./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec3_product29.cil.c --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 03d7b7b3 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_product29.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 76c265ee8cd79c32bac129a25f21c9052690eb74ca3013be3603e97bc6872f20 --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 18:09:01,904 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 18:09:01,905 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 18:09:01,944 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 18:09:01,945 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 18:09:01,949 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 18:09:01,951 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 18:09:01,957 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 18:09:01,960 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 18:09:01,966 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 18:09:01,967 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 18:09:01,968 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 18:09:01,969 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 18:09:01,971 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 18:09:01,973 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 18:09:01,976 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 18:09:01,977 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 18:09:01,978 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 18:09:01,979 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 18:09:01,983 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 18:09:01,986 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 18:09:01,988 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 18:09:01,989 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 18:09:01,990 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 18:09:01,992 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 18:09:01,992 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 18:09:01,994 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 18:09:01,995 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 18:09:01,996 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 18:09:01,997 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 18:09:01,998 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 18:09:01,999 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 18:09:02,004 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 18:09:02,005 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 18:09:02,007 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 18:09:02,007 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 18:09:02,007 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 18:09:02,008 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 18:09:02,008 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 18:09:02,009 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 18:09:02,009 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 18:09:02,010 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-02-20 18:09:02,038 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 18:09:02,039 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 18:09:02,047 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 18:09:02,047 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 18:09:02,048 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 18:09:02,048 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 18:09:02,049 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 18:09:02,049 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 18:09:02,049 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 18:09:02,050 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 18:09:02,051 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 18:09:02,051 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 18:09:02,051 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 18:09:02,051 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 18:09:02,051 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-02-20 18:09:02,052 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 18:09:02,052 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-02-20 18:09:02,052 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 18:09:02,052 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-02-20 18:09:02,052 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 18:09:02,053 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-02-20 18:09:02,053 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 18:09:02,053 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 18:09:02,053 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 18:09:02,054 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:09:02,054 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 18:09:02,054 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 18:09:02,054 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-02-20 18:09:02,054 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-02-20 18:09:02,055 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-02-20 18:09:02,055 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2022-02-20 18:09:02,055 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-02-20 18:09:02,055 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-02-20 18:09:02,055 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 76c265ee8cd79c32bac129a25f21c9052690eb74ca3013be3603e97bc6872f20 [2022-02-20 18:09:02,287 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 18:09:02,313 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 18:09:02,315 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 18:09:02,316 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 18:09:02,317 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 18:09:02,318 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_product29.cil.c [2022-02-20 18:09:02,381 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/3f713e9ee/6887c3b84e984bd29e0b8da8bfd23759/FLAGb68407e50 [2022-02-20 18:09:02,847 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 18:09:02,847 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product29.cil.c [2022-02-20 18:09:02,864 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/3f713e9ee/6887c3b84e984bd29e0b8da8bfd23759/FLAGb68407e50 [2022-02-20 18:09:03,188 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/3f713e9ee/6887c3b84e984bd29e0b8da8bfd23759 [2022-02-20 18:09:03,190 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 18:09:03,191 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 18:09:03,192 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 18:09:03,193 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 18:09:03,196 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 18:09:03,197 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:09:03" (1/1) ... [2022-02-20 18:09:03,198 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@417451d9 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:03, skipping insertion in model container [2022-02-20 18:09:03,198 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:09:03" (1/1) ... [2022-02-20 18:09:03,204 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 18:09:03,239 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:09:03,501 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product29.cil.c[13732,13745] [2022-02-20 18:09:03,557 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:09:03,569 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 18:09:03,646 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product29.cil.c[13732,13745] [2022-02-20 18:09:03,663 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:09:03,680 INFO L208 MainTranslator]: Completed translation [2022-02-20 18:09:03,681 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:03 WrapperNode [2022-02-20 18:09:03,681 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 18:09:03,682 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 18:09:03,682 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 18:09:03,682 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 18:09:03,689 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:03" (1/1) ... [2022-02-20 18:09:03,702 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:03" (1/1) ... [2022-02-20 18:09:03,745 INFO L137 Inliner]: procedures = 54, calls = 156, calls flagged for inlining = 20, calls inlined = 16, statements flattened = 234 [2022-02-20 18:09:03,746 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 18:09:03,747 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 18:09:03,747 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 18:09:03,747 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 18:09:03,754 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:03" (1/1) ... [2022-02-20 18:09:03,755 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:03" (1/1) ... [2022-02-20 18:09:03,766 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:03" (1/1) ... [2022-02-20 18:09:03,766 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:03" (1/1) ... [2022-02-20 18:09:03,773 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:03" (1/1) ... [2022-02-20 18:09:03,788 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:03" (1/1) ... [2022-02-20 18:09:03,790 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:03" (1/1) ... [2022-02-20 18:09:03,792 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 18:09:03,793 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 18:09:03,793 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 18:09:03,793 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 18:09:03,798 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:03" (1/1) ... [2022-02-20 18:09:03,806 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:09:03,817 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 18:09:03,829 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 18:09:03,837 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 18:09:03,865 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 18:09:03,866 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-02-20 18:09:03,866 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-02-20 18:09:03,866 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-02-20 18:09:03,866 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-02-20 18:09:03,867 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-02-20 18:09:03,867 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-02-20 18:09:03,867 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-02-20 18:09:03,867 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-02-20 18:09:03,867 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-02-20 18:09:03,867 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-02-20 18:09:03,868 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2022-02-20 18:09:03,868 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2022-02-20 18:09:03,868 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2022-02-20 18:09:03,868 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2022-02-20 18:09:03,868 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-02-20 18:09:03,869 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-02-20 18:09:03,869 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-02-20 18:09:03,869 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-02-20 18:09:03,869 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-02-20 18:09:03,869 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 18:09:03,869 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 18:09:03,949 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 18:09:03,951 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 18:09:04,353 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 18:09:04,364 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 18:09:04,368 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-02-20 18:09:04,370 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:09:04 BoogieIcfgContainer [2022-02-20 18:09:04,371 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 18:09:04,373 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 18:09:04,373 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 18:09:04,377 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 18:09:04,378 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 06:09:03" (1/3) ... [2022-02-20 18:09:04,379 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@6f90ae42 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:09:04, skipping insertion in model container [2022-02-20 18:09:04,379 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:03" (2/3) ... [2022-02-20 18:09:04,379 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@6f90ae42 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:09:04, skipping insertion in model container [2022-02-20 18:09:04,379 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:09:04" (3/3) ... [2022-02-20 18:09:04,383 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product29.cil.c [2022-02-20 18:09:04,388 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 18:09:04,389 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-02-20 18:09:04,448 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 18:09:04,461 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 18:09:04,462 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-02-20 18:09:04,491 INFO L276 IsEmpty]: Start isEmpty. Operand has 93 states, 67 states have (on average 1.373134328358209) internal successors, (92), 75 states have internal predecessors, (92), 15 states have call successors, (15), 9 states have call predecessors, (15), 9 states have return successors, (15), 11 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-20 18:09:04,499 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 18:09:04,499 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:04,500 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:04,500 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:04,511 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:04,512 INFO L85 PathProgramCache]: Analyzing trace with hash -198266629, now seen corresponding path program 1 times [2022-02-20 18:09:04,522 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:04,523 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1175431963] [2022-02-20 18:09:04,524 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:04,524 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:04,661 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:04,722 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-02-20 18:09:04,724 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:04,734 INFO L290 TraceCheckUtils]: 0: Hoare triple {96#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {96#true} is VALID [2022-02-20 18:09:04,734 INFO L290 TraceCheckUtils]: 1: Hoare triple {96#true} assume true; {96#true} is VALID [2022-02-20 18:09:04,735 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {96#true} {97#false} #231#return; {97#false} is VALID [2022-02-20 18:09:04,738 INFO L290 TraceCheckUtils]: 0: Hoare triple {96#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(30, 9);call #Ultimate.allocInit(9, 10);call #Ultimate.allocInit(21, 11);call #Ultimate.allocInit(30, 12);call #Ultimate.allocInit(9, 13);call #Ultimate.allocInit(21, 14);call #Ultimate.allocInit(30, 15);call #Ultimate.allocInit(9, 16);call #Ultimate.allocInit(25, 17);call #Ultimate.allocInit(30, 18);call #Ultimate.allocInit(9, 19);call #Ultimate.allocInit(25, 20);call #Ultimate.allocInit(13, 21);call #Ultimate.allocInit(3, 22);call write~init~int(79, 22, 0, 1);call write~init~int(110, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(4, 23);call write~init~int(79, 23, 0, 1);call write~init~int(102, 23, 1, 1);call write~init~int(102, 23, 2, 1);call write~init~int(0, 23, 3, 1);call #Ultimate.allocInit(7, 24);call write~init~int(44, 24, 0, 1);call write~init~int(80, 24, 1, 1);call write~init~int(117, 24, 2, 1);call write~init~int(109, 24, 3, 1);call write~init~int(112, 24, 4, 1);call write~init~int(58, 24, 5, 1);call write~init~int(0, 24, 6, 1);call #Ultimate.allocInit(3, 25);call write~init~int(79, 25, 0, 1);call write~init~int(110, 25, 1, 1);call write~init~int(0, 25, 2, 1);call #Ultimate.allocInit(4, 26);call write~init~int(79, 26, 0, 1);call write~init~int(102, 26, 1, 1);call write~init~int(102, 26, 2, 1);call write~init~int(0, 26, 3, 1);call #Ultimate.allocInit(3, 27);call write~init~int(41, 27, 0, 1);call write~init~int(32, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(10, 28, 0, 1);call write~init~int(0, 28, 1, 1);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~head~0.base, ~head~0.offset := 0, 0;~cleanupTimeShifts~0 := 4;~pumpRunning~0 := 0;~systemActive~0 := 1; {96#true} is VALID [2022-02-20 18:09:04,741 INFO L290 TraceCheckUtils]: 1: Hoare triple {96#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret36#1, main_~retValue_acc~8#1, main_~tmp~4#1;havoc main_~retValue_acc~8#1;havoc main_~tmp~4#1;assume { :begin_inline_select_helpers } true; {96#true} is VALID [2022-02-20 18:09:04,741 INFO L290 TraceCheckUtils]: 2: Hoare triple {96#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {96#true} is VALID [2022-02-20 18:09:04,742 INFO L290 TraceCheckUtils]: 3: Hoare triple {96#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~7#1;havoc valid_product_~retValue_acc~7#1;valid_product_~retValue_acc~7#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~7#1; {96#true} is VALID [2022-02-20 18:09:04,742 INFO L290 TraceCheckUtils]: 4: Hoare triple {96#true} main_#t~ret36#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret36#1 && main_#t~ret36#1 <= 2147483647;main_~tmp~4#1 := main_#t~ret36#1;havoc main_#t~ret36#1; {96#true} is VALID [2022-02-20 18:09:04,742 INFO L290 TraceCheckUtils]: 5: Hoare triple {96#true} assume 0 != main_~tmp~4#1;assume { :begin_inline_setup } true; {96#true} is VALID [2022-02-20 18:09:04,742 INFO L290 TraceCheckUtils]: 6: Hoare triple {96#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet50#1, test_#t~nondet51#1, test_#t~nondet52#1, test_#t~nondet53#1, test_~splverifierCounter~0#1, test_~tmp~9#1, test_~tmp___0~2#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~9#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {96#true} is VALID [2022-02-20 18:09:04,746 INFO L290 TraceCheckUtils]: 7: Hoare triple {96#true} assume false; {97#false} is VALID [2022-02-20 18:09:04,747 INFO L272 TraceCheckUtils]: 8: Hoare triple {97#false} call cleanup(); {97#false} is VALID [2022-02-20 18:09:04,747 INFO L290 TraceCheckUtils]: 9: Hoare triple {97#false} havoc ~i~0;havoc ~__cil_tmp2~0; {97#false} is VALID [2022-02-20 18:09:04,747 INFO L272 TraceCheckUtils]: 10: Hoare triple {97#false} call timeShift(); {97#false} is VALID [2022-02-20 18:09:04,747 INFO L290 TraceCheckUtils]: 11: Hoare triple {97#false} assume !(0 != ~pumpRunning~0); {97#false} is VALID [2022-02-20 18:09:04,748 INFO L290 TraceCheckUtils]: 12: Hoare triple {97#false} assume !(0 != ~systemActive~0); {97#false} is VALID [2022-02-20 18:09:04,748 INFO L290 TraceCheckUtils]: 13: Hoare triple {97#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret4#1, __utac_acc__Specification3_spec__1_#t~ret5#1, __utac_acc__Specification3_spec__1_#t~ret6#1, __utac_acc__Specification3_spec__1_~tmp~0#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {97#false} is VALID [2022-02-20 18:09:04,748 INFO L272 TraceCheckUtils]: 14: Hoare triple {97#false} call __utac_acc__Specification3_spec__1_#t~ret4#1 := isMethaneLevelCritical(); {96#true} is VALID [2022-02-20 18:09:04,748 INFO L290 TraceCheckUtils]: 15: Hoare triple {96#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {96#true} is VALID [2022-02-20 18:09:04,750 INFO L290 TraceCheckUtils]: 16: Hoare triple {96#true} assume true; {96#true} is VALID [2022-02-20 18:09:04,751 INFO L284 TraceCheckUtils]: 17: Hoare quadruple {96#true} {97#false} #231#return; {97#false} is VALID [2022-02-20 18:09:04,751 INFO L290 TraceCheckUtils]: 18: Hoare triple {97#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret4#1 && __utac_acc__Specification3_spec__1_#t~ret4#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~0#1 := __utac_acc__Specification3_spec__1_#t~ret4#1;havoc __utac_acc__Specification3_spec__1_#t~ret4#1; {97#false} is VALID [2022-02-20 18:09:04,751 INFO L290 TraceCheckUtils]: 19: Hoare triple {97#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~0#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~1#1;havoc getWaterLevel_~retValue_acc~1#1;getWaterLevel_~retValue_acc~1#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; {97#false} is VALID [2022-02-20 18:09:04,751 INFO L290 TraceCheckUtils]: 20: Hoare triple {97#false} __utac_acc__Specification3_spec__1_#t~ret5#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret5#1 && __utac_acc__Specification3_spec__1_#t~ret5#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret5#1;havoc __utac_acc__Specification3_spec__1_#t~ret5#1; {97#false} is VALID [2022-02-20 18:09:04,752 INFO L290 TraceCheckUtils]: 21: Hoare triple {97#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~10#1;havoc isPumpRunning_~retValue_acc~10#1;isPumpRunning_~retValue_acc~10#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~10#1; {97#false} is VALID [2022-02-20 18:09:04,753 INFO L290 TraceCheckUtils]: 22: Hoare triple {97#false} __utac_acc__Specification3_spec__1_#t~ret6#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret6#1 && __utac_acc__Specification3_spec__1_#t~ret6#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret6#1;havoc __utac_acc__Specification3_spec__1_#t~ret6#1; {97#false} is VALID [2022-02-20 18:09:04,754 INFO L290 TraceCheckUtils]: 23: Hoare triple {97#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {97#false} is VALID [2022-02-20 18:09:04,754 INFO L290 TraceCheckUtils]: 24: Hoare triple {97#false} assume !false; {97#false} is VALID [2022-02-20 18:09:04,754 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:04,755 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:04,755 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1175431963] [2022-02-20 18:09:04,756 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1175431963] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:04,756 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:04,757 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:09:04,758 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [448007671] [2022-02-20 18:09:04,760 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:04,766 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:09:04,769 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:04,772 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:04,821 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:04,822 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-02-20 18:09:04,822 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:04,841 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-02-20 18:09:04,841 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:09:04,844 INFO L87 Difference]: Start difference. First operand has 93 states, 67 states have (on average 1.373134328358209) internal successors, (92), 75 states have internal predecessors, (92), 15 states have call successors, (15), 9 states have call predecessors, (15), 9 states have return successors, (15), 11 states have call predecessors, (15), 15 states have call successors, (15) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:05,071 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:05,075 INFO L93 Difference]: Finished difference Result 178 states and 239 transitions. [2022-02-20 18:09:05,075 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-02-20 18:09:05,076 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:09:05,076 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:05,084 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:05,105 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 239 transitions. [2022-02-20 18:09:05,106 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:05,118 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 239 transitions. [2022-02-20 18:09:05,118 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 239 transitions. [2022-02-20 18:09:05,353 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 239 edges. 239 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:05,365 INFO L225 Difference]: With dead ends: 178 [2022-02-20 18:09:05,366 INFO L226 Difference]: Without dead ends: 84 [2022-02-20 18:09:05,370 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:09:05,373 INFO L933 BasicCegarLoop]: 116 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 116 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:05,376 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 116 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:05,394 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 84 states. [2022-02-20 18:09:05,422 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 84 to 84. [2022-02-20 18:09:05,423 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:05,428 INFO L82 GeneralOperation]: Start isEquivalent. First operand 84 states. Second operand has 84 states, 60 states have (on average 1.3) internal successors, (78), 67 states have internal predecessors, (78), 15 states have call successors, (15), 9 states have call predecessors, (15), 8 states have return successors, (14), 10 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 18:09:05,432 INFO L74 IsIncluded]: Start isIncluded. First operand 84 states. Second operand has 84 states, 60 states have (on average 1.3) internal successors, (78), 67 states have internal predecessors, (78), 15 states have call successors, (15), 9 states have call predecessors, (15), 8 states have return successors, (14), 10 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 18:09:05,434 INFO L87 Difference]: Start difference. First operand 84 states. Second operand has 84 states, 60 states have (on average 1.3) internal successors, (78), 67 states have internal predecessors, (78), 15 states have call successors, (15), 9 states have call predecessors, (15), 8 states have return successors, (14), 10 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 18:09:05,455 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:05,467 INFO L93 Difference]: Finished difference Result 84 states and 107 transitions. [2022-02-20 18:09:05,468 INFO L276 IsEmpty]: Start isEmpty. Operand 84 states and 107 transitions. [2022-02-20 18:09:05,469 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:05,469 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:05,470 INFO L74 IsIncluded]: Start isIncluded. First operand has 84 states, 60 states have (on average 1.3) internal successors, (78), 67 states have internal predecessors, (78), 15 states have call successors, (15), 9 states have call predecessors, (15), 8 states have return successors, (14), 10 states have call predecessors, (14), 14 states have call successors, (14) Second operand 84 states. [2022-02-20 18:09:05,471 INFO L87 Difference]: Start difference. First operand has 84 states, 60 states have (on average 1.3) internal successors, (78), 67 states have internal predecessors, (78), 15 states have call successors, (15), 9 states have call predecessors, (15), 8 states have return successors, (14), 10 states have call predecessors, (14), 14 states have call successors, (14) Second operand 84 states. [2022-02-20 18:09:05,477 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:05,482 INFO L93 Difference]: Finished difference Result 84 states and 107 transitions. [2022-02-20 18:09:05,483 INFO L276 IsEmpty]: Start isEmpty. Operand 84 states and 107 transitions. [2022-02-20 18:09:05,485 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:05,487 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:05,487 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:05,487 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:05,488 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 84 states, 60 states have (on average 1.3) internal successors, (78), 67 states have internal predecessors, (78), 15 states have call successors, (15), 9 states have call predecessors, (15), 8 states have return successors, (14), 10 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 18:09:05,494 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 84 states to 84 states and 107 transitions. [2022-02-20 18:09:05,501 INFO L78 Accepts]: Start accepts. Automaton has 84 states and 107 transitions. Word has length 25 [2022-02-20 18:09:05,502 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:05,502 INFO L470 AbstractCegarLoop]: Abstraction has 84 states and 107 transitions. [2022-02-20 18:09:05,502 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:05,503 INFO L276 IsEmpty]: Start isEmpty. Operand 84 states and 107 transitions. [2022-02-20 18:09:05,505 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-02-20 18:09:05,508 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:05,509 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:05,509 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-02-20 18:09:05,509 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:05,510 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:05,510 INFO L85 PathProgramCache]: Analyzing trace with hash -342081454, now seen corresponding path program 1 times [2022-02-20 18:09:05,511 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:05,511 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1703756506] [2022-02-20 18:09:05,511 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:05,511 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:05,566 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:05,632 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2022-02-20 18:09:05,635 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:05,645 INFO L290 TraceCheckUtils]: 0: Hoare triple {649#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {649#true} is VALID [2022-02-20 18:09:05,645 INFO L290 TraceCheckUtils]: 1: Hoare triple {649#true} assume true; {649#true} is VALID [2022-02-20 18:09:05,646 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {649#true} {650#false} #231#return; {650#false} is VALID [2022-02-20 18:09:05,646 INFO L290 TraceCheckUtils]: 0: Hoare triple {649#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(30, 9);call #Ultimate.allocInit(9, 10);call #Ultimate.allocInit(21, 11);call #Ultimate.allocInit(30, 12);call #Ultimate.allocInit(9, 13);call #Ultimate.allocInit(21, 14);call #Ultimate.allocInit(30, 15);call #Ultimate.allocInit(9, 16);call #Ultimate.allocInit(25, 17);call #Ultimate.allocInit(30, 18);call #Ultimate.allocInit(9, 19);call #Ultimate.allocInit(25, 20);call #Ultimate.allocInit(13, 21);call #Ultimate.allocInit(3, 22);call write~init~int(79, 22, 0, 1);call write~init~int(110, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(4, 23);call write~init~int(79, 23, 0, 1);call write~init~int(102, 23, 1, 1);call write~init~int(102, 23, 2, 1);call write~init~int(0, 23, 3, 1);call #Ultimate.allocInit(7, 24);call write~init~int(44, 24, 0, 1);call write~init~int(80, 24, 1, 1);call write~init~int(117, 24, 2, 1);call write~init~int(109, 24, 3, 1);call write~init~int(112, 24, 4, 1);call write~init~int(58, 24, 5, 1);call write~init~int(0, 24, 6, 1);call #Ultimate.allocInit(3, 25);call write~init~int(79, 25, 0, 1);call write~init~int(110, 25, 1, 1);call write~init~int(0, 25, 2, 1);call #Ultimate.allocInit(4, 26);call write~init~int(79, 26, 0, 1);call write~init~int(102, 26, 1, 1);call write~init~int(102, 26, 2, 1);call write~init~int(0, 26, 3, 1);call #Ultimate.allocInit(3, 27);call write~init~int(41, 27, 0, 1);call write~init~int(32, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(10, 28, 0, 1);call write~init~int(0, 28, 1, 1);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~head~0.base, ~head~0.offset := 0, 0;~cleanupTimeShifts~0 := 4;~pumpRunning~0 := 0;~systemActive~0 := 1; {649#true} is VALID [2022-02-20 18:09:05,646 INFO L290 TraceCheckUtils]: 1: Hoare triple {649#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret36#1, main_~retValue_acc~8#1, main_~tmp~4#1;havoc main_~retValue_acc~8#1;havoc main_~tmp~4#1;assume { :begin_inline_select_helpers } true; {649#true} is VALID [2022-02-20 18:09:05,646 INFO L290 TraceCheckUtils]: 2: Hoare triple {649#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {649#true} is VALID [2022-02-20 18:09:05,647 INFO L290 TraceCheckUtils]: 3: Hoare triple {649#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~7#1;havoc valid_product_~retValue_acc~7#1;valid_product_~retValue_acc~7#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~7#1; {649#true} is VALID [2022-02-20 18:09:05,647 INFO L290 TraceCheckUtils]: 4: Hoare triple {649#true} main_#t~ret36#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret36#1 && main_#t~ret36#1 <= 2147483647;main_~tmp~4#1 := main_#t~ret36#1;havoc main_#t~ret36#1; {649#true} is VALID [2022-02-20 18:09:05,647 INFO L290 TraceCheckUtils]: 5: Hoare triple {649#true} assume 0 != main_~tmp~4#1;assume { :begin_inline_setup } true; {649#true} is VALID [2022-02-20 18:09:05,648 INFO L290 TraceCheckUtils]: 6: Hoare triple {649#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet50#1, test_#t~nondet51#1, test_#t~nondet52#1, test_#t~nondet53#1, test_~splverifierCounter~0#1, test_~tmp~9#1, test_~tmp___0~2#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~9#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {651#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:09:05,648 INFO L290 TraceCheckUtils]: 7: Hoare triple {651#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !false; {651#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:09:05,649 INFO L290 TraceCheckUtils]: 8: Hoare triple {651#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !(test_~splverifierCounter~0#1 < 4); {650#false} is VALID [2022-02-20 18:09:05,649 INFO L272 TraceCheckUtils]: 9: Hoare triple {650#false} call cleanup(); {650#false} is VALID [2022-02-20 18:09:05,649 INFO L290 TraceCheckUtils]: 10: Hoare triple {650#false} havoc ~i~0;havoc ~__cil_tmp2~0; {650#false} is VALID [2022-02-20 18:09:05,650 INFO L272 TraceCheckUtils]: 11: Hoare triple {650#false} call timeShift(); {650#false} is VALID [2022-02-20 18:09:05,650 INFO L290 TraceCheckUtils]: 12: Hoare triple {650#false} assume !(0 != ~pumpRunning~0); {650#false} is VALID [2022-02-20 18:09:05,650 INFO L290 TraceCheckUtils]: 13: Hoare triple {650#false} assume !(0 != ~systemActive~0); {650#false} is VALID [2022-02-20 18:09:05,650 INFO L290 TraceCheckUtils]: 14: Hoare triple {650#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret4#1, __utac_acc__Specification3_spec__1_#t~ret5#1, __utac_acc__Specification3_spec__1_#t~ret6#1, __utac_acc__Specification3_spec__1_~tmp~0#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {650#false} is VALID [2022-02-20 18:09:05,650 INFO L272 TraceCheckUtils]: 15: Hoare triple {650#false} call __utac_acc__Specification3_spec__1_#t~ret4#1 := isMethaneLevelCritical(); {649#true} is VALID [2022-02-20 18:09:05,651 INFO L290 TraceCheckUtils]: 16: Hoare triple {649#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {649#true} is VALID [2022-02-20 18:09:05,651 INFO L290 TraceCheckUtils]: 17: Hoare triple {649#true} assume true; {649#true} is VALID [2022-02-20 18:09:05,651 INFO L284 TraceCheckUtils]: 18: Hoare quadruple {649#true} {650#false} #231#return; {650#false} is VALID [2022-02-20 18:09:05,653 INFO L290 TraceCheckUtils]: 19: Hoare triple {650#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret4#1 && __utac_acc__Specification3_spec__1_#t~ret4#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~0#1 := __utac_acc__Specification3_spec__1_#t~ret4#1;havoc __utac_acc__Specification3_spec__1_#t~ret4#1; {650#false} is VALID [2022-02-20 18:09:05,653 INFO L290 TraceCheckUtils]: 20: Hoare triple {650#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~0#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~1#1;havoc getWaterLevel_~retValue_acc~1#1;getWaterLevel_~retValue_acc~1#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; {650#false} is VALID [2022-02-20 18:09:05,653 INFO L290 TraceCheckUtils]: 21: Hoare triple {650#false} __utac_acc__Specification3_spec__1_#t~ret5#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret5#1 && __utac_acc__Specification3_spec__1_#t~ret5#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret5#1;havoc __utac_acc__Specification3_spec__1_#t~ret5#1; {650#false} is VALID [2022-02-20 18:09:05,653 INFO L290 TraceCheckUtils]: 22: Hoare triple {650#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~10#1;havoc isPumpRunning_~retValue_acc~10#1;isPumpRunning_~retValue_acc~10#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~10#1; {650#false} is VALID [2022-02-20 18:09:05,654 INFO L290 TraceCheckUtils]: 23: Hoare triple {650#false} __utac_acc__Specification3_spec__1_#t~ret6#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret6#1 && __utac_acc__Specification3_spec__1_#t~ret6#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret6#1;havoc __utac_acc__Specification3_spec__1_#t~ret6#1; {650#false} is VALID [2022-02-20 18:09:05,654 INFO L290 TraceCheckUtils]: 24: Hoare triple {650#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {650#false} is VALID [2022-02-20 18:09:05,654 INFO L290 TraceCheckUtils]: 25: Hoare triple {650#false} assume !false; {650#false} is VALID [2022-02-20 18:09:05,657 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:05,657 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:05,658 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1703756506] [2022-02-20 18:09:05,658 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1703756506] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:05,658 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:05,658 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:09:05,658 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1500361400] [2022-02-20 18:09:05,659 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:05,660 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:09:05,664 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:05,665 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:05,687 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 26 edges. 26 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:05,687 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:05,687 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:05,688 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:05,688 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:05,689 INFO L87 Difference]: Start difference. First operand 84 states and 107 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:05,850 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:05,850 INFO L93 Difference]: Finished difference Result 134 states and 170 transitions. [2022-02-20 18:09:05,850 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:05,851 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:09:05,851 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:05,851 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:05,859 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 170 transitions. [2022-02-20 18:09:05,860 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:05,867 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 170 transitions. [2022-02-20 18:09:05,867 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 170 transitions. [2022-02-20 18:09:06,009 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 170 edges. 170 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:06,012 INFO L225 Difference]: With dead ends: 134 [2022-02-20 18:09:06,012 INFO L226 Difference]: Without dead ends: 75 [2022-02-20 18:09:06,013 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:06,015 INFO L933 BasicCegarLoop]: 94 mSDtfsCounter, 12 mSDsluCounter, 78 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 172 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:06,015 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [15 Valid, 172 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:06,016 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 75 states. [2022-02-20 18:09:06,027 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 75 to 75. [2022-02-20 18:09:06,029 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:06,030 INFO L82 GeneralOperation]: Start isEquivalent. First operand 75 states. Second operand has 75 states, 54 states have (on average 1.3148148148148149) internal successors, (71), 61 states have internal predecessors, (71), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 8 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:06,031 INFO L74 IsIncluded]: Start isIncluded. First operand 75 states. Second operand has 75 states, 54 states have (on average 1.3148148148148149) internal successors, (71), 61 states have internal predecessors, (71), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 8 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:06,031 INFO L87 Difference]: Start difference. First operand 75 states. Second operand has 75 states, 54 states have (on average 1.3148148148148149) internal successors, (71), 61 states have internal predecessors, (71), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 8 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:06,035 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:06,035 INFO L93 Difference]: Finished difference Result 75 states and 95 transitions. [2022-02-20 18:09:06,035 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 95 transitions. [2022-02-20 18:09:06,036 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:06,036 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:06,038 INFO L74 IsIncluded]: Start isIncluded. First operand has 75 states, 54 states have (on average 1.3148148148148149) internal successors, (71), 61 states have internal predecessors, (71), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 8 states have call predecessors, (12), 12 states have call successors, (12) Second operand 75 states. [2022-02-20 18:09:06,039 INFO L87 Difference]: Start difference. First operand has 75 states, 54 states have (on average 1.3148148148148149) internal successors, (71), 61 states have internal predecessors, (71), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 8 states have call predecessors, (12), 12 states have call successors, (12) Second operand 75 states. [2022-02-20 18:09:06,044 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:06,044 INFO L93 Difference]: Finished difference Result 75 states and 95 transitions. [2022-02-20 18:09:06,044 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 95 transitions. [2022-02-20 18:09:06,047 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:06,047 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:06,047 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:06,048 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:06,048 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 75 states, 54 states have (on average 1.3148148148148149) internal successors, (71), 61 states have internal predecessors, (71), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 8 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:06,054 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 75 states to 75 states and 95 transitions. [2022-02-20 18:09:06,055 INFO L78 Accepts]: Start accepts. Automaton has 75 states and 95 transitions. Word has length 26 [2022-02-20 18:09:06,055 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:06,058 INFO L470 AbstractCegarLoop]: Abstraction has 75 states and 95 transitions. [2022-02-20 18:09:06,058 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:06,059 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 95 transitions. [2022-02-20 18:09:06,059 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-02-20 18:09:06,060 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:06,060 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:06,060 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-02-20 18:09:06,060 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:06,069 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:06,073 INFO L85 PathProgramCache]: Analyzing trace with hash -809418228, now seen corresponding path program 1 times [2022-02-20 18:09:06,073 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:06,073 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [818735341] [2022-02-20 18:09:06,073 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:06,074 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:06,119 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:06,226 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-02-20 18:09:06,231 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:06,238 INFO L290 TraceCheckUtils]: 0: Hoare triple {1107#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {1107#true} is VALID [2022-02-20 18:09:06,238 INFO L290 TraceCheckUtils]: 1: Hoare triple {1107#true} assume true; {1107#true} is VALID [2022-02-20 18:09:06,238 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1107#true} {1108#false} #231#return; {1108#false} is VALID [2022-02-20 18:09:06,241 INFO L290 TraceCheckUtils]: 0: Hoare triple {1107#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(30, 9);call #Ultimate.allocInit(9, 10);call #Ultimate.allocInit(21, 11);call #Ultimate.allocInit(30, 12);call #Ultimate.allocInit(9, 13);call #Ultimate.allocInit(21, 14);call #Ultimate.allocInit(30, 15);call #Ultimate.allocInit(9, 16);call #Ultimate.allocInit(25, 17);call #Ultimate.allocInit(30, 18);call #Ultimate.allocInit(9, 19);call #Ultimate.allocInit(25, 20);call #Ultimate.allocInit(13, 21);call #Ultimate.allocInit(3, 22);call write~init~int(79, 22, 0, 1);call write~init~int(110, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(4, 23);call write~init~int(79, 23, 0, 1);call write~init~int(102, 23, 1, 1);call write~init~int(102, 23, 2, 1);call write~init~int(0, 23, 3, 1);call #Ultimate.allocInit(7, 24);call write~init~int(44, 24, 0, 1);call write~init~int(80, 24, 1, 1);call write~init~int(117, 24, 2, 1);call write~init~int(109, 24, 3, 1);call write~init~int(112, 24, 4, 1);call write~init~int(58, 24, 5, 1);call write~init~int(0, 24, 6, 1);call #Ultimate.allocInit(3, 25);call write~init~int(79, 25, 0, 1);call write~init~int(110, 25, 1, 1);call write~init~int(0, 25, 2, 1);call #Ultimate.allocInit(4, 26);call write~init~int(79, 26, 0, 1);call write~init~int(102, 26, 1, 1);call write~init~int(102, 26, 2, 1);call write~init~int(0, 26, 3, 1);call #Ultimate.allocInit(3, 27);call write~init~int(41, 27, 0, 1);call write~init~int(32, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(10, 28, 0, 1);call write~init~int(0, 28, 1, 1);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~head~0.base, ~head~0.offset := 0, 0;~cleanupTimeShifts~0 := 4;~pumpRunning~0 := 0;~systemActive~0 := 1; {1109#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:06,241 INFO L290 TraceCheckUtils]: 1: Hoare triple {1109#(= 1 ~systemActive~0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret36#1, main_~retValue_acc~8#1, main_~tmp~4#1;havoc main_~retValue_acc~8#1;havoc main_~tmp~4#1;assume { :begin_inline_select_helpers } true; {1109#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:06,242 INFO L290 TraceCheckUtils]: 2: Hoare triple {1109#(= 1 ~systemActive~0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1109#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:06,243 INFO L290 TraceCheckUtils]: 3: Hoare triple {1109#(= 1 ~systemActive~0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~7#1;havoc valid_product_~retValue_acc~7#1;valid_product_~retValue_acc~7#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~7#1; {1110#(= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)} is VALID [2022-02-20 18:09:06,244 INFO L290 TraceCheckUtils]: 4: Hoare triple {1110#(= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)} main_#t~ret36#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret36#1 && main_#t~ret36#1 <= 2147483647;main_~tmp~4#1 := main_#t~ret36#1;havoc main_#t~ret36#1; {1111#(= |ULTIMATE.start_main_~tmp~4#1| ~systemActive~0)} is VALID [2022-02-20 18:09:06,244 INFO L290 TraceCheckUtils]: 5: Hoare triple {1111#(= |ULTIMATE.start_main_~tmp~4#1| ~systemActive~0)} assume 0 != main_~tmp~4#1;assume { :begin_inline_setup } true; {1112#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:06,245 INFO L290 TraceCheckUtils]: 6: Hoare triple {1112#(not (= 0 ~systemActive~0))} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet50#1, test_#t~nondet51#1, test_#t~nondet52#1, test_#t~nondet53#1, test_~splverifierCounter~0#1, test_~tmp~9#1, test_~tmp___0~2#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~9#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {1112#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:06,245 INFO L290 TraceCheckUtils]: 7: Hoare triple {1112#(not (= 0 ~systemActive~0))} assume !false; {1112#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:06,246 INFO L290 TraceCheckUtils]: 8: Hoare triple {1112#(not (= 0 ~systemActive~0))} assume test_~splverifierCounter~0#1 < 4; {1112#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:06,246 INFO L290 TraceCheckUtils]: 9: Hoare triple {1112#(not (= 0 ~systemActive~0))} assume -2147483648 <= test_#t~nondet50#1 && test_#t~nondet50#1 <= 2147483647;test_~tmp~9#1 := test_#t~nondet50#1;havoc test_#t~nondet50#1; {1112#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:06,247 INFO L290 TraceCheckUtils]: 10: Hoare triple {1112#(not (= 0 ~systemActive~0))} assume !(0 != test_~tmp~9#1); {1112#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:06,247 INFO L290 TraceCheckUtils]: 11: Hoare triple {1112#(not (= 0 ~systemActive~0))} assume -2147483648 <= test_#t~nondet51#1 && test_#t~nondet51#1 <= 2147483647;test_~tmp___0~2#1 := test_#t~nondet51#1;havoc test_#t~nondet51#1; {1112#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:06,248 INFO L290 TraceCheckUtils]: 12: Hoare triple {1112#(not (= 0 ~systemActive~0))} assume !(0 != test_~tmp___0~2#1); {1112#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:06,248 INFO L290 TraceCheckUtils]: 13: Hoare triple {1112#(not (= 0 ~systemActive~0))} assume -2147483648 <= test_#t~nondet52#1 && test_#t~nondet52#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet52#1;havoc test_#t~nondet52#1; {1112#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:06,252 INFO L290 TraceCheckUtils]: 14: Hoare triple {1112#(not (= 0 ~systemActive~0))} assume 0 != test_~tmp___2~0#1; {1112#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:06,253 INFO L272 TraceCheckUtils]: 15: Hoare triple {1112#(not (= 0 ~systemActive~0))} call timeShift(); {1112#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:06,253 INFO L290 TraceCheckUtils]: 16: Hoare triple {1112#(not (= 0 ~systemActive~0))} assume !(0 != ~pumpRunning~0); {1112#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:06,253 INFO L290 TraceCheckUtils]: 17: Hoare triple {1112#(not (= 0 ~systemActive~0))} assume !(0 != ~systemActive~0); {1108#false} is VALID [2022-02-20 18:09:06,254 INFO L290 TraceCheckUtils]: 18: Hoare triple {1108#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret4#1, __utac_acc__Specification3_spec__1_#t~ret5#1, __utac_acc__Specification3_spec__1_#t~ret6#1, __utac_acc__Specification3_spec__1_~tmp~0#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {1108#false} is VALID [2022-02-20 18:09:06,254 INFO L272 TraceCheckUtils]: 19: Hoare triple {1108#false} call __utac_acc__Specification3_spec__1_#t~ret4#1 := isMethaneLevelCritical(); {1107#true} is VALID [2022-02-20 18:09:06,254 INFO L290 TraceCheckUtils]: 20: Hoare triple {1107#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {1107#true} is VALID [2022-02-20 18:09:06,255 INFO L290 TraceCheckUtils]: 21: Hoare triple {1107#true} assume true; {1107#true} is VALID [2022-02-20 18:09:06,255 INFO L284 TraceCheckUtils]: 22: Hoare quadruple {1107#true} {1108#false} #231#return; {1108#false} is VALID [2022-02-20 18:09:06,255 INFO L290 TraceCheckUtils]: 23: Hoare triple {1108#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret4#1 && __utac_acc__Specification3_spec__1_#t~ret4#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~0#1 := __utac_acc__Specification3_spec__1_#t~ret4#1;havoc __utac_acc__Specification3_spec__1_#t~ret4#1; {1108#false} is VALID [2022-02-20 18:09:06,255 INFO L290 TraceCheckUtils]: 24: Hoare triple {1108#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~0#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~1#1;havoc getWaterLevel_~retValue_acc~1#1;getWaterLevel_~retValue_acc~1#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; {1108#false} is VALID [2022-02-20 18:09:06,255 INFO L290 TraceCheckUtils]: 25: Hoare triple {1108#false} __utac_acc__Specification3_spec__1_#t~ret5#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret5#1 && __utac_acc__Specification3_spec__1_#t~ret5#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret5#1;havoc __utac_acc__Specification3_spec__1_#t~ret5#1; {1108#false} is VALID [2022-02-20 18:09:06,256 INFO L290 TraceCheckUtils]: 26: Hoare triple {1108#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~10#1;havoc isPumpRunning_~retValue_acc~10#1;isPumpRunning_~retValue_acc~10#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~10#1; {1108#false} is VALID [2022-02-20 18:09:06,256 INFO L290 TraceCheckUtils]: 27: Hoare triple {1108#false} __utac_acc__Specification3_spec__1_#t~ret6#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret6#1 && __utac_acc__Specification3_spec__1_#t~ret6#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret6#1;havoc __utac_acc__Specification3_spec__1_#t~ret6#1; {1108#false} is VALID [2022-02-20 18:09:06,256 INFO L290 TraceCheckUtils]: 28: Hoare triple {1108#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {1108#false} is VALID [2022-02-20 18:09:06,256 INFO L290 TraceCheckUtils]: 29: Hoare triple {1108#false} assume !false; {1108#false} is VALID [2022-02-20 18:09:06,257 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:06,257 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:06,258 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [818735341] [2022-02-20 18:09:06,258 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [818735341] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:06,258 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:06,258 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 18:09:06,259 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [120639339] [2022-02-20 18:09:06,259 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:06,259 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:09:06,260 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:06,260 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:06,284 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 30 edges. 30 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:06,285 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 18:09:06,285 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:06,285 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 18:09:06,286 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-02-20 18:09:06,286 INFO L87 Difference]: Start difference. First operand 75 states and 95 transitions. Second operand has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:06,628 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:06,628 INFO L93 Difference]: Finished difference Result 143 states and 184 transitions. [2022-02-20 18:09:06,628 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 18:09:06,629 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:09:06,629 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:06,629 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:06,633 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 184 transitions. [2022-02-20 18:09:06,633 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:06,637 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 184 transitions. [2022-02-20 18:09:06,637 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 184 transitions. [2022-02-20 18:09:06,799 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 184 edges. 184 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:06,801 INFO L225 Difference]: With dead ends: 143 [2022-02-20 18:09:06,802 INFO L226 Difference]: Without dead ends: 75 [2022-02-20 18:09:06,802 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2022-02-20 18:09:06,804 INFO L933 BasicCegarLoop]: 88 mSDtfsCounter, 177 mSDsluCounter, 102 mSDsCounter, 0 mSdLazyCounter, 53 mSolverCounterSat, 33 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 177 SdHoareTripleChecker+Valid, 190 SdHoareTripleChecker+Invalid, 86 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 33 IncrementalHoareTripleChecker+Valid, 53 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:06,804 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [177 Valid, 190 Invalid, 86 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [33 Valid, 53 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 18:09:06,805 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 75 states. [2022-02-20 18:09:06,810 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 75 to 75. [2022-02-20 18:09:06,810 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:06,811 INFO L82 GeneralOperation]: Start isEquivalent. First operand 75 states. Second operand has 75 states, 54 states have (on average 1.2962962962962963) internal successors, (70), 61 states have internal predecessors, (70), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 8 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:06,811 INFO L74 IsIncluded]: Start isIncluded. First operand 75 states. Second operand has 75 states, 54 states have (on average 1.2962962962962963) internal successors, (70), 61 states have internal predecessors, (70), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 8 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:06,811 INFO L87 Difference]: Start difference. First operand 75 states. Second operand has 75 states, 54 states have (on average 1.2962962962962963) internal successors, (70), 61 states have internal predecessors, (70), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 8 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:06,814 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:06,815 INFO L93 Difference]: Finished difference Result 75 states and 94 transitions. [2022-02-20 18:09:06,815 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 94 transitions. [2022-02-20 18:09:06,815 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:06,815 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:06,816 INFO L74 IsIncluded]: Start isIncluded. First operand has 75 states, 54 states have (on average 1.2962962962962963) internal successors, (70), 61 states have internal predecessors, (70), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 8 states have call predecessors, (12), 12 states have call successors, (12) Second operand 75 states. [2022-02-20 18:09:06,816 INFO L87 Difference]: Start difference. First operand has 75 states, 54 states have (on average 1.2962962962962963) internal successors, (70), 61 states have internal predecessors, (70), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 8 states have call predecessors, (12), 12 states have call successors, (12) Second operand 75 states. [2022-02-20 18:09:06,819 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:06,819 INFO L93 Difference]: Finished difference Result 75 states and 94 transitions. [2022-02-20 18:09:06,820 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 94 transitions. [2022-02-20 18:09:06,820 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:06,820 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:06,820 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:06,820 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:06,821 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 75 states, 54 states have (on average 1.2962962962962963) internal successors, (70), 61 states have internal predecessors, (70), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 8 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:06,824 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 75 states to 75 states and 94 transitions. [2022-02-20 18:09:06,824 INFO L78 Accepts]: Start accepts. Automaton has 75 states and 94 transitions. Word has length 30 [2022-02-20 18:09:06,824 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:06,824 INFO L470 AbstractCegarLoop]: Abstraction has 75 states and 94 transitions. [2022-02-20 18:09:06,825 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:06,825 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 94 transitions. [2022-02-20 18:09:06,825 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2022-02-20 18:09:06,826 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:06,826 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:06,826 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-02-20 18:09:06,826 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:06,827 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:06,827 INFO L85 PathProgramCache]: Analyzing trace with hash 1591783388, now seen corresponding path program 1 times [2022-02-20 18:09:06,827 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:06,827 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1927980642] [2022-02-20 18:09:06,828 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:06,828 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:06,864 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:06,919 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-02-20 18:09:06,921 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:06,924 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-02-20 18:09:06,925 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:06,927 INFO L290 TraceCheckUtils]: 0: Hoare triple {1582#true} assume true; {1582#true} is VALID [2022-02-20 18:09:06,928 INFO L284 TraceCheckUtils]: 1: Hoare quadruple {1582#true} {1582#true} #249#return; {1582#true} is VALID [2022-02-20 18:09:06,928 INFO L290 TraceCheckUtils]: 0: Hoare triple {1597#(= ~pumpRunning~0 |old(~pumpRunning~0)|)} havoc ~tmp~5#1; {1582#true} is VALID [2022-02-20 18:09:06,928 INFO L290 TraceCheckUtils]: 1: Hoare triple {1582#true} assume !(0 != ~pumpRunning~0); {1582#true} is VALID [2022-02-20 18:09:06,928 INFO L272 TraceCheckUtils]: 2: Hoare triple {1582#true} call processEnvironment__wrappee__base(); {1582#true} is VALID [2022-02-20 18:09:06,929 INFO L290 TraceCheckUtils]: 3: Hoare triple {1582#true} assume true; {1582#true} is VALID [2022-02-20 18:09:06,929 INFO L284 TraceCheckUtils]: 4: Hoare quadruple {1582#true} {1582#true} #249#return; {1582#true} is VALID [2022-02-20 18:09:06,929 INFO L290 TraceCheckUtils]: 5: Hoare triple {1582#true} assume true; {1582#true} is VALID [2022-02-20 18:09:06,930 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {1582#true} {1584#(= ~waterLevel~0 1)} #229#return; {1584#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:06,930 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2022-02-20 18:09:06,932 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:06,936 INFO L290 TraceCheckUtils]: 0: Hoare triple {1582#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {1582#true} is VALID [2022-02-20 18:09:06,936 INFO L290 TraceCheckUtils]: 1: Hoare triple {1582#true} assume true; {1582#true} is VALID [2022-02-20 18:09:06,937 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1582#true} {1584#(= ~waterLevel~0 1)} #231#return; {1584#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:06,938 INFO L290 TraceCheckUtils]: 0: Hoare triple {1582#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(30, 9);call #Ultimate.allocInit(9, 10);call #Ultimate.allocInit(21, 11);call #Ultimate.allocInit(30, 12);call #Ultimate.allocInit(9, 13);call #Ultimate.allocInit(21, 14);call #Ultimate.allocInit(30, 15);call #Ultimate.allocInit(9, 16);call #Ultimate.allocInit(25, 17);call #Ultimate.allocInit(30, 18);call #Ultimate.allocInit(9, 19);call #Ultimate.allocInit(25, 20);call #Ultimate.allocInit(13, 21);call #Ultimate.allocInit(3, 22);call write~init~int(79, 22, 0, 1);call write~init~int(110, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(4, 23);call write~init~int(79, 23, 0, 1);call write~init~int(102, 23, 1, 1);call write~init~int(102, 23, 2, 1);call write~init~int(0, 23, 3, 1);call #Ultimate.allocInit(7, 24);call write~init~int(44, 24, 0, 1);call write~init~int(80, 24, 1, 1);call write~init~int(117, 24, 2, 1);call write~init~int(109, 24, 3, 1);call write~init~int(112, 24, 4, 1);call write~init~int(58, 24, 5, 1);call write~init~int(0, 24, 6, 1);call #Ultimate.allocInit(3, 25);call write~init~int(79, 25, 0, 1);call write~init~int(110, 25, 1, 1);call write~init~int(0, 25, 2, 1);call #Ultimate.allocInit(4, 26);call write~init~int(79, 26, 0, 1);call write~init~int(102, 26, 1, 1);call write~init~int(102, 26, 2, 1);call write~init~int(0, 26, 3, 1);call #Ultimate.allocInit(3, 27);call write~init~int(41, 27, 0, 1);call write~init~int(32, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(10, 28, 0, 1);call write~init~int(0, 28, 1, 1);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~head~0.base, ~head~0.offset := 0, 0;~cleanupTimeShifts~0 := 4;~pumpRunning~0 := 0;~systemActive~0 := 1; {1584#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:06,940 INFO L290 TraceCheckUtils]: 1: Hoare triple {1584#(= ~waterLevel~0 1)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret36#1, main_~retValue_acc~8#1, main_~tmp~4#1;havoc main_~retValue_acc~8#1;havoc main_~tmp~4#1;assume { :begin_inline_select_helpers } true; {1584#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:06,940 INFO L290 TraceCheckUtils]: 2: Hoare triple {1584#(= ~waterLevel~0 1)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1584#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:06,940 INFO L290 TraceCheckUtils]: 3: Hoare triple {1584#(= ~waterLevel~0 1)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~7#1;havoc valid_product_~retValue_acc~7#1;valid_product_~retValue_acc~7#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~7#1; {1584#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:06,941 INFO L290 TraceCheckUtils]: 4: Hoare triple {1584#(= ~waterLevel~0 1)} main_#t~ret36#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret36#1 && main_#t~ret36#1 <= 2147483647;main_~tmp~4#1 := main_#t~ret36#1;havoc main_#t~ret36#1; {1584#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:06,941 INFO L290 TraceCheckUtils]: 5: Hoare triple {1584#(= ~waterLevel~0 1)} assume 0 != main_~tmp~4#1;assume { :begin_inline_setup } true; {1584#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:06,942 INFO L290 TraceCheckUtils]: 6: Hoare triple {1584#(= ~waterLevel~0 1)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet50#1, test_#t~nondet51#1, test_#t~nondet52#1, test_#t~nondet53#1, test_~splverifierCounter~0#1, test_~tmp~9#1, test_~tmp___0~2#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~9#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {1584#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:06,942 INFO L290 TraceCheckUtils]: 7: Hoare triple {1584#(= ~waterLevel~0 1)} assume !false; {1584#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:06,943 INFO L290 TraceCheckUtils]: 8: Hoare triple {1584#(= ~waterLevel~0 1)} assume test_~splverifierCounter~0#1 < 4; {1584#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:06,943 INFO L290 TraceCheckUtils]: 9: Hoare triple {1584#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet50#1 && test_#t~nondet50#1 <= 2147483647;test_~tmp~9#1 := test_#t~nondet50#1;havoc test_#t~nondet50#1; {1584#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:06,944 INFO L290 TraceCheckUtils]: 10: Hoare triple {1584#(= ~waterLevel~0 1)} assume !(0 != test_~tmp~9#1); {1584#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:06,944 INFO L290 TraceCheckUtils]: 11: Hoare triple {1584#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet51#1 && test_#t~nondet51#1 <= 2147483647;test_~tmp___0~2#1 := test_#t~nondet51#1;havoc test_#t~nondet51#1; {1584#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:06,944 INFO L290 TraceCheckUtils]: 12: Hoare triple {1584#(= ~waterLevel~0 1)} assume !(0 != test_~tmp___0~2#1); {1584#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:06,945 INFO L290 TraceCheckUtils]: 13: Hoare triple {1584#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet52#1 && test_#t~nondet52#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet52#1;havoc test_#t~nondet52#1; {1584#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:06,946 INFO L290 TraceCheckUtils]: 14: Hoare triple {1584#(= ~waterLevel~0 1)} assume 0 != test_~tmp___2~0#1; {1584#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:06,946 INFO L272 TraceCheckUtils]: 15: Hoare triple {1584#(= ~waterLevel~0 1)} call timeShift(); {1584#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:06,947 INFO L290 TraceCheckUtils]: 16: Hoare triple {1584#(= ~waterLevel~0 1)} assume !(0 != ~pumpRunning~0); {1584#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:06,948 INFO L290 TraceCheckUtils]: 17: Hoare triple {1584#(= ~waterLevel~0 1)} assume 0 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret38#1, processEnvironment_~tmp~6#1;havoc processEnvironment_~tmp~6#1; {1584#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:06,956 INFO L290 TraceCheckUtils]: 18: Hoare triple {1584#(= ~waterLevel~0 1)} assume !(0 != ~pumpRunning~0); {1584#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:06,957 INFO L272 TraceCheckUtils]: 19: Hoare triple {1584#(= ~waterLevel~0 1)} call processEnvironment__wrappee__methaneQuery(); {1597#(= ~pumpRunning~0 |old(~pumpRunning~0)|)} is VALID [2022-02-20 18:09:06,957 INFO L290 TraceCheckUtils]: 20: Hoare triple {1597#(= ~pumpRunning~0 |old(~pumpRunning~0)|)} havoc ~tmp~5#1; {1582#true} is VALID [2022-02-20 18:09:06,957 INFO L290 TraceCheckUtils]: 21: Hoare triple {1582#true} assume !(0 != ~pumpRunning~0); {1582#true} is VALID [2022-02-20 18:09:06,957 INFO L272 TraceCheckUtils]: 22: Hoare triple {1582#true} call processEnvironment__wrappee__base(); {1582#true} is VALID [2022-02-20 18:09:06,958 INFO L290 TraceCheckUtils]: 23: Hoare triple {1582#true} assume true; {1582#true} is VALID [2022-02-20 18:09:06,958 INFO L284 TraceCheckUtils]: 24: Hoare quadruple {1582#true} {1582#true} #249#return; {1582#true} is VALID [2022-02-20 18:09:06,958 INFO L290 TraceCheckUtils]: 25: Hoare triple {1582#true} assume true; {1582#true} is VALID [2022-02-20 18:09:06,959 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {1582#true} {1584#(= ~waterLevel~0 1)} #229#return; {1584#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:06,959 INFO L290 TraceCheckUtils]: 27: Hoare triple {1584#(= ~waterLevel~0 1)} assume { :end_inline_processEnvironment } true; {1584#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:06,959 INFO L290 TraceCheckUtils]: 28: Hoare triple {1584#(= ~waterLevel~0 1)} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret4#1, __utac_acc__Specification3_spec__1_#t~ret5#1, __utac_acc__Specification3_spec__1_#t~ret6#1, __utac_acc__Specification3_spec__1_~tmp~0#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {1584#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:06,960 INFO L272 TraceCheckUtils]: 29: Hoare triple {1584#(= ~waterLevel~0 1)} call __utac_acc__Specification3_spec__1_#t~ret4#1 := isMethaneLevelCritical(); {1582#true} is VALID [2022-02-20 18:09:06,960 INFO L290 TraceCheckUtils]: 30: Hoare triple {1582#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {1582#true} is VALID [2022-02-20 18:09:06,960 INFO L290 TraceCheckUtils]: 31: Hoare triple {1582#true} assume true; {1582#true} is VALID [2022-02-20 18:09:06,961 INFO L284 TraceCheckUtils]: 32: Hoare quadruple {1582#true} {1584#(= ~waterLevel~0 1)} #231#return; {1584#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:06,961 INFO L290 TraceCheckUtils]: 33: Hoare triple {1584#(= ~waterLevel~0 1)} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret4#1 && __utac_acc__Specification3_spec__1_#t~ret4#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~0#1 := __utac_acc__Specification3_spec__1_#t~ret4#1;havoc __utac_acc__Specification3_spec__1_#t~ret4#1; {1584#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:06,962 INFO L290 TraceCheckUtils]: 34: Hoare triple {1584#(= ~waterLevel~0 1)} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~0#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~1#1;havoc getWaterLevel_~retValue_acc~1#1;getWaterLevel_~retValue_acc~1#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; {1595#(= |timeShift_getWaterLevel_#res#1| 1)} is VALID [2022-02-20 18:09:06,962 INFO L290 TraceCheckUtils]: 35: Hoare triple {1595#(= |timeShift_getWaterLevel_#res#1| 1)} __utac_acc__Specification3_spec__1_#t~ret5#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret5#1 && __utac_acc__Specification3_spec__1_#t~ret5#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret5#1;havoc __utac_acc__Specification3_spec__1_#t~ret5#1; {1596#(= (+ (- 1) |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1|) 0)} is VALID [2022-02-20 18:09:06,963 INFO L290 TraceCheckUtils]: 36: Hoare triple {1596#(= (+ (- 1) |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1|) 0)} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~10#1;havoc isPumpRunning_~retValue_acc~10#1;isPumpRunning_~retValue_acc~10#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~10#1; {1583#false} is VALID [2022-02-20 18:09:06,963 INFO L290 TraceCheckUtils]: 37: Hoare triple {1583#false} __utac_acc__Specification3_spec__1_#t~ret6#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret6#1 && __utac_acc__Specification3_spec__1_#t~ret6#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret6#1;havoc __utac_acc__Specification3_spec__1_#t~ret6#1; {1583#false} is VALID [2022-02-20 18:09:06,963 INFO L290 TraceCheckUtils]: 38: Hoare triple {1583#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {1583#false} is VALID [2022-02-20 18:09:06,964 INFO L290 TraceCheckUtils]: 39: Hoare triple {1583#false} assume !false; {1583#false} is VALID [2022-02-20 18:09:06,964 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:06,964 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:06,964 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1927980642] [2022-02-20 18:09:06,965 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1927980642] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:06,965 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:06,965 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 18:09:06,965 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2026146865] [2022-02-20 18:09:06,965 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:06,966 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.5) internal successors, (33), 5 states have internal predecessors, (33), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 40 [2022-02-20 18:09:06,966 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:06,966 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 5.5) internal successors, (33), 5 states have internal predecessors, (33), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 18:09:07,006 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 40 edges. 40 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:07,007 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 18:09:07,007 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:07,008 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 18:09:07,008 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 18:09:07,009 INFO L87 Difference]: Start difference. First operand 75 states and 94 transitions. Second operand has 6 states, 6 states have (on average 5.5) internal successors, (33), 5 states have internal predecessors, (33), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 18:09:07,676 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:07,676 INFO L93 Difference]: Finished difference Result 238 states and 308 transitions. [2022-02-20 18:09:07,676 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2022-02-20 18:09:07,677 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.5) internal successors, (33), 5 states have internal predecessors, (33), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 40 [2022-02-20 18:09:07,677 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:07,677 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 5.5) internal successors, (33), 5 states have internal predecessors, (33), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 18:09:07,684 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 308 transitions. [2022-02-20 18:09:07,684 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 5.5) internal successors, (33), 5 states have internal predecessors, (33), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 18:09:07,690 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 308 transitions. [2022-02-20 18:09:07,691 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states and 308 transitions. [2022-02-20 18:09:07,949 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 308 edges. 308 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:07,957 INFO L225 Difference]: With dead ends: 238 [2022-02-20 18:09:07,958 INFO L226 Difference]: Without dead ends: 170 [2022-02-20 18:09:07,959 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=40, Invalid=70, Unknown=0, NotChecked=0, Total=110 [2022-02-20 18:09:07,968 INFO L933 BasicCegarLoop]: 91 mSDtfsCounter, 138 mSDsluCounter, 229 mSDsCounter, 0 mSdLazyCounter, 181 mSolverCounterSat, 52 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 144 SdHoareTripleChecker+Valid, 320 SdHoareTripleChecker+Invalid, 233 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 52 IncrementalHoareTripleChecker+Valid, 181 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:07,969 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [144 Valid, 320 Invalid, 233 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [52 Valid, 181 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 18:09:07,972 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 170 states. [2022-02-20 18:09:07,991 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 170 to 136. [2022-02-20 18:09:07,991 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:07,992 INFO L82 GeneralOperation]: Start isEquivalent. First operand 170 states. Second operand has 136 states, 96 states have (on average 1.2916666666666667) internal successors, (124), 108 states have internal predecessors, (124), 24 states have call successors, (24), 16 states have call predecessors, (24), 15 states have return successors, (25), 15 states have call predecessors, (25), 24 states have call successors, (25) [2022-02-20 18:09:07,993 INFO L74 IsIncluded]: Start isIncluded. First operand 170 states. Second operand has 136 states, 96 states have (on average 1.2916666666666667) internal successors, (124), 108 states have internal predecessors, (124), 24 states have call successors, (24), 16 states have call predecessors, (24), 15 states have return successors, (25), 15 states have call predecessors, (25), 24 states have call successors, (25) [2022-02-20 18:09:07,995 INFO L87 Difference]: Start difference. First operand 170 states. Second operand has 136 states, 96 states have (on average 1.2916666666666667) internal successors, (124), 108 states have internal predecessors, (124), 24 states have call successors, (24), 16 states have call predecessors, (24), 15 states have return successors, (25), 15 states have call predecessors, (25), 24 states have call successors, (25) [2022-02-20 18:09:08,002 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:08,003 INFO L93 Difference]: Finished difference Result 170 states and 215 transitions. [2022-02-20 18:09:08,003 INFO L276 IsEmpty]: Start isEmpty. Operand 170 states and 215 transitions. [2022-02-20 18:09:08,004 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:08,004 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:08,006 INFO L74 IsIncluded]: Start isIncluded. First operand has 136 states, 96 states have (on average 1.2916666666666667) internal successors, (124), 108 states have internal predecessors, (124), 24 states have call successors, (24), 16 states have call predecessors, (24), 15 states have return successors, (25), 15 states have call predecessors, (25), 24 states have call successors, (25) Second operand 170 states. [2022-02-20 18:09:08,009 INFO L87 Difference]: Start difference. First operand has 136 states, 96 states have (on average 1.2916666666666667) internal successors, (124), 108 states have internal predecessors, (124), 24 states have call successors, (24), 16 states have call predecessors, (24), 15 states have return successors, (25), 15 states have call predecessors, (25), 24 states have call successors, (25) Second operand 170 states. [2022-02-20 18:09:08,017 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:08,017 INFO L93 Difference]: Finished difference Result 170 states and 215 transitions. [2022-02-20 18:09:08,017 INFO L276 IsEmpty]: Start isEmpty. Operand 170 states and 215 transitions. [2022-02-20 18:09:08,019 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:08,019 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:08,019 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:08,019 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:08,020 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 136 states, 96 states have (on average 1.2916666666666667) internal successors, (124), 108 states have internal predecessors, (124), 24 states have call successors, (24), 16 states have call predecessors, (24), 15 states have return successors, (25), 15 states have call predecessors, (25), 24 states have call successors, (25) [2022-02-20 18:09:08,024 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 136 states to 136 states and 173 transitions. [2022-02-20 18:09:08,025 INFO L78 Accepts]: Start accepts. Automaton has 136 states and 173 transitions. Word has length 40 [2022-02-20 18:09:08,025 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:08,025 INFO L470 AbstractCegarLoop]: Abstraction has 136 states and 173 transitions. [2022-02-20 18:09:08,025 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.5) internal successors, (33), 5 states have internal predecessors, (33), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 18:09:08,026 INFO L276 IsEmpty]: Start isEmpty. Operand 136 states and 173 transitions. [2022-02-20 18:09:08,027 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2022-02-20 18:09:08,027 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:08,027 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:08,027 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-02-20 18:09:08,027 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:08,028 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:08,028 INFO L85 PathProgramCache]: Analyzing trace with hash -911909919, now seen corresponding path program 1 times [2022-02-20 18:09:08,028 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:08,028 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1470869548] [2022-02-20 18:09:08,028 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:08,028 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:08,054 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:08,077 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2022-02-20 18:09:08,078 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:08,083 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-02-20 18:09:08,084 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:08,087 INFO L290 TraceCheckUtils]: 0: Hoare triple {2482#true} assume true; {2482#true} is VALID [2022-02-20 18:09:08,087 INFO L284 TraceCheckUtils]: 1: Hoare quadruple {2482#true} {2482#true} #249#return; {2482#true} is VALID [2022-02-20 18:09:08,087 INFO L290 TraceCheckUtils]: 0: Hoare triple {2495#(= ~pumpRunning~0 |old(~pumpRunning~0)|)} havoc ~tmp~5#1; {2482#true} is VALID [2022-02-20 18:09:08,088 INFO L290 TraceCheckUtils]: 1: Hoare triple {2482#true} assume !(0 != ~pumpRunning~0); {2482#true} is VALID [2022-02-20 18:09:08,088 INFO L272 TraceCheckUtils]: 2: Hoare triple {2482#true} call processEnvironment__wrappee__base(); {2482#true} is VALID [2022-02-20 18:09:08,088 INFO L290 TraceCheckUtils]: 3: Hoare triple {2482#true} assume true; {2482#true} is VALID [2022-02-20 18:09:08,088 INFO L284 TraceCheckUtils]: 4: Hoare quadruple {2482#true} {2482#true} #249#return; {2482#true} is VALID [2022-02-20 18:09:08,088 INFO L290 TraceCheckUtils]: 5: Hoare triple {2482#true} assume true; {2482#true} is VALID [2022-02-20 18:09:08,088 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {2482#true} {2483#false} #229#return; {2483#false} is VALID [2022-02-20 18:09:08,089 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2022-02-20 18:09:08,090 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:08,092 INFO L290 TraceCheckUtils]: 0: Hoare triple {2482#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {2482#true} is VALID [2022-02-20 18:09:08,092 INFO L290 TraceCheckUtils]: 1: Hoare triple {2482#true} assume true; {2482#true} is VALID [2022-02-20 18:09:08,093 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {2482#true} {2483#false} #231#return; {2483#false} is VALID [2022-02-20 18:09:08,093 INFO L290 TraceCheckUtils]: 0: Hoare triple {2482#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(30, 9);call #Ultimate.allocInit(9, 10);call #Ultimate.allocInit(21, 11);call #Ultimate.allocInit(30, 12);call #Ultimate.allocInit(9, 13);call #Ultimate.allocInit(21, 14);call #Ultimate.allocInit(30, 15);call #Ultimate.allocInit(9, 16);call #Ultimate.allocInit(25, 17);call #Ultimate.allocInit(30, 18);call #Ultimate.allocInit(9, 19);call #Ultimate.allocInit(25, 20);call #Ultimate.allocInit(13, 21);call #Ultimate.allocInit(3, 22);call write~init~int(79, 22, 0, 1);call write~init~int(110, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(4, 23);call write~init~int(79, 23, 0, 1);call write~init~int(102, 23, 1, 1);call write~init~int(102, 23, 2, 1);call write~init~int(0, 23, 3, 1);call #Ultimate.allocInit(7, 24);call write~init~int(44, 24, 0, 1);call write~init~int(80, 24, 1, 1);call write~init~int(117, 24, 2, 1);call write~init~int(109, 24, 3, 1);call write~init~int(112, 24, 4, 1);call write~init~int(58, 24, 5, 1);call write~init~int(0, 24, 6, 1);call #Ultimate.allocInit(3, 25);call write~init~int(79, 25, 0, 1);call write~init~int(110, 25, 1, 1);call write~init~int(0, 25, 2, 1);call #Ultimate.allocInit(4, 26);call write~init~int(79, 26, 0, 1);call write~init~int(102, 26, 1, 1);call write~init~int(102, 26, 2, 1);call write~init~int(0, 26, 3, 1);call #Ultimate.allocInit(3, 27);call write~init~int(41, 27, 0, 1);call write~init~int(32, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(10, 28, 0, 1);call write~init~int(0, 28, 1, 1);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~head~0.base, ~head~0.offset := 0, 0;~cleanupTimeShifts~0 := 4;~pumpRunning~0 := 0;~systemActive~0 := 1; {2484#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:08,094 INFO L290 TraceCheckUtils]: 1: Hoare triple {2484#(= ~pumpRunning~0 0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret36#1, main_~retValue_acc~8#1, main_~tmp~4#1;havoc main_~retValue_acc~8#1;havoc main_~tmp~4#1;assume { :begin_inline_select_helpers } true; {2484#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:08,094 INFO L290 TraceCheckUtils]: 2: Hoare triple {2484#(= ~pumpRunning~0 0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {2484#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:08,094 INFO L290 TraceCheckUtils]: 3: Hoare triple {2484#(= ~pumpRunning~0 0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~7#1;havoc valid_product_~retValue_acc~7#1;valid_product_~retValue_acc~7#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~7#1; {2484#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:08,095 INFO L290 TraceCheckUtils]: 4: Hoare triple {2484#(= ~pumpRunning~0 0)} main_#t~ret36#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret36#1 && main_#t~ret36#1 <= 2147483647;main_~tmp~4#1 := main_#t~ret36#1;havoc main_#t~ret36#1; {2484#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:08,095 INFO L290 TraceCheckUtils]: 5: Hoare triple {2484#(= ~pumpRunning~0 0)} assume 0 != main_~tmp~4#1;assume { :begin_inline_setup } true; {2484#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:08,096 INFO L290 TraceCheckUtils]: 6: Hoare triple {2484#(= ~pumpRunning~0 0)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet50#1, test_#t~nondet51#1, test_#t~nondet52#1, test_#t~nondet53#1, test_~splverifierCounter~0#1, test_~tmp~9#1, test_~tmp___0~2#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~9#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {2484#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:08,096 INFO L290 TraceCheckUtils]: 7: Hoare triple {2484#(= ~pumpRunning~0 0)} assume !false; {2484#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:08,096 INFO L290 TraceCheckUtils]: 8: Hoare triple {2484#(= ~pumpRunning~0 0)} assume test_~splverifierCounter~0#1 < 4; {2484#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:08,097 INFO L290 TraceCheckUtils]: 9: Hoare triple {2484#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet50#1 && test_#t~nondet50#1 <= 2147483647;test_~tmp~9#1 := test_#t~nondet50#1;havoc test_#t~nondet50#1; {2484#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:08,097 INFO L290 TraceCheckUtils]: 10: Hoare triple {2484#(= ~pumpRunning~0 0)} assume !(0 != test_~tmp~9#1); {2484#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:08,098 INFO L290 TraceCheckUtils]: 11: Hoare triple {2484#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet51#1 && test_#t~nondet51#1 <= 2147483647;test_~tmp___0~2#1 := test_#t~nondet51#1;havoc test_#t~nondet51#1; {2484#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:08,098 INFO L290 TraceCheckUtils]: 12: Hoare triple {2484#(= ~pumpRunning~0 0)} assume !(0 != test_~tmp___0~2#1); {2484#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:08,098 INFO L290 TraceCheckUtils]: 13: Hoare triple {2484#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet52#1 && test_#t~nondet52#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet52#1;havoc test_#t~nondet52#1; {2484#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:08,099 INFO L290 TraceCheckUtils]: 14: Hoare triple {2484#(= ~pumpRunning~0 0)} assume 0 != test_~tmp___2~0#1; {2484#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:08,099 INFO L272 TraceCheckUtils]: 15: Hoare triple {2484#(= ~pumpRunning~0 0)} call timeShift(); {2484#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:08,100 INFO L290 TraceCheckUtils]: 16: Hoare triple {2484#(= ~pumpRunning~0 0)} assume 0 != ~pumpRunning~0;assume { :begin_inline_lowerWaterLevel } true; {2483#false} is VALID [2022-02-20 18:09:08,100 INFO L290 TraceCheckUtils]: 17: Hoare triple {2483#false} assume ~waterLevel~0 > 0;~waterLevel~0 := ~waterLevel~0 - 1; {2483#false} is VALID [2022-02-20 18:09:08,100 INFO L290 TraceCheckUtils]: 18: Hoare triple {2483#false} assume { :end_inline_lowerWaterLevel } true; {2483#false} is VALID [2022-02-20 18:09:08,100 INFO L290 TraceCheckUtils]: 19: Hoare triple {2483#false} assume 0 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret38#1, processEnvironment_~tmp~6#1;havoc processEnvironment_~tmp~6#1; {2483#false} is VALID [2022-02-20 18:09:08,100 INFO L290 TraceCheckUtils]: 20: Hoare triple {2483#false} assume !(0 != ~pumpRunning~0); {2483#false} is VALID [2022-02-20 18:09:08,101 INFO L272 TraceCheckUtils]: 21: Hoare triple {2483#false} call processEnvironment__wrappee__methaneQuery(); {2495#(= ~pumpRunning~0 |old(~pumpRunning~0)|)} is VALID [2022-02-20 18:09:08,101 INFO L290 TraceCheckUtils]: 22: Hoare triple {2495#(= ~pumpRunning~0 |old(~pumpRunning~0)|)} havoc ~tmp~5#1; {2482#true} is VALID [2022-02-20 18:09:08,101 INFO L290 TraceCheckUtils]: 23: Hoare triple {2482#true} assume !(0 != ~pumpRunning~0); {2482#true} is VALID [2022-02-20 18:09:08,101 INFO L272 TraceCheckUtils]: 24: Hoare triple {2482#true} call processEnvironment__wrappee__base(); {2482#true} is VALID [2022-02-20 18:09:08,101 INFO L290 TraceCheckUtils]: 25: Hoare triple {2482#true} assume true; {2482#true} is VALID [2022-02-20 18:09:08,102 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {2482#true} {2482#true} #249#return; {2482#true} is VALID [2022-02-20 18:09:08,102 INFO L290 TraceCheckUtils]: 27: Hoare triple {2482#true} assume true; {2482#true} is VALID [2022-02-20 18:09:08,102 INFO L284 TraceCheckUtils]: 28: Hoare quadruple {2482#true} {2483#false} #229#return; {2483#false} is VALID [2022-02-20 18:09:08,102 INFO L290 TraceCheckUtils]: 29: Hoare triple {2483#false} assume { :end_inline_processEnvironment } true; {2483#false} is VALID [2022-02-20 18:09:08,102 INFO L290 TraceCheckUtils]: 30: Hoare triple {2483#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret4#1, __utac_acc__Specification3_spec__1_#t~ret5#1, __utac_acc__Specification3_spec__1_#t~ret6#1, __utac_acc__Specification3_spec__1_~tmp~0#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {2483#false} is VALID [2022-02-20 18:09:08,102 INFO L272 TraceCheckUtils]: 31: Hoare triple {2483#false} call __utac_acc__Specification3_spec__1_#t~ret4#1 := isMethaneLevelCritical(); {2482#true} is VALID [2022-02-20 18:09:08,103 INFO L290 TraceCheckUtils]: 32: Hoare triple {2482#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {2482#true} is VALID [2022-02-20 18:09:08,103 INFO L290 TraceCheckUtils]: 33: Hoare triple {2482#true} assume true; {2482#true} is VALID [2022-02-20 18:09:08,103 INFO L284 TraceCheckUtils]: 34: Hoare quadruple {2482#true} {2483#false} #231#return; {2483#false} is VALID [2022-02-20 18:09:08,103 INFO L290 TraceCheckUtils]: 35: Hoare triple {2483#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret4#1 && __utac_acc__Specification3_spec__1_#t~ret4#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~0#1 := __utac_acc__Specification3_spec__1_#t~ret4#1;havoc __utac_acc__Specification3_spec__1_#t~ret4#1; {2483#false} is VALID [2022-02-20 18:09:08,103 INFO L290 TraceCheckUtils]: 36: Hoare triple {2483#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~0#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~1#1;havoc getWaterLevel_~retValue_acc~1#1;getWaterLevel_~retValue_acc~1#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; {2483#false} is VALID [2022-02-20 18:09:08,104 INFO L290 TraceCheckUtils]: 37: Hoare triple {2483#false} __utac_acc__Specification3_spec__1_#t~ret5#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret5#1 && __utac_acc__Specification3_spec__1_#t~ret5#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret5#1;havoc __utac_acc__Specification3_spec__1_#t~ret5#1; {2483#false} is VALID [2022-02-20 18:09:08,104 INFO L290 TraceCheckUtils]: 38: Hoare triple {2483#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~10#1;havoc isPumpRunning_~retValue_acc~10#1;isPumpRunning_~retValue_acc~10#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~10#1; {2483#false} is VALID [2022-02-20 18:09:08,104 INFO L290 TraceCheckUtils]: 39: Hoare triple {2483#false} __utac_acc__Specification3_spec__1_#t~ret6#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret6#1 && __utac_acc__Specification3_spec__1_#t~ret6#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret6#1;havoc __utac_acc__Specification3_spec__1_#t~ret6#1; {2483#false} is VALID [2022-02-20 18:09:08,104 INFO L290 TraceCheckUtils]: 40: Hoare triple {2483#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {2483#false} is VALID [2022-02-20 18:09:08,104 INFO L290 TraceCheckUtils]: 41: Hoare triple {2483#false} assume !false; {2483#false} is VALID [2022-02-20 18:09:08,105 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:08,105 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:08,105 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1470869548] [2022-02-20 18:09:08,105 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1470869548] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:08,105 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:08,106 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 18:09:08,106 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1907263358] [2022-02-20 18:09:08,106 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:08,106 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 8.75) internal successors, (35), 3 states have internal predecessors, (35), 3 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 42 [2022-02-20 18:09:08,107 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:08,107 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 4 states have (on average 8.75) internal successors, (35), 3 states have internal predecessors, (35), 3 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 18:09:08,139 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 42 edges. 42 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:08,139 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 18:09:08,139 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:08,140 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 18:09:08,140 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-20 18:09:08,140 INFO L87 Difference]: Start difference. First operand 136 states and 173 transitions. Second operand has 4 states, 4 states have (on average 8.75) internal successors, (35), 3 states have internal predecessors, (35), 3 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 18:09:08,266 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:08,266 INFO L93 Difference]: Finished difference Result 222 states and 285 transitions. [2022-02-20 18:09:08,266 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 18:09:08,267 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 8.75) internal successors, (35), 3 states have internal predecessors, (35), 3 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 42 [2022-02-20 18:09:08,267 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:08,267 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 8.75) internal successors, (35), 3 states have internal predecessors, (35), 3 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 18:09:08,270 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 153 transitions. [2022-02-20 18:09:08,270 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 8.75) internal successors, (35), 3 states have internal predecessors, (35), 3 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 18:09:08,272 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 153 transitions. [2022-02-20 18:09:08,272 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 153 transitions. [2022-02-20 18:09:08,390 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 153 edges. 153 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:08,394 INFO L225 Difference]: With dead ends: 222 [2022-02-20 18:09:08,394 INFO L226 Difference]: Without dead ends: 93 [2022-02-20 18:09:08,395 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-20 18:09:08,398 INFO L933 BasicCegarLoop]: 51 mSDtfsCounter, 65 mSDsluCounter, 19 mSDsCounter, 0 mSdLazyCounter, 14 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 67 SdHoareTripleChecker+Valid, 70 SdHoareTripleChecker+Invalid, 32 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 14 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:08,399 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [67 Valid, 70 Invalid, 32 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 14 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:08,399 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 93 states. [2022-02-20 18:09:08,412 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 93 to 93. [2022-02-20 18:09:08,412 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:08,413 INFO L82 GeneralOperation]: Start isEquivalent. First operand 93 states. Second operand has 93 states, 69 states have (on average 1.2173913043478262) internal successors, (84), 73 states have internal predecessors, (84), 12 states have call successors, (12), 12 states have call predecessors, (12), 11 states have return successors, (12), 11 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:08,413 INFO L74 IsIncluded]: Start isIncluded. First operand 93 states. Second operand has 93 states, 69 states have (on average 1.2173913043478262) internal successors, (84), 73 states have internal predecessors, (84), 12 states have call successors, (12), 12 states have call predecessors, (12), 11 states have return successors, (12), 11 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:08,413 INFO L87 Difference]: Start difference. First operand 93 states. Second operand has 93 states, 69 states have (on average 1.2173913043478262) internal successors, (84), 73 states have internal predecessors, (84), 12 states have call successors, (12), 12 states have call predecessors, (12), 11 states have return successors, (12), 11 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:08,416 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:08,416 INFO L93 Difference]: Finished difference Result 93 states and 108 transitions. [2022-02-20 18:09:08,416 INFO L276 IsEmpty]: Start isEmpty. Operand 93 states and 108 transitions. [2022-02-20 18:09:08,416 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:08,417 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:08,417 INFO L74 IsIncluded]: Start isIncluded. First operand has 93 states, 69 states have (on average 1.2173913043478262) internal successors, (84), 73 states have internal predecessors, (84), 12 states have call successors, (12), 12 states have call predecessors, (12), 11 states have return successors, (12), 11 states have call predecessors, (12), 12 states have call successors, (12) Second operand 93 states. [2022-02-20 18:09:08,417 INFO L87 Difference]: Start difference. First operand has 93 states, 69 states have (on average 1.2173913043478262) internal successors, (84), 73 states have internal predecessors, (84), 12 states have call successors, (12), 12 states have call predecessors, (12), 11 states have return successors, (12), 11 states have call predecessors, (12), 12 states have call successors, (12) Second operand 93 states. [2022-02-20 18:09:08,422 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:08,422 INFO L93 Difference]: Finished difference Result 93 states and 108 transitions. [2022-02-20 18:09:08,422 INFO L276 IsEmpty]: Start isEmpty. Operand 93 states and 108 transitions. [2022-02-20 18:09:08,422 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:08,422 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:08,423 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:08,423 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:08,423 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 93 states, 69 states have (on average 1.2173913043478262) internal successors, (84), 73 states have internal predecessors, (84), 12 states have call successors, (12), 12 states have call predecessors, (12), 11 states have return successors, (12), 11 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:08,426 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 93 states to 93 states and 108 transitions. [2022-02-20 18:09:08,426 INFO L78 Accepts]: Start accepts. Automaton has 93 states and 108 transitions. Word has length 42 [2022-02-20 18:09:08,426 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:08,426 INFO L470 AbstractCegarLoop]: Abstraction has 93 states and 108 transitions. [2022-02-20 18:09:08,427 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 8.75) internal successors, (35), 3 states have internal predecessors, (35), 3 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 18:09:08,428 INFO L276 IsEmpty]: Start isEmpty. Operand 93 states and 108 transitions. [2022-02-20 18:09:08,429 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2022-02-20 18:09:08,429 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:08,429 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:08,430 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-02-20 18:09:08,430 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:08,430 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:08,430 INFO L85 PathProgramCache]: Analyzing trace with hash -766065470, now seen corresponding path program 1 times [2022-02-20 18:09:08,430 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:08,430 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2020230220] [2022-02-20 18:09:08,431 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:08,431 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:08,483 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:09:08,483 INFO L352 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2022-02-20 18:09:08,507 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:09:08,545 INFO L138 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2022-02-20 18:09:08,545 INFO L628 BasicCegarLoop]: Counterexample is feasible [2022-02-20 18:09:08,546 INFO L764 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-02-20 18:09:08,548 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-02-20 18:09:08,551 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1] [2022-02-20 18:09:08,553 INFO L180 ceAbstractionStarter]: Computing trace abstraction results [2022-02-20 18:09:08,575 FATAL L489 DefaultTranslator]: Callstack has procedure call flag but succeeding procedure is empty at [CALL] call waterRise(); [2022-02-20 18:09:08,576 FATAL L? ?]: The Plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction has thrown an exception: java.lang.AssertionError: callstack broken after backtranslation by InlinerBacktranslator at de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:216) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:206) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getProgramExecutionAsString(CounterExampleResult.java:155) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getLongDescription(CounterExampleResult.java:134) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ResultService.reportResult(ResultService.java:86) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.CegarLoopResultReporter.reportResult(CegarLoopResultReporter.java:141) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.reportLocationResults(TraceAbstractionStarter.java:607) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.runCegarLoops(TraceAbstractionStarter.java:182) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.(TraceAbstractionStarter.java:156) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver.finish(TraceAbstractionObserver.java:123) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runObserver(PluginConnector.java:168) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runTool(PluginConnector.java:151) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.run(PluginConnector.java:128) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.executePluginConnector(ToolchainWalker.java:232) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.processPlugin(ToolchainWalker.java:226) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walkUnprotected(ToolchainWalker.java:142) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walk(ToolchainWalker.java:104) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainManager$Toolchain.processToolchain(ToolchainManager.java:320) at de.uni_freiburg.informatik.ultimate.core.coreplugin.toolchain.DefaultToolchainJob.run(DefaultToolchainJob.java:145) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:63) [2022-02-20 18:09:08,581 INFO L158 Benchmark]: Toolchain (without parser) took 5390.05ms. Allocated memory was 96.5MB in the beginning and 151.0MB in the end (delta: 54.5MB). Free memory was 65.2MB in the beginning and 73.6MB in the end (delta: -8.4MB). Peak memory consumption was 45.8MB. Max. memory is 16.1GB. [2022-02-20 18:09:08,581 INFO L158 Benchmark]: CDTParser took 0.22ms. Allocated memory is still 96.5MB. Free memory is still 52.3MB. There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:09:08,582 INFO L158 Benchmark]: CACSL2BoogieTranslator took 488.93ms. Allocated memory was 96.5MB in the beginning and 125.8MB in the end (delta: 29.4MB). Free memory was 65.0MB in the beginning and 91.3MB in the end (delta: -26.3MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2022-02-20 18:09:08,582 INFO L158 Benchmark]: Boogie Procedure Inliner took 63.94ms. Allocated memory is still 125.8MB. Free memory was 90.9MB in the beginning and 88.2MB in the end (delta: 2.7MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-02-20 18:09:08,582 INFO L158 Benchmark]: Boogie Preprocessor took 45.29ms. Allocated memory is still 125.8MB. Free memory was 88.2MB in the beginning and 86.7MB in the end (delta: 1.5MB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:09:08,582 INFO L158 Benchmark]: RCFGBuilder took 578.26ms. Allocated memory is still 125.8MB. Free memory was 86.7MB in the beginning and 65.2MB in the end (delta: 21.5MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2022-02-20 18:09:08,583 INFO L158 Benchmark]: TraceAbstraction took 4207.66ms. Allocated memory was 125.8MB in the beginning and 151.0MB in the end (delta: 25.2MB). Free memory was 65.2MB in the beginning and 73.6MB in the end (delta: -8.4MB). Peak memory consumption was 17.3MB. Max. memory is 16.1GB. [2022-02-20 18:09:08,584 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.22ms. Allocated memory is still 96.5MB. Free memory is still 52.3MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 488.93ms. Allocated memory was 96.5MB in the beginning and 125.8MB in the end (delta: 29.4MB). Free memory was 65.0MB in the beginning and 91.3MB in the end (delta: -26.3MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 63.94ms. Allocated memory is still 125.8MB. Free memory was 90.9MB in the beginning and 88.2MB in the end (delta: 2.7MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 45.29ms. Allocated memory is still 125.8MB. Free memory was 88.2MB in the beginning and 86.7MB in the end (delta: 1.5MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 578.26ms. Allocated memory is still 125.8MB. Free memory was 86.7MB in the beginning and 65.2MB in the end (delta: 21.5MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * TraceAbstraction took 4207.66ms. Allocated memory was 125.8MB in the beginning and 151.0MB in the end (delta: 25.2MB). Free memory was 65.2MB in the beginning and 73.6MB in the end (delta: -8.4MB). Peak memory consumption was 17.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: AssertionError: callstack broken after backtranslation by InlinerBacktranslator: de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) RESULT: Ultimate could not prove your program: Toolchain returned no result. [2022-02-20 18:09:08,623 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Using bit-precise analysis Retrying with bit-precise analysis ### Bit-precise run ### Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_product29.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Bitvector.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 76c265ee8cd79c32bac129a25f21c9052690eb74ca3013be3603e97bc6872f20 --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 18:09:10,686 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 18:09:10,688 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 18:09:10,728 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 18:09:10,729 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 18:09:10,733 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 18:09:10,735 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 18:09:10,740 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 18:09:10,742 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 18:09:10,747 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 18:09:10,748 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 18:09:10,749 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 18:09:10,750 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 18:09:10,752 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 18:09:10,753 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 18:09:10,758 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 18:09:10,759 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 18:09:10,760 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 18:09:10,762 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 18:09:10,765 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 18:09:10,768 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 18:09:10,769 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 18:09:10,770 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 18:09:10,772 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 18:09:10,776 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 18:09:10,776 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 18:09:10,776 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 18:09:10,778 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 18:09:10,778 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 18:09:10,779 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 18:09:10,780 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 18:09:10,780 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 18:09:10,782 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 18:09:10,782 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 18:09:10,784 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 18:09:10,784 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 18:09:10,784 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 18:09:10,785 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 18:09:10,785 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 18:09:10,786 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 18:09:10,787 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 18:09:10,791 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Bitvector.epf [2022-02-20 18:09:10,831 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 18:09:10,832 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 18:09:10,833 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 18:09:10,834 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 18:09:10,835 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 18:09:10,835 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 18:09:10,836 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 18:09:10,836 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 18:09:10,837 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 18:09:10,837 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 18:09:10,838 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 18:09:10,838 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 18:09:10,838 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 18:09:10,838 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-02-20 18:09:10,838 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 18:09:10,838 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-02-20 18:09:10,839 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-02-20 18:09:10,839 INFO L138 SettingsManager]: * Use bitvectors instead of ints=true [2022-02-20 18:09:10,839 INFO L138 SettingsManager]: * Memory model=HoenickeLindenmann_4ByteResolution [2022-02-20 18:09:10,839 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 18:09:10,839 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-02-20 18:09:10,840 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 18:09:10,840 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-02-20 18:09:10,840 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 18:09:10,840 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 18:09:10,840 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 18:09:10,840 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:09:10,841 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 18:09:10,841 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 18:09:10,841 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-02-20 18:09:10,841 INFO L138 SettingsManager]: * Trace refinement strategy=WOLF [2022-02-20 18:09:10,841 INFO L138 SettingsManager]: * Command for external solver=cvc4 --incremental --print-success --lang smt [2022-02-20 18:09:10,842 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2022-02-20 18:09:10,842 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-02-20 18:09:10,842 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-02-20 18:09:10,842 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2022-02-20 18:09:10,843 INFO L138 SettingsManager]: * Logic for external solver=AUFBV WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 76c265ee8cd79c32bac129a25f21c9052690eb74ca3013be3603e97bc6872f20 [2022-02-20 18:09:11,195 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 18:09:11,222 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 18:09:11,226 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 18:09:11,228 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 18:09:11,228 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 18:09:11,230 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_product29.cil.c [2022-02-20 18:09:11,298 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/24586bd5d/11895f4dd933431ba0a17b060014c9f0/FLAG18e7f50f9 [2022-02-20 18:09:11,836 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 18:09:11,837 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product29.cil.c [2022-02-20 18:09:11,854 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/24586bd5d/11895f4dd933431ba0a17b060014c9f0/FLAG18e7f50f9 [2022-02-20 18:09:12,308 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/24586bd5d/11895f4dd933431ba0a17b060014c9f0 [2022-02-20 18:09:12,311 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 18:09:12,312 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 18:09:12,315 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 18:09:12,316 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 18:09:12,330 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 18:09:12,331 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:09:12" (1/1) ... [2022-02-20 18:09:12,332 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@77fd07c1 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:12, skipping insertion in model container [2022-02-20 18:09:12,332 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:09:12" (1/1) ... [2022-02-20 18:09:12,338 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 18:09:12,373 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:09:12,651 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product29.cil.c[13732,13745] [2022-02-20 18:09:12,677 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:09:12,695 INFO L200 MainTranslator]: Restarting translation with changed settings: SettingsChange [mNewPreferredMemoryModel=HoenickeLindenmann_1ByteResolution] [2022-02-20 18:09:12,702 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:09:12,764 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product29.cil.c[13732,13745] [2022-02-20 18:09:12,786 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:09:12,796 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 18:09:12,868 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product29.cil.c[13732,13745] [2022-02-20 18:09:12,887 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:09:12,903 INFO L208 MainTranslator]: Completed translation [2022-02-20 18:09:12,904 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:12 WrapperNode [2022-02-20 18:09:12,904 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 18:09:12,905 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 18:09:12,906 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 18:09:12,906 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 18:09:12,912 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:12" (1/1) ... [2022-02-20 18:09:12,940 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:12" (1/1) ... [2022-02-20 18:09:12,980 INFO L137 Inliner]: procedures = 56, calls = 156, calls flagged for inlining = 20, calls inlined = 16, statements flattened = 223 [2022-02-20 18:09:12,981 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 18:09:12,982 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 18:09:12,983 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 18:09:12,983 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 18:09:12,990 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:12" (1/1) ... [2022-02-20 18:09:12,991 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:12" (1/1) ... [2022-02-20 18:09:13,002 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:12" (1/1) ... [2022-02-20 18:09:13,002 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:12" (1/1) ... [2022-02-20 18:09:13,024 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:12" (1/1) ... [2022-02-20 18:09:13,029 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:12" (1/1) ... [2022-02-20 18:09:13,030 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:12" (1/1) ... [2022-02-20 18:09:13,033 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 18:09:13,033 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 18:09:13,033 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 18:09:13,034 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 18:09:13,039 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:12" (1/1) ... [2022-02-20 18:09:13,046 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:09:13,053 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 18:09:13,066 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 18:09:13,068 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 18:09:13,101 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 18:09:13,101 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-02-20 18:09:13,101 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-02-20 18:09:13,101 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-02-20 18:09:13,101 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-02-20 18:09:13,101 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-02-20 18:09:13,101 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-02-20 18:09:13,102 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-02-20 18:09:13,102 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-02-20 18:09:13,102 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-02-20 18:09:13,102 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-02-20 18:09:13,102 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~intINTTYPE1 [2022-02-20 18:09:13,102 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2022-02-20 18:09:13,102 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2022-02-20 18:09:13,102 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2022-02-20 18:09:13,102 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2022-02-20 18:09:13,103 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-02-20 18:09:13,103 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-02-20 18:09:13,103 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-02-20 18:09:13,103 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-02-20 18:09:13,103 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 18:09:13,103 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 18:09:13,212 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 18:09:13,214 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 18:09:13,612 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 18:09:13,627 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 18:09:13,628 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-02-20 18:09:13,630 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:09:13 BoogieIcfgContainer [2022-02-20 18:09:13,634 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 18:09:13,636 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 18:09:13,637 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 18:09:13,639 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 18:09:13,641 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 06:09:12" (1/3) ... [2022-02-20 18:09:13,642 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4630e544 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:09:13, skipping insertion in model container [2022-02-20 18:09:13,642 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:12" (2/3) ... [2022-02-20 18:09:13,643 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4630e544 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:09:13, skipping insertion in model container [2022-02-20 18:09:13,643 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:09:13" (3/3) ... [2022-02-20 18:09:13,648 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product29.cil.c [2022-02-20 18:09:13,655 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 18:09:13,656 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-02-20 18:09:13,711 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 18:09:13,720 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 18:09:13,721 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-02-20 18:09:13,748 INFO L276 IsEmpty]: Start isEmpty. Operand has 93 states, 67 states have (on average 1.373134328358209) internal successors, (92), 75 states have internal predecessors, (92), 15 states have call successors, (15), 9 states have call predecessors, (15), 9 states have return successors, (15), 11 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-20 18:09:13,758 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 18:09:13,758 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:13,759 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:13,759 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:13,769 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:13,770 INFO L85 PathProgramCache]: Analyzing trace with hash -198266629, now seen corresponding path program 1 times [2022-02-20 18:09:13,785 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:13,786 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [500127] [2022-02-20 18:09:13,787 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:13,787 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:13,788 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:13,793 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:13,795 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Waiting until timeout for monitored process [2022-02-20 18:09:13,919 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:13,923 INFO L263 TraceCheckSpWp]: Trace formula consists of 154 conjuncts, 1 conjunts are in the unsatisfiable core [2022-02-20 18:09:13,936 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:13,939 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:14,027 INFO L290 TraceCheckUtils]: 0: Hoare triple {96#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(13bv32, 4bv32);call #Ultimate.allocInit(7bv32, 5bv32);call write~init~intINTTYPE1(44bv8, 5bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 5bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 5bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 5bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 5bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 5bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 5bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 6bv32);call write~init~intINTTYPE1(67bv8, 6bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 6bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 6bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 6bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 6bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 7bv32);call write~init~intINTTYPE1(79bv8, 7bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 7bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 7bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 8bv32);call write~init~intINTTYPE1(41bv8, 8bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 8bv32, 1bv32, 1bv32);call #Ultimate.allocInit(30bv32, 9bv32);call #Ultimate.allocInit(9bv32, 10bv32);call #Ultimate.allocInit(21bv32, 11bv32);call #Ultimate.allocInit(30bv32, 12bv32);call #Ultimate.allocInit(9bv32, 13bv32);call #Ultimate.allocInit(21bv32, 14bv32);call #Ultimate.allocInit(30bv32, 15bv32);call #Ultimate.allocInit(9bv32, 16bv32);call #Ultimate.allocInit(25bv32, 17bv32);call #Ultimate.allocInit(30bv32, 18bv32);call #Ultimate.allocInit(9bv32, 19bv32);call #Ultimate.allocInit(25bv32, 20bv32);call #Ultimate.allocInit(13bv32, 21bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(79bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 23bv32);call write~init~intINTTYPE1(79bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 23bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 23bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 24bv32);call write~init~intINTTYPE1(44bv8, 24bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 24bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 24bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 24bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 24bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 24bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 24bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 25bv32);call write~init~intINTTYPE1(79bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 26bv32);call write~init~intINTTYPE1(79bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(41bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(10bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32;~cleanupTimeShifts~0 := 4bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32; {96#true} is VALID [2022-02-20 18:09:14,028 INFO L290 TraceCheckUtils]: 1: Hoare triple {96#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret36#1, main_~retValue_acc~8#1, main_~tmp~4#1;havoc main_~retValue_acc~8#1;havoc main_~tmp~4#1;assume { :begin_inline_select_helpers } true; {96#true} is VALID [2022-02-20 18:09:14,028 INFO L290 TraceCheckUtils]: 2: Hoare triple {96#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {96#true} is VALID [2022-02-20 18:09:14,028 INFO L290 TraceCheckUtils]: 3: Hoare triple {96#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~7#1;havoc valid_product_~retValue_acc~7#1;valid_product_~retValue_acc~7#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~7#1; {96#true} is VALID [2022-02-20 18:09:14,029 INFO L290 TraceCheckUtils]: 4: Hoare triple {96#true} main_#t~ret36#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~4#1 := main_#t~ret36#1;havoc main_#t~ret36#1; {96#true} is VALID [2022-02-20 18:09:14,029 INFO L290 TraceCheckUtils]: 5: Hoare triple {96#true} assume 0bv32 != main_~tmp~4#1;assume { :begin_inline_setup } true; {96#true} is VALID [2022-02-20 18:09:14,029 INFO L290 TraceCheckUtils]: 6: Hoare triple {96#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet50#1, test_#t~nondet51#1, test_#t~nondet52#1, test_#t~nondet53#1, test_~splverifierCounter~0#1, test_~tmp~9#1, test_~tmp___0~2#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~9#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {96#true} is VALID [2022-02-20 18:09:14,030 INFO L290 TraceCheckUtils]: 7: Hoare triple {96#true} assume false; {97#false} is VALID [2022-02-20 18:09:14,030 INFO L272 TraceCheckUtils]: 8: Hoare triple {97#false} call cleanup(); {97#false} is VALID [2022-02-20 18:09:14,030 INFO L290 TraceCheckUtils]: 9: Hoare triple {97#false} havoc ~i~0;havoc ~__cil_tmp2~0; {97#false} is VALID [2022-02-20 18:09:14,030 INFO L272 TraceCheckUtils]: 10: Hoare triple {97#false} call timeShift(); {97#false} is VALID [2022-02-20 18:09:14,031 INFO L290 TraceCheckUtils]: 11: Hoare triple {97#false} assume !(0bv32 != ~pumpRunning~0); {97#false} is VALID [2022-02-20 18:09:14,031 INFO L290 TraceCheckUtils]: 12: Hoare triple {97#false} assume !(0bv32 != ~systemActive~0); {97#false} is VALID [2022-02-20 18:09:14,031 INFO L290 TraceCheckUtils]: 13: Hoare triple {97#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret4#1, __utac_acc__Specification3_spec__1_#t~ret5#1, __utac_acc__Specification3_spec__1_#t~ret6#1, __utac_acc__Specification3_spec__1_~tmp~0#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {97#false} is VALID [2022-02-20 18:09:14,031 INFO L272 TraceCheckUtils]: 14: Hoare triple {97#false} call __utac_acc__Specification3_spec__1_#t~ret4#1 := isMethaneLevelCritical(); {97#false} is VALID [2022-02-20 18:09:14,031 INFO L290 TraceCheckUtils]: 15: Hoare triple {97#false} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {97#false} is VALID [2022-02-20 18:09:14,031 INFO L290 TraceCheckUtils]: 16: Hoare triple {97#false} assume true; {97#false} is VALID [2022-02-20 18:09:14,032 INFO L284 TraceCheckUtils]: 17: Hoare quadruple {97#false} {97#false} #231#return; {97#false} is VALID [2022-02-20 18:09:14,032 INFO L290 TraceCheckUtils]: 18: Hoare triple {97#false} __utac_acc__Specification3_spec__1_~tmp~0#1 := __utac_acc__Specification3_spec__1_#t~ret4#1;havoc __utac_acc__Specification3_spec__1_#t~ret4#1; {97#false} is VALID [2022-02-20 18:09:14,033 INFO L290 TraceCheckUtils]: 19: Hoare triple {97#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~0#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~1#1;havoc getWaterLevel_~retValue_acc~1#1;getWaterLevel_~retValue_acc~1#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; {97#false} is VALID [2022-02-20 18:09:14,034 INFO L290 TraceCheckUtils]: 20: Hoare triple {97#false} __utac_acc__Specification3_spec__1_#t~ret5#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret5#1;havoc __utac_acc__Specification3_spec__1_#t~ret5#1; {97#false} is VALID [2022-02-20 18:09:14,034 INFO L290 TraceCheckUtils]: 21: Hoare triple {97#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~10#1;havoc isPumpRunning_~retValue_acc~10#1;isPumpRunning_~retValue_acc~10#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~10#1; {97#false} is VALID [2022-02-20 18:09:14,034 INFO L290 TraceCheckUtils]: 22: Hoare triple {97#false} __utac_acc__Specification3_spec__1_#t~ret6#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret6#1;havoc __utac_acc__Specification3_spec__1_#t~ret6#1; {97#false} is VALID [2022-02-20 18:09:14,034 INFO L290 TraceCheckUtils]: 23: Hoare triple {97#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {97#false} is VALID [2022-02-20 18:09:14,035 INFO L290 TraceCheckUtils]: 24: Hoare triple {97#false} assume !false; {97#false} is VALID [2022-02-20 18:09:14,036 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:14,036 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:14,036 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:14,037 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [500127] [2022-02-20 18:09:14,037 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [500127] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:14,037 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:14,037 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:09:14,039 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [227570683] [2022-02-20 18:09:14,039 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:14,044 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:09:14,045 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:14,048 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:14,077 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:14,078 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-02-20 18:09:14,078 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:14,095 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-02-20 18:09:14,096 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:09:14,098 INFO L87 Difference]: Start difference. First operand has 93 states, 67 states have (on average 1.373134328358209) internal successors, (92), 75 states have internal predecessors, (92), 15 states have call successors, (15), 9 states have call predecessors, (15), 9 states have return successors, (15), 11 states have call predecessors, (15), 15 states have call successors, (15) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:14,204 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:14,205 INFO L93 Difference]: Finished difference Result 178 states and 239 transitions. [2022-02-20 18:09:14,205 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-02-20 18:09:14,205 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:09:14,206 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:14,207 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:14,221 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 239 transitions. [2022-02-20 18:09:14,221 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:14,254 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 239 transitions. [2022-02-20 18:09:14,255 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 239 transitions. [2022-02-20 18:09:14,462 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 239 edges. 239 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:14,480 INFO L225 Difference]: With dead ends: 178 [2022-02-20 18:09:14,480 INFO L226 Difference]: Without dead ends: 84 [2022-02-20 18:09:14,484 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 24 GetRequests, 24 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:09:14,489 INFO L933 BasicCegarLoop]: 116 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 116 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:14,495 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 116 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:14,511 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 84 states. [2022-02-20 18:09:14,535 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 84 to 84. [2022-02-20 18:09:14,535 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:14,537 INFO L82 GeneralOperation]: Start isEquivalent. First operand 84 states. Second operand has 84 states, 60 states have (on average 1.3) internal successors, (78), 67 states have internal predecessors, (78), 15 states have call successors, (15), 9 states have call predecessors, (15), 8 states have return successors, (14), 10 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 18:09:14,538 INFO L74 IsIncluded]: Start isIncluded. First operand 84 states. Second operand has 84 states, 60 states have (on average 1.3) internal successors, (78), 67 states have internal predecessors, (78), 15 states have call successors, (15), 9 states have call predecessors, (15), 8 states have return successors, (14), 10 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 18:09:14,539 INFO L87 Difference]: Start difference. First operand 84 states. Second operand has 84 states, 60 states have (on average 1.3) internal successors, (78), 67 states have internal predecessors, (78), 15 states have call successors, (15), 9 states have call predecessors, (15), 8 states have return successors, (14), 10 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 18:09:14,546 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:14,547 INFO L93 Difference]: Finished difference Result 84 states and 107 transitions. [2022-02-20 18:09:14,547 INFO L276 IsEmpty]: Start isEmpty. Operand 84 states and 107 transitions. [2022-02-20 18:09:14,548 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:14,548 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:14,549 INFO L74 IsIncluded]: Start isIncluded. First operand has 84 states, 60 states have (on average 1.3) internal successors, (78), 67 states have internal predecessors, (78), 15 states have call successors, (15), 9 states have call predecessors, (15), 8 states have return successors, (14), 10 states have call predecessors, (14), 14 states have call successors, (14) Second operand 84 states. [2022-02-20 18:09:14,550 INFO L87 Difference]: Start difference. First operand has 84 states, 60 states have (on average 1.3) internal successors, (78), 67 states have internal predecessors, (78), 15 states have call successors, (15), 9 states have call predecessors, (15), 8 states have return successors, (14), 10 states have call predecessors, (14), 14 states have call successors, (14) Second operand 84 states. [2022-02-20 18:09:14,556 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:14,556 INFO L93 Difference]: Finished difference Result 84 states and 107 transitions. [2022-02-20 18:09:14,556 INFO L276 IsEmpty]: Start isEmpty. Operand 84 states and 107 transitions. [2022-02-20 18:09:14,557 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:14,558 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:14,558 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:14,558 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:14,559 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 84 states, 60 states have (on average 1.3) internal successors, (78), 67 states have internal predecessors, (78), 15 states have call successors, (15), 9 states have call predecessors, (15), 8 states have return successors, (14), 10 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 18:09:14,564 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 84 states to 84 states and 107 transitions. [2022-02-20 18:09:14,565 INFO L78 Accepts]: Start accepts. Automaton has 84 states and 107 transitions. Word has length 25 [2022-02-20 18:09:14,565 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:14,566 INFO L470 AbstractCegarLoop]: Abstraction has 84 states and 107 transitions. [2022-02-20 18:09:14,566 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:14,566 INFO L276 IsEmpty]: Start isEmpty. Operand 84 states and 107 transitions. [2022-02-20 18:09:14,568 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-02-20 18:09:14,568 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:14,568 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:14,580 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Forceful destruction successful, exit code 0 [2022-02-20 18:09:14,778 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:14,779 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:14,780 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:14,780 INFO L85 PathProgramCache]: Analyzing trace with hash -342081454, now seen corresponding path program 1 times [2022-02-20 18:09:14,780 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:14,780 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [148317380] [2022-02-20 18:09:14,781 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:14,781 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:14,781 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:14,782 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:14,783 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Waiting until timeout for monitored process [2022-02-20 18:09:14,843 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:14,846 INFO L263 TraceCheckSpWp]: Trace formula consists of 155 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-20 18:09:14,860 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:14,862 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:14,968 INFO L290 TraceCheckUtils]: 0: Hoare triple {718#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(13bv32, 4bv32);call #Ultimate.allocInit(7bv32, 5bv32);call write~init~intINTTYPE1(44bv8, 5bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 5bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 5bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 5bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 5bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 5bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 5bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 6bv32);call write~init~intINTTYPE1(67bv8, 6bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 6bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 6bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 6bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 6bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 7bv32);call write~init~intINTTYPE1(79bv8, 7bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 7bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 7bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 8bv32);call write~init~intINTTYPE1(41bv8, 8bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 8bv32, 1bv32, 1bv32);call #Ultimate.allocInit(30bv32, 9bv32);call #Ultimate.allocInit(9bv32, 10bv32);call #Ultimate.allocInit(21bv32, 11bv32);call #Ultimate.allocInit(30bv32, 12bv32);call #Ultimate.allocInit(9bv32, 13bv32);call #Ultimate.allocInit(21bv32, 14bv32);call #Ultimate.allocInit(30bv32, 15bv32);call #Ultimate.allocInit(9bv32, 16bv32);call #Ultimate.allocInit(25bv32, 17bv32);call #Ultimate.allocInit(30bv32, 18bv32);call #Ultimate.allocInit(9bv32, 19bv32);call #Ultimate.allocInit(25bv32, 20bv32);call #Ultimate.allocInit(13bv32, 21bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(79bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 23bv32);call write~init~intINTTYPE1(79bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 23bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 23bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 24bv32);call write~init~intINTTYPE1(44bv8, 24bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 24bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 24bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 24bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 24bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 24bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 24bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 25bv32);call write~init~intINTTYPE1(79bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 26bv32);call write~init~intINTTYPE1(79bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(41bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(10bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32;~cleanupTimeShifts~0 := 4bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32; {718#true} is VALID [2022-02-20 18:09:14,969 INFO L290 TraceCheckUtils]: 1: Hoare triple {718#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret36#1, main_~retValue_acc~8#1, main_~tmp~4#1;havoc main_~retValue_acc~8#1;havoc main_~tmp~4#1;assume { :begin_inline_select_helpers } true; {718#true} is VALID [2022-02-20 18:09:14,969 INFO L290 TraceCheckUtils]: 2: Hoare triple {718#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {718#true} is VALID [2022-02-20 18:09:14,970 INFO L290 TraceCheckUtils]: 3: Hoare triple {718#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~7#1;havoc valid_product_~retValue_acc~7#1;valid_product_~retValue_acc~7#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~7#1; {718#true} is VALID [2022-02-20 18:09:14,970 INFO L290 TraceCheckUtils]: 4: Hoare triple {718#true} main_#t~ret36#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~4#1 := main_#t~ret36#1;havoc main_#t~ret36#1; {718#true} is VALID [2022-02-20 18:09:14,970 INFO L290 TraceCheckUtils]: 5: Hoare triple {718#true} assume 0bv32 != main_~tmp~4#1;assume { :begin_inline_setup } true; {718#true} is VALID [2022-02-20 18:09:14,971 INFO L290 TraceCheckUtils]: 6: Hoare triple {718#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet50#1, test_#t~nondet51#1, test_#t~nondet52#1, test_#t~nondet53#1, test_~splverifierCounter~0#1, test_~tmp~9#1, test_~tmp___0~2#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~9#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {741#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} is VALID [2022-02-20 18:09:14,971 INFO L290 TraceCheckUtils]: 7: Hoare triple {741#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} assume !false; {741#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} is VALID [2022-02-20 18:09:14,972 INFO L290 TraceCheckUtils]: 8: Hoare triple {741#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} assume !~bvslt32(test_~splverifierCounter~0#1, 4bv32); {719#false} is VALID [2022-02-20 18:09:14,972 INFO L272 TraceCheckUtils]: 9: Hoare triple {719#false} call cleanup(); {719#false} is VALID [2022-02-20 18:09:14,972 INFO L290 TraceCheckUtils]: 10: Hoare triple {719#false} havoc ~i~0;havoc ~__cil_tmp2~0; {719#false} is VALID [2022-02-20 18:09:14,972 INFO L272 TraceCheckUtils]: 11: Hoare triple {719#false} call timeShift(); {719#false} is VALID [2022-02-20 18:09:14,973 INFO L290 TraceCheckUtils]: 12: Hoare triple {719#false} assume !(0bv32 != ~pumpRunning~0); {719#false} is VALID [2022-02-20 18:09:14,973 INFO L290 TraceCheckUtils]: 13: Hoare triple {719#false} assume !(0bv32 != ~systemActive~0); {719#false} is VALID [2022-02-20 18:09:14,973 INFO L290 TraceCheckUtils]: 14: Hoare triple {719#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret4#1, __utac_acc__Specification3_spec__1_#t~ret5#1, __utac_acc__Specification3_spec__1_#t~ret6#1, __utac_acc__Specification3_spec__1_~tmp~0#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {719#false} is VALID [2022-02-20 18:09:14,973 INFO L272 TraceCheckUtils]: 15: Hoare triple {719#false} call __utac_acc__Specification3_spec__1_#t~ret4#1 := isMethaneLevelCritical(); {719#false} is VALID [2022-02-20 18:09:14,974 INFO L290 TraceCheckUtils]: 16: Hoare triple {719#false} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {719#false} is VALID [2022-02-20 18:09:14,974 INFO L290 TraceCheckUtils]: 17: Hoare triple {719#false} assume true; {719#false} is VALID [2022-02-20 18:09:14,974 INFO L284 TraceCheckUtils]: 18: Hoare quadruple {719#false} {719#false} #231#return; {719#false} is VALID [2022-02-20 18:09:14,974 INFO L290 TraceCheckUtils]: 19: Hoare triple {719#false} __utac_acc__Specification3_spec__1_~tmp~0#1 := __utac_acc__Specification3_spec__1_#t~ret4#1;havoc __utac_acc__Specification3_spec__1_#t~ret4#1; {719#false} is VALID [2022-02-20 18:09:14,974 INFO L290 TraceCheckUtils]: 20: Hoare triple {719#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~0#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~1#1;havoc getWaterLevel_~retValue_acc~1#1;getWaterLevel_~retValue_acc~1#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; {719#false} is VALID [2022-02-20 18:09:14,975 INFO L290 TraceCheckUtils]: 21: Hoare triple {719#false} __utac_acc__Specification3_spec__1_#t~ret5#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret5#1;havoc __utac_acc__Specification3_spec__1_#t~ret5#1; {719#false} is VALID [2022-02-20 18:09:14,975 INFO L290 TraceCheckUtils]: 22: Hoare triple {719#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~10#1;havoc isPumpRunning_~retValue_acc~10#1;isPumpRunning_~retValue_acc~10#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~10#1; {719#false} is VALID [2022-02-20 18:09:14,975 INFO L290 TraceCheckUtils]: 23: Hoare triple {719#false} __utac_acc__Specification3_spec__1_#t~ret6#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret6#1;havoc __utac_acc__Specification3_spec__1_#t~ret6#1; {719#false} is VALID [2022-02-20 18:09:14,975 INFO L290 TraceCheckUtils]: 24: Hoare triple {719#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {719#false} is VALID [2022-02-20 18:09:14,976 INFO L290 TraceCheckUtils]: 25: Hoare triple {719#false} assume !false; {719#false} is VALID [2022-02-20 18:09:14,976 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:14,976 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:14,976 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:14,977 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [148317380] [2022-02-20 18:09:14,977 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [148317380] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:14,977 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:14,977 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:09:14,977 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [649080681] [2022-02-20 18:09:14,977 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:14,979 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:09:14,979 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:14,979 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:15,004 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 26 edges. 26 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:15,004 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:15,005 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:15,005 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:15,005 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:15,006 INFO L87 Difference]: Start difference. First operand 84 states and 107 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:15,165 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:15,165 INFO L93 Difference]: Finished difference Result 134 states and 170 transitions. [2022-02-20 18:09:15,165 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:15,166 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:09:15,166 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:15,166 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:15,174 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 170 transitions. [2022-02-20 18:09:15,175 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:15,181 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 170 transitions. [2022-02-20 18:09:15,181 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 170 transitions. [2022-02-20 18:09:15,368 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 170 edges. 170 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:15,371 INFO L225 Difference]: With dead ends: 134 [2022-02-20 18:09:15,376 INFO L226 Difference]: Without dead ends: 75 [2022-02-20 18:09:15,377 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 25 GetRequests, 24 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:15,378 INFO L933 BasicCegarLoop]: 94 mSDtfsCounter, 12 mSDsluCounter, 78 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 172 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:15,379 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [15 Valid, 172 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:15,380 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 75 states. [2022-02-20 18:09:15,386 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 75 to 75. [2022-02-20 18:09:15,386 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:15,387 INFO L82 GeneralOperation]: Start isEquivalent. First operand 75 states. Second operand has 75 states, 54 states have (on average 1.3148148148148149) internal successors, (71), 61 states have internal predecessors, (71), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 8 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:15,388 INFO L74 IsIncluded]: Start isIncluded. First operand 75 states. Second operand has 75 states, 54 states have (on average 1.3148148148148149) internal successors, (71), 61 states have internal predecessors, (71), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 8 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:15,407 INFO L87 Difference]: Start difference. First operand 75 states. Second operand has 75 states, 54 states have (on average 1.3148148148148149) internal successors, (71), 61 states have internal predecessors, (71), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 8 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:15,411 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:15,414 INFO L93 Difference]: Finished difference Result 75 states and 95 transitions. [2022-02-20 18:09:15,415 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 95 transitions. [2022-02-20 18:09:15,416 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:15,420 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:15,421 INFO L74 IsIncluded]: Start isIncluded. First operand has 75 states, 54 states have (on average 1.3148148148148149) internal successors, (71), 61 states have internal predecessors, (71), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 8 states have call predecessors, (12), 12 states have call successors, (12) Second operand 75 states. [2022-02-20 18:09:15,422 INFO L87 Difference]: Start difference. First operand has 75 states, 54 states have (on average 1.3148148148148149) internal successors, (71), 61 states have internal predecessors, (71), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 8 states have call predecessors, (12), 12 states have call successors, (12) Second operand 75 states. [2022-02-20 18:09:15,425 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:15,430 INFO L93 Difference]: Finished difference Result 75 states and 95 transitions. [2022-02-20 18:09:15,431 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 95 transitions. [2022-02-20 18:09:15,432 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:15,432 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:15,432 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:15,432 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:15,433 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 75 states, 54 states have (on average 1.3148148148148149) internal successors, (71), 61 states have internal predecessors, (71), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 8 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:15,439 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 75 states to 75 states and 95 transitions. [2022-02-20 18:09:15,440 INFO L78 Accepts]: Start accepts. Automaton has 75 states and 95 transitions. Word has length 26 [2022-02-20 18:09:15,440 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:15,440 INFO L470 AbstractCegarLoop]: Abstraction has 75 states and 95 transitions. [2022-02-20 18:09:15,440 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:15,440 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 95 transitions. [2022-02-20 18:09:15,441 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-02-20 18:09:15,442 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:15,442 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:15,456 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Ended with exit code 0 [2022-02-20 18:09:15,651 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:15,651 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:15,652 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:15,652 INFO L85 PathProgramCache]: Analyzing trace with hash -809418228, now seen corresponding path program 1 times [2022-02-20 18:09:15,652 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:15,652 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1626973722] [2022-02-20 18:09:15,653 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:15,653 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:15,653 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:15,654 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:15,661 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Waiting until timeout for monitored process [2022-02-20 18:09:15,707 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:15,710 INFO L263 TraceCheckSpWp]: Trace formula consists of 155 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-20 18:09:15,723 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:15,724 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:15,818 INFO L290 TraceCheckUtils]: 0: Hoare triple {1248#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(13bv32, 4bv32);call #Ultimate.allocInit(7bv32, 5bv32);call write~init~intINTTYPE1(44bv8, 5bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 5bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 5bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 5bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 5bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 5bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 5bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 6bv32);call write~init~intINTTYPE1(67bv8, 6bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 6bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 6bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 6bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 6bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 7bv32);call write~init~intINTTYPE1(79bv8, 7bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 7bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 7bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 8bv32);call write~init~intINTTYPE1(41bv8, 8bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 8bv32, 1bv32, 1bv32);call #Ultimate.allocInit(30bv32, 9bv32);call #Ultimate.allocInit(9bv32, 10bv32);call #Ultimate.allocInit(21bv32, 11bv32);call #Ultimate.allocInit(30bv32, 12bv32);call #Ultimate.allocInit(9bv32, 13bv32);call #Ultimate.allocInit(21bv32, 14bv32);call #Ultimate.allocInit(30bv32, 15bv32);call #Ultimate.allocInit(9bv32, 16bv32);call #Ultimate.allocInit(25bv32, 17bv32);call #Ultimate.allocInit(30bv32, 18bv32);call #Ultimate.allocInit(9bv32, 19bv32);call #Ultimate.allocInit(25bv32, 20bv32);call #Ultimate.allocInit(13bv32, 21bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(79bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 23bv32);call write~init~intINTTYPE1(79bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 23bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 23bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 24bv32);call write~init~intINTTYPE1(44bv8, 24bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 24bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 24bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 24bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 24bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 24bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 24bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 25bv32);call write~init~intINTTYPE1(79bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 26bv32);call write~init~intINTTYPE1(79bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(41bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(10bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32;~cleanupTimeShifts~0 := 4bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32; {1253#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,819 INFO L290 TraceCheckUtils]: 1: Hoare triple {1253#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret36#1, main_~retValue_acc~8#1, main_~tmp~4#1;havoc main_~retValue_acc~8#1;havoc main_~tmp~4#1;assume { :begin_inline_select_helpers } true; {1253#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,819 INFO L290 TraceCheckUtils]: 2: Hoare triple {1253#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1253#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,820 INFO L290 TraceCheckUtils]: 3: Hoare triple {1253#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~7#1;havoc valid_product_~retValue_acc~7#1;valid_product_~retValue_acc~7#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~7#1; {1253#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,820 INFO L290 TraceCheckUtils]: 4: Hoare triple {1253#(= ~systemActive~0 (_ bv1 32))} main_#t~ret36#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~4#1 := main_#t~ret36#1;havoc main_#t~ret36#1; {1253#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,820 INFO L290 TraceCheckUtils]: 5: Hoare triple {1253#(= ~systemActive~0 (_ bv1 32))} assume 0bv32 != main_~tmp~4#1;assume { :begin_inline_setup } true; {1253#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,821 INFO L290 TraceCheckUtils]: 6: Hoare triple {1253#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet50#1, test_#t~nondet51#1, test_#t~nondet52#1, test_#t~nondet53#1, test_~splverifierCounter~0#1, test_~tmp~9#1, test_~tmp___0~2#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~9#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {1253#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,821 INFO L290 TraceCheckUtils]: 7: Hoare triple {1253#(= ~systemActive~0 (_ bv1 32))} assume !false; {1253#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,822 INFO L290 TraceCheckUtils]: 8: Hoare triple {1253#(= ~systemActive~0 (_ bv1 32))} assume ~bvslt32(test_~splverifierCounter~0#1, 4bv32); {1253#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,823 INFO L290 TraceCheckUtils]: 9: Hoare triple {1253#(= ~systemActive~0 (_ bv1 32))} test_~tmp~9#1 := test_#t~nondet50#1;havoc test_#t~nondet50#1; {1253#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,824 INFO L290 TraceCheckUtils]: 10: Hoare triple {1253#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != test_~tmp~9#1); {1253#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,824 INFO L290 TraceCheckUtils]: 11: Hoare triple {1253#(= ~systemActive~0 (_ bv1 32))} test_~tmp___0~2#1 := test_#t~nondet51#1;havoc test_#t~nondet51#1; {1253#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,825 INFO L290 TraceCheckUtils]: 12: Hoare triple {1253#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___0~2#1); {1253#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,825 INFO L290 TraceCheckUtils]: 13: Hoare triple {1253#(= ~systemActive~0 (_ bv1 32))} test_~tmp___2~0#1 := test_#t~nondet52#1;havoc test_#t~nondet52#1; {1253#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,825 INFO L290 TraceCheckUtils]: 14: Hoare triple {1253#(= ~systemActive~0 (_ bv1 32))} assume 0bv32 != test_~tmp___2~0#1; {1253#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,826 INFO L272 TraceCheckUtils]: 15: Hoare triple {1253#(= ~systemActive~0 (_ bv1 32))} call timeShift(); {1253#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,826 INFO L290 TraceCheckUtils]: 16: Hoare triple {1253#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {1253#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,827 INFO L290 TraceCheckUtils]: 17: Hoare triple {1253#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != ~systemActive~0); {1249#false} is VALID [2022-02-20 18:09:15,827 INFO L290 TraceCheckUtils]: 18: Hoare triple {1249#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret4#1, __utac_acc__Specification3_spec__1_#t~ret5#1, __utac_acc__Specification3_spec__1_#t~ret6#1, __utac_acc__Specification3_spec__1_~tmp~0#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {1249#false} is VALID [2022-02-20 18:09:15,827 INFO L272 TraceCheckUtils]: 19: Hoare triple {1249#false} call __utac_acc__Specification3_spec__1_#t~ret4#1 := isMethaneLevelCritical(); {1249#false} is VALID [2022-02-20 18:09:15,827 INFO L290 TraceCheckUtils]: 20: Hoare triple {1249#false} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {1249#false} is VALID [2022-02-20 18:09:15,828 INFO L290 TraceCheckUtils]: 21: Hoare triple {1249#false} assume true; {1249#false} is VALID [2022-02-20 18:09:15,828 INFO L284 TraceCheckUtils]: 22: Hoare quadruple {1249#false} {1249#false} #231#return; {1249#false} is VALID [2022-02-20 18:09:15,828 INFO L290 TraceCheckUtils]: 23: Hoare triple {1249#false} __utac_acc__Specification3_spec__1_~tmp~0#1 := __utac_acc__Specification3_spec__1_#t~ret4#1;havoc __utac_acc__Specification3_spec__1_#t~ret4#1; {1249#false} is VALID [2022-02-20 18:09:15,828 INFO L290 TraceCheckUtils]: 24: Hoare triple {1249#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~0#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~1#1;havoc getWaterLevel_~retValue_acc~1#1;getWaterLevel_~retValue_acc~1#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; {1249#false} is VALID [2022-02-20 18:09:15,828 INFO L290 TraceCheckUtils]: 25: Hoare triple {1249#false} __utac_acc__Specification3_spec__1_#t~ret5#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret5#1;havoc __utac_acc__Specification3_spec__1_#t~ret5#1; {1249#false} is VALID [2022-02-20 18:09:15,828 INFO L290 TraceCheckUtils]: 26: Hoare triple {1249#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~10#1;havoc isPumpRunning_~retValue_acc~10#1;isPumpRunning_~retValue_acc~10#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~10#1; {1249#false} is VALID [2022-02-20 18:09:15,828 INFO L290 TraceCheckUtils]: 27: Hoare triple {1249#false} __utac_acc__Specification3_spec__1_#t~ret6#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret6#1;havoc __utac_acc__Specification3_spec__1_#t~ret6#1; {1249#false} is VALID [2022-02-20 18:09:15,829 INFO L290 TraceCheckUtils]: 28: Hoare triple {1249#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {1249#false} is VALID [2022-02-20 18:09:15,829 INFO L290 TraceCheckUtils]: 29: Hoare triple {1249#false} assume !false; {1249#false} is VALID [2022-02-20 18:09:15,829 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:15,829 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:15,829 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:15,829 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1626973722] [2022-02-20 18:09:15,830 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1626973722] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:15,830 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:15,830 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:09:15,830 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2137385924] [2022-02-20 18:09:15,830 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:15,830 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:09:15,836 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:15,836 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:15,875 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 30 edges. 30 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:15,876 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:15,876 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:15,876 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:15,877 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:15,877 INFO L87 Difference]: Start difference. First operand 75 states and 95 transitions. Second operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:15,998 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:15,999 INFO L93 Difference]: Finished difference Result 143 states and 184 transitions. [2022-02-20 18:09:16,000 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:16,000 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:09:16,000 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:16,000 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:16,005 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 184 transitions. [2022-02-20 18:09:16,005 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:16,010 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 184 transitions. [2022-02-20 18:09:16,010 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 184 transitions. [2022-02-20 18:09:16,177 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 184 edges. 184 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:16,179 INFO L225 Difference]: With dead ends: 143 [2022-02-20 18:09:16,179 INFO L226 Difference]: Without dead ends: 75 [2022-02-20 18:09:16,180 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 29 GetRequests, 28 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:16,181 INFO L933 BasicCegarLoop]: 93 mSDtfsCounter, 77 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 77 SdHoareTripleChecker+Valid, 93 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:16,181 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [77 Valid, 93 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:16,182 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 75 states. [2022-02-20 18:09:16,188 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 75 to 75. [2022-02-20 18:09:16,188 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:16,188 INFO L82 GeneralOperation]: Start isEquivalent. First operand 75 states. Second operand has 75 states, 54 states have (on average 1.2962962962962963) internal successors, (70), 61 states have internal predecessors, (70), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 8 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:16,189 INFO L74 IsIncluded]: Start isIncluded. First operand 75 states. Second operand has 75 states, 54 states have (on average 1.2962962962962963) internal successors, (70), 61 states have internal predecessors, (70), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 8 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:16,189 INFO L87 Difference]: Start difference. First operand 75 states. Second operand has 75 states, 54 states have (on average 1.2962962962962963) internal successors, (70), 61 states have internal predecessors, (70), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 8 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:16,196 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:16,196 INFO L93 Difference]: Finished difference Result 75 states and 94 transitions. [2022-02-20 18:09:16,197 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 94 transitions. [2022-02-20 18:09:16,197 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:16,197 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:16,198 INFO L74 IsIncluded]: Start isIncluded. First operand has 75 states, 54 states have (on average 1.2962962962962963) internal successors, (70), 61 states have internal predecessors, (70), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 8 states have call predecessors, (12), 12 states have call successors, (12) Second operand 75 states. [2022-02-20 18:09:16,198 INFO L87 Difference]: Start difference. First operand has 75 states, 54 states have (on average 1.2962962962962963) internal successors, (70), 61 states have internal predecessors, (70), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 8 states have call predecessors, (12), 12 states have call successors, (12) Second operand 75 states. [2022-02-20 18:09:16,203 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:16,204 INFO L93 Difference]: Finished difference Result 75 states and 94 transitions. [2022-02-20 18:09:16,205 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 94 transitions. [2022-02-20 18:09:16,205 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:16,205 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:16,205 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:16,206 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:16,207 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 75 states, 54 states have (on average 1.2962962962962963) internal successors, (70), 61 states have internal predecessors, (70), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 8 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:16,210 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 75 states to 75 states and 94 transitions. [2022-02-20 18:09:16,210 INFO L78 Accepts]: Start accepts. Automaton has 75 states and 94 transitions. Word has length 30 [2022-02-20 18:09:16,210 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:16,210 INFO L470 AbstractCegarLoop]: Abstraction has 75 states and 94 transitions. [2022-02-20 18:09:16,211 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:16,211 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 94 transitions. [2022-02-20 18:09:16,212 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2022-02-20 18:09:16,213 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:16,213 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:16,228 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Forceful destruction successful, exit code 0 [2022-02-20 18:09:16,425 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:16,426 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:16,426 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:16,426 INFO L85 PathProgramCache]: Analyzing trace with hash 1591783388, now seen corresponding path program 1 times [2022-02-20 18:09:16,429 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:16,429 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1876360166] [2022-02-20 18:09:16,429 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:16,431 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:16,431 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:16,432 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:16,433 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Waiting until timeout for monitored process [2022-02-20 18:09:16,482 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:16,484 INFO L263 TraceCheckSpWp]: Trace formula consists of 169 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 18:09:16,502 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:16,504 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:16,680 INFO L290 TraceCheckUtils]: 0: Hoare triple {1800#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(13bv32, 4bv32);call #Ultimate.allocInit(7bv32, 5bv32);call write~init~intINTTYPE1(44bv8, 5bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 5bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 5bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 5bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 5bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 5bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 5bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 6bv32);call write~init~intINTTYPE1(67bv8, 6bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 6bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 6bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 6bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 6bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 7bv32);call write~init~intINTTYPE1(79bv8, 7bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 7bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 7bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 8bv32);call write~init~intINTTYPE1(41bv8, 8bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 8bv32, 1bv32, 1bv32);call #Ultimate.allocInit(30bv32, 9bv32);call #Ultimate.allocInit(9bv32, 10bv32);call #Ultimate.allocInit(21bv32, 11bv32);call #Ultimate.allocInit(30bv32, 12bv32);call #Ultimate.allocInit(9bv32, 13bv32);call #Ultimate.allocInit(21bv32, 14bv32);call #Ultimate.allocInit(30bv32, 15bv32);call #Ultimate.allocInit(9bv32, 16bv32);call #Ultimate.allocInit(25bv32, 17bv32);call #Ultimate.allocInit(30bv32, 18bv32);call #Ultimate.allocInit(9bv32, 19bv32);call #Ultimate.allocInit(25bv32, 20bv32);call #Ultimate.allocInit(13bv32, 21bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(79bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 23bv32);call write~init~intINTTYPE1(79bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 23bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 23bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 24bv32);call write~init~intINTTYPE1(44bv8, 24bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 24bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 24bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 24bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 24bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 24bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 24bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 25bv32);call write~init~intINTTYPE1(79bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 26bv32);call write~init~intINTTYPE1(79bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(41bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(10bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32;~cleanupTimeShifts~0 := 4bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32; {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,681 INFO L290 TraceCheckUtils]: 1: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret36#1, main_~retValue_acc~8#1, main_~tmp~4#1;havoc main_~retValue_acc~8#1;havoc main_~tmp~4#1;assume { :begin_inline_select_helpers } true; {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,681 INFO L290 TraceCheckUtils]: 2: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,681 INFO L290 TraceCheckUtils]: 3: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~7#1;havoc valid_product_~retValue_acc~7#1;valid_product_~retValue_acc~7#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~7#1; {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,682 INFO L290 TraceCheckUtils]: 4: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} main_#t~ret36#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~4#1 := main_#t~ret36#1;havoc main_#t~ret36#1; {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,682 INFO L290 TraceCheckUtils]: 5: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} assume 0bv32 != main_~tmp~4#1;assume { :begin_inline_setup } true; {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,683 INFO L290 TraceCheckUtils]: 6: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet50#1, test_#t~nondet51#1, test_#t~nondet52#1, test_#t~nondet53#1, test_~splverifierCounter~0#1, test_~tmp~9#1, test_~tmp___0~2#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~9#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,684 INFO L290 TraceCheckUtils]: 7: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} assume !false; {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,684 INFO L290 TraceCheckUtils]: 8: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} assume ~bvslt32(test_~splverifierCounter~0#1, 4bv32); {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,684 INFO L290 TraceCheckUtils]: 9: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} test_~tmp~9#1 := test_#t~nondet50#1;havoc test_#t~nondet50#1; {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,685 INFO L290 TraceCheckUtils]: 10: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != test_~tmp~9#1); {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,685 INFO L290 TraceCheckUtils]: 11: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} test_~tmp___0~2#1 := test_#t~nondet51#1;havoc test_#t~nondet51#1; {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,686 INFO L290 TraceCheckUtils]: 12: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___0~2#1); {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,686 INFO L290 TraceCheckUtils]: 13: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} test_~tmp___2~0#1 := test_#t~nondet52#1;havoc test_#t~nondet52#1; {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,687 INFO L290 TraceCheckUtils]: 14: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} assume 0bv32 != test_~tmp___2~0#1; {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,687 INFO L272 TraceCheckUtils]: 15: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} call timeShift(); {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,687 INFO L290 TraceCheckUtils]: 16: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,688 INFO L290 TraceCheckUtils]: 17: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} assume 0bv32 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret38#1, processEnvironment_~tmp~6#1;havoc processEnvironment_~tmp~6#1; {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,688 INFO L290 TraceCheckUtils]: 18: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,689 INFO L272 TraceCheckUtils]: 19: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} call processEnvironment__wrappee__methaneQuery(); {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,689 INFO L290 TraceCheckUtils]: 20: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} havoc ~tmp~5#1; {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,689 INFO L290 TraceCheckUtils]: 21: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,690 INFO L272 TraceCheckUtils]: 22: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} call processEnvironment__wrappee__base(); {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,690 INFO L290 TraceCheckUtils]: 23: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} assume true; {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,693 INFO L284 TraceCheckUtils]: 24: Hoare quadruple {1805#(= ~waterLevel~0 (_ bv1 32))} {1805#(= ~waterLevel~0 (_ bv1 32))} #249#return; {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,693 INFO L290 TraceCheckUtils]: 25: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} assume true; {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,694 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {1805#(= ~waterLevel~0 (_ bv1 32))} {1805#(= ~waterLevel~0 (_ bv1 32))} #229#return; {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,695 INFO L290 TraceCheckUtils]: 27: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_processEnvironment } true; {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,695 INFO L290 TraceCheckUtils]: 28: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret4#1, __utac_acc__Specification3_spec__1_#t~ret5#1, __utac_acc__Specification3_spec__1_#t~ret6#1, __utac_acc__Specification3_spec__1_~tmp~0#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,696 INFO L272 TraceCheckUtils]: 29: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} call __utac_acc__Specification3_spec__1_#t~ret4#1 := isMethaneLevelCritical(); {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,697 INFO L290 TraceCheckUtils]: 30: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,698 INFO L290 TraceCheckUtils]: 31: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} assume true; {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,703 INFO L284 TraceCheckUtils]: 32: Hoare quadruple {1805#(= ~waterLevel~0 (_ bv1 32))} {1805#(= ~waterLevel~0 (_ bv1 32))} #231#return; {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,704 INFO L290 TraceCheckUtils]: 33: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} __utac_acc__Specification3_spec__1_~tmp~0#1 := __utac_acc__Specification3_spec__1_#t~ret4#1;havoc __utac_acc__Specification3_spec__1_#t~ret4#1; {1805#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:16,704 INFO L290 TraceCheckUtils]: 34: Hoare triple {1805#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~0#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~1#1;havoc getWaterLevel_~retValue_acc~1#1;getWaterLevel_~retValue_acc~1#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; {1908#(= |timeShift_getWaterLevel_#res#1| (_ bv1 32))} is VALID [2022-02-20 18:09:16,705 INFO L290 TraceCheckUtils]: 35: Hoare triple {1908#(= |timeShift_getWaterLevel_#res#1| (_ bv1 32))} __utac_acc__Specification3_spec__1_#t~ret5#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret5#1;havoc __utac_acc__Specification3_spec__1_#t~ret5#1; {1912#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1| (_ bv1 32))} is VALID [2022-02-20 18:09:16,705 INFO L290 TraceCheckUtils]: 36: Hoare triple {1912#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1| (_ bv1 32))} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~10#1;havoc isPumpRunning_~retValue_acc~10#1;isPumpRunning_~retValue_acc~10#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~10#1; {1801#false} is VALID [2022-02-20 18:09:16,706 INFO L290 TraceCheckUtils]: 37: Hoare triple {1801#false} __utac_acc__Specification3_spec__1_#t~ret6#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret6#1;havoc __utac_acc__Specification3_spec__1_#t~ret6#1; {1801#false} is VALID [2022-02-20 18:09:16,706 INFO L290 TraceCheckUtils]: 38: Hoare triple {1801#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {1801#false} is VALID [2022-02-20 18:09:16,706 INFO L290 TraceCheckUtils]: 39: Hoare triple {1801#false} assume !false; {1801#false} is VALID [2022-02-20 18:09:16,706 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:16,706 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:16,707 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:16,707 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1876360166] [2022-02-20 18:09:16,707 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1876360166] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:16,707 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:16,714 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 18:09:16,714 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1767842171] [2022-02-20 18:09:16,714 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:16,715 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 40 [2022-02-20 18:09:16,715 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:16,716 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:09:16,751 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 40 edges. 40 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:16,751 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 18:09:16,751 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:16,753 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 18:09:16,753 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 18:09:16,753 INFO L87 Difference]: Start difference. First operand 75 states and 94 transitions. Second operand has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:09:17,068 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:17,068 INFO L93 Difference]: Finished difference Result 207 states and 268 transitions. [2022-02-20 18:09:17,068 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 18:09:17,068 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 40 [2022-02-20 18:09:17,069 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:17,069 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:09:17,080 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 268 transitions. [2022-02-20 18:09:17,080 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:09:17,085 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 268 transitions. [2022-02-20 18:09:17,085 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 268 transitions. [2022-02-20 18:09:17,306 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 268 edges. 268 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:17,310 INFO L225 Difference]: With dead ends: 207 [2022-02-20 18:09:17,310 INFO L226 Difference]: Without dead ends: 139 [2022-02-20 18:09:17,311 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 41 GetRequests, 36 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-02-20 18:09:17,312 INFO L933 BasicCegarLoop]: 103 mSDtfsCounter, 55 mSDsluCounter, 284 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 55 SdHoareTripleChecker+Valid, 387 SdHoareTripleChecker+Invalid, 27 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:17,312 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [55 Valid, 387 Invalid, 27 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:17,313 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 139 states. [2022-02-20 18:09:17,324 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 139 to 136. [2022-02-20 18:09:17,324 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:17,325 INFO L82 GeneralOperation]: Start isEquivalent. First operand 139 states. Second operand has 136 states, 96 states have (on average 1.2916666666666667) internal successors, (124), 108 states have internal predecessors, (124), 24 states have call successors, (24), 16 states have call predecessors, (24), 15 states have return successors, (25), 15 states have call predecessors, (25), 24 states have call successors, (25) [2022-02-20 18:09:17,325 INFO L74 IsIncluded]: Start isIncluded. First operand 139 states. Second operand has 136 states, 96 states have (on average 1.2916666666666667) internal successors, (124), 108 states have internal predecessors, (124), 24 states have call successors, (24), 16 states have call predecessors, (24), 15 states have return successors, (25), 15 states have call predecessors, (25), 24 states have call successors, (25) [2022-02-20 18:09:17,326 INFO L87 Difference]: Start difference. First operand 139 states. Second operand has 136 states, 96 states have (on average 1.2916666666666667) internal successors, (124), 108 states have internal predecessors, (124), 24 states have call successors, (24), 16 states have call predecessors, (24), 15 states have return successors, (25), 15 states have call predecessors, (25), 24 states have call successors, (25) [2022-02-20 18:09:17,331 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:17,331 INFO L93 Difference]: Finished difference Result 139 states and 176 transitions. [2022-02-20 18:09:17,331 INFO L276 IsEmpty]: Start isEmpty. Operand 139 states and 176 transitions. [2022-02-20 18:09:17,332 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:17,332 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:17,333 INFO L74 IsIncluded]: Start isIncluded. First operand has 136 states, 96 states have (on average 1.2916666666666667) internal successors, (124), 108 states have internal predecessors, (124), 24 states have call successors, (24), 16 states have call predecessors, (24), 15 states have return successors, (25), 15 states have call predecessors, (25), 24 states have call successors, (25) Second operand 139 states. [2022-02-20 18:09:17,333 INFO L87 Difference]: Start difference. First operand has 136 states, 96 states have (on average 1.2916666666666667) internal successors, (124), 108 states have internal predecessors, (124), 24 states have call successors, (24), 16 states have call predecessors, (24), 15 states have return successors, (25), 15 states have call predecessors, (25), 24 states have call successors, (25) Second operand 139 states. [2022-02-20 18:09:17,338 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:17,338 INFO L93 Difference]: Finished difference Result 139 states and 176 transitions. [2022-02-20 18:09:17,338 INFO L276 IsEmpty]: Start isEmpty. Operand 139 states and 176 transitions. [2022-02-20 18:09:17,339 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:17,339 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:17,339 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:17,339 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:17,340 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 136 states, 96 states have (on average 1.2916666666666667) internal successors, (124), 108 states have internal predecessors, (124), 24 states have call successors, (24), 16 states have call predecessors, (24), 15 states have return successors, (25), 15 states have call predecessors, (25), 24 states have call successors, (25) [2022-02-20 18:09:17,345 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 136 states to 136 states and 173 transitions. [2022-02-20 18:09:17,345 INFO L78 Accepts]: Start accepts. Automaton has 136 states and 173 transitions. Word has length 40 [2022-02-20 18:09:17,346 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:17,346 INFO L470 AbstractCegarLoop]: Abstraction has 136 states and 173 transitions. [2022-02-20 18:09:17,346 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 18:09:17,346 INFO L276 IsEmpty]: Start isEmpty. Operand 136 states and 173 transitions. [2022-02-20 18:09:17,347 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2022-02-20 18:09:17,347 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:17,348 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:17,358 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Forceful destruction successful, exit code 0 [2022-02-20 18:09:17,555 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:17,556 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:17,556 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:17,556 INFO L85 PathProgramCache]: Analyzing trace with hash -766065470, now seen corresponding path program 1 times [2022-02-20 18:09:17,557 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:17,557 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1645746769] [2022-02-20 18:09:17,557 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:17,557 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:17,558 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:17,559 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:17,561 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Waiting until timeout for monitored process [2022-02-20 18:09:17,612 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:09:17,613 INFO L352 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2022-02-20 18:09:17,638 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:09:17,717 INFO L138 FreeRefinementEngine]: Strategy WOLF found a feasible trace [2022-02-20 18:09:17,717 INFO L628 BasicCegarLoop]: Counterexample is feasible [2022-02-20 18:09:17,718 INFO L764 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-02-20 18:09:17,734 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Forceful destruction successful, exit code 0 [2022-02-20 18:09:17,925 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:17,929 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1] [2022-02-20 18:09:17,932 INFO L180 ceAbstractionStarter]: Computing trace abstraction results [2022-02-20 18:09:17,955 FATAL L489 DefaultTranslator]: Callstack has procedure call flag but succeeding procedure is empty at [CALL] call waterRise(); [2022-02-20 18:09:17,956 FATAL L? ?]: The Plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction has thrown an exception: java.lang.AssertionError: callstack broken after backtranslation by InlinerBacktranslator at de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:216) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:206) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getProgramExecutionAsString(CounterExampleResult.java:155) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getLongDescription(CounterExampleResult.java:134) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ResultService.reportResult(ResultService.java:86) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.CegarLoopResultReporter.reportResult(CegarLoopResultReporter.java:141) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.reportLocationResults(TraceAbstractionStarter.java:607) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.runCegarLoops(TraceAbstractionStarter.java:182) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.(TraceAbstractionStarter.java:156) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver.finish(TraceAbstractionObserver.java:123) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runObserver(PluginConnector.java:168) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runTool(PluginConnector.java:151) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.run(PluginConnector.java:128) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.executePluginConnector(ToolchainWalker.java:232) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.processPlugin(ToolchainWalker.java:226) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walkUnprotected(ToolchainWalker.java:142) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walk(ToolchainWalker.java:104) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainManager$Toolchain.processToolchain(ToolchainManager.java:320) at de.uni_freiburg.informatik.ultimate.core.coreplugin.toolchain.DefaultToolchainJob.run(DefaultToolchainJob.java:145) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:63) [2022-02-20 18:09:17,959 INFO L158 Benchmark]: Toolchain (without parser) took 5646.74ms. Allocated memory was 54.5MB in the beginning and 81.8MB in the end (delta: 27.3MB). Free memory was 30.6MB in the beginning and 54.9MB in the end (delta: -24.3MB). Peak memory consumption was 34.1MB. Max. memory is 16.1GB. [2022-02-20 18:09:17,959 INFO L158 Benchmark]: CDTParser took 0.22ms. Allocated memory is still 54.5MB. Free memory was 36.6MB in the beginning and 36.5MB in the end (delta: 44.6kB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:09:17,960 INFO L158 Benchmark]: CACSL2BoogieTranslator took 589.11ms. Allocated memory was 54.5MB in the beginning and 67.1MB in the end (delta: 12.6MB). Free memory was 30.4MB in the beginning and 46.6MB in the end (delta: -16.3MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2022-02-20 18:09:17,960 INFO L158 Benchmark]: Boogie Procedure Inliner took 75.60ms. Allocated memory is still 67.1MB. Free memory was 46.6MB in the beginning and 44.1MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:09:17,961 INFO L158 Benchmark]: Boogie Preprocessor took 50.79ms. Allocated memory is still 67.1MB. Free memory was 44.1MB in the beginning and 42.2MB in the end (delta: 1.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:09:17,961 INFO L158 Benchmark]: RCFGBuilder took 601.52ms. Allocated memory is still 67.1MB. Free memory was 42.0MB in the beginning and 42.3MB in the end (delta: -311.7kB). Peak memory consumption was 13.6MB. Max. memory is 16.1GB. [2022-02-20 18:09:17,963 INFO L158 Benchmark]: TraceAbstraction took 4321.74ms. Allocated memory was 67.1MB in the beginning and 81.8MB in the end (delta: 14.7MB). Free memory was 41.8MB in the beginning and 54.9MB in the end (delta: -13.2MB). Peak memory consumption was 31.0MB. Max. memory is 16.1GB. [2022-02-20 18:09:17,964 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.22ms. Allocated memory is still 54.5MB. Free memory was 36.6MB in the beginning and 36.5MB in the end (delta: 44.6kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 589.11ms. Allocated memory was 54.5MB in the beginning and 67.1MB in the end (delta: 12.6MB). Free memory was 30.4MB in the beginning and 46.6MB in the end (delta: -16.3MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 75.60ms. Allocated memory is still 67.1MB. Free memory was 46.6MB in the beginning and 44.1MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 50.79ms. Allocated memory is still 67.1MB. Free memory was 44.1MB in the beginning and 42.2MB in the end (delta: 1.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 601.52ms. Allocated memory is still 67.1MB. Free memory was 42.0MB in the beginning and 42.3MB in the end (delta: -311.7kB). Peak memory consumption was 13.6MB. Max. memory is 16.1GB. * TraceAbstraction took 4321.74ms. Allocated memory was 67.1MB in the beginning and 81.8MB in the end (delta: 14.7MB). Free memory was 41.8MB in the beginning and 54.9MB in the end (delta: -13.2MB). Peak memory consumption was 31.0MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: AssertionError: callstack broken after backtranslation by InlinerBacktranslator: de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) RESULT: Ultimate could not prove your program: Toolchain returned no result. [2022-02-20 18:09:18,003 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: ERROR: ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator