allocInit(25, 15);call #Ultimate.allocInit(13, 16);call #Ultimate.allocInit(3, 17);call write~init~int(79, 17, 0, 1);call write~init~int(110, 17, 1, 1);call write~init~int(0, 17, 2, 1);call #Ultimate.allocInit(4, 18);call write~init~int(79, 18, 0, 1);call write~init~int(102, 18, 1, 1);call write~init~int(102, 18, 2, 1);call write~init~int(0, 18, 3, 1);call #Ultimate.allocInit(7, 19);call write~init~int(44, 19, 0, 1);call write~init~int(80, 19, 1, 1);call write~init~int(117, 19, 2, 1);call write~init~int(109, 19, 3, 1);call write~init~int(112, 19, 4, 1);call write~init~int(58, 19, 5, 1);call write~init~int(0, 19, 6, 1);call #Ultimate.allocInit(3, 20);call write~init~int(79, 20, 0, 1);call write~init~int(110, 20, 1, 1);call write~init~int(0, 20, 2, 1);call #Ultimate.allocInit(4, 21);call write~init~int(79, 21, 0, 1);call write~init~int(102, 21, 1, 1);call write~init~int(102, 21, 2, 1);call write~init~int(0, 21, 3, 1);call #Ultimate.allocInit(3, 22);call write~init~int(41, 22, 0, 1);call write~init~int(32, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(2, 23);call write~init~int(10, 23, 0, 1);call write~init~int(0, 23, 1, 1);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~head~0.base, ~head~0.offset := 0, 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~cleanupTimeShifts~0 := 4; {2363#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:55,197 INFO L290 TraceCheckUtils]: 1: Hoare triple {2363#(= ~pumpRunning~0 0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret48#1, main_~retValue_acc~9#1, main_~tmp~7#1;havoc main_~retValue_acc~9#1;havoc main_~tmp~7#1;assume { :begin_inline_select_helpers } true; {2363#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:55,198 INFO L290 TraceCheckUtils]: 2: Hoare triple {2363#(= ~pumpRunning~0 0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {2363#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:55,198 INFO L290 TraceCheckUtils]: 3: Hoare triple {2363#(= ~pumpRunning~0 0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~11#1;havoc valid_product_~retValue_acc~11#1;valid_product_~retValue_acc~11#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~11#1; {2363#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:55,198 INFO L290 TraceCheckUtils]: 4: Hoare triple {2363#(= ~pumpRunning~0 0)} main_#t~ret48#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret48#1 && main_#t~ret48#1 <= 2147483647;main_~tmp~7#1 := main_#t~ret48#1;havoc main_#t~ret48#1; {2363#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:55,199 INFO L290 TraceCheckUtils]: 5: Hoare triple {2363#(= ~pumpRunning~0 0)} assume 0 != main_~tmp~7#1;assume { :begin_inline_setup } true; {2363#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:55,199 INFO L290 TraceCheckUtils]: 6: Hoare triple {2363#(= ~pumpRunning~0 0)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet39#1, test_#t~nondet40#1, test_#t~nondet41#1, test_#t~nondet42#1, test_~splverifierCounter~0#1, test_~tmp~6#1, test_~tmp___0~1#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~6#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {2363#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:55,199 INFO L290 TraceCheckUtils]: 7: Hoare triple {2363#(= ~pumpRunning~0 0)} assume !false; {2363#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:55,200 INFO L290 TraceCheckUtils]: 8: Hoare triple {2363#(= ~pumpRunning~0 0)} assume test_~splverifierCounter~0#1 < 4; {2363#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:55,200 INFO L290 TraceCheckUtils]: 9: Hoare triple {2363#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet39#1 && test_#t~nondet39#1 <= 2147483647;test_~tmp~6#1 := test_#t~nondet39#1;havoc test_#t~nondet39#1; {2363#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:55,200 INFO L290 TraceCheckUtils]: 10: Hoare triple {2363#(= ~pumpRunning~0 0)} assume !(0 != test_~tmp~6#1); {2363#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:55,201 INFO L290 TraceCheckUtils]: 11: Hoare triple {2363#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet40#1 && test_#t~nondet40#1 <= 2147483647;test_~tmp___0~1#1 := test_#t~nondet40#1;havoc test_#t~nondet40#1; {2363#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:55,201 INFO L290 TraceCheckUtils]: 12: Hoare triple {2363#(= ~pumpRunning~0 0)} assume !(0 != test_~tmp___0~1#1); {2363#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:55,201 INFO L290 TraceCheckUtils]: 13: Hoare triple {2363#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet41#1 && test_#t~nondet41#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet41#1;havoc test_#t~nondet41#1; {2363#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:55,202 INFO L290 TraceCheckUtils]: 14: Hoare triple {2363#(= ~pumpRunning~0 0)} assume 0 != test_~tmp___2~0#1; {2363#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:55,202 INFO L272 TraceCheckUtils]: 15: Hoare triple {2363#(= ~pumpRunning~0 0)} call timeShift(); {2363#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:08:55,202 INFO L290 TraceCheckUtils]: 16: Hoare triple {2363#(= ~pumpRunning~0 0)} assume 0 != ~pumpRunning~0;assume { :begin_inline_lowerWaterLevel } true; {2362#false} is VALID [2022-02-20 18:08:55,203 INFO L290 TraceCheckUtils]: 17: Hoare triple {2362#false} assume ~waterLevel~0 > 0;~waterLevel~0 := ~waterLevel~0 - 1; {2362#false} is VALID [2022-02-20 18:08:55,203 INFO L290 TraceCheckUtils]: 18: Hoare triple {2362#false} assume { :end_inline_lowerWaterLevel } true; {2362#false} is VALID [2022-02-20 18:08:55,203 INFO L290 TraceCheckUtils]: 19: Hoare triple {2362#false} assume 0 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret28#1, processEnvironment_~tmp~4#1;havoc processEnvironment_~tmp~4#1; {2362#false} is VALID [2022-02-20 18:08:55,203 INFO L290 TraceCheckUtils]: 20: Hoare triple {2362#false} assume !(0 != ~pumpRunning~0); {2362#false} is VALID [2022-02-20 18:08:55,203 INFO L272 TraceCheckUtils]: 21: Hoare triple {2362#false} call processEnvironment__wrappee__lowWaterSensor(); {2374#(= ~pumpRunning~0 |old(~pumpRunning~0)|)} is VALID [2022-02-20 18:08:55,204 INFO L290 TraceCheckUtils]: 22: Hoare triple {2374#(= ~pumpRunning~0 |old(~pumpRunning~0)|)} havoc ~tmp~3#1; {2361#true} is VALID [2022-02-20 18:08:55,204 INFO L290 TraceCheckUtils]: 23: Hoare triple {2361#true} assume !(0 != ~pumpRunning~0); {2361#true} is VALID [2022-02-20 18:08:55,204 INFO L272 TraceCheckUtils]: 24: Hoare triple {2361#true} call processEnvironment__wrappee__base(); {2361#true} is VALID [2022-02-20 18:08:55,204 INFO L290 TraceCheckUtils]: 25: Hoare triple {2361#true} assume true; {2361#true} is VALID [2022-02-20 18:08:55,204 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {2361#true} {2361#true} #247#return; {2361#true} is VALID [2022-02-20 18:08:55,204 INFO L290 TraceCheckUtils]: 27: Hoare triple {2361#true} assume true; {2361#true} is VALID [2022-02-20 18:08:55,205 INFO L284 TraceCheckUtils]: 28: Hoare quadruple {2361#true} {2362#false} #231#return; {2362#false} is VALID [2022-02-20 18:08:55,205 INFO L290 TraceCheckUtils]: 29: Hoare triple {2362#false} assume { :end_inline_processEnvironment } true; {2362#false} is VALID [2022-02-20 18:08:55,205 INFO L290 TraceCheckUtils]: 30: Hoare triple {2362#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_#t~ret51#1, __utac_acc__Specification3_spec__1_~tmp~8#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~8#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {2362#false} is VALID [2022-02-20 18:08:55,205 INFO L272 TraceCheckUtils]: 31: Hoare triple {2362#false} call __utac_acc__Specification3_spec__1_#t~ret49#1 := isMethaneLevelCritical(); {2361#true} is VALID [2022-02-20 18:08:55,205 INFO L290 TraceCheckUtils]: 32: Hoare triple {2361#true} havoc ~retValue_acc~6;~retValue_acc~6 := ~methaneLevelCritical~0;#res := ~retValue_acc~6; {2361#true} is VALID [2022-02-20 18:08:55,205 INFO L290 TraceCheckUtils]: 33: Hoare triple {2361#true} assume true; {2361#true} is VALID [2022-02-20 18:08:55,206 INFO L284 TraceCheckUtils]: 34: Hoare quadruple {2361#true} {2362#false} #233#return; {2362#false} is VALID [2022-02-20 18:08:55,206 INFO L290 TraceCheckUtils]: 35: Hoare triple {2362#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret49#1 && __utac_acc__Specification3_spec__1_#t~ret49#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~8#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {2362#false} is VALID [2022-02-20 18:08:55,206 INFO L290 TraceCheckUtils]: 36: Hoare triple {2362#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~8#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~7#1;havoc getWaterLevel_~retValue_acc~7#1;getWaterLevel_~retValue_acc~7#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~7#1; {2362#false} is VALID [2022-02-20 18:08:55,206 INFO L290 TraceCheckUtils]: 37: Hoare triple {2362#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret50#1 && __utac_acc__Specification3_spec__1_#t~ret50#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {2362#false} is VALID [2022-02-20 18:08:55,206 INFO L290 TraceCheckUtils]: 38: Hoare triple {2362#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~4#1;havoc isPumpRunning_~retValue_acc~4#1;isPumpRunning_~retValue_acc~4#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~4#1; {2362#false} is VALID [2022-02-20 18:08:55,206 INFO L290 TraceCheckUtils]: 39: Hoare triple {2362#false} __utac_acc__Specification3_spec__1_#t~ret51#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret51#1 && __utac_acc__Specification3_spec__1_#t~ret51#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret51#1;havoc __utac_acc__Specification3_spec__1_#t~ret51#1; {2362#false} is VALID [2022-02-20 18:08:55,207 INFO L290 TraceCheckUtils]: 40: Hoare triple {2362#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {2362#false} is VALID [2022-02-20 18:08:55,207 INFO L290 TraceCheckUtils]: 41: Hoare triple {2362#false} assume !false; {2362#false} is VALID [2022-02-20 18:08:55,207 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:08:55,207 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:08:55,207 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2116112714] [2022-02-20 18:08:55,208 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2116112714] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:08:55,208 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:08:55,208 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 18:08:55,208 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [27298081] [2022-02-20 18:08:55,208 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:08:55,209 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 8.75) internal successors, (35), 3 states have internal predecessors, (35), 3 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 42 [2022-02-20 18:08:55,209 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:08:55,209 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 4 states have (on average 8.75) internal successors, (35), 3 states have internal predecessors, (35), 3 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 18:08:55,233 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 42 edges. 42 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:55,233 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 18:08:55,233 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:08:55,234 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 18:08:55,234 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-20 18:08:55,234 INFO L87 Difference]: Start difference. First operand 128 states and 165 transitions. Second operand has 4 states, 4 states have (on average 8.75) internal successors, (35), 3 states have internal predecessors, (35), 3 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 18:08:55,333 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:55,333 INFO L93 Difference]: Finished difference Result 214 states and 277 transitions. [2022-02-20 18:08:55,334 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 18:08:55,334 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 8.75) internal successors, (35), 3 states have internal predecessors, (35), 3 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 42 [2022-02-20 18:08:55,334 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:08:55,334 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 8.75) internal successors, (35), 3 states have internal predecessors, (35), 3 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 18:08:55,336 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 149 transitions. [2022-02-20 18:08:55,336 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 8.75) internal successors, (35), 3 states have internal predecessors, (35), 3 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 18:08:55,337 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 149 transitions. [2022-02-20 18:08:55,338 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 149 transitions. [2022-02-20 18:08:55,436 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 149 edges. 149 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:08:55,438 INFO L225 Difference]: With dead ends: 214 [2022-02-20 18:08:55,438 INFO L226 Difference]: Without dead ends: 93 [2022-02-20 18:08:55,439 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-20 18:08:55,439 INFO L933 BasicCegarLoop]: 51 mSDtfsCounter, 65 mSDsluCounter, 19 mSDsCounter, 0 mSdLazyCounter, 14 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 67 SdHoareTripleChecker+Valid, 70 SdHoareTripleChecker+Invalid, 32 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 14 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:08:55,440 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [67 Valid, 70 Invalid, 32 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 14 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:08:55,452 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 93 states. [2022-02-20 18:08:55,457 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 93 to 93. [2022-02-20 18:08:55,457 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:08:55,458 INFO L82 GeneralOperation]: Start isEquivalent. First operand 93 states. Second operand has 93 states, 69 states have (on average 1.2173913043478262) internal successors, (84), 73 states have internal predecessors, (84), 12 states have call successors, (12), 12 states have call predecessors, (12), 11 states have return successors, (12), 11 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:08:55,458 INFO L74 IsIncluded]: Start isIncluded. First operand 93 states. Second operand has 93 states, 69 states have (on average 1.2173913043478262) internal successors, (84), 73 states have internal predecessors, (84), 12 states have call successors, (12), 12 states have call predecessors, (12), 11 states have return successors, (12), 11 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:08:55,458 INFO L87 Difference]: Start difference. First operand 93 states. Second operand has 93 states, 69 states have (on average 1.2173913043478262) internal successors, (84), 73 states have internal predecessors, (84), 12 states have call successors, (12), 12 states have call predecessors, (12), 11 states have return successors, (12), 11 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:08:55,460 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:55,461 INFO L93 Difference]: Finished difference Result 93 states and 108 transitions. [2022-02-20 18:08:55,461 INFO L276 IsEmpty]: Start isEmpty. Operand 93 states and 108 transitions. [2022-02-20 18:08:55,461 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:55,461 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:55,462 INFO L74 IsIncluded]: Start isIncluded. First operand has 93 states, 69 states have (on average 1.2173913043478262) internal successors, (84), 73 states have internal predecessors, (84), 12 states have call successors, (12), 12 states have call predecessors, (12), 11 states have return successors, (12), 11 states have call predecessors, (12), 12 states have call successors, (12) Second operand 93 states. [2022-02-20 18:08:55,462 INFO L87 Difference]: Start difference. First operand has 93 states, 69 states have (on average 1.2173913043478262) internal successors, (84), 73 states have internal predecessors, (84), 12 states have call successors, (12), 12 states have call predecessors, (12), 11 states have return successors, (12), 11 states have call predecessors, (12), 12 states have call successors, (12) Second operand 93 states. [2022-02-20 18:08:55,464 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:08:55,464 INFO L93 Difference]: Finished difference Result 93 states and 108 transitions. [2022-02-20 18:08:55,464 INFO L276 IsEmpty]: Start isEmpty. Operand 93 states and 108 transitions. [2022-02-20 18:08:55,464 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:08:55,464 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:08:55,465 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:08:55,465 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:08:55,465 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 93 states, 69 states have (on average 1.2173913043478262) internal successors, (84), 73 states have internal predecessors, (84), 12 states have call successors, (12), 12 states have call predecessors, (12), 11 states have return successors, (12), 11 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:08:55,467 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 93 states to 93 states and 108 transitions. [2022-02-20 18:08:55,467 INFO L78 Accepts]: Start accepts. Automaton has 93 states and 108 transitions. Word has length 42 [2022-02-20 18:08:55,468 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:08:55,468 INFO L470 AbstractCegarLoop]: Abstraction has 93 states and 108 transitions. [2022-02-20 18:08:55,468 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 8.75) internal successors, (35), 3 states have internal predecessors, (35), 3 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 18:08:55,468 INFO L276 IsEmpty]: Start isEmpty. Operand 93 states and 108 transitions. [2022-02-20 18:08:55,469 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2022-02-20 18:08:55,469 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:08:55,469 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:08:55,469 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-02-20 18:08:55,469 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:08:55,470 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:08:55,470 INFO L85 PathProgramCache]: Analyzing trace with hash 20451684, now seen corresponding path program 1 times [2022-02-20 18:08:55,470 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:08:55,470 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1946479867] [2022-02-20 18:08:55,470 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:08:55,470 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:08:55,503 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:08:55,504 INFO L352 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2022-02-20 18:08:55,515 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:08:55,536 INFO L138 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2022-02-20 18:08:55,537 INFO L628 BasicCegarLoop]: Counterexample is feasible [2022-02-20 18:08:55,537 INFO L764 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-02-20 18:08:55,539 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-02-20 18:08:55,541 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1] [2022-02-20 18:08:55,543 INFO L180 ceAbstractionStarter]: Computing trace abstraction results [2022-02-20 18:08:55,561 FATAL L489 DefaultTranslator]: Callstack has procedure call flag but succeeding procedure is empty at [CALL] call waterRise(); [2022-02-20 18:08:55,562 FATAL L? ?]: The Plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction has thrown an exception: java.lang.AssertionError: callstack broken after backtranslation by InlinerBacktranslator at de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:216) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:206) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getProgramExecutionAsString(CounterExampleResult.java:155) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getLongDescription(CounterExampleResult.java:134) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ResultService.reportResult(ResultService.java:86) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.CegarLoopResultReporter.reportResult(CegarLoopResultReporter.java:141) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.reportLocationResults(TraceAbstractionStarter.java:607) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.runCegarLoops(TraceAbstractionStarter.java:182) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.(TraceAbstractionStarter.java:156) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver.finish(TraceAbstractionObserver.java:123) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runObserver(PluginConnector.java:168) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runTool(PluginConnector.java:151) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.run(PluginConnector.java:128) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.executePluginConnector(ToolchainWalker.java:232) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.processPlugin(ToolchainWalker.java:226) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walkUnprotected(ToolchainWalker.java:142) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walk(ToolchainWalker.java:104) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainManager$Toolchain.processToolchain(ToolchainManager.java:320) at de.uni_freiburg.informatik.ultimate.core.coreplugin.toolchain.DefaultToolchainJob.run(DefaultToolchainJob.java:145) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:63) [2022-02-20 18:08:55,565 INFO L158 Benchmark]: Toolchain (without parser) took 3610.53ms. Allocated memory was 115.3MB in the beginning and 161.5MB in the end (delta: 46.1MB). Free memory was 84.9MB in the beginning and 116.2MB in the end (delta: -31.3MB). Peak memory consumption was 14.4MB. Max. memory is 16.1GB. [2022-02-20 18:08:55,565 INFO L158 Benchmark]: CDTParser took 0.17ms. Allocated memory is still 115.3MB. Free memory is still 69.3MB. There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:08:55,565 INFO L158 Benchmark]: CACSL2BoogieTranslator took 420.91ms. Allocated memory is still 115.3MB. Free memory was 84.7MB in the beginning and 78.2MB in the end (delta: 6.5MB). Peak memory consumption was 9.4MB. Max. memory is 16.1GB. [2022-02-20 18:08:55,565 INFO L158 Benchmark]: Boogie Procedure Inliner took 64.44ms. Allocated memory is still 115.3MB. Free memory was 78.2MB in the beginning and 75.4MB in the end (delta: 2.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:08:55,566 INFO L158 Benchmark]: Boogie Preprocessor took 39.81ms. Allocated memory is still 115.3MB. Free memory was 75.4MB in the beginning and 73.7MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:08:55,566 INFO L158 Benchmark]: RCFGBuilder took 467.82ms. Allocated memory was 115.3MB in the beginning and 161.5MB in the end (delta: 46.1MB). Free memory was 73.7MB in the beginning and 131.5MB in the end (delta: -57.7MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2022-02-20 18:08:55,566 INFO L158 Benchmark]: TraceAbstraction took 2610.55ms. Allocated memory is still 161.5MB. Free memory was 131.5MB in the beginning and 116.2MB in the end (delta: 15.2MB). Peak memory consumption was 15.1MB. Max. memory is 16.1GB. [2022-02-20 18:08:55,567 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.17ms. Allocated memory is still 115.3MB. Free memory is still 69.3MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 420.91ms. Allocated memory is still 115.3MB. Free memory was 84.7MB in the beginning and 78.2MB in the end (delta: 6.5MB). Peak memory consumption was 9.4MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 64.44ms. Allocated memory is still 115.3MB. Free memory was 78.2MB in the beginning and 75.4MB in the end (delta: 2.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 39.81ms. Allocated memory is still 115.3MB. Free memory was 75.4MB in the beginning and 73.7MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 467.82ms. Allocated memory was 115.3MB in the beginning and 161.5MB in the end (delta: 46.1MB). Free memory was 73.7MB in the beginning and 131.5MB in the end (delta: -57.7MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * TraceAbstraction took 2610.55ms. Allocated memory is still 161.5MB. Free memory was 131.5MB in the beginning and 116.2MB in the end (delta: 15.2MB). Peak memory consumption was 15.1MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: AssertionError: callstack broken after backtranslation by InlinerBacktranslator: de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) RESULT: Ultimate could not prove your program: Toolchain returned no result. [2022-02-20 18:08:55,594 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Using bit-precise analysis Retrying with bit-precise analysis ### Bit-precise run ### Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_product21.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Bitvector.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash cb1c81112da7426f28a4c2690555e17bdc3cfadcaf288b3cb23a3bbf0c5e9fe6 --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 18:08:57,871 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 18:08:57,874 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 18:08:57,914 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 18:08:57,914 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 18:08:57,918 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 18:08:57,919 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 18:08:57,924 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 18:08:57,926 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 18:08:57,931 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 18:08:57,932 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 18:08:57,944 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 18:08:57,945 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 18:08:57,947 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 18:08:57,948 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 18:08:57,955 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 18:08:57,956 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 18:08:57,957 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 18:08:57,959 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 18:08:57,961 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 18:08:57,962 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 18:08:57,963 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 18:08:57,964 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 18:08:57,965 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 18:08:57,974 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 18:08:57,975 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 18:08:57,975 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 18:08:57,976 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 18:08:57,977 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 18:08:57,977 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 18:08:57,978 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 18:08:57,978 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 18:08:57,980 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 18:08:57,980 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 18:08:57,981 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 18:08:57,982 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 18:08:57,982 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 18:08:57,982 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 18:08:57,983 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 18:08:57,984 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 18:08:57,985 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 18:08:57,985 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Bitvector.epf [2022-02-20 18:08:58,020 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 18:08:58,020 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 18:08:58,021 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 18:08:58,021 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 18:08:58,022 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 18:08:58,022 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 18:08:58,023 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 18:08:58,024 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 18:08:58,024 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 18:08:58,024 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 18:08:58,025 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 18:08:58,025 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 18:08:58,025 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 18:08:58,025 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-02-20 18:08:58,025 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 18:08:58,026 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-02-20 18:08:58,026 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-02-20 18:08:58,026 INFO L138 SettingsManager]: * Use bitvectors instead of ints=true [2022-02-20 18:08:58,026 INFO L138 SettingsManager]: * Memory model=HoenickeLindenmann_4ByteResolution [2022-02-20 18:08:58,026 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 18:08:58,026 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-02-20 18:08:58,027 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 18:08:58,027 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-02-20 18:08:58,027 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 18:08:58,027 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 18:08:58,027 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 18:08:58,027 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:08:58,028 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 18:08:58,028 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 18:08:58,028 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-02-20 18:08:58,028 INFO L138 SettingsManager]: * Trace refinement strategy=WOLF [2022-02-20 18:08:58,028 INFO L138 SettingsManager]: * Command for external solver=cvc4 --incremental --print-success --lang smt [2022-02-20 18:08:58,029 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2022-02-20 18:08:58,029 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-02-20 18:08:58,029 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-02-20 18:08:58,029 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2022-02-20 18:08:58,029 INFO L138 SettingsManager]: * Logic for external solver=AUFBV WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> cb1c81112da7426f28a4c2690555e17bdc3cfadcaf288b3cb23a3bbf0c5e9fe6 [2022-02-20 18:08:58,325 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 18:08:58,358 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 18:08:58,361 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 18:08:58,362 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 18:08:58,362 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 18:08:58,364 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_product21.cil.c [2022-02-20 18:08:58,417 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/71316acc1/d6466f7330394fe88a134e0c31938ae4/FLAG8c94fbae8 [2022-02-20 18:08:58,859 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 18:08:58,860 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product21.cil.c [2022-02-20 18:08:58,868 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/71316acc1/d6466f7330394fe88a134e0c31938ae4/FLAG8c94fbae8 [2022-02-20 18:08:58,881 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/71316acc1/d6466f7330394fe88a134e0c31938ae4 [2022-02-20 18:08:58,883 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 18:08:58,884 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 18:08:58,885 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 18:08:58,885 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 18:08:58,888 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 18:08:58,889 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:08:58" (1/1) ... [2022-02-20 18:08:58,890 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@35b6fd24 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:58, skipping insertion in model container [2022-02-20 18:08:58,890 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:08:58" (1/1) ... [2022-02-20 18:08:58,896 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 18:08:58,945 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:08:59,270 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product21.cil.c[13817,13830] [2022-02-20 18:08:59,311 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:08:59,332 INFO L200 MainTranslator]: Restarting translation with changed settings: SettingsChange [mNewPreferredMemoryModel=HoenickeLindenmann_1ByteResolution] [2022-02-20 18:08:59,338 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:08:59,368 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product21.cil.c[13817,13830] [2022-02-20 18:08:59,378 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:08:59,382 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 18:08:59,434 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product21.cil.c[13817,13830] [2022-02-20 18:08:59,452 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:08:59,477 INFO L208 MainTranslator]: Completed translation [2022-02-20 18:08:59,478 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:59 WrapperNode [2022-02-20 18:08:59,478 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 18:08:59,479 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 18:08:59,479 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 18:08:59,480 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 18:08:59,485 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:59" (1/1) ... [2022-02-20 18:08:59,514 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:59" (1/1) ... [2022-02-20 18:08:59,540 INFO L137 Inliner]: procedures = 55, calls = 154, calls flagged for inlining = 20, calls inlined = 17, statements flattened = 231 [2022-02-20 18:08:59,540 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 18:08:59,541 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 18:08:59,541 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 18:08:59,541 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 18:08:59,548 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:59" (1/1) ... [2022-02-20 18:08:59,549 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:59" (1/1) ... [2022-02-20 18:08:59,552 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:59" (1/1) ... [2022-02-20 18:08:59,552 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:59" (1/1) ... [2022-02-20 18:08:59,557 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:59" (1/1) ... [2022-02-20 18:08:59,562 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:59" (1/1) ... [2022-02-20 18:08:59,563 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:59" (1/1) ... [2022-02-20 18:08:59,566 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 18:08:59,567 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 18:08:59,567 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 18:08:59,567 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 18:08:59,568 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:59" (1/1) ... [2022-02-20 18:08:59,574 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:08:59,583 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 18:08:59,627 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 18:08:59,637 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 18:08:59,668 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 18:08:59,669 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-02-20 18:08:59,669 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-02-20 18:08:59,669 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-02-20 18:08:59,669 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-02-20 18:08:59,669 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-02-20 18:08:59,669 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-02-20 18:08:59,670 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-02-20 18:08:59,670 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-02-20 18:08:59,670 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-02-20 18:08:59,670 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-02-20 18:08:59,670 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2022-02-20 18:08:59,670 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2022-02-20 18:08:59,670 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~intINTTYPE1 [2022-02-20 18:08:59,671 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-02-20 18:08:59,671 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-02-20 18:08:59,671 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-02-20 18:08:59,671 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-02-20 18:08:59,671 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 18:08:59,671 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 18:08:59,740 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 18:08:59,742 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 18:09:00,136 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 18:09:00,141 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 18:09:00,141 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-02-20 18:09:00,143 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:09:00 BoogieIcfgContainer [2022-02-20 18:09:00,143 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 18:09:00,144 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 18:09:00,144 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 18:09:00,146 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 18:09:00,146 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 06:08:58" (1/3) ... [2022-02-20 18:09:00,147 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3f621dfe and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:09:00, skipping insertion in model container [2022-02-20 18:09:00,147 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:08:59" (2/3) ... [2022-02-20 18:09:00,147 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3f621dfe and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:09:00, skipping insertion in model container [2022-02-20 18:09:00,147 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:09:00" (3/3) ... [2022-02-20 18:09:00,148 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product21.cil.c [2022-02-20 18:09:00,151 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 18:09:00,152 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-02-20 18:09:00,185 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 18:09:00,190 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 18:09:00,191 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-02-20 18:09:00,210 INFO L276 IsEmpty]: Start isEmpty. Operand has 89 states, 65 states have (on average 1.3846153846153846) internal successors, (90), 73 states have internal predecessors, (90), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 10 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 18:09:00,238 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 18:09:00,238 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:00,239 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:00,239 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:00,247 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:00,248 INFO L85 PathProgramCache]: Analyzing trace with hash 1281352950, now seen corresponding path program 1 times [2022-02-20 18:09:00,259 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:00,274 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1972343186] [2022-02-20 18:09:00,275 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:00,276 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:00,276 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:00,278 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:00,280 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Waiting until timeout for monitored process [2022-02-20 18:09:00,380 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:00,385 INFO L263 TraceCheckSpWp]: Trace formula consists of 154 conjuncts, 1 conjunts are in the unsatisfiable core [2022-02-20 18:09:00,395 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:00,398 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:00,488 INFO L290 TraceCheckUtils]: 0: Hoare triple {92#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(30bv32, 4bv32);call #Ultimate.allocInit(9bv32, 5bv32);call #Ultimate.allocInit(21bv32, 6bv32);call #Ultimate.allocInit(30bv32, 7bv32);call #Ultimate.allocInit(9bv32, 8bv32);call #Ultimate.allocInit(21bv32, 9bv32);call #Ultimate.allocInit(30bv32, 10bv32);call #Ultimate.allocInit(9bv32, 11bv32);call #Ultimate.allocInit(25bv32, 12bv32);call #Ultimate.allocInit(30bv32, 13bv32);call #Ultimate.allocInit(9bv32, 14bv32);call #Ultimate.allocInit(25bv32, 15bv32);call #Ultimate.allocInit(13bv32, 16bv32);call #Ultimate.allocInit(3bv32, 17bv32);call write~init~intINTTYPE1(79bv8, 17bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 17bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 17bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 18bv32);call write~init~intINTTYPE1(79bv8, 18bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 18bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 19bv32);call write~init~intINTTYPE1(44bv8, 19bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 19bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 19bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 19bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 19bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 19bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 19bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 20bv32);call write~init~intINTTYPE1(79bv8, 20bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 20bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 20bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 21bv32);call write~init~intINTTYPE1(79bv8, 21bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 21bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(41bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 23bv32);call write~init~intINTTYPE1(10bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 24bv32);call #Ultimate.allocInit(7bv32, 25bv32);call write~init~intINTTYPE1(44bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 25bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 25bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 25bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 25bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 26bv32);call write~init~intINTTYPE1(67bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 26bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(79bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(41bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~head~0.base, ~head~0.offset := 0bv32, 0bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~cleanupTimeShifts~0 := 4bv32; {92#true} is VALID [2022-02-20 18:09:00,492 INFO L290 TraceCheckUtils]: 1: Hoare triple {92#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret48#1, main_~retValue_acc~9#1, main_~tmp~7#1;havoc main_~retValue_acc~9#1;havoc main_~tmp~7#1;assume { :begin_inline_select_helpers } true; {92#true} is VALID [2022-02-20 18:09:00,492 INFO L290 TraceCheckUtils]: 2: Hoare triple {92#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {92#true} is VALID [2022-02-20 18:09:00,492 INFO L290 TraceCheckUtils]: 3: Hoare triple {92#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~11#1;havoc valid_product_~retValue_acc~11#1;valid_product_~retValue_acc~11#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~11#1; {92#true} is VALID [2022-02-20 18:09:00,492 INFO L290 TraceCheckUtils]: 4: Hoare triple {92#true} main_#t~ret48#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~7#1 := main_#t~ret48#1;havoc main_#t~ret48#1; {92#true} is VALID [2022-02-20 18:09:00,492 INFO L290 TraceCheckUtils]: 5: Hoare triple {92#true} assume 0bv32 != main_~tmp~7#1;assume { :begin_inline_setup } true; {92#true} is VALID [2022-02-20 18:09:00,493 INFO L290 TraceCheckUtils]: 6: Hoare triple {92#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet39#1, test_#t~nondet40#1, test_#t~nondet41#1, test_#t~nondet42#1, test_~splverifierCounter~0#1, test_~tmp~6#1, test_~tmp___0~1#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~6#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {92#true} is VALID [2022-02-20 18:09:00,494 INFO L290 TraceCheckUtils]: 7: Hoare triple {92#true} assume false; {93#false} is VALID [2022-02-20 18:09:00,494 INFO L272 TraceCheckUtils]: 8: Hoare triple {93#false} call cleanup(); {93#false} is VALID [2022-02-20 18:09:00,494 INFO L290 TraceCheckUtils]: 9: Hoare triple {93#false} havoc ~i~0;havoc ~__cil_tmp2~0; {93#false} is VALID [2022-02-20 18:09:00,495 INFO L272 TraceCheckUtils]: 10: Hoare triple {93#false} call timeShift(); {93#false} is VALID [2022-02-20 18:09:00,495 INFO L290 TraceCheckUtils]: 11: Hoare triple {93#false} assume !(0bv32 != ~pumpRunning~0); {93#false} is VALID [2022-02-20 18:09:00,495 INFO L290 TraceCheckUtils]: 12: Hoare triple {93#false} assume !(0bv32 != ~systemActive~0); {93#false} is VALID [2022-02-20 18:09:00,495 INFO L290 TraceCheckUtils]: 13: Hoare triple {93#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_#t~ret51#1, __utac_acc__Specification3_spec__1_~tmp~8#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~8#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {93#false} is VALID [2022-02-20 18:09:00,495 INFO L272 TraceCheckUtils]: 14: Hoare triple {93#false} call __utac_acc__Specification3_spec__1_#t~ret49#1 := isMethaneLevelCritical(); {93#false} is VALID [2022-02-20 18:09:00,496 INFO L290 TraceCheckUtils]: 15: Hoare triple {93#false} havoc ~retValue_acc~6;~retValue_acc~6 := ~methaneLevelCritical~0;#res := ~retValue_acc~6; {93#false} is VALID [2022-02-20 18:09:00,496 INFO L290 TraceCheckUtils]: 16: Hoare triple {93#false} assume true; {93#false} is VALID [2022-02-20 18:09:00,496 INFO L284 TraceCheckUtils]: 17: Hoare quadruple {93#false} {93#false} #233#return; {93#false} is VALID [2022-02-20 18:09:00,496 INFO L290 TraceCheckUtils]: 18: Hoare triple {93#false} __utac_acc__Specification3_spec__1_~tmp~8#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {93#false} is VALID [2022-02-20 18:09:00,496 INFO L290 TraceCheckUtils]: 19: Hoare triple {93#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~8#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~7#1;havoc getWaterLevel_~retValue_acc~7#1;getWaterLevel_~retValue_acc~7#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~7#1; {93#false} is VALID [2022-02-20 18:09:00,496 INFO L290 TraceCheckUtils]: 20: Hoare triple {93#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {93#false} is VALID [2022-02-20 18:09:00,496 INFO L290 TraceCheckUtils]: 21: Hoare triple {93#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~4#1;havoc isPumpRunning_~retValue_acc~4#1;isPumpRunning_~retValue_acc~4#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~4#1; {93#false} is VALID [2022-02-20 18:09:00,497 INFO L290 TraceCheckUtils]: 22: Hoare triple {93#false} __utac_acc__Specification3_spec__1_#t~ret51#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret51#1;havoc __utac_acc__Specification3_spec__1_#t~ret51#1; {93#false} is VALID [2022-02-20 18:09:00,497 INFO L290 TraceCheckUtils]: 23: Hoare triple {93#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {93#false} is VALID [2022-02-20 18:09:00,498 INFO L290 TraceCheckUtils]: 24: Hoare triple {93#false} assume !false; {93#false} is VALID [2022-02-20 18:09:00,498 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:00,499 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:00,499 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:00,500 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1972343186] [2022-02-20 18:09:00,500 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1972343186] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:00,500 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:00,500 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:09:00,502 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1680800293] [2022-02-20 18:09:00,502 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:00,506 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:09:00,508 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:00,510 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:00,538 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:00,538 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-02-20 18:09:00,539 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:00,556 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-02-20 18:09:00,557 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:09:00,559 INFO L87 Difference]: Start difference. First operand has 89 states, 65 states have (on average 1.3846153846153846) internal successors, (90), 73 states have internal predecessors, (90), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 10 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:00,682 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:00,682 INFO L93 Difference]: Finished difference Result 170 states and 231 transitions. [2022-02-20 18:09:00,682 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-02-20 18:09:00,683 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:09:00,683 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:00,684 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:00,700 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 231 transitions. [2022-02-20 18:09:00,701 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:00,710 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 231 transitions. [2022-02-20 18:09:00,711 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 231 transitions. [2022-02-20 18:09:00,928 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 231 edges. 231 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:00,935 INFO L225 Difference]: With dead ends: 170 [2022-02-20 18:09:00,935 INFO L226 Difference]: Without dead ends: 80 [2022-02-20 18:09:00,937 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 24 GetRequests, 24 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:09:00,940 INFO L933 BasicCegarLoop]: 112 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 112 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:00,940 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 112 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:00,951 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 80 states. [2022-02-20 18:09:00,961 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 80 to 80. [2022-02-20 18:09:00,961 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:00,962 INFO L82 GeneralOperation]: Start isEquivalent. First operand 80 states. Second operand has 80 states, 58 states have (on average 1.3103448275862069) internal successors, (76), 65 states have internal predecessors, (76), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) [2022-02-20 18:09:00,963 INFO L74 IsIncluded]: Start isIncluded. First operand 80 states. Second operand has 80 states, 58 states have (on average 1.3103448275862069) internal successors, (76), 65 states have internal predecessors, (76), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) [2022-02-20 18:09:00,963 INFO L87 Difference]: Start difference. First operand 80 states. Second operand has 80 states, 58 states have (on average 1.3103448275862069) internal successors, (76), 65 states have internal predecessors, (76), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) [2022-02-20 18:09:00,967 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:00,968 INFO L93 Difference]: Finished difference Result 80 states and 103 transitions. [2022-02-20 18:09:00,968 INFO L276 IsEmpty]: Start isEmpty. Operand 80 states and 103 transitions. [2022-02-20 18:09:00,969 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:00,969 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:00,969 INFO L74 IsIncluded]: Start isIncluded. First operand has 80 states, 58 states have (on average 1.3103448275862069) internal successors, (76), 65 states have internal predecessors, (76), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) Second operand 80 states. [2022-02-20 18:09:00,970 INFO L87 Difference]: Start difference. First operand has 80 states, 58 states have (on average 1.3103448275862069) internal successors, (76), 65 states have internal predecessors, (76), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) Second operand 80 states. [2022-02-20 18:09:00,973 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:00,973 INFO L93 Difference]: Finished difference Result 80 states and 103 transitions. [2022-02-20 18:09:00,973 INFO L276 IsEmpty]: Start isEmpty. Operand 80 states and 103 transitions. [2022-02-20 18:09:00,974 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:00,974 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:00,974 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:00,974 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:00,975 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 80 states, 58 states have (on average 1.3103448275862069) internal successors, (76), 65 states have internal predecessors, (76), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) [2022-02-20 18:09:00,977 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 80 states to 80 states and 103 transitions. [2022-02-20 18:09:00,978 INFO L78 Accepts]: Start accepts. Automaton has 80 states and 103 transitions. Word has length 25 [2022-02-20 18:09:00,979 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:00,979 INFO L470 AbstractCegarLoop]: Abstraction has 80 states and 103 transitions. [2022-02-20 18:09:00,979 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:00,979 INFO L276 IsEmpty]: Start isEmpty. Operand 80 states and 103 transitions. [2022-02-20 18:09:00,980 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-02-20 18:09:00,980 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:00,980 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:00,992 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Ended with exit code 0 [2022-02-20 18:09:01,187 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:01,188 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:01,189 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:01,189 INFO L85 PathProgramCache]: Analyzing trace with hash 1199577739, now seen corresponding path program 1 times [2022-02-20 18:09:01,189 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:01,190 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [650301582] [2022-02-20 18:09:01,190 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:01,190 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:01,190 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:01,191 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:01,193 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Waiting until timeout for monitored process [2022-02-20 18:09:01,236 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:01,238 INFO L263 TraceCheckSpWp]: Trace formula consists of 155 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-20 18:09:01,247 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:01,248 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:01,311 INFO L290 TraceCheckUtils]: 0: Hoare triple {691#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(30bv32, 4bv32);call #Ultimate.allocInit(9bv32, 5bv32);call #Ultimate.allocInit(21bv32, 6bv32);call #Ultimate.allocInit(30bv32, 7bv32);call #Ultimate.allocInit(9bv32, 8bv32);call #Ultimate.allocInit(21bv32, 9bv32);call #Ultimate.allocInit(30bv32, 10bv32);call #Ultimate.allocInit(9bv32, 11bv32);call #Ultimate.allocInit(25bv32, 12bv32);call #Ultimate.allocInit(30bv32, 13bv32);call #Ultimate.allocInit(9bv32, 14bv32);call #Ultimate.allocInit(25bv32, 15bv32);call #Ultimate.allocInit(13bv32, 16bv32);call #Ultimate.allocInit(3bv32, 17bv32);call write~init~intINTTYPE1(79bv8, 17bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 17bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 17bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 18bv32);call write~init~intINTTYPE1(79bv8, 18bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 18bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 19bv32);call write~init~intINTTYPE1(44bv8, 19bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 19bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 19bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 19bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 19bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 19bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 19bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 20bv32);call write~init~intINTTYPE1(79bv8, 20bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 20bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 20bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 21bv32);call write~init~intINTTYPE1(79bv8, 21bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 21bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(41bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 23bv32);call write~init~intINTTYPE1(10bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 24bv32);call #Ultimate.allocInit(7bv32, 25bv32);call write~init~intINTTYPE1(44bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 25bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 25bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 25bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 25bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 26bv32);call write~init~intINTTYPE1(67bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 26bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(79bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(41bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~head~0.base, ~head~0.offset := 0bv32, 0bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~cleanupTimeShifts~0 := 4bv32; {691#true} is VALID [2022-02-20 18:09:01,311 INFO L290 TraceCheckUtils]: 1: Hoare triple {691#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret48#1, main_~retValue_acc~9#1, main_~tmp~7#1;havoc main_~retValue_acc~9#1;havoc main_~tmp~7#1;assume { :begin_inline_select_helpers } true; {691#true} is VALID [2022-02-20 18:09:01,311 INFO L290 TraceCheckUtils]: 2: Hoare triple {691#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {691#true} is VALID [2022-02-20 18:09:01,312 INFO L290 TraceCheckUtils]: 3: Hoare triple {691#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~11#1;havoc valid_product_~retValue_acc~11#1;valid_product_~retValue_acc~11#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~11#1; {691#true} is VALID [2022-02-20 18:09:01,312 INFO L290 TraceCheckUtils]: 4: Hoare triple {691#true} main_#t~ret48#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~7#1 := main_#t~ret48#1;havoc main_#t~ret48#1; {691#true} is VALID [2022-02-20 18:09:01,312 INFO L290 TraceCheckUtils]: 5: Hoare triple {691#true} assume 0bv32 != main_~tmp~7#1;assume { :begin_inline_setup } true; {691#true} is VALID [2022-02-20 18:09:01,312 INFO L290 TraceCheckUtils]: 6: Hoare triple {691#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet39#1, test_#t~nondet40#1, test_#t~nondet41#1, test_#t~nondet42#1, test_~splverifierCounter~0#1, test_~tmp~6#1, test_~tmp___0~1#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~6#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {714#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} is VALID [2022-02-20 18:09:01,313 INFO L290 TraceCheckUtils]: 7: Hoare triple {714#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} assume !false; {714#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} is VALID [2022-02-20 18:09:01,313 INFO L290 TraceCheckUtils]: 8: Hoare triple {714#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} assume !~bvslt32(test_~splverifierCounter~0#1, 4bv32); {692#false} is VALID [2022-02-20 18:09:01,314 INFO L272 TraceCheckUtils]: 9: Hoare triple {692#false} call cleanup(); {692#false} is VALID [2022-02-20 18:09:01,314 INFO L290 TraceCheckUtils]: 10: Hoare triple {692#false} havoc ~i~0;havoc ~__cil_tmp2~0; {692#false} is VALID [2022-02-20 18:09:01,314 INFO L272 TraceCheckUtils]: 11: Hoare triple {692#false} call timeShift(); {692#false} is VALID [2022-02-20 18:09:01,314 INFO L290 TraceCheckUtils]: 12: Hoare triple {692#false} assume !(0bv32 != ~pumpRunning~0); {692#false} is VALID [2022-02-20 18:09:01,314 INFO L290 TraceCheckUtils]: 13: Hoare triple {692#false} assume !(0bv32 != ~systemActive~0); {692#false} is VALID [2022-02-20 18:09:01,314 INFO L290 TraceCheckUtils]: 14: Hoare triple {692#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_#t~ret51#1, __utac_acc__Specification3_spec__1_~tmp~8#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~8#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {692#false} is VALID [2022-02-20 18:09:01,315 INFO L272 TraceCheckUtils]: 15: Hoare triple {692#false} call __utac_acc__Specification3_spec__1_#t~ret49#1 := isMethaneLevelCritical(); {692#false} is VALID [2022-02-20 18:09:01,315 INFO L290 TraceCheckUtils]: 16: Hoare triple {692#false} havoc ~retValue_acc~6;~retValue_acc~6 := ~methaneLevelCritical~0;#res := ~retValue_acc~6; {692#false} is VALID [2022-02-20 18:09:01,315 INFO L290 TraceCheckUtils]: 17: Hoare triple {692#false} assume true; {692#false} is VALID [2022-02-20 18:09:01,315 INFO L284 TraceCheckUtils]: 18: Hoare quadruple {692#false} {692#false} #233#return; {692#false} is VALID [2022-02-20 18:09:01,315 INFO L290 TraceCheckUtils]: 19: Hoare triple {692#false} __utac_acc__Specification3_spec__1_~tmp~8#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {692#false} is VALID [2022-02-20 18:09:01,316 INFO L290 TraceCheckUtils]: 20: Hoare triple {692#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~8#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~7#1;havoc getWaterLevel_~retValue_acc~7#1;getWaterLevel_~retValue_acc~7#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~7#1; {692#false} is VALID [2022-02-20 18:09:01,316 INFO L290 TraceCheckUtils]: 21: Hoare triple {692#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {692#false} is VALID [2022-02-20 18:09:01,316 INFO L290 TraceCheckUtils]: 22: Hoare triple {692#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~4#1;havoc isPumpRunning_~retValue_acc~4#1;isPumpRunning_~retValue_acc~4#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~4#1; {692#false} is VALID [2022-02-20 18:09:01,316 INFO L290 TraceCheckUtils]: 23: Hoare triple {692#false} __utac_acc__Specification3_spec__1_#t~ret51#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret51#1;havoc __utac_acc__Specification3_spec__1_#t~ret51#1; {692#false} is VALID [2022-02-20 18:09:01,316 INFO L290 TraceCheckUtils]: 24: Hoare triple {692#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {692#false} is VALID [2022-02-20 18:09:01,317 INFO L290 TraceCheckUtils]: 25: Hoare triple {692#false} assume !false; {692#false} is VALID [2022-02-20 18:09:01,317 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:01,317 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:01,317 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:01,317 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [650301582] [2022-02-20 18:09:01,317 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [650301582] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:01,318 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:01,318 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:09:01,318 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1419547606] [2022-02-20 18:09:01,318 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:01,319 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:09:01,319 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:01,320 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:01,339 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 26 edges. 26 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:01,340 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:01,340 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:01,340 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:01,341 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:01,341 INFO L87 Difference]: Start difference. First operand 80 states and 103 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:01,431 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:01,432 INFO L93 Difference]: Finished difference Result 126 states and 162 transitions. [2022-02-20 18:09:01,432 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:01,432 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:09:01,432 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:01,432 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:01,435 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 162 transitions. [2022-02-20 18:09:01,436 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:01,438 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 162 transitions. [2022-02-20 18:09:01,438 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 162 transitions. [2022-02-20 18:09:01,562 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 162 edges. 162 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:01,564 INFO L225 Difference]: With dead ends: 126 [2022-02-20 18:09:01,564 INFO L226 Difference]: Without dead ends: 71 [2022-02-20 18:09:01,565 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 25 GetRequests, 24 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:01,566 INFO L933 BasicCegarLoop]: 90 mSDtfsCounter, 12 mSDsluCounter, 74 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 164 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:01,566 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [15 Valid, 164 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:01,567 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 71 states. [2022-02-20 18:09:01,570 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 71 to 71. [2022-02-20 18:09:01,571 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:01,571 INFO L82 GeneralOperation]: Start isEquivalent. First operand 71 states. Second operand has 71 states, 52 states have (on average 1.3269230769230769) internal successors, (69), 59 states have internal predecessors, (69), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:09:01,571 INFO L74 IsIncluded]: Start isIncluded. First operand 71 states. Second operand has 71 states, 52 states have (on average 1.3269230769230769) internal successors, (69), 59 states have internal predecessors, (69), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:09:01,572 INFO L87 Difference]: Start difference. First operand 71 states. Second operand has 71 states, 52 states have (on average 1.3269230769230769) internal successors, (69), 59 states have internal predecessors, (69), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:09:01,575 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:01,575 INFO L93 Difference]: Finished difference Result 71 states and 91 transitions. [2022-02-20 18:09:01,575 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 91 transitions. [2022-02-20 18:09:01,576 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:01,576 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:01,576 INFO L74 IsIncluded]: Start isIncluded. First operand has 71 states, 52 states have (on average 1.3269230769230769) internal successors, (69), 59 states have internal predecessors, (69), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) Second operand 71 states. [2022-02-20 18:09:01,577 INFO L87 Difference]: Start difference. First operand has 71 states, 52 states have (on average 1.3269230769230769) internal successors, (69), 59 states have internal predecessors, (69), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) Second operand 71 states. [2022-02-20 18:09:01,579 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:01,579 INFO L93 Difference]: Finished difference Result 71 states and 91 transitions. [2022-02-20 18:09:01,579 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 91 transitions. [2022-02-20 18:09:01,580 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:01,580 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:01,580 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:01,580 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:01,581 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 71 states, 52 states have (on average 1.3269230769230769) internal successors, (69), 59 states have internal predecessors, (69), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:09:01,583 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 71 states to 71 states and 91 transitions. [2022-02-20 18:09:01,583 INFO L78 Accepts]: Start accepts. Automaton has 71 states and 91 transitions. Word has length 26 [2022-02-20 18:09:01,583 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:01,583 INFO L470 AbstractCegarLoop]: Abstraction has 71 states and 91 transitions. [2022-02-20 18:09:01,584 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:01,584 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 91 transitions. [2022-02-20 18:09:01,584 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-02-20 18:09:01,585 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:01,585 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:01,602 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Forceful destruction successful, exit code 0 [2022-02-20 18:09:01,799 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:01,800 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:01,800 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:01,800 INFO L85 PathProgramCache]: Analyzing trace with hash -340504598, now seen corresponding path program 1 times [2022-02-20 18:09:01,801 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:01,801 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1543581903] [2022-02-20 18:09:01,801 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:01,801 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:01,801 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:01,802 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:01,804 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Waiting until timeout for monitored process [2022-02-20 18:09:01,845 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:01,847 INFO L263 TraceCheckSpWp]: Trace formula consists of 155 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-20 18:09:01,854 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:01,855 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:01,920 INFO L290 TraceCheckUtils]: 0: Hoare triple {1198#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(30bv32, 4bv32);call #Ultimate.allocInit(9bv32, 5bv32);call #Ultimate.allocInit(21bv32, 6bv32);call #Ultimate.allocInit(30bv32, 7bv32);call #Ultimate.allocInit(9bv32, 8bv32);call #Ultimate.allocInit(21bv32, 9bv32);call #Ultimate.allocInit(30bv32, 10bv32);call #Ultimate.allocInit(9bv32, 11bv32);call #Ultimate.allocInit(25bv32, 12bv32);call #Ultimate.allocInit(30bv32, 13bv32);call #Ultimate.allocInit(9bv32, 14bv32);call #Ultimate.allocInit(25bv32, 15bv32);call #Ultimate.allocInit(13bv32, 16bv32);call #Ultimate.allocInit(3bv32, 17bv32);call write~init~intINTTYPE1(79bv8, 17bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 17bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 17bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 18bv32);call write~init~intINTTYPE1(79bv8, 18bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 18bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 19bv32);call write~init~intINTTYPE1(44bv8, 19bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 19bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 19bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 19bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 19bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 19bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 19bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 20bv32);call write~init~intINTTYPE1(79bv8, 20bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 20bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 20bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 21bv32);call write~init~intINTTYPE1(79bv8, 21bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 21bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(41bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 23bv32);call write~init~intINTTYPE1(10bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 24bv32);call #Ultimate.allocInit(7bv32, 25bv32);call write~init~intINTTYPE1(44bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 25bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 25bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 25bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 25bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 26bv32);call write~init~intINTTYPE1(67bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 26bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(79bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(41bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~head~0.base, ~head~0.offset := 0bv32, 0bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~cleanupTimeShifts~0 := 4bv32; {1203#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:01,921 INFO L290 TraceCheckUtils]: 1: Hoare triple {1203#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret48#1, main_~retValue_acc~9#1, main_~tmp~7#1;havoc main_~retValue_acc~9#1;havoc main_~tmp~7#1;assume { :begin_inline_select_helpers } true; {1203#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:01,921 INFO L290 TraceCheckUtils]: 2: Hoare triple {1203#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1203#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:01,922 INFO L290 TraceCheckUtils]: 3: Hoare triple {1203#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~11#1;havoc valid_product_~retValue_acc~11#1;valid_product_~retValue_acc~11#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~11#1; {1203#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:01,922 INFO L290 TraceCheckUtils]: 4: Hoare triple {1203#(= ~systemActive~0 (_ bv1 32))} main_#t~ret48#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~7#1 := main_#t~ret48#1;havoc main_#t~ret48#1; {1203#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:01,922 INFO L290 TraceCheckUtils]: 5: Hoare triple {1203#(= ~systemActive~0 (_ bv1 32))} assume 0bv32 != main_~tmp~7#1;assume { :begin_inline_setup } true; {1203#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:01,923 INFO L290 TraceCheckUtils]: 6: Hoare triple {1203#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet39#1, test_#t~nondet40#1, test_#t~nondet41#1, test_#t~nondet42#1, test_~splverifierCounter~0#1, test_~tmp~6#1, test_~tmp___0~1#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~6#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {1203#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:01,923 INFO L290 TraceCheckUtils]: 7: Hoare triple {1203#(= ~systemActive~0 (_ bv1 32))} assume !false; {1203#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:01,924 INFO L290 TraceCheckUtils]: 8: Hoare triple {1203#(= ~systemActive~0 (_ bv1 32))} assume ~bvslt32(test_~splverifierCounter~0#1, 4bv32); {1203#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:01,924 INFO L290 TraceCheckUtils]: 9: Hoare triple {1203#(= ~systemActive~0 (_ bv1 32))} test_~tmp~6#1 := test_#t~nondet39#1;havoc test_#t~nondet39#1; {1203#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:01,924 INFO L290 TraceCheckUtils]: 10: Hoare triple {1203#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != test_~tmp~6#1); {1203#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:01,925 INFO L290 TraceCheckUtils]: 11: Hoare triple {1203#(= ~systemActive~0 (_ bv1 32))} test_~tmp___0~1#1 := test_#t~nondet40#1;havoc test_#t~nondet40#1; {1203#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:01,925 INFO L290 TraceCheckUtils]: 12: Hoare triple {1203#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___0~1#1); {1203#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:01,925 INFO L290 TraceCheckUtils]: 13: Hoare triple {1203#(= ~systemActive~0 (_ bv1 32))} test_~tmp___2~0#1 := test_#t~nondet41#1;havoc test_#t~nondet41#1; {1203#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:01,926 INFO L290 TraceCheckUtils]: 14: Hoare triple {1203#(= ~systemActive~0 (_ bv1 32))} assume 0bv32 != test_~tmp___2~0#1; {1203#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:01,926 INFO L272 TraceCheckUtils]: 15: Hoare triple {1203#(= ~systemActive~0 (_ bv1 32))} call timeShift(); {1203#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:01,926 INFO L290 TraceCheckUtils]: 16: Hoare triple {1203#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {1203#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:01,927 INFO L290 TraceCheckUtils]: 17: Hoare triple {1203#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != ~systemActive~0); {1199#false} is VALID [2022-02-20 18:09:01,927 INFO L290 TraceCheckUtils]: 18: Hoare triple {1199#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_#t~ret51#1, __utac_acc__Specification3_spec__1_~tmp~8#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~8#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {1199#false} is VALID [2022-02-20 18:09:01,927 INFO L272 TraceCheckUtils]: 19: Hoare triple {1199#false} call __utac_acc__Specification3_spec__1_#t~ret49#1 := isMethaneLevelCritical(); {1199#false} is VALID [2022-02-20 18:09:01,927 INFO L290 TraceCheckUtils]: 20: Hoare triple {1199#false} havoc ~retValue_acc~6;~retValue_acc~6 := ~methaneLevelCritical~0;#res := ~retValue_acc~6; {1199#false} is VALID [2022-02-20 18:09:01,928 INFO L290 TraceCheckUtils]: 21: Hoare triple {1199#false} assume true; {1199#false} is VALID [2022-02-20 18:09:01,928 INFO L284 TraceCheckUtils]: 22: Hoare quadruple {1199#false} {1199#false} #233#return; {1199#false} is VALID [2022-02-20 18:09:01,928 INFO L290 TraceCheckUtils]: 23: Hoare triple {1199#false} __utac_acc__Specification3_spec__1_~tmp~8#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {1199#false} is VALID [2022-02-20 18:09:01,928 INFO L290 TraceCheckUtils]: 24: Hoare triple {1199#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~8#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~7#1;havoc getWaterLevel_~retValue_acc~7#1;getWaterLevel_~retValue_acc~7#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~7#1; {1199#false} is VALID [2022-02-20 18:09:01,928 INFO L290 TraceCheckUtils]: 25: Hoare triple {1199#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {1199#false} is VALID [2022-02-20 18:09:01,928 INFO L290 TraceCheckUtils]: 26: Hoare triple {1199#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~4#1;havoc isPumpRunning_~retValue_acc~4#1;isPumpRunning_~retValue_acc~4#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~4#1; {1199#false} is VALID [2022-02-20 18:09:01,929 INFO L290 TraceCheckUtils]: 27: Hoare triple {1199#false} __utac_acc__Specification3_spec__1_#t~ret51#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret51#1;havoc __utac_acc__Specification3_spec__1_#t~ret51#1; {1199#false} is VALID [2022-02-20 18:09:01,929 INFO L290 TraceCheckUtils]: 28: Hoare triple {1199#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {1199#false} is VALID [2022-02-20 18:09:01,929 INFO L290 TraceCheckUtils]: 29: Hoare triple {1199#false} assume !false; {1199#false} is VALID [2022-02-20 18:09:01,929 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:01,929 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:01,929 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:01,930 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1543581903] [2022-02-20 18:09:01,930 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1543581903] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:01,930 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:01,930 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:09:01,930 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [453170668] [2022-02-20 18:09:01,930 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:01,931 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:09:01,931 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:01,931 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:01,956 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 30 edges. 30 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:01,956 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:01,956 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:01,957 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:01,957 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:01,957 INFO L87 Difference]: Start difference. First operand 71 states and 91 transitions. Second operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:02,032 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:02,032 INFO L93 Difference]: Finished difference Result 135 states and 176 transitions. [2022-02-20 18:09:02,032 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:02,032 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:09:02,033 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:02,033 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:02,035 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 176 transitions. [2022-02-20 18:09:02,036 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:02,038 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 176 transitions. [2022-02-20 18:09:02,038 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 176 transitions. [2022-02-20 18:09:02,191 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 176 edges. 176 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:02,192 INFO L225 Difference]: With dead ends: 135 [2022-02-20 18:09:02,193 INFO L226 Difference]: Without dead ends: 71 [2022-02-20 18:09:02,193 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 29 GetRequests, 28 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:02,194 INFO L933 BasicCegarLoop]: 89 mSDtfsCounter, 73 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 73 SdHoareTripleChecker+Valid, 89 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:02,194 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [73 Valid, 89 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:02,195 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 71 states. [2022-02-20 18:09:02,198 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 71 to 71. [2022-02-20 18:09:02,199 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:02,199 INFO L82 GeneralOperation]: Start isEquivalent. First operand 71 states. Second operand has 71 states, 52 states have (on average 1.3076923076923077) internal successors, (68), 59 states have internal predecessors, (68), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:09:02,199 INFO L74 IsIncluded]: Start isIncluded. First operand 71 states. Second operand has 71 states, 52 states have (on average 1.3076923076923077) internal successors, (68), 59 states have internal predecessors, (68), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:09:02,200 INFO L87 Difference]: Start difference. First operand 71 states. Second operand has 71 states, 52 states have (on average 1.3076923076923077) internal successors, (68), 59 states have internal predecessors, (68), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:09:02,202 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:02,202 INFO L93 Difference]: Finished difference Result 71 states and 90 transitions. [2022-02-20 18:09:02,202 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 90 transitions. [2022-02-20 18:09:02,203 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:02,203 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:02,203 INFO L74 IsIncluded]: Start isIncluded. First operand has 71 states, 52 states have (on average 1.3076923076923077) internal successors, (68), 59 states have internal predecessors, (68), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) Second operand 71 states. [2022-02-20 18:09:02,203 INFO L87 Difference]: Start difference. First operand has 71 states, 52 states have (on average 1.3076923076923077) internal successors, (68), 59 states have internal predecessors, (68), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) Second operand 71 states. [2022-02-20 18:09:02,206 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:02,206 INFO L93 Difference]: Finished difference Result 71 states and 90 transitions. [2022-02-20 18:09:02,206 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 90 transitions. [2022-02-20 18:09:02,206 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:02,206 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:02,206 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:02,207 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:02,207 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 71 states, 52 states have (on average 1.3076923076923077) internal successors, (68), 59 states have internal predecessors, (68), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:09:02,209 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 71 states to 71 states and 90 transitions. [2022-02-20 18:09:02,209 INFO L78 Accepts]: Start accepts. Automaton has 71 states and 90 transitions. Word has length 30 [2022-02-20 18:09:02,209 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:02,209 INFO L470 AbstractCegarLoop]: Abstraction has 71 states and 90 transitions. [2022-02-20 18:09:02,210 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:02,210 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 90 transitions. [2022-02-20 18:09:02,210 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2022-02-20 18:09:02,210 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:02,211 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:02,233 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Forceful destruction successful, exit code 0 [2022-02-20 18:09:02,433 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:02,434 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:02,434 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:02,434 INFO L85 PathProgramCache]: Analyzing trace with hash 258812542, now seen corresponding path program 1 times [2022-02-20 18:09:02,435 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:02,435 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1900937226] [2022-02-20 18:09:02,435 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:02,435 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:02,435 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:02,436 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:02,438 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Waiting until timeout for monitored process [2022-02-20 18:09:02,480 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:02,482 INFO L263 TraceCheckSpWp]: Trace formula consists of 169 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 18:09:02,491 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:02,493 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:02,607 INFO L290 TraceCheckUtils]: 0: Hoare triple {1727#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(30bv32, 4bv32);call #Ultimate.allocInit(9bv32, 5bv32);call #Ultimate.allocInit(21bv32, 6bv32);call #Ultimate.allocInit(30bv32, 7bv32);call #Ultimate.allocInit(9bv32, 8bv32);call #Ultimate.allocInit(21bv32, 9bv32);call #Ultimate.allocInit(30bv32, 10bv32);call #Ultimate.allocInit(9bv32, 11bv32);call #Ultimate.allocInit(25bv32, 12bv32);call #Ultimate.allocInit(30bv32, 13bv32);call #Ultimate.allocInit(9bv32, 14bv32);call #Ultimate.allocInit(25bv32, 15bv32);call #Ultimate.allocInit(13bv32, 16bv32);call #Ultimate.allocInit(3bv32, 17bv32);call write~init~intINTTYPE1(79bv8, 17bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 17bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 17bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 18bv32);call write~init~intINTTYPE1(79bv8, 18bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 18bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 19bv32);call write~init~intINTTYPE1(44bv8, 19bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 19bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 19bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 19bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 19bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 19bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 19bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 20bv32);call write~init~intINTTYPE1(79bv8, 20bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 20bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 20bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 21bv32);call write~init~intINTTYPE1(79bv8, 21bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 21bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(41bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 23bv32);call write~init~intINTTYPE1(10bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 24bv32);call #Ultimate.allocInit(7bv32, 25bv32);call write~init~intINTTYPE1(44bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 25bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 25bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 25bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 25bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 26bv32);call write~init~intINTTYPE1(67bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 26bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(79bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(41bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~head~0.base, ~head~0.offset := 0bv32, 0bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~cleanupTimeShifts~0 := 4bv32; {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,607 INFO L290 TraceCheckUtils]: 1: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret48#1, main_~retValue_acc~9#1, main_~tmp~7#1;havoc main_~retValue_acc~9#1;havoc main_~tmp~7#1;assume { :begin_inline_select_helpers } true; {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,608 INFO L290 TraceCheckUtils]: 2: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,608 INFO L290 TraceCheckUtils]: 3: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~11#1;havoc valid_product_~retValue_acc~11#1;valid_product_~retValue_acc~11#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~11#1; {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,608 INFO L290 TraceCheckUtils]: 4: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} main_#t~ret48#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~7#1 := main_#t~ret48#1;havoc main_#t~ret48#1; {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,609 INFO L290 TraceCheckUtils]: 5: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} assume 0bv32 != main_~tmp~7#1;assume { :begin_inline_setup } true; {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,609 INFO L290 TraceCheckUtils]: 6: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet39#1, test_#t~nondet40#1, test_#t~nondet41#1, test_#t~nondet42#1, test_~splverifierCounter~0#1, test_~tmp~6#1, test_~tmp___0~1#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~6#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,609 INFO L290 TraceCheckUtils]: 7: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} assume !false; {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,610 INFO L290 TraceCheckUtils]: 8: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} assume ~bvslt32(test_~splverifierCounter~0#1, 4bv32); {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,610 INFO L290 TraceCheckUtils]: 9: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} test_~tmp~6#1 := test_#t~nondet39#1;havoc test_#t~nondet39#1; {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,611 INFO L290 TraceCheckUtils]: 10: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != test_~tmp~6#1); {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,611 INFO L290 TraceCheckUtils]: 11: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} test_~tmp___0~1#1 := test_#t~nondet40#1;havoc test_#t~nondet40#1; {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,611 INFO L290 TraceCheckUtils]: 12: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___0~1#1); {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,612 INFO L290 TraceCheckUtils]: 13: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} test_~tmp___2~0#1 := test_#t~nondet41#1;havoc test_#t~nondet41#1; {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,612 INFO L290 TraceCheckUtils]: 14: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} assume 0bv32 != test_~tmp___2~0#1; {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,612 INFO L272 TraceCheckUtils]: 15: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} call timeShift(); {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,613 INFO L290 TraceCheckUtils]: 16: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,613 INFO L290 TraceCheckUtils]: 17: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} assume 0bv32 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret28#1, processEnvironment_~tmp~4#1;havoc processEnvironment_~tmp~4#1; {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,613 INFO L290 TraceCheckUtils]: 18: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,614 INFO L272 TraceCheckUtils]: 19: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} call processEnvironment__wrappee__lowWaterSensor(); {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,614 INFO L290 TraceCheckUtils]: 20: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} havoc ~tmp~3#1; {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,615 INFO L290 TraceCheckUtils]: 21: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,615 INFO L272 TraceCheckUtils]: 22: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} call processEnvironment__wrappee__base(); {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,615 INFO L290 TraceCheckUtils]: 23: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} assume true; {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,616 INFO L284 TraceCheckUtils]: 24: Hoare quadruple {1732#(= ~waterLevel~0 (_ bv1 32))} {1732#(= ~waterLevel~0 (_ bv1 32))} #247#return; {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,616 INFO L290 TraceCheckUtils]: 25: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} assume true; {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,616 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {1732#(= ~waterLevel~0 (_ bv1 32))} {1732#(= ~waterLevel~0 (_ bv1 32))} #231#return; {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,617 INFO L290 TraceCheckUtils]: 27: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_processEnvironment } true; {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,617 INFO L290 TraceCheckUtils]: 28: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_#t~ret51#1, __utac_acc__Specification3_spec__1_~tmp~8#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~8#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,617 INFO L272 TraceCheckUtils]: 29: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} call __utac_acc__Specification3_spec__1_#t~ret49#1 := isMethaneLevelCritical(); {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,618 INFO L290 TraceCheckUtils]: 30: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} havoc ~retValue_acc~6;~retValue_acc~6 := ~methaneLevelCritical~0;#res := ~retValue_acc~6; {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,618 INFO L290 TraceCheckUtils]: 31: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} assume true; {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,619 INFO L284 TraceCheckUtils]: 32: Hoare quadruple {1732#(= ~waterLevel~0 (_ bv1 32))} {1732#(= ~waterLevel~0 (_ bv1 32))} #233#return; {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,619 INFO L290 TraceCheckUtils]: 33: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} __utac_acc__Specification3_spec__1_~tmp~8#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {1732#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:02,619 INFO L290 TraceCheckUtils]: 34: Hoare triple {1732#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~8#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~7#1;havoc getWaterLevel_~retValue_acc~7#1;getWaterLevel_~retValue_acc~7#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~7#1; {1835#(= |timeShift_getWaterLevel_#res#1| (_ bv1 32))} is VALID [2022-02-20 18:09:02,620 INFO L290 TraceCheckUtils]: 35: Hoare triple {1835#(= |timeShift_getWaterLevel_#res#1| (_ bv1 32))} __utac_acc__Specification3_spec__1_#t~ret50#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {1839#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~2#1| (_ bv1 32))} is VALID [2022-02-20 18:09:02,620 INFO L290 TraceCheckUtils]: 36: Hoare triple {1839#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~2#1| (_ bv1 32))} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~4#1;havoc isPumpRunning_~retValue_acc~4#1;isPumpRunning_~retValue_acc~4#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~4#1; {1728#false} is VALID [2022-02-20 18:09:02,620 INFO L290 TraceCheckUtils]: 37: Hoare triple {1728#false} __utac_acc__Specification3_spec__1_#t~ret51#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret51#1;havoc __utac_acc__Specification3_spec__1_#t~ret51#1; {1728#false} is VALID [2022-02-20 18:09:02,620 INFO L290 TraceCheckUtils]: 38: Hoare triple {1728#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {1728#false} is VALID [2022-02-20 18:09:02,621 INFO L290 TraceCheckUtils]: 39: Hoare triple {1728#false} assume !false; {1728#false} is VALID [2022-02-20 18:09:02,621 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:02,621 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:02,621 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:02,621 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1900937226] [2022-02-20 18:09:02,621 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1900937226] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:02,622 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:02,622 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 18:09:02,622 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [561400044] [2022-02-20 18:09:02,622 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:02,622 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 40 [2022-02-20 18:09:02,623 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:02,623 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:09:02,652 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 40 edges. 40 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:02,653 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 18:09:02,653 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:02,653 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 18:09:02,654 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 18:09:02,654 INFO L87 Difference]: Start difference. First operand 71 states and 90 transitions. Second operand has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:09:02,974 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:02,975 INFO L93 Difference]: Finished difference Result 195 states and 256 transitions. [2022-02-20 18:09:02,975 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 18:09:02,976 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 40 [2022-02-20 18:09:02,978 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:02,978 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:09:02,992 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 256 transitions. [2022-02-20 18:09:02,993 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:09:02,998 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 256 transitions. [2022-02-20 18:09:02,998 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 256 transitions. [2022-02-20 18:09:03,288 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 256 edges. 256 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:03,293 INFO L225 Difference]: With dead ends: 195 [2022-02-20 18:09:03,293 INFO L226 Difference]: Without dead ends: 131 [2022-02-20 18:09:03,311 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 41 GetRequests, 36 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-02-20 18:09:03,315 INFO L933 BasicCegarLoop]: 98 mSDtfsCounter, 51 mSDsluCounter, 270 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 51 SdHoareTripleChecker+Valid, 368 SdHoareTripleChecker+Invalid, 27 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:03,316 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [51 Valid, 368 Invalid, 27 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:03,318 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 131 states. [2022-02-20 18:09:03,327 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 131 to 128. [2022-02-20 18:09:03,330 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:03,331 INFO L82 GeneralOperation]: Start isEquivalent. First operand 131 states. Second operand has 128 states, 92 states have (on average 1.3043478260869565) internal successors, (120), 104 states have internal predecessors, (120), 22 states have call successors, (22), 14 states have call predecessors, (22), 13 states have return successors, (23), 13 states have call predecessors, (23), 22 states have call successors, (23) [2022-02-20 18:09:03,331 INFO L74 IsIncluded]: Start isIncluded. First operand 131 states. Second operand has 128 states, 92 states have (on average 1.3043478260869565) internal successors, (120), 104 states have internal predecessors, (120), 22 states have call successors, (22), 14 states have call predecessors, (22), 13 states have return successors, (23), 13 states have call predecessors, (23), 22 states have call successors, (23) [2022-02-20 18:09:03,332 INFO L87 Difference]: Start difference. First operand 131 states. Second operand has 128 states, 92 states have (on average 1.3043478260869565) internal successors, (120), 104 states have internal predecessors, (120), 22 states have call successors, (22), 14 states have call predecessors, (22), 13 states have return successors, (23), 13 states have call predecessors, (23), 22 states have call successors, (23) [2022-02-20 18:09:03,336 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:03,337 INFO L93 Difference]: Finished difference Result 131 states and 168 transitions. [2022-02-20 18:09:03,337 INFO L276 IsEmpty]: Start isEmpty. Operand 131 states and 168 transitions. [2022-02-20 18:09:03,337 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:03,337 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:03,347 INFO L74 IsIncluded]: Start isIncluded. First operand has 128 states, 92 states have (on average 1.3043478260869565) internal successors, (120), 104 states have internal predecessors, (120), 22 states have call successors, (22), 14 states have call predecessors, (22), 13 states have return successors, (23), 13 states have call predecessors, (23), 22 states have call successors, (23) Second operand 131 states. [2022-02-20 18:09:03,349 INFO L87 Difference]: Start difference. First operand has 128 states, 92 states have (on average 1.3043478260869565) internal successors, (120), 104 states have internal predecessors, (120), 22 states have call successors, (22), 14 states have call predecessors, (22), 13 states have return successors, (23), 13 states have call predecessors, (23), 22 states have call successors, (23) Second operand 131 states. [2022-02-20 18:09:03,369 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:03,369 INFO L93 Difference]: Finished difference Result 131 states and 168 transitions. [2022-02-20 18:09:03,369 INFO L276 IsEmpty]: Start isEmpty. Operand 131 states and 168 transitions. [2022-02-20 18:09:03,370 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:03,370 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:03,370 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:03,370 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:03,373 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 128 states, 92 states have (on average 1.3043478260869565) internal successors, (120), 104 states have internal predecessors, (120), 22 states have call successors, (22), 14 states have call predecessors, (22), 13 states have return successors, (23), 13 states have call predecessors, (23), 22 states have call successors, (23) [2022-02-20 18:09:03,378 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 128 states to 128 states and 165 transitions. [2022-02-20 18:09:03,378 INFO L78 Accepts]: Start accepts. Automaton has 128 states and 165 transitions. Word has length 40 [2022-02-20 18:09:03,379 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:03,379 INFO L470 AbstractCegarLoop]: Abstraction has 128 states and 165 transitions. [2022-02-20 18:09:03,379 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:09:03,379 INFO L276 IsEmpty]: Start isEmpty. Operand 128 states and 165 transitions. [2022-02-20 18:09:03,382 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2022-02-20 18:09:03,382 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:03,383 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:03,392 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Forceful destruction successful, exit code 0 [2022-02-20 18:09:03,583 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:03,583 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:03,584 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:03,584 INFO L85 PathProgramCache]: Analyzing trace with hash 1790167811, now seen corresponding path program 1 times [2022-02-20 18:09:03,584 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:03,584 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [293933342] [2022-02-20 18:09:03,584 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:03,585 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:03,585 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:03,590 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:03,592 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Waiting until timeout for monitored process [2022-02-20 18:09:03,683 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:03,686 INFO L263 TraceCheckSpWp]: Trace formula consists of 172 conjuncts, 4 conjunts are in the unsatisfiable core [2022-02-20 18:09:03,701 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:03,704 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:03,881 INFO L290 TraceCheckUtils]: 0: Hoare triple {2580#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(30bv32, 4bv32);call #Ultimate.allocInit(9bv32, 5bv32);call #Ultimate.allocInit(21bv32, 6bv32);call #Ultimate.allocInit(30bv32, 7bv32);call #Ultimate.allocInit(9bv32, 8bv32);call #Ultimate.allocInit(21bv32, 9bv32);call #Ultimate.allocInit(30bv32, 10bv32);call #Ultimate.allocInit(9bv32, 11bv32);call #Ultimate.allocInit(25bv32, 12bv32);call #Ultimate.allocInit(30bv32, 13bv32);call #Ultimate.allocInit(9bv32, 14bv32);call #Ultimate.allocInit(25bv32, 15bv32);call #Ultimate.allocInit(13bv32, 16bv32);call #Ultimate.allocInit(3bv32, 17bv32);call write~init~intINTTYPE1(79bv8, 17bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 17bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 17bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 18bv32);call write~init~intINTTYPE1(79bv8, 18bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 18bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 19bv32);call write~init~intINTTYPE1(44bv8, 19bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 19bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 19bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 19bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 19bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 19bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 19bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 20bv32);call write~init~intINTTYPE1(79bv8, 20bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 20bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 20bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 21bv32);call write~init~intINTTYPE1(79bv8, 21bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 21bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(41bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 23bv32);call write~init~intINTTYPE1(10bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 24bv32);call #Ultimate.allocInit(7bv32, 25bv32);call write~init~intINTTYPE1(44bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 25bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 25bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 25bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 25bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 26bv32);call write~init~intINTTYPE1(67bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 26bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(79bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(41bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~head~0.base, ~head~0.offset := 0bv32, 0bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~cleanupTimeShifts~0 := 4bv32; {2585#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:03,882 INFO L290 TraceCheckUtils]: 1: Hoare triple {2585#(= (_ bv0 32) ~pumpRunning~0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret48#1, main_~retValue_acc~9#1, main_~tmp~7#1;havoc main_~retValue_acc~9#1;havoc main_~tmp~7#1;assume { :begin_inline_select_helpers } true; {2585#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:03,882 INFO L290 TraceCheckUtils]: 2: Hoare triple {2585#(= (_ bv0 32) ~pumpRunning~0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {2585#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:03,883 INFO L290 TraceCheckUtils]: 3: Hoare triple {2585#(= (_ bv0 32) ~pumpRunning~0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~11#1;havoc valid_product_~retValue_acc~11#1;valid_product_~retValue_acc~11#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~11#1; {2585#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:03,884 INFO L290 TraceCheckUtils]: 4: Hoare triple {2585#(= (_ bv0 32) ~pumpRunning~0)} main_#t~ret48#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~7#1 := main_#t~ret48#1;havoc main_#t~ret48#1; {2585#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:03,884 INFO L290 TraceCheckUtils]: 5: Hoare triple {2585#(= (_ bv0 32) ~pumpRunning~0)} assume 0bv32 != main_~tmp~7#1;assume { :begin_inline_setup } true; {2585#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:03,885 INFO L290 TraceCheckUtils]: 6: Hoare triple {2585#(= (_ bv0 32) ~pumpRunning~0)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet39#1, test_#t~nondet40#1, test_#t~nondet41#1, test_#t~nondet42#1, test_~splverifierCounter~0#1, test_~tmp~6#1, test_~tmp___0~1#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~6#1;havoc test_~tmp___0~1#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {2585#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:03,885 INFO L290 TraceCheckUtils]: 7: Hoare triple {2585#(= (_ bv0 32) ~pumpRunning~0)} assume !false; {2585#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:03,886 INFO L290 TraceCheckUtils]: 8: Hoare triple {2585#(= (_ bv0 32) ~pumpRunning~0)} assume ~bvslt32(test_~splverifierCounter~0#1, 4bv32); {2585#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:03,886 INFO L290 TraceCheckUtils]: 9: Hoare triple {2585#(= (_ bv0 32) ~pumpRunning~0)} test_~tmp~6#1 := test_#t~nondet39#1;havoc test_#t~nondet39#1; {2585#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:03,886 INFO L290 TraceCheckUtils]: 10: Hoare triple {2585#(= (_ bv0 32) ~pumpRunning~0)} assume !(0bv32 != test_~tmp~6#1); {2585#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:03,887 INFO L290 TraceCheckUtils]: 11: Hoare triple {2585#(= (_ bv0 32) ~pumpRunning~0)} test_~tmp___0~1#1 := test_#t~nondet40#1;havoc test_#t~nondet40#1; {2585#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:03,887 INFO L290 TraceCheckUtils]: 12: Hoare triple {2585#(= (_ bv0 32) ~pumpRunning~0)} assume !(0bv32 != test_~tmp___0~1#1); {2585#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:03,888 INFO L290 TraceCheckUtils]: 13: Hoare triple {2585#(= (_ bv0 32) ~pumpRunning~0)} test_~tmp___2~0#1 := test_#t~nondet41#1;havoc test_#t~nondet41#1; {2585#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:03,888 INFO L290 TraceCheckUtils]: 14: Hoare triple {2585#(= (_ bv0 32) ~pumpRunning~0)} assume 0bv32 != test_~tmp___2~0#1; {2585#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:03,888 INFO L272 TraceCheckUtils]: 15: Hoare triple {2585#(= (_ bv0 32) ~pumpRunning~0)} call timeShift(); {2585#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:03,889 INFO L290 TraceCheckUtils]: 16: Hoare triple {2585#(= (_ bv0 32) ~pumpRunning~0)} assume 0bv32 != ~pumpRunning~0;assume { :begin_inline_lowerWaterLevel } true; {2581#false} is VALID [2022-02-20 18:09:03,889 INFO L290 TraceCheckUtils]: 17: Hoare triple {2581#false} assume ~bvsgt32(~waterLevel~0, 0bv32);~waterLevel~0 := ~bvsub32(~waterLevel~0, 1bv32); {2581#false} is VALID [2022-02-20 18:09:03,889 INFO L290 TraceCheckUtils]: 18: Hoare triple {2581#false} assume { :end_inline_lowerWaterLevel } true; {2581#false} is VALID [2022-02-20 18:09:03,889 INFO L290 TraceCheckUtils]: 19: Hoare triple {2581#false} assume 0bv32 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret28#1, processEnvironment_~tmp~4#1;havoc processEnvironment_~tmp~4#1; {2581#false} is VALID [2022-02-20 18:09:03,889 INFO L290 TraceCheckUtils]: 20: Hoare triple {2581#false} assume !(0bv32 != ~pumpRunning~0); {2581#false} is VALID [2022-02-20 18:09:03,890 INFO L272 TraceCheckUtils]: 21: Hoare triple {2581#false} call processEnvironment__wrappee__lowWaterSensor(); {2581#false} is VALID [2022-02-20 18:09:03,890 INFO L290 TraceCheckUtils]: 22: Hoare triple {2581#false} havoc ~tmp~3#1; {2581#false} is VALID [2022-02-20 18:09:03,890 INFO L290 TraceCheckUtils]: 23: Hoare triple {2581#false} assume !(0bv32 != ~pumpRunning~0); {2581#false} is VALID [2022-02-20 18:09:03,890 INFO L272 TraceCheckUtils]: 24: Hoare triple {2581#false} call processEnvironment__wrappee__base(); {2581#false} is VALID [2022-02-20 18:09:03,890 INFO L290 TraceCheckUtils]: 25: Hoare triple {2581#false} assume true; {2581#false} is VALID [2022-02-20 18:09:03,890 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {2581#false} {2581#false} #247#return; {2581#false} is VALID [2022-02-20 18:09:03,890 INFO L290 TraceCheckUtils]: 27: Hoare triple {2581#false} assume true; {2581#false} is VALID [2022-02-20 18:09:03,891 INFO L284 TraceCheckUtils]: 28: Hoare quadruple {2581#false} {2581#false} #231#return; {2581#false} is VALID [2022-02-20 18:09:03,891 INFO L290 TraceCheckUtils]: 29: Hoare triple {2581#false} assume { :end_inline_processEnvironment } true; {2581#false} is VALID [2022-02-20 18:09:03,891 INFO L290 TraceCheckUtils]: 30: Hoare triple {2581#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_#t~ret51#1, __utac_acc__Specification3_spec__1_~tmp~8#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~8#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {2581#false} is VALID [2022-02-20 18:09:03,891 INFO L272 TraceCheckUtils]: 31: Hoare triple {2581#false} call __utac_acc__Specification3_spec__1_#t~ret49#1 := isMethaneLevelCritical(); {2581#false} is VALID [2022-02-20 18:09:03,891 INFO L290 TraceCheckUtils]: 32: Hoare triple {2581#false} havoc ~retValue_acc~6;~retValue_acc~6 := ~methaneLevelCritical~0;#res := ~retValue_acc~6; {2581#false} is VALID [2022-02-20 18:09:03,891 INFO L290 TraceCheckUtils]: 33: Hoare triple {2581#false} assume true; {2581#false} is VALID [2022-02-20 18:09:03,892 INFO L284 TraceCheckUtils]: 34: Hoare quadruple {2581#false} {2581#false} #233#return; {2581#false} is VALID [2022-02-20 18:09:03,892 INFO L290 TraceCheckUtils]: 35: Hoare triple {2581#false} __utac_acc__Specification3_spec__1_~tmp~8#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {2581#false} is VALID [2022-02-20 18:09:03,892 INFO L290 TraceCheckUtils]: 36: Hoare triple {2581#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~8#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~7#1;havoc getWaterLevel_~retValue_acc~7#1;getWaterLevel_~retValue_acc~7#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~7#1; {2581#false} is VALID [2022-02-20 18:09:03,892 INFO L290 TraceCheckUtils]: 37: Hoare triple {2581#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {2581#false} is VALID [2022-02-20 18:09:03,892 INFO L290 TraceCheckUtils]: 38: Hoare triple {2581#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~4#1;havoc isPumpRunning_~retValue_acc~4#1;isPumpRunning_~retValue_acc~4#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~4#1; {2581#false} is VALID [2022-02-20 18:09:03,892 INFO L290 TraceCheckUtils]: 39: Hoare triple {2581#false} __utac_acc__Specification3_spec__1_#t~ret51#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret51#1;havoc __utac_acc__Specification3_spec__1_#t~ret51#1; {2581#false} is VALID [2022-02-20 18:09:03,892 INFO L290 TraceCheckUtils]: 40: Hoare triple {2581#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {2581#false} is VALID [2022-02-20 18:09:03,893 INFO L290 TraceCheckUtils]: 41: Hoare triple {2581#false} assume !false; {2581#false} is VALID [2022-02-20 18:09:03,893 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:03,893 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:03,893 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:03,893 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [293933342] [2022-02-20 18:09:03,893 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [293933342] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:03,893 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:03,894 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:09:03,894 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [43989416] [2022-02-20 18:09:03,894 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:03,894 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 2 states have internal predecessors, (35), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 42 [2022-02-20 18:09:03,895 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:03,895 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 2 states have internal predecessors, (35), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:09:03,924 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 42 edges. 42 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:03,924 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:03,924 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:03,924 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:03,925 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:03,925 INFO L87 Difference]: Start difference. First operand 128 states and 165 transitions. Second operand has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 2 states have internal predecessors, (35), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:09:04,001 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:04,001 INFO L93 Difference]: Finished difference Result 214 states and 277 transitions. [2022-02-20 18:09:04,001 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:04,001 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 2 states have internal predecessors, (35), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 42 [2022-02-20 18:09:04,001 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:04,002 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 2 states have internal predecessors, (35), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:09:04,003 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 149 transitions. [2022-02-20 18:09:04,004 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 2 states have internal predecessors, (35), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:09:04,005 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 149 transitions. [2022-02-20 18:09:04,006 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 149 transitions. [2022-02-20 18:09:04,115 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 149 edges. 149 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:04,117 INFO L225 Difference]: With dead ends: 214 [2022-02-20 18:09:04,117 INFO L226 Difference]: Without dead ends: 93 [2022-02-20 18:09:04,117 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 41 GetRequests, 40 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:04,118 INFO L933 BasicCegarLoop]: 57 mSDtfsCounter, 45 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 45 SdHoareTripleChecker+Valid, 57 SdHoareTripleChecker+Invalid, 6 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:04,118 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [45 Valid, 57 Invalid, 6 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:04,119 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 93 states. [2022-02-20 18:09:04,123 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 93 to 93. [2022-02-20 18:09:04,123 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:04,124 INFO L82 GeneralOperation]: Start isEquivalent. First operand 93 states. Second operand has 93 states, 69 states have (on average 1.2173913043478262) internal successors, (84), 73 states have internal predecessors, (84), 12 states have call successors, (12), 12 states have call predecessors, (12), 11 states have return successors, (12), 11 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:04,124 INFO L74 IsIncluded]: Start isIncluded. First operand 93 states. Second operand has 93 states, 69 states have (on average 1.2173913043478262) internal successors, (84), 73 states have internal predecessors, (84), 12 states have call successors, (12), 12 states have call predecessors, (12), 11 states have return successors, (12), 11 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:04,124 INFO L87 Difference]: Start difference. First operand 93 states. Second operand has 93 states, 69 states have (on average 1.2173913043478262) internal successors, (84), 73 states have internal predecessors, (84), 12 states have call successors, (12), 12 states have call predecessors, (12), 11 states have return successors, (12), 11 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:04,126 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:04,127 INFO L93 Difference]: Finished difference Result 93 states and 108 transitions. [2022-02-20 18:09:04,127 INFO L276 IsEmpty]: Start isEmpty. Operand 93 states and 108 transitions. [2022-02-20 18:09:04,127 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:04,127 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:04,127 INFO L74 IsIncluded]: Start isIncluded. First operand has 93 states, 69 states have (on average 1.2173913043478262) internal successors, (84), 73 states have internal predecessors, (84), 12 states have call successors, (12), 12 states have call predecessors, (12), 11 states have return successors, (12), 11 states have call predecessors, (12), 12 states have call successors, (12) Second operand 93 states. [2022-02-20 18:09:04,128 INFO L87 Difference]: Start difference. First operand has 93 states, 69 states have (on average 1.2173913043478262) internal successors, (84), 73 states have internal predecessors, (84), 12 states have call successors, (12), 12 states have call predecessors, (12), 11 states have return successors, (12), 11 states have call predecessors, (12), 12 states have call successors, (12) Second operand 93 states. [2022-02-20 18:09:04,130 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:04,130 INFO L93 Difference]: Finished difference Result 93 states and 108 transitions. [2022-02-20 18:09:04,130 INFO L276 IsEmpty]: Start isEmpty. Operand 93 states and 108 transitions. [2022-02-20 18:09:04,130 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:04,130 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:04,130 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:04,131 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:04,131 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 93 states, 69 states have (on average 1.2173913043478262) internal successors, (84), 73 states have internal predecessors, (84), 12 states have call successors, (12), 12 states have call predecessors, (12), 11 states have return successors, (12), 11 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:04,133 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 93 states to 93 states and 108 transitions. [2022-02-20 18:09:04,133 INFO L78 Accepts]: Start accepts. Automaton has 93 states and 108 transitions. Word has length 42 [2022-02-20 18:09:04,133 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:04,133 INFO L470 AbstractCegarLoop]: Abstraction has 93 states and 108 transitions. [2022-02-20 18:09:04,134 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 2 states have internal predecessors, (35), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:09:04,134 INFO L276 IsEmpty]: Start isEmpty. Operand 93 states and 108 transitions. [2022-02-20 18:09:04,134 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2022-02-20 18:09:04,134 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:04,134 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:04,145 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Forceful destruction successful, exit code 0 [2022-02-20 18:09:04,341 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:04,341 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:04,342 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:04,342 INFO L85 PathProgramCache]: Analyzing trace with hash 20451684, now seen corresponding path program 1 times [2022-02-20 18:09:04,342 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:04,342 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1272351138] [2022-02-20 18:09:04,343 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:04,343 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:04,343 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:04,344 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:04,346 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Waiting until timeout for monitored process [2022-02-20 18:09:04,385 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:09:04,385 INFO L352 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2022-02-20 18:09:04,405 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:09:04,444 INFO L138 FreeRefinementEngine]: Strategy WOLF found a feasible trace [2022-02-20 18:09:04,444 INFO L628 BasicCegarLoop]: Counterexample is feasible [2022-02-20 18:09:04,445 INFO L764 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-02-20 18:09:04,453 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Forceful destruction successful, exit code 0 [2022-02-20 18:09:04,647 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:04,650 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1] [2022-02-20 18:09:04,652 INFO L180 ceAbstractionStarter]: Computing trace abstraction results [2022-02-20 18:09:04,669 FATAL L489 DefaultTranslator]: Callstack has procedure call flag but succeeding procedure is empty at [CALL] call waterRise(); [2022-02-20 18:09:04,669 FATAL L? ?]: The Plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction has thrown an exception: java.lang.AssertionError: callstack broken after backtranslation by InlinerBacktranslator at de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:216) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:206) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getProgramExecutionAsString(CounterExampleResult.java:155) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getLongDescription(CounterExampleResult.java:134) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ResultService.reportResult(ResultService.java:86) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.CegarLoopResultReporter.reportResult(CegarLoopResultReporter.java:141) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.reportLocationResults(TraceAbstractionStarter.java:607) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.runCegarLoops(TraceAbstractionStarter.java:182) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.(TraceAbstractionStarter.java:156) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver.finish(TraceAbstractionObserver.java:123) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runObserver(PluginConnector.java:168) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runTool(PluginConnector.java:151) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.run(PluginConnector.java:128) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.executePluginConnector(ToolchainWalker.java:232) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.processPlugin(ToolchainWalker.java:226) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walkUnprotected(ToolchainWalker.java:142) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walk(ToolchainWalker.java:104) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainManager$Toolchain.processToolchain(ToolchainManager.java:320) at de.uni_freiburg.informatik.ultimate.core.coreplugin.toolchain.DefaultToolchainJob.run(DefaultToolchainJob.java:145) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:63) [2022-02-20 18:09:04,672 INFO L158 Benchmark]: Toolchain (without parser) took 5788.36ms. Allocated memory was 65.0MB in the beginning and 117.4MB in the end (delta: 52.4MB). Free memory was 43.9MB in the beginning and 66.5MB in the end (delta: -22.6MB). Peak memory consumption was 28.2MB. Max. memory is 16.1GB. [2022-02-20 18:09:04,672 INFO L158 Benchmark]: CDTParser took 0.23ms. Allocated memory is still 65.0MB. Free memory was 46.4MB in the beginning and 46.4MB in the end (delta: 49.3kB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:09:04,673 INFO L158 Benchmark]: CACSL2BoogieTranslator took 593.48ms. Allocated memory is still 65.0MB. Free memory was 43.7MB in the beginning and 29.2MB in the end (delta: 14.4MB). Peak memory consumption was 12.6MB. Max. memory is 16.1GB. [2022-02-20 18:09:04,673 INFO L158 Benchmark]: Boogie Procedure Inliner took 61.22ms. Allocated memory was 65.0MB in the beginning and 86.0MB in the end (delta: 21.0MB). Free memory was 29.2MB in the beginning and 67.3MB in the end (delta: -38.1MB). Peak memory consumption was 5.3MB. Max. memory is 16.1GB. [2022-02-20 18:09:04,673 INFO L158 Benchmark]: Boogie Preprocessor took 25.35ms. Allocated memory is still 86.0MB. Free memory was 67.3MB in the beginning and 65.4MB in the end (delta: 1.9MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:09:04,673 INFO L158 Benchmark]: RCFGBuilder took 575.74ms. Allocated memory is still 86.0MB. Free memory was 65.4MB in the beginning and 47.7MB in the end (delta: 17.8MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2022-02-20 18:09:04,674 INFO L158 Benchmark]: TraceAbstraction took 4527.40ms. Allocated memory was 86.0MB in the beginning and 117.4MB in the end (delta: 31.5MB). Free memory was 47.3MB in the beginning and 66.5MB in the end (delta: -19.2MB). Peak memory consumption was 11.3MB. Max. memory is 16.1GB. [2022-02-20 18:09:04,675 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.23ms. Allocated memory is still 65.0MB. Free memory was 46.4MB in the beginning and 46.4MB in the end (delta: 49.3kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 593.48ms. Allocated memory is still 65.0MB. Free memory was 43.7MB in the beginning and 29.2MB in the end (delta: 14.4MB). Peak memory consumption was 12.6MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 61.22ms. Allocated memory was 65.0MB in the beginning and 86.0MB in the end (delta: 21.0MB). Free memory was 29.2MB in the beginning and 67.3MB in the end (delta: -38.1MB). Peak memory consumption was 5.3MB. Max. memory is 16.1GB. * Boogie Preprocessor took 25.35ms. Allocated memory is still 86.0MB. Free memory was 67.3MB in the beginning and 65.4MB in the end (delta: 1.9MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 575.74ms. Allocated memory is still 86.0MB. Free memory was 65.4MB in the beginning and 47.7MB in the end (delta: 17.8MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 4527.40ms. Allocated memory was 86.0MB in the beginning and 117.4MB in the end (delta: 31.5MB). Free memory was 47.3MB in the beginning and 66.5MB in the end (delta: -19.2MB). Peak memory consumption was 11.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: AssertionError: callstack broken after backtranslation by InlinerBacktranslator: de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) RESULT: Ultimate could not prove your program: Toolchain returned no result. [2022-02-20 18:09:04,739 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: ERROR: ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator