./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec3_product31.cil.c --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 03d7b7b3 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_product31.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 5b1e1d3e485748d25a44a97cbcf16885148403d3faf86da44fdb361034bb1dc7 --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 18:09:02,648 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 18:09:02,650 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 18:09:02,675 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 18:09:02,679 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 18:09:02,681 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 18:09:02,683 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 18:09:02,688 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 18:09:02,690 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 18:09:02,694 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 18:09:02,694 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 18:09:02,695 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 18:09:02,696 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 18:09:02,698 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 18:09:02,699 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 18:09:02,701 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 18:09:02,702 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 18:09:02,702 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 18:09:02,705 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 18:09:02,708 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 18:09:02,709 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 18:09:02,710 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 18:09:02,711 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 18:09:02,712 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 18:09:02,717 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 18:09:02,718 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 18:09:02,718 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 18:09:02,719 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 18:09:02,719 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 18:09:02,720 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 18:09:02,721 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 18:09:02,721 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 18:09:02,722 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 18:09:02,723 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 18:09:02,725 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 18:09:02,725 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 18:09:02,726 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 18:09:02,726 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 18:09:02,726 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 18:09:02,727 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 18:09:02,727 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 18:09:02,728 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-02-20 18:09:02,751 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 18:09:02,751 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 18:09:02,752 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 18:09:02,752 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 18:09:02,753 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 18:09:02,753 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 18:09:02,753 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 18:09:02,753 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 18:09:02,754 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 18:09:02,754 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 18:09:02,754 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 18:09:02,754 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 18:09:02,754 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 18:09:02,755 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 18:09:02,755 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-02-20 18:09:02,755 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 18:09:02,755 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-02-20 18:09:02,755 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 18:09:02,755 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-02-20 18:09:02,756 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 18:09:02,756 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-02-20 18:09:02,756 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 18:09:02,756 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 18:09:02,757 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 18:09:02,757 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:09:02,757 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 18:09:02,757 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 18:09:02,758 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-02-20 18:09:02,758 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-02-20 18:09:02,758 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-02-20 18:09:02,758 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2022-02-20 18:09:02,758 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-02-20 18:09:02,758 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-02-20 18:09:02,759 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 5b1e1d3e485748d25a44a97cbcf16885148403d3faf86da44fdb361034bb1dc7 [2022-02-20 18:09:02,978 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 18:09:03,002 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 18:09:03,006 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 18:09:03,007 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 18:09:03,007 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 18:09:03,009 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_product31.cil.c [2022-02-20 18:09:03,072 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/8e35cb014/1120740c544446a6ad6503b210945226/FLAGcd6f369a3 [2022-02-20 18:09:03,540 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 18:09:03,540 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product31.cil.c [2022-02-20 18:09:03,554 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/8e35cb014/1120740c544446a6ad6503b210945226/FLAGcd6f369a3 [2022-02-20 18:09:03,568 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/8e35cb014/1120740c544446a6ad6503b210945226 [2022-02-20 18:09:03,570 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 18:09:03,572 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 18:09:03,574 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 18:09:03,574 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 18:09:03,585 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 18:09:03,586 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:09:03" (1/1) ... [2022-02-20 18:09:03,586 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@4cb22c0f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:03, skipping insertion in model container [2022-02-20 18:09:03,587 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:09:03" (1/1) ... [2022-02-20 18:09:03,591 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 18:09:03,623 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:09:03,787 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product31.cil.c[2984,2997] [2022-02-20 18:09:03,888 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:09:03,896 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 18:09:03,922 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product31.cil.c[2984,2997] [2022-02-20 18:09:03,987 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:09:04,002 INFO L208 MainTranslator]: Completed translation [2022-02-20 18:09:04,003 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:04 WrapperNode [2022-02-20 18:09:04,003 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 18:09:04,004 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 18:09:04,004 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 18:09:04,005 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 18:09:04,010 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:04" (1/1) ... [2022-02-20 18:09:04,030 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:04" (1/1) ... [2022-02-20 18:09:04,057 INFO L137 Inliner]: procedures = 55, calls = 158, calls flagged for inlining = 21, calls inlined = 17, statements flattened = 239 [2022-02-20 18:09:04,058 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 18:09:04,058 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 18:09:04,059 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 18:09:04,059 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 18:09:04,065 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:04" (1/1) ... [2022-02-20 18:09:04,066 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:04" (1/1) ... [2022-02-20 18:09:04,080 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:04" (1/1) ... [2022-02-20 18:09:04,080 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:04" (1/1) ... [2022-02-20 18:09:04,085 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:04" (1/1) ... [2022-02-20 18:09:04,089 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:04" (1/1) ... [2022-02-20 18:09:04,090 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:04" (1/1) ... [2022-02-20 18:09:04,092 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 18:09:04,093 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 18:09:04,093 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 18:09:04,093 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 18:09:04,094 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:04" (1/1) ... [2022-02-20 18:09:04,102 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:09:04,111 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 18:09:04,125 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 18:09:04,137 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 18:09:04,161 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 18:09:04,161 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-02-20 18:09:04,161 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-02-20 18:09:04,161 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-02-20 18:09:04,162 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-02-20 18:09:04,162 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-02-20 18:09:04,162 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-02-20 18:09:04,162 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-02-20 18:09:04,166 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-02-20 18:09:04,166 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-02-20 18:09:04,166 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-02-20 18:09:04,166 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2022-02-20 18:09:04,167 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2022-02-20 18:09:04,167 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2022-02-20 18:09:04,167 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2022-02-20 18:09:04,167 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-02-20 18:09:04,167 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-02-20 18:09:04,167 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-02-20 18:09:04,168 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-02-20 18:09:04,168 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-02-20 18:09:04,168 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 18:09:04,168 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 18:09:04,226 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 18:09:04,227 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 18:09:04,911 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 18:09:04,923 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 18:09:04,936 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-02-20 18:09:04,938 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:09:04 BoogieIcfgContainer [2022-02-20 18:09:04,939 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 18:09:04,940 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 18:09:04,941 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 18:09:04,943 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 18:09:04,948 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 06:09:03" (1/3) ... [2022-02-20 18:09:04,949 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3e15f738 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:09:04, skipping insertion in model container [2022-02-20 18:09:04,950 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:04" (2/3) ... [2022-02-20 18:09:04,950 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3e15f738 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:09:04, skipping insertion in model container [2022-02-20 18:09:04,950 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:09:04" (3/3) ... [2022-02-20 18:09:04,966 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product31.cil.c [2022-02-20 18:09:04,970 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 18:09:04,971 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-02-20 18:09:05,039 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 18:09:05,045 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 18:09:05,046 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-02-20 18:09:05,066 INFO L276 IsEmpty]: Start isEmpty. Operand has 97 states, 70 states have (on average 1.3714285714285714) internal successors, (96), 79 states have internal predecessors, (96), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 12 states have call predecessors, (16), 16 states have call successors, (16) [2022-02-20 18:09:05,077 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 18:09:05,077 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:05,078 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:05,079 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:05,086 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:05,086 INFO L85 PathProgramCache]: Analyzing trace with hash 2124240942, now seen corresponding path program 1 times [2022-02-20 18:09:05,095 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:05,096 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [988443103] [2022-02-20 18:09:05,096 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:05,097 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:05,195 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:05,292 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-02-20 18:09:05,302 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:05,312 INFO L290 TraceCheckUtils]: 0: Hoare triple {100#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {100#true} is VALID [2022-02-20 18:09:05,313 INFO L290 TraceCheckUtils]: 1: Hoare triple {100#true} assume true; {100#true} is VALID [2022-02-20 18:09:05,313 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {100#true} {101#false} #245#return; {101#false} is VALID [2022-02-20 18:09:05,320 INFO L290 TraceCheckUtils]: 0: Hoare triple {100#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(30, 9);call #Ultimate.allocInit(9, 10);call #Ultimate.allocInit(21, 11);call #Ultimate.allocInit(30, 12);call #Ultimate.allocInit(9, 13);call #Ultimate.allocInit(21, 14);call #Ultimate.allocInit(30, 15);call #Ultimate.allocInit(9, 16);call #Ultimate.allocInit(25, 17);call #Ultimate.allocInit(30, 18);call #Ultimate.allocInit(9, 19);call #Ultimate.allocInit(25, 20);call #Ultimate.allocInit(13, 21);call #Ultimate.allocInit(3, 22);call write~init~int(79, 22, 0, 1);call write~init~int(110, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(4, 23);call write~init~int(79, 23, 0, 1);call write~init~int(102, 23, 1, 1);call write~init~int(102, 23, 2, 1);call write~init~int(0, 23, 3, 1);call #Ultimate.allocInit(7, 24);call write~init~int(44, 24, 0, 1);call write~init~int(80, 24, 1, 1);call write~init~int(117, 24, 2, 1);call write~init~int(109, 24, 3, 1);call write~init~int(112, 24, 4, 1);call write~init~int(58, 24, 5, 1);call write~init~int(0, 24, 6, 1);call #Ultimate.allocInit(3, 25);call write~init~int(79, 25, 0, 1);call write~init~int(110, 25, 1, 1);call write~init~int(0, 25, 2, 1);call #Ultimate.allocInit(4, 26);call write~init~int(79, 26, 0, 1);call write~init~int(102, 26, 1, 1);call write~init~int(102, 26, 2, 1);call write~init~int(0, 26, 3, 1);call #Ultimate.allocInit(3, 27);call write~init~int(41, 27, 0, 1);call write~init~int(32, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(10, 28, 0, 1);call write~init~int(0, 28, 1, 1);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~head~0.base, ~head~0.offset := 0, 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~cleanupTimeShifts~0 := 4; {100#true} is VALID [2022-02-20 18:09:05,321 INFO L290 TraceCheckUtils]: 1: Hoare triple {100#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret53#1, main_~retValue_acc~11#1, main_~tmp~9#1;havoc main_~retValue_acc~11#1;havoc main_~tmp~9#1;assume { :begin_inline_select_helpers } true; {100#true} is VALID [2022-02-20 18:09:05,322 INFO L290 TraceCheckUtils]: 2: Hoare triple {100#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {100#true} is VALID [2022-02-20 18:09:05,322 INFO L290 TraceCheckUtils]: 3: Hoare triple {100#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~10#1;havoc valid_product_~retValue_acc~10#1;valid_product_~retValue_acc~10#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~10#1; {100#true} is VALID [2022-02-20 18:09:05,322 INFO L290 TraceCheckUtils]: 4: Hoare triple {100#true} main_#t~ret53#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret53#1 && main_#t~ret53#1 <= 2147483647;main_~tmp~9#1 := main_#t~ret53#1;havoc main_#t~ret53#1; {100#true} is VALID [2022-02-20 18:09:05,323 INFO L290 TraceCheckUtils]: 5: Hoare triple {100#true} assume 0 != main_~tmp~9#1;assume { :begin_inline_setup } true; {100#true} is VALID [2022-02-20 18:09:05,323 INFO L290 TraceCheckUtils]: 6: Hoare triple {100#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet32#1, test_#t~nondet33#1, test_#t~nondet34#1, test_#t~nondet35#1, test_~splverifierCounter~0#1, test_~tmp~3#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~3#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {100#true} is VALID [2022-02-20 18:09:05,324 INFO L290 TraceCheckUtils]: 7: Hoare triple {100#true} assume false; {101#false} is VALID [2022-02-20 18:09:05,324 INFO L272 TraceCheckUtils]: 8: Hoare triple {101#false} call cleanup(); {101#false} is VALID [2022-02-20 18:09:05,324 INFO L290 TraceCheckUtils]: 9: Hoare triple {101#false} havoc ~i~0;havoc ~__cil_tmp2~0; {101#false} is VALID [2022-02-20 18:09:05,325 INFO L272 TraceCheckUtils]: 10: Hoare triple {101#false} call timeShift(); {101#false} is VALID [2022-02-20 18:09:05,325 INFO L290 TraceCheckUtils]: 11: Hoare triple {101#false} assume !(0 != ~pumpRunning~0); {101#false} is VALID [2022-02-20 18:09:05,325 INFO L290 TraceCheckUtils]: 12: Hoare triple {101#false} assume !(0 != ~systemActive~0); {101#false} is VALID [2022-02-20 18:09:05,326 INFO L290 TraceCheckUtils]: 13: Hoare triple {101#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_#t~ret51#1, __utac_acc__Specification3_spec__1_~tmp~8#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~8#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {101#false} is VALID [2022-02-20 18:09:05,326 INFO L272 TraceCheckUtils]: 14: Hoare triple {101#false} call __utac_acc__Specification3_spec__1_#t~ret49#1 := isMethaneLevelCritical(); {100#true} is VALID [2022-02-20 18:09:05,326 INFO L290 TraceCheckUtils]: 15: Hoare triple {100#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {100#true} is VALID [2022-02-20 18:09:05,326 INFO L290 TraceCheckUtils]: 16: Hoare triple {100#true} assume true; {100#true} is VALID [2022-02-20 18:09:05,327 INFO L284 TraceCheckUtils]: 17: Hoare quadruple {100#true} {101#false} #245#return; {101#false} is VALID [2022-02-20 18:09:05,327 INFO L290 TraceCheckUtils]: 18: Hoare triple {101#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret49#1 && __utac_acc__Specification3_spec__1_#t~ret49#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~8#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {101#false} is VALID [2022-02-20 18:09:05,329 INFO L290 TraceCheckUtils]: 19: Hoare triple {101#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~8#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~1#1;havoc getWaterLevel_~retValue_acc~1#1;getWaterLevel_~retValue_acc~1#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; {101#false} is VALID [2022-02-20 18:09:05,329 INFO L290 TraceCheckUtils]: 20: Hoare triple {101#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret50#1 && __utac_acc__Specification3_spec__1_#t~ret50#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {101#false} is VALID [2022-02-20 18:09:05,330 INFO L290 TraceCheckUtils]: 21: Hoare triple {101#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {101#false} is VALID [2022-02-20 18:09:05,330 INFO L290 TraceCheckUtils]: 22: Hoare triple {101#false} __utac_acc__Specification3_spec__1_#t~ret51#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret51#1 && __utac_acc__Specification3_spec__1_#t~ret51#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret51#1;havoc __utac_acc__Specification3_spec__1_#t~ret51#1; {101#false} is VALID [2022-02-20 18:09:05,331 INFO L290 TraceCheckUtils]: 23: Hoare triple {101#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {101#false} is VALID [2022-02-20 18:09:05,331 INFO L290 TraceCheckUtils]: 24: Hoare triple {101#false} assume !false; {101#false} is VALID [2022-02-20 18:09:05,331 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:05,332 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:05,332 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [988443103] [2022-02-20 18:09:05,333 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [988443103] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:05,333 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:05,334 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:09:05,335 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1921440463] [2022-02-20 18:09:05,336 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:05,341 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:09:05,343 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:05,346 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:05,384 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:05,385 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-02-20 18:09:05,385 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:05,408 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-02-20 18:09:05,409 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:09:05,412 INFO L87 Difference]: Start difference. First operand has 97 states, 70 states have (on average 1.3714285714285714) internal successors, (96), 79 states have internal predecessors, (96), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 12 states have call predecessors, (16), 16 states have call successors, (16) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:05,520 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:05,520 INFO L93 Difference]: Finished difference Result 186 states and 251 transitions. [2022-02-20 18:09:05,521 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-02-20 18:09:05,521 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:09:05,521 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:05,523 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:05,535 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 251 transitions. [2022-02-20 18:09:05,536 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:05,543 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 251 transitions. [2022-02-20 18:09:05,544 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 251 transitions. [2022-02-20 18:09:05,746 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 251 edges. 251 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:05,757 INFO L225 Difference]: With dead ends: 186 [2022-02-20 18:09:05,757 INFO L226 Difference]: Without dead ends: 88 [2022-02-20 18:09:05,760 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:09:05,762 INFO L933 BasicCegarLoop]: 122 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 122 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:05,763 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 122 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:05,775 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 88 states. [2022-02-20 18:09:05,789 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 88 to 88. [2022-02-20 18:09:05,789 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:05,790 INFO L82 GeneralOperation]: Start isEquivalent. First operand 88 states. Second operand has 88 states, 63 states have (on average 1.3015873015873016) internal successors, (82), 71 states have internal predecessors, (82), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 11 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-20 18:09:05,791 INFO L74 IsIncluded]: Start isIncluded. First operand 88 states. Second operand has 88 states, 63 states have (on average 1.3015873015873016) internal successors, (82), 71 states have internal predecessors, (82), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 11 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-20 18:09:05,792 INFO L87 Difference]: Start difference. First operand 88 states. Second operand has 88 states, 63 states have (on average 1.3015873015873016) internal successors, (82), 71 states have internal predecessors, (82), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 11 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-20 18:09:05,799 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:05,799 INFO L93 Difference]: Finished difference Result 88 states and 113 transitions. [2022-02-20 18:09:05,799 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 113 transitions. [2022-02-20 18:09:05,800 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:05,800 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:05,801 INFO L74 IsIncluded]: Start isIncluded. First operand has 88 states, 63 states have (on average 1.3015873015873016) internal successors, (82), 71 states have internal predecessors, (82), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 11 states have call predecessors, (15), 15 states have call successors, (15) Second operand 88 states. [2022-02-20 18:09:05,802 INFO L87 Difference]: Start difference. First operand has 88 states, 63 states have (on average 1.3015873015873016) internal successors, (82), 71 states have internal predecessors, (82), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 11 states have call predecessors, (15), 15 states have call successors, (15) Second operand 88 states. [2022-02-20 18:09:05,807 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:05,807 INFO L93 Difference]: Finished difference Result 88 states and 113 transitions. [2022-02-20 18:09:05,807 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 113 transitions. [2022-02-20 18:09:05,808 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:05,808 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:05,809 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:05,809 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:05,809 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 88 states, 63 states have (on average 1.3015873015873016) internal successors, (82), 71 states have internal predecessors, (82), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 11 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-20 18:09:05,813 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 88 states to 88 states and 113 transitions. [2022-02-20 18:09:05,833 INFO L78 Accepts]: Start accepts. Automaton has 88 states and 113 transitions. Word has length 25 [2022-02-20 18:09:05,834 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:05,834 INFO L470 AbstractCegarLoop]: Abstraction has 88 states and 113 transitions. [2022-02-20 18:09:05,834 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:05,834 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 113 transitions. [2022-02-20 18:09:05,836 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-02-20 18:09:05,836 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:05,836 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:05,836 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-02-20 18:09:05,836 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:05,837 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:05,837 INFO L85 PathProgramCache]: Analyzing trace with hash 1980426117, now seen corresponding path program 1 times [2022-02-20 18:09:05,837 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:05,838 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1325403556] [2022-02-20 18:09:05,838 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:05,838 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:05,860 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:05,884 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2022-02-20 18:09:05,888 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:05,890 INFO L290 TraceCheckUtils]: 0: Hoare triple {679#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {679#true} is VALID [2022-02-20 18:09:05,890 INFO L290 TraceCheckUtils]: 1: Hoare triple {679#true} assume true; {679#true} is VALID [2022-02-20 18:09:05,891 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {679#true} {680#false} #245#return; {680#false} is VALID [2022-02-20 18:09:05,891 INFO L290 TraceCheckUtils]: 0: Hoare triple {679#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(30, 9);call #Ultimate.allocInit(9, 10);call #Ultimate.allocInit(21, 11);call #Ultimate.allocInit(30, 12);call #Ultimate.allocInit(9, 13);call #Ultimate.allocInit(21, 14);call #Ultimate.allocInit(30, 15);call #Ultimate.allocInit(9, 16);call #Ultimate.allocInit(25, 17);call #Ultimate.allocInit(30, 18);call #Ultimate.allocInit(9, 19);call #Ultimate.allocInit(25, 20);call #Ultimate.allocInit(13, 21);call #Ultimate.allocInit(3, 22);call write~init~int(79, 22, 0, 1);call write~init~int(110, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(4, 23);call write~init~int(79, 23, 0, 1);call write~init~int(102, 23, 1, 1);call write~init~int(102, 23, 2, 1);call write~init~int(0, 23, 3, 1);call #Ultimate.allocInit(7, 24);call write~init~int(44, 24, 0, 1);call write~init~int(80, 24, 1, 1);call write~init~int(117, 24, 2, 1);call write~init~int(109, 24, 3, 1);call write~init~int(112, 24, 4, 1);call write~init~int(58, 24, 5, 1);call write~init~int(0, 24, 6, 1);call #Ultimate.allocInit(3, 25);call write~init~int(79, 25, 0, 1);call write~init~int(110, 25, 1, 1);call write~init~int(0, 25, 2, 1);call #Ultimate.allocInit(4, 26);call write~init~int(79, 26, 0, 1);call write~init~int(102, 26, 1, 1);call write~init~int(102, 26, 2, 1);call write~init~int(0, 26, 3, 1);call #Ultimate.allocInit(3, 27);call write~init~int(41, 27, 0, 1);call write~init~int(32, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(10, 28, 0, 1);call write~init~int(0, 28, 1, 1);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~head~0.base, ~head~0.offset := 0, 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~cleanupTimeShifts~0 := 4; {679#true} is VALID [2022-02-20 18:09:05,891 INFO L290 TraceCheckUtils]: 1: Hoare triple {679#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret53#1, main_~retValue_acc~11#1, main_~tmp~9#1;havoc main_~retValue_acc~11#1;havoc main_~tmp~9#1;assume { :begin_inline_select_helpers } true; {679#true} is VALID [2022-02-20 18:09:05,892 INFO L290 TraceCheckUtils]: 2: Hoare triple {679#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {679#true} is VALID [2022-02-20 18:09:05,892 INFO L290 TraceCheckUtils]: 3: Hoare triple {679#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~10#1;havoc valid_product_~retValue_acc~10#1;valid_product_~retValue_acc~10#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~10#1; {679#true} is VALID [2022-02-20 18:09:05,892 INFO L290 TraceCheckUtils]: 4: Hoare triple {679#true} main_#t~ret53#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret53#1 && main_#t~ret53#1 <= 2147483647;main_~tmp~9#1 := main_#t~ret53#1;havoc main_#t~ret53#1; {679#true} is VALID [2022-02-20 18:09:05,892 INFO L290 TraceCheckUtils]: 5: Hoare triple {679#true} assume 0 != main_~tmp~9#1;assume { :begin_inline_setup } true; {679#true} is VALID [2022-02-20 18:09:05,893 INFO L290 TraceCheckUtils]: 6: Hoare triple {679#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet32#1, test_#t~nondet33#1, test_#t~nondet34#1, test_#t~nondet35#1, test_~splverifierCounter~0#1, test_~tmp~3#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~3#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {681#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:09:05,893 INFO L290 TraceCheckUtils]: 7: Hoare triple {681#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !false; {681#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:09:05,893 INFO L290 TraceCheckUtils]: 8: Hoare triple {681#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !(test_~splverifierCounter~0#1 < 4); {680#false} is VALID [2022-02-20 18:09:05,894 INFO L272 TraceCheckUtils]: 9: Hoare triple {680#false} call cleanup(); {680#false} is VALID [2022-02-20 18:09:05,894 INFO L290 TraceCheckUtils]: 10: Hoare triple {680#false} havoc ~i~0;havoc ~__cil_tmp2~0; {680#false} is VALID [2022-02-20 18:09:05,894 INFO L272 TraceCheckUtils]: 11: Hoare triple {680#false} call timeShift(); {680#false} is VALID [2022-02-20 18:09:05,894 INFO L290 TraceCheckUtils]: 12: Hoare triple {680#false} assume !(0 != ~pumpRunning~0); {680#false} is VALID [2022-02-20 18:09:05,894 INFO L290 TraceCheckUtils]: 13: Hoare triple {680#false} assume !(0 != ~systemActive~0); {680#false} is VALID [2022-02-20 18:09:05,895 INFO L290 TraceCheckUtils]: 14: Hoare triple {680#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_#t~ret51#1, __utac_acc__Specification3_spec__1_~tmp~8#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~8#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {680#false} is VALID [2022-02-20 18:09:05,895 INFO L272 TraceCheckUtils]: 15: Hoare triple {680#false} call __utac_acc__Specification3_spec__1_#t~ret49#1 := isMethaneLevelCritical(); {679#true} is VALID [2022-02-20 18:09:05,895 INFO L290 TraceCheckUtils]: 16: Hoare triple {679#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {679#true} is VALID [2022-02-20 18:09:05,895 INFO L290 TraceCheckUtils]: 17: Hoare triple {679#true} assume true; {679#true} is VALID [2022-02-20 18:09:05,895 INFO L284 TraceCheckUtils]: 18: Hoare quadruple {679#true} {680#false} #245#return; {680#false} is VALID [2022-02-20 18:09:05,895 INFO L290 TraceCheckUtils]: 19: Hoare triple {680#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret49#1 && __utac_acc__Specification3_spec__1_#t~ret49#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~8#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {680#false} is VALID [2022-02-20 18:09:05,896 INFO L290 TraceCheckUtils]: 20: Hoare triple {680#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~8#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~1#1;havoc getWaterLevel_~retValue_acc~1#1;getWaterLevel_~retValue_acc~1#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; {680#false} is VALID [2022-02-20 18:09:05,896 INFO L290 TraceCheckUtils]: 21: Hoare triple {680#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret50#1 && __utac_acc__Specification3_spec__1_#t~ret50#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {680#false} is VALID [2022-02-20 18:09:05,896 INFO L290 TraceCheckUtils]: 22: Hoare triple {680#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {680#false} is VALID [2022-02-20 18:09:05,896 INFO L290 TraceCheckUtils]: 23: Hoare triple {680#false} __utac_acc__Specification3_spec__1_#t~ret51#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret51#1 && __utac_acc__Specification3_spec__1_#t~ret51#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret51#1;havoc __utac_acc__Specification3_spec__1_#t~ret51#1; {680#false} is VALID [2022-02-20 18:09:05,896 INFO L290 TraceCheckUtils]: 24: Hoare triple {680#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {680#false} is VALID [2022-02-20 18:09:05,897 INFO L290 TraceCheckUtils]: 25: Hoare triple {680#false} assume !false; {680#false} is VALID [2022-02-20 18:09:05,897 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:05,897 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:05,897 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1325403556] [2022-02-20 18:09:05,897 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1325403556] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:05,898 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:05,898 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:09:05,898 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [975486439] [2022-02-20 18:09:05,898 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:05,899 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:09:05,899 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:05,900 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:05,918 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 26 edges. 26 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:05,919 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:05,919 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:05,919 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:05,920 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:05,920 INFO L87 Difference]: Start difference. First operand 88 states and 113 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:06,005 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:06,005 INFO L93 Difference]: Finished difference Result 138 states and 176 transitions. [2022-02-20 18:09:06,008 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:06,009 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:09:06,009 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:06,009 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:06,012 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 176 transitions. [2022-02-20 18:09:06,012 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:06,015 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 176 transitions. [2022-02-20 18:09:06,015 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 176 transitions. [2022-02-20 18:09:06,151 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 176 edges. 176 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:06,154 INFO L225 Difference]: With dead ends: 138 [2022-02-20 18:09:06,154 INFO L226 Difference]: Without dead ends: 79 [2022-02-20 18:09:06,154 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:06,155 INFO L933 BasicCegarLoop]: 100 mSDtfsCounter, 16 mSDsluCounter, 79 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 179 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:06,156 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [20 Valid, 179 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:06,157 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 79 states. [2022-02-20 18:09:06,161 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 79 to 79. [2022-02-20 18:09:06,161 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:06,162 INFO L82 GeneralOperation]: Start isEquivalent. First operand 79 states. Second operand has 79 states, 57 states have (on average 1.3157894736842106) internal successors, (75), 65 states have internal predecessors, (75), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) [2022-02-20 18:09:06,162 INFO L74 IsIncluded]: Start isIncluded. First operand 79 states. Second operand has 79 states, 57 states have (on average 1.3157894736842106) internal successors, (75), 65 states have internal predecessors, (75), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) [2022-02-20 18:09:06,163 INFO L87 Difference]: Start difference. First operand 79 states. Second operand has 79 states, 57 states have (on average 1.3157894736842106) internal successors, (75), 65 states have internal predecessors, (75), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) [2022-02-20 18:09:06,165 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:06,165 INFO L93 Difference]: Finished difference Result 79 states and 101 transitions. [2022-02-20 18:09:06,165 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 101 transitions. [2022-02-20 18:09:06,166 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:06,166 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:06,166 INFO L74 IsIncluded]: Start isIncluded. First operand has 79 states, 57 states have (on average 1.3157894736842106) internal successors, (75), 65 states have internal predecessors, (75), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) Second operand 79 states. [2022-02-20 18:09:06,167 INFO L87 Difference]: Start difference. First operand has 79 states, 57 states have (on average 1.3157894736842106) internal successors, (75), 65 states have internal predecessors, (75), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) Second operand 79 states. [2022-02-20 18:09:06,169 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:06,169 INFO L93 Difference]: Finished difference Result 79 states and 101 transitions. [2022-02-20 18:09:06,169 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 101 transitions. [2022-02-20 18:09:06,170 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:06,170 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:06,170 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:06,170 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:06,171 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 79 states, 57 states have (on average 1.3157894736842106) internal successors, (75), 65 states have internal predecessors, (75), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) [2022-02-20 18:09:06,173 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 79 states to 79 states and 101 transitions. [2022-02-20 18:09:06,173 INFO L78 Accepts]: Start accepts. Automaton has 79 states and 101 transitions. Word has length 26 [2022-02-20 18:09:06,173 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:06,173 INFO L470 AbstractCegarLoop]: Abstraction has 79 states and 101 transitions. [2022-02-20 18:09:06,174 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:06,174 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 101 transitions. [2022-02-20 18:09:06,174 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-02-20 18:09:06,175 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:06,175 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:06,175 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-02-20 18:09:06,175 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:06,176 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:06,176 INFO L85 PathProgramCache]: Analyzing trace with hash 1475806488, now seen corresponding path program 1 times [2022-02-20 18:09:06,176 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:06,176 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1531514196] [2022-02-20 18:09:06,176 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:06,176 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:06,199 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:06,239 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-02-20 18:09:06,240 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:06,243 INFO L290 TraceCheckUtils]: 0: Hoare triple {1157#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {1157#true} is VALID [2022-02-20 18:09:06,243 INFO L290 TraceCheckUtils]: 1: Hoare triple {1157#true} assume true; {1157#true} is VALID [2022-02-20 18:09:06,243 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1157#true} {1158#false} #245#return; {1158#false} is VALID [2022-02-20 18:09:06,245 INFO L290 TraceCheckUtils]: 0: Hoare triple {1157#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(30, 9);call #Ultimate.allocInit(9, 10);call #Ultimate.allocInit(21, 11);call #Ultimate.allocInit(30, 12);call #Ultimate.allocInit(9, 13);call #Ultimate.allocInit(21, 14);call #Ultimate.allocInit(30, 15);call #Ultimate.allocInit(9, 16);call #Ultimate.allocInit(25, 17);call #Ultimate.allocInit(30, 18);call #Ultimate.allocInit(9, 19);call #Ultimate.allocInit(25, 20);call #Ultimate.allocInit(13, 21);call #Ultimate.allocInit(3, 22);call write~init~int(79, 22, 0, 1);call write~init~int(110, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(4, 23);call write~init~int(79, 23, 0, 1);call write~init~int(102, 23, 1, 1);call write~init~int(102, 23, 2, 1);call write~init~int(0, 23, 3, 1);call #Ultimate.allocInit(7, 24);call write~init~int(44, 24, 0, 1);call write~init~int(80, 24, 1, 1);call write~init~int(117, 24, 2, 1);call write~init~int(109, 24, 3, 1);call write~init~int(112, 24, 4, 1);call write~init~int(58, 24, 5, 1);call write~init~int(0, 24, 6, 1);call #Ultimate.allocInit(3, 25);call write~init~int(79, 25, 0, 1);call write~init~int(110, 25, 1, 1);call write~init~int(0, 25, 2, 1);call #Ultimate.allocInit(4, 26);call write~init~int(79, 26, 0, 1);call write~init~int(102, 26, 1, 1);call write~init~int(102, 26, 2, 1);call write~init~int(0, 26, 3, 1);call #Ultimate.allocInit(3, 27);call write~init~int(41, 27, 0, 1);call write~init~int(32, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(10, 28, 0, 1);call write~init~int(0, 28, 1, 1);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~head~0.base, ~head~0.offset := 0, 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~cleanupTimeShifts~0 := 4; {1159#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:06,246 INFO L290 TraceCheckUtils]: 1: Hoare triple {1159#(= 1 ~systemActive~0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret53#1, main_~retValue_acc~11#1, main_~tmp~9#1;havoc main_~retValue_acc~11#1;havoc main_~tmp~9#1;assume { :begin_inline_select_helpers } true; {1159#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:06,246 INFO L290 TraceCheckUtils]: 2: Hoare triple {1159#(= 1 ~systemActive~0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1159#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:06,247 INFO L290 TraceCheckUtils]: 3: Hoare triple {1159#(= 1 ~systemActive~0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~10#1;havoc valid_product_~retValue_acc~10#1;valid_product_~retValue_acc~10#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~10#1; {1160#(= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)} is VALID [2022-02-20 18:09:06,247 INFO L290 TraceCheckUtils]: 4: Hoare triple {1160#(= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)} main_#t~ret53#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret53#1 && main_#t~ret53#1 <= 2147483647;main_~tmp~9#1 := main_#t~ret53#1;havoc main_#t~ret53#1; {1161#(= |ULTIMATE.start_main_~tmp~9#1| ~systemActive~0)} is VALID [2022-02-20 18:09:06,247 INFO L290 TraceCheckUtils]: 5: Hoare triple {1161#(= |ULTIMATE.start_main_~tmp~9#1| ~systemActive~0)} assume 0 != main_~tmp~9#1;assume { :begin_inline_setup } true; {1162#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:06,248 INFO L290 TraceCheckUtils]: 6: Hoare triple {1162#(not (= 0 ~systemActive~0))} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet32#1, test_#t~nondet33#1, test_#t~nondet34#1, test_#t~nondet35#1, test_~splverifierCounter~0#1, test_~tmp~3#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~3#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {1162#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:06,248 INFO L290 TraceCheckUtils]: 7: Hoare triple {1162#(not (= 0 ~systemActive~0))} assume !false; {1162#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:06,249 INFO L290 TraceCheckUtils]: 8: Hoare triple {1162#(not (= 0 ~systemActive~0))} assume test_~splverifierCounter~0#1 < 4; {1162#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:06,249 INFO L290 TraceCheckUtils]: 9: Hoare triple {1162#(not (= 0 ~systemActive~0))} assume -2147483648 <= test_#t~nondet32#1 && test_#t~nondet32#1 <= 2147483647;test_~tmp~3#1 := test_#t~nondet32#1;havoc test_#t~nondet32#1; {1162#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:06,250 INFO L290 TraceCheckUtils]: 10: Hoare triple {1162#(not (= 0 ~systemActive~0))} assume !(0 != test_~tmp~3#1); {1162#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:06,250 INFO L290 TraceCheckUtils]: 11: Hoare triple {1162#(not (= 0 ~systemActive~0))} assume -2147483648 <= test_#t~nondet33#1 && test_#t~nondet33#1 <= 2147483647;test_~tmp___0~0#1 := test_#t~nondet33#1;havoc test_#t~nondet33#1; {1162#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:06,251 INFO L290 TraceCheckUtils]: 12: Hoare triple {1162#(not (= 0 ~systemActive~0))} assume !(0 != test_~tmp___0~0#1); {1162#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:06,251 INFO L290 TraceCheckUtils]: 13: Hoare triple {1162#(not (= 0 ~systemActive~0))} assume -2147483648 <= test_#t~nondet34#1 && test_#t~nondet34#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet34#1;havoc test_#t~nondet34#1; {1162#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:06,251 INFO L290 TraceCheckUtils]: 14: Hoare triple {1162#(not (= 0 ~systemActive~0))} assume 0 != test_~tmp___2~0#1; {1162#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:06,252 INFO L272 TraceCheckUtils]: 15: Hoare triple {1162#(not (= 0 ~systemActive~0))} call timeShift(); {1162#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:06,252 INFO L290 TraceCheckUtils]: 16: Hoare triple {1162#(not (= 0 ~systemActive~0))} assume !(0 != ~pumpRunning~0); {1162#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:06,253 INFO L290 TraceCheckUtils]: 17: Hoare triple {1162#(not (= 0 ~systemActive~0))} assume !(0 != ~systemActive~0); {1158#false} is VALID [2022-02-20 18:09:06,253 INFO L290 TraceCheckUtils]: 18: Hoare triple {1158#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_#t~ret51#1, __utac_acc__Specification3_spec__1_~tmp~8#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~8#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {1158#false} is VALID [2022-02-20 18:09:06,253 INFO L272 TraceCheckUtils]: 19: Hoare triple {1158#false} call __utac_acc__Specification3_spec__1_#t~ret49#1 := isMethaneLevelCritical(); {1157#true} is VALID [2022-02-20 18:09:06,253 INFO L290 TraceCheckUtils]: 20: Hoare triple {1157#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {1157#true} is VALID [2022-02-20 18:09:06,254 INFO L290 TraceCheckUtils]: 21: Hoare triple {1157#true} assume true; {1157#true} is VALID [2022-02-20 18:09:06,254 INFO L284 TraceCheckUtils]: 22: Hoare quadruple {1157#true} {1158#false} #245#return; {1158#false} is VALID [2022-02-20 18:09:06,254 INFO L290 TraceCheckUtils]: 23: Hoare triple {1158#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret49#1 && __utac_acc__Specification3_spec__1_#t~ret49#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~8#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {1158#false} is VALID [2022-02-20 18:09:06,254 INFO L290 TraceCheckUtils]: 24: Hoare triple {1158#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~8#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~1#1;havoc getWaterLevel_~retValue_acc~1#1;getWaterLevel_~retValue_acc~1#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; {1158#false} is VALID [2022-02-20 18:09:06,254 INFO L290 TraceCheckUtils]: 25: Hoare triple {1158#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret50#1 && __utac_acc__Specification3_spec__1_#t~ret50#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {1158#false} is VALID [2022-02-20 18:09:06,255 INFO L290 TraceCheckUtils]: 26: Hoare triple {1158#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {1158#false} is VALID [2022-02-20 18:09:06,255 INFO L290 TraceCheckUtils]: 27: Hoare triple {1158#false} __utac_acc__Specification3_spec__1_#t~ret51#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret51#1 && __utac_acc__Specification3_spec__1_#t~ret51#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret51#1;havoc __utac_acc__Specification3_spec__1_#t~ret51#1; {1158#false} is VALID [2022-02-20 18:09:06,255 INFO L290 TraceCheckUtils]: 28: Hoare triple {1158#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {1158#false} is VALID [2022-02-20 18:09:06,255 INFO L290 TraceCheckUtils]: 29: Hoare triple {1158#false} assume !false; {1158#false} is VALID [2022-02-20 18:09:06,255 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:06,256 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:06,256 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1531514196] [2022-02-20 18:09:06,256 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1531514196] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:06,256 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:06,256 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 18:09:06,257 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1362024491] [2022-02-20 18:09:06,257 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:06,257 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:09:06,257 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:06,258 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:06,277 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 30 edges. 30 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:06,277 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 18:09:06,278 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:06,278 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 18:09:06,278 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-02-20 18:09:06,279 INFO L87 Difference]: Start difference. First operand 79 states and 101 transitions. Second operand has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:06,817 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:06,817 INFO L93 Difference]: Finished difference Result 266 states and 347 transitions. [2022-02-20 18:09:06,817 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 18:09:06,817 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:09:06,818 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:06,818 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:06,822 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 347 transitions. [2022-02-20 18:09:06,823 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:06,827 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 347 transitions. [2022-02-20 18:09:06,827 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 347 transitions. [2022-02-20 18:09:07,053 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 347 edges. 347 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:07,059 INFO L225 Difference]: With dead ends: 266 [2022-02-20 18:09:07,059 INFO L226 Difference]: Without dead ends: 194 [2022-02-20 18:09:07,060 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2022-02-20 18:09:07,061 INFO L933 BasicCegarLoop]: 127 mSDtfsCounter, 267 mSDsluCounter, 320 mSDsCounter, 0 mSdLazyCounter, 119 mSolverCounterSat, 39 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 267 SdHoareTripleChecker+Valid, 447 SdHoareTripleChecker+Invalid, 158 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 39 IncrementalHoareTripleChecker+Valid, 119 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:07,061 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [267 Valid, 447 Invalid, 158 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [39 Valid, 119 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 18:09:07,062 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 194 states. [2022-02-20 18:09:07,072 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 194 to 188. [2022-02-20 18:09:07,073 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:07,073 INFO L82 GeneralOperation]: Start isEquivalent. First operand 194 states. Second operand has 188 states, 135 states have (on average 1.348148148148148) internal successors, (182), 153 states have internal predecessors, (182), 31 states have call successors, (31), 21 states have call predecessors, (31), 21 states have return successors, (32), 21 states have call predecessors, (32), 31 states have call successors, (32) [2022-02-20 18:09:07,074 INFO L74 IsIncluded]: Start isIncluded. First operand 194 states. Second operand has 188 states, 135 states have (on average 1.348148148148148) internal successors, (182), 153 states have internal predecessors, (182), 31 states have call successors, (31), 21 states have call predecessors, (31), 21 states have return successors, (32), 21 states have call predecessors, (32), 31 states have call successors, (32) [2022-02-20 18:09:07,075 INFO L87 Difference]: Start difference. First operand 194 states. Second operand has 188 states, 135 states have (on average 1.348148148148148) internal successors, (182), 153 states have internal predecessors, (182), 31 states have call successors, (31), 21 states have call predecessors, (31), 21 states have return successors, (32), 21 states have call predecessors, (32), 31 states have call successors, (32) [2022-02-20 18:09:07,080 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:07,081 INFO L93 Difference]: Finished difference Result 194 states and 249 transitions. [2022-02-20 18:09:07,081 INFO L276 IsEmpty]: Start isEmpty. Operand 194 states and 249 transitions. [2022-02-20 18:09:07,082 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:07,082 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:07,083 INFO L74 IsIncluded]: Start isIncluded. First operand has 188 states, 135 states have (on average 1.348148148148148) internal successors, (182), 153 states have internal predecessors, (182), 31 states have call successors, (31), 21 states have call predecessors, (31), 21 states have return successors, (32), 21 states have call predecessors, (32), 31 states have call successors, (32) Second operand 194 states. [2022-02-20 18:09:07,083 INFO L87 Difference]: Start difference. First operand has 188 states, 135 states have (on average 1.348148148148148) internal successors, (182), 153 states have internal predecessors, (182), 31 states have call successors, (31), 21 states have call predecessors, (31), 21 states have return successors, (32), 21 states have call predecessors, (32), 31 states have call successors, (32) Second operand 194 states. [2022-02-20 18:09:07,089 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:07,090 INFO L93 Difference]: Finished difference Result 194 states and 249 transitions. [2022-02-20 18:09:07,090 INFO L276 IsEmpty]: Start isEmpty. Operand 194 states and 249 transitions. [2022-02-20 18:09:07,090 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:07,091 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:07,091 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:07,091 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:07,092 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 188 states, 135 states have (on average 1.348148148148148) internal successors, (182), 153 states have internal predecessors, (182), 31 states have call successors, (31), 21 states have call predecessors, (31), 21 states have return successors, (32), 21 states have call predecessors, (32), 31 states have call successors, (32) [2022-02-20 18:09:07,097 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 188 states to 188 states and 245 transitions. [2022-02-20 18:09:07,098 INFO L78 Accepts]: Start accepts. Automaton has 188 states and 245 transitions. Word has length 30 [2022-02-20 18:09:07,098 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:07,098 INFO L470 AbstractCegarLoop]: Abstraction has 188 states and 245 transitions. [2022-02-20 18:09:07,098 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:07,099 INFO L276 IsEmpty]: Start isEmpty. Operand 188 states and 245 transitions. [2022-02-20 18:09:07,099 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-02-20 18:09:07,099 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:07,100 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:07,100 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-02-20 18:09:07,100 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:07,100 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:07,101 INFO L85 PathProgramCache]: Analyzing trace with hash -1209009394, now seen corresponding path program 1 times [2022-02-20 18:09:07,101 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:07,101 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1751943262] [2022-02-20 18:09:07,101 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:07,101 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:07,125 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:07,166 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-02-20 18:09:07,168 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:07,174 INFO L290 TraceCheckUtils]: 0: Hoare triple {2200#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {2200#true} is VALID [2022-02-20 18:09:07,175 INFO L290 TraceCheckUtils]: 1: Hoare triple {2200#true} assume true; {2200#true} is VALID [2022-02-20 18:09:07,175 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {2200#true} {2202#(= ~waterLevel~0 1)} #245#return; {2202#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:07,176 INFO L290 TraceCheckUtils]: 0: Hoare triple {2200#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(30, 9);call #Ultimate.allocInit(9, 10);call #Ultimate.allocInit(21, 11);call #Ultimate.allocInit(30, 12);call #Ultimate.allocInit(9, 13);call #Ultimate.allocInit(21, 14);call #Ultimate.allocInit(30, 15);call #Ultimate.allocInit(9, 16);call #Ultimate.allocInit(25, 17);call #Ultimate.allocInit(30, 18);call #Ultimate.allocInit(9, 19);call #Ultimate.allocInit(25, 20);call #Ultimate.allocInit(13, 21);call #Ultimate.allocInit(3, 22);call write~init~int(79, 22, 0, 1);call write~init~int(110, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(4, 23);call write~init~int(79, 23, 0, 1);call write~init~int(102, 23, 1, 1);call write~init~int(102, 23, 2, 1);call write~init~int(0, 23, 3, 1);call #Ultimate.allocInit(7, 24);call write~init~int(44, 24, 0, 1);call write~init~int(80, 24, 1, 1);call write~init~int(117, 24, 2, 1);call write~init~int(109, 24, 3, 1);call write~init~int(112, 24, 4, 1);call write~init~int(58, 24, 5, 1);call write~init~int(0, 24, 6, 1);call #Ultimate.allocInit(3, 25);call write~init~int(79, 25, 0, 1);call write~init~int(110, 25, 1, 1);call write~init~int(0, 25, 2, 1);call #Ultimate.allocInit(4, 26);call write~init~int(79, 26, 0, 1);call write~init~int(102, 26, 1, 1);call write~init~int(102, 26, 2, 1);call write~init~int(0, 26, 3, 1);call #Ultimate.allocInit(3, 27);call write~init~int(41, 27, 0, 1);call write~init~int(32, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(10, 28, 0, 1);call write~init~int(0, 28, 1, 1);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~head~0.base, ~head~0.offset := 0, 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~cleanupTimeShifts~0 := 4; {2202#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:07,178 INFO L290 TraceCheckUtils]: 1: Hoare triple {2202#(= ~waterLevel~0 1)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret53#1, main_~retValue_acc~11#1, main_~tmp~9#1;havoc main_~retValue_acc~11#1;havoc main_~tmp~9#1;assume { :begin_inline_select_helpers } true; {2202#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:07,178 INFO L290 TraceCheckUtils]: 2: Hoare triple {2202#(= ~waterLevel~0 1)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {2202#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:07,179 INFO L290 TraceCheckUtils]: 3: Hoare triple {2202#(= ~waterLevel~0 1)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~10#1;havoc valid_product_~retValue_acc~10#1;valid_product_~retValue_acc~10#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~10#1; {2202#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:07,179 INFO L290 TraceCheckUtils]: 4: Hoare triple {2202#(= ~waterLevel~0 1)} main_#t~ret53#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret53#1 && main_#t~ret53#1 <= 2147483647;main_~tmp~9#1 := main_#t~ret53#1;havoc main_#t~ret53#1; {2202#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:07,180 INFO L290 TraceCheckUtils]: 5: Hoare triple {2202#(= ~waterLevel~0 1)} assume 0 != main_~tmp~9#1;assume { :begin_inline_setup } true; {2202#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:07,180 INFO L290 TraceCheckUtils]: 6: Hoare triple {2202#(= ~waterLevel~0 1)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet32#1, test_#t~nondet33#1, test_#t~nondet34#1, test_#t~nondet35#1, test_~splverifierCounter~0#1, test_~tmp~3#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~3#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {2202#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:07,180 INFO L290 TraceCheckUtils]: 7: Hoare triple {2202#(= ~waterLevel~0 1)} assume !false; {2202#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:07,181 INFO L290 TraceCheckUtils]: 8: Hoare triple {2202#(= ~waterLevel~0 1)} assume test_~splverifierCounter~0#1 < 4; {2202#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:07,181 INFO L290 TraceCheckUtils]: 9: Hoare triple {2202#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet32#1 && test_#t~nondet32#1 <= 2147483647;test_~tmp~3#1 := test_#t~nondet32#1;havoc test_#t~nondet32#1; {2202#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:07,185 INFO L290 TraceCheckUtils]: 10: Hoare triple {2202#(= ~waterLevel~0 1)} assume !(0 != test_~tmp~3#1); {2202#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:07,187 INFO L290 TraceCheckUtils]: 11: Hoare triple {2202#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet33#1 && test_#t~nondet33#1 <= 2147483647;test_~tmp___0~0#1 := test_#t~nondet33#1;havoc test_#t~nondet33#1; {2202#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:07,188 INFO L290 TraceCheckUtils]: 12: Hoare triple {2202#(= ~waterLevel~0 1)} assume !(0 != test_~tmp___0~0#1); {2202#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:07,188 INFO L290 TraceCheckUtils]: 13: Hoare triple {2202#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet34#1 && test_#t~nondet34#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet34#1;havoc test_#t~nondet34#1; {2202#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:07,189 INFO L290 TraceCheckUtils]: 14: Hoare triple {2202#(= ~waterLevel~0 1)} assume !(0 != test_~tmp___2~0#1);assume -2147483648 <= test_#t~nondet35#1 && test_#t~nondet35#1 <= 2147483647;test_~tmp___1~0#1 := test_#t~nondet35#1;havoc test_#t~nondet35#1; {2202#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:07,189 INFO L290 TraceCheckUtils]: 15: Hoare triple {2202#(= ~waterLevel~0 1)} assume 0 != test_~tmp___1~0#1;assume { :begin_inline_stopSystem } true; {2202#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:07,189 INFO L290 TraceCheckUtils]: 16: Hoare triple {2202#(= ~waterLevel~0 1)} assume !(0 != ~pumpRunning~0); {2202#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:07,190 INFO L290 TraceCheckUtils]: 17: Hoare triple {2202#(= ~waterLevel~0 1)} ~systemActive~0 := 0; {2202#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:07,190 INFO L290 TraceCheckUtils]: 18: Hoare triple {2202#(= ~waterLevel~0 1)} assume { :end_inline_stopSystem } true; {2202#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:07,191 INFO L272 TraceCheckUtils]: 19: Hoare triple {2202#(= ~waterLevel~0 1)} call timeShift(); {2202#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:07,192 INFO L290 TraceCheckUtils]: 20: Hoare triple {2202#(= ~waterLevel~0 1)} assume !(0 != ~pumpRunning~0); {2202#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:07,192 INFO L290 TraceCheckUtils]: 21: Hoare triple {2202#(= ~waterLevel~0 1)} assume !(0 != ~systemActive~0); {2202#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:07,193 INFO L290 TraceCheckUtils]: 22: Hoare triple {2202#(= ~waterLevel~0 1)} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_#t~ret51#1, __utac_acc__Specification3_spec__1_~tmp~8#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~8#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {2202#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:07,194 INFO L272 TraceCheckUtils]: 23: Hoare triple {2202#(= ~waterLevel~0 1)} call __utac_acc__Specification3_spec__1_#t~ret49#1 := isMethaneLevelCritical(); {2200#true} is VALID [2022-02-20 18:09:07,200 INFO L290 TraceCheckUtils]: 24: Hoare triple {2200#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {2200#true} is VALID [2022-02-20 18:09:07,200 INFO L290 TraceCheckUtils]: 25: Hoare triple {2200#true} assume true; {2200#true} is VALID [2022-02-20 18:09:07,201 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {2200#true} {2202#(= ~waterLevel~0 1)} #245#return; {2202#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:07,211 INFO L290 TraceCheckUtils]: 27: Hoare triple {2202#(= ~waterLevel~0 1)} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret49#1 && __utac_acc__Specification3_spec__1_#t~ret49#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~8#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {2202#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:07,212 INFO L290 TraceCheckUtils]: 28: Hoare triple {2202#(= ~waterLevel~0 1)} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~8#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~1#1;havoc getWaterLevel_~retValue_acc~1#1;getWaterLevel_~retValue_acc~1#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; {2206#(= |timeShift_getWaterLevel_#res#1| 1)} is VALID [2022-02-20 18:09:07,212 INFO L290 TraceCheckUtils]: 29: Hoare triple {2206#(= |timeShift_getWaterLevel_#res#1| 1)} __utac_acc__Specification3_spec__1_#t~ret50#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret50#1 && __utac_acc__Specification3_spec__1_#t~ret50#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {2207#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~2#1| 1)} is VALID [2022-02-20 18:09:07,213 INFO L290 TraceCheckUtils]: 30: Hoare triple {2207#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~2#1| 1)} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {2201#false} is VALID [2022-02-20 18:09:07,213 INFO L290 TraceCheckUtils]: 31: Hoare triple {2201#false} __utac_acc__Specification3_spec__1_#t~ret51#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret51#1 && __utac_acc__Specification3_spec__1_#t~ret51#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret51#1;havoc __utac_acc__Specification3_spec__1_#t~ret51#1; {2201#false} is VALID [2022-02-20 18:09:07,213 INFO L290 TraceCheckUtils]: 32: Hoare triple {2201#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {2201#false} is VALID [2022-02-20 18:09:07,213 INFO L290 TraceCheckUtils]: 33: Hoare triple {2201#false} assume !false; {2201#false} is VALID [2022-02-20 18:09:07,214 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:07,214 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:07,214 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1751943262] [2022-02-20 18:09:07,214 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1751943262] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:07,214 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:07,214 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 18:09:07,214 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [510301090] [2022-02-20 18:09:07,215 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:07,215 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-20 18:09:07,215 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:07,215 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:07,234 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 34 edges. 34 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:07,234 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 18:09:07,235 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:07,235 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 18:09:07,235 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 18:09:07,236 INFO L87 Difference]: Start difference. First operand 188 states and 245 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:07,479 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:07,480 INFO L93 Difference]: Finished difference Result 542 states and 726 transitions. [2022-02-20 18:09:07,480 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 18:09:07,480 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-20 18:09:07,480 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:07,480 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:07,484 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 289 transitions. [2022-02-20 18:09:07,484 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:07,487 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 289 transitions. [2022-02-20 18:09:07,488 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 289 transitions. [2022-02-20 18:09:07,668 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 289 edges. 289 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:07,680 INFO L225 Difference]: With dead ends: 542 [2022-02-20 18:09:07,680 INFO L226 Difference]: Without dead ends: 361 [2022-02-20 18:09:07,682 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-02-20 18:09:07,689 INFO L933 BasicCegarLoop]: 111 mSDtfsCounter, 71 mSDsluCounter, 307 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 71 SdHoareTripleChecker+Valid, 418 SdHoareTripleChecker+Invalid, 27 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:07,690 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [71 Valid, 418 Invalid, 27 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:07,692 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 361 states. [2022-02-20 18:09:07,731 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 361 to 352. [2022-02-20 18:09:07,731 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:07,732 INFO L82 GeneralOperation]: Start isEquivalent. First operand 361 states. Second operand has 352 states, 250 states have (on average 1.328) internal successors, (332), 282 states have internal predecessors, (332), 62 states have call successors, (62), 42 states have call predecessors, (62), 39 states have return successors, (68), 39 states have call predecessors, (68), 62 states have call successors, (68) [2022-02-20 18:09:07,734 INFO L74 IsIncluded]: Start isIncluded. First operand 361 states. Second operand has 352 states, 250 states have (on average 1.328) internal successors, (332), 282 states have internal predecessors, (332), 62 states have call successors, (62), 42 states have call predecessors, (62), 39 states have return successors, (68), 39 states have call predecessors, (68), 62 states have call successors, (68) [2022-02-20 18:09:07,737 INFO L87 Difference]: Start difference. First operand 361 states. Second operand has 352 states, 250 states have (on average 1.328) internal successors, (332), 282 states have internal predecessors, (332), 62 states have call successors, (62), 42 states have call predecessors, (62), 39 states have return successors, (68), 39 states have call predecessors, (68), 62 states have call successors, (68) [2022-02-20 18:09:07,750 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:07,750 INFO L93 Difference]: Finished difference Result 361 states and 472 transitions. [2022-02-20 18:09:07,750 INFO L276 IsEmpty]: Start isEmpty. Operand 361 states and 472 transitions. [2022-02-20 18:09:07,752 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:07,753 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:07,754 INFO L74 IsIncluded]: Start isIncluded. First operand has 352 states, 250 states have (on average 1.328) internal successors, (332), 282 states have internal predecessors, (332), 62 states have call successors, (62), 42 states have call predecessors, (62), 39 states have return successors, (68), 39 states have call predecessors, (68), 62 states have call successors, (68) Second operand 361 states. [2022-02-20 18:09:07,754 INFO L87 Difference]: Start difference. First operand has 352 states, 250 states have (on average 1.328) internal successors, (332), 282 states have internal predecessors, (332), 62 states have call successors, (62), 42 states have call predecessors, (62), 39 states have return successors, (68), 39 states have call predecessors, (68), 62 states have call successors, (68) Second operand 361 states. [2022-02-20 18:09:07,766 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:07,767 INFO L93 Difference]: Finished difference Result 361 states and 472 transitions. [2022-02-20 18:09:07,767 INFO L276 IsEmpty]: Start isEmpty. Operand 361 states and 472 transitions. [2022-02-20 18:09:07,768 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:07,769 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:07,769 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:07,769 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:07,770 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 352 states, 250 states have (on average 1.328) internal successors, (332), 282 states have internal predecessors, (332), 62 states have call successors, (62), 42 states have call predecessors, (62), 39 states have return successors, (68), 39 states have call predecessors, (68), 62 states have call successors, (68) [2022-02-20 18:09:07,782 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 352 states to 352 states and 462 transitions. [2022-02-20 18:09:07,783 INFO L78 Accepts]: Start accepts. Automaton has 352 states and 462 transitions. Word has length 34 [2022-02-20 18:09:07,783 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:07,783 INFO L470 AbstractCegarLoop]: Abstraction has 352 states and 462 transitions. [2022-02-20 18:09:07,784 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:07,784 INFO L276 IsEmpty]: Start isEmpty. Operand 352 states and 462 transitions. [2022-02-20 18:09:07,786 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 37 [2022-02-20 18:09:07,786 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:07,787 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:07,787 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-02-20 18:09:07,787 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:07,787 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:07,788 INFO L85 PathProgramCache]: Analyzing trace with hash -1705569261, now seen corresponding path program 1 times [2022-02-20 18:09:07,788 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:07,788 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [844542754] [2022-02-20 18:09:07,788 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:07,788 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:07,820 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:07,860 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2022-02-20 18:09:07,861 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:07,864 INFO L290 TraceCheckUtils]: 0: Hoare triple {4199#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {4199#true} is VALID [2022-02-20 18:09:07,865 INFO L290 TraceCheckUtils]: 1: Hoare triple {4199#true} assume true; {4199#true} is VALID [2022-02-20 18:09:07,865 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {4199#true} {4200#false} #245#return; {4200#false} is VALID [2022-02-20 18:09:07,865 INFO L290 TraceCheckUtils]: 0: Hoare triple {4199#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(30, 9);call #Ultimate.allocInit(9, 10);call #Ultimate.allocInit(21, 11);call #Ultimate.allocInit(30, 12);call #Ultimate.allocInit(9, 13);call #Ultimate.allocInit(21, 14);call #Ultimate.allocInit(30, 15);call #Ultimate.allocInit(9, 16);call #Ultimate.allocInit(25, 17);call #Ultimate.allocInit(30, 18);call #Ultimate.allocInit(9, 19);call #Ultimate.allocInit(25, 20);call #Ultimate.allocInit(13, 21);call #Ultimate.allocInit(3, 22);call write~init~int(79, 22, 0, 1);call write~init~int(110, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(4, 23);call write~init~int(79, 23, 0, 1);call write~init~int(102, 23, 1, 1);call write~init~int(102, 23, 2, 1);call write~init~int(0, 23, 3, 1);call #Ultimate.allocInit(7, 24);call write~init~int(44, 24, 0, 1);call write~init~int(80, 24, 1, 1);call write~init~int(117, 24, 2, 1);call write~init~int(109, 24, 3, 1);call write~init~int(112, 24, 4, 1);call write~init~int(58, 24, 5, 1);call write~init~int(0, 24, 6, 1);call #Ultimate.allocInit(3, 25);call write~init~int(79, 25, 0, 1);call write~init~int(110, 25, 1, 1);call write~init~int(0, 25, 2, 1);call #Ultimate.allocInit(4, 26);call write~init~int(79, 26, 0, 1);call write~init~int(102, 26, 1, 1);call write~init~int(102, 26, 2, 1);call write~init~int(0, 26, 3, 1);call #Ultimate.allocInit(3, 27);call write~init~int(41, 27, 0, 1);call write~init~int(32, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(10, 28, 0, 1);call write~init~int(0, 28, 1, 1);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~head~0.base, ~head~0.offset := 0, 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~cleanupTimeShifts~0 := 4; {4201#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:07,866 INFO L290 TraceCheckUtils]: 1: Hoare triple {4201#(= ~pumpRunning~0 0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret53#1, main_~retValue_acc~11#1, main_~tmp~9#1;havoc main_~retValue_acc~11#1;havoc main_~tmp~9#1;assume { :begin_inline_select_helpers } true; {4201#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:07,866 INFO L290 TraceCheckUtils]: 2: Hoare triple {4201#(= ~pumpRunning~0 0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {4201#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:07,866 INFO L290 TraceCheckUtils]: 3: Hoare triple {4201#(= ~pumpRunning~0 0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~10#1;havoc valid_product_~retValue_acc~10#1;valid_product_~retValue_acc~10#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~10#1; {4201#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:07,867 INFO L290 TraceCheckUtils]: 4: Hoare triple {4201#(= ~pumpRunning~0 0)} main_#t~ret53#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret53#1 && main_#t~ret53#1 <= 2147483647;main_~tmp~9#1 := main_#t~ret53#1;havoc main_#t~ret53#1; {4201#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:07,867 INFO L290 TraceCheckUtils]: 5: Hoare triple {4201#(= ~pumpRunning~0 0)} assume 0 != main_~tmp~9#1;assume { :begin_inline_setup } true; {4201#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:07,867 INFO L290 TraceCheckUtils]: 6: Hoare triple {4201#(= ~pumpRunning~0 0)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet32#1, test_#t~nondet33#1, test_#t~nondet34#1, test_#t~nondet35#1, test_~splverifierCounter~0#1, test_~tmp~3#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~3#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {4201#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:07,867 INFO L290 TraceCheckUtils]: 7: Hoare triple {4201#(= ~pumpRunning~0 0)} assume !false; {4201#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:07,868 INFO L290 TraceCheckUtils]: 8: Hoare triple {4201#(= ~pumpRunning~0 0)} assume test_~splverifierCounter~0#1 < 4; {4201#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:07,868 INFO L290 TraceCheckUtils]: 9: Hoare triple {4201#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet32#1 && test_#t~nondet32#1 <= 2147483647;test_~tmp~3#1 := test_#t~nondet32#1;havoc test_#t~nondet32#1; {4201#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:07,868 INFO L290 TraceCheckUtils]: 10: Hoare triple {4201#(= ~pumpRunning~0 0)} assume !(0 != test_~tmp~3#1); {4201#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:07,869 INFO L290 TraceCheckUtils]: 11: Hoare triple {4201#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet33#1 && test_#t~nondet33#1 <= 2147483647;test_~tmp___0~0#1 := test_#t~nondet33#1;havoc test_#t~nondet33#1; {4201#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:07,869 INFO L290 TraceCheckUtils]: 12: Hoare triple {4201#(= ~pumpRunning~0 0)} assume !(0 != test_~tmp___0~0#1); {4201#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:07,869 INFO L290 TraceCheckUtils]: 13: Hoare triple {4201#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet34#1 && test_#t~nondet34#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet34#1;havoc test_#t~nondet34#1; {4201#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:07,870 INFO L290 TraceCheckUtils]: 14: Hoare triple {4201#(= ~pumpRunning~0 0)} assume !(0 != test_~tmp___2~0#1);assume -2147483648 <= test_#t~nondet35#1 && test_#t~nondet35#1 <= 2147483647;test_~tmp___1~0#1 := test_#t~nondet35#1;havoc test_#t~nondet35#1; {4201#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:07,870 INFO L290 TraceCheckUtils]: 15: Hoare triple {4201#(= ~pumpRunning~0 0)} assume 0 != test_~tmp___1~0#1;assume { :begin_inline_stopSystem } true; {4201#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:07,871 INFO L290 TraceCheckUtils]: 16: Hoare triple {4201#(= ~pumpRunning~0 0)} assume !(0 != ~pumpRunning~0); {4201#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:07,873 INFO L290 TraceCheckUtils]: 17: Hoare triple {4201#(= ~pumpRunning~0 0)} ~systemActive~0 := 0; {4201#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:07,874 INFO L290 TraceCheckUtils]: 18: Hoare triple {4201#(= ~pumpRunning~0 0)} assume { :end_inline_stopSystem } true; {4201#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:07,874 INFO L272 TraceCheckUtils]: 19: Hoare triple {4201#(= ~pumpRunning~0 0)} call timeShift(); {4201#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:07,874 INFO L290 TraceCheckUtils]: 20: Hoare triple {4201#(= ~pumpRunning~0 0)} assume 0 != ~pumpRunning~0;assume { :begin_inline_lowerWaterLevel } true; {4200#false} is VALID [2022-02-20 18:09:07,875 INFO L290 TraceCheckUtils]: 21: Hoare triple {4200#false} assume ~waterLevel~0 > 0;~waterLevel~0 := ~waterLevel~0 - 1; {4200#false} is VALID [2022-02-20 18:09:07,875 INFO L290 TraceCheckUtils]: 22: Hoare triple {4200#false} assume { :end_inline_lowerWaterLevel } true; {4200#false} is VALID [2022-02-20 18:09:07,875 INFO L290 TraceCheckUtils]: 23: Hoare triple {4200#false} assume !(0 != ~systemActive~0); {4200#false} is VALID [2022-02-20 18:09:07,875 INFO L290 TraceCheckUtils]: 24: Hoare triple {4200#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_#t~ret51#1, __utac_acc__Specification3_spec__1_~tmp~8#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~8#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {4200#false} is VALID [2022-02-20 18:09:07,875 INFO L272 TraceCheckUtils]: 25: Hoare triple {4200#false} call __utac_acc__Specification3_spec__1_#t~ret49#1 := isMethaneLevelCritical(); {4199#true} is VALID [2022-02-20 18:09:07,876 INFO L290 TraceCheckUtils]: 26: Hoare triple {4199#true} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {4199#true} is VALID [2022-02-20 18:09:07,876 INFO L290 TraceCheckUtils]: 27: Hoare triple {4199#true} assume true; {4199#true} is VALID [2022-02-20 18:09:07,876 INFO L284 TraceCheckUtils]: 28: Hoare quadruple {4199#true} {4200#false} #245#return; {4200#false} is VALID [2022-02-20 18:09:07,876 INFO L290 TraceCheckUtils]: 29: Hoare triple {4200#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret49#1 && __utac_acc__Specification3_spec__1_#t~ret49#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~8#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {4200#false} is VALID [2022-02-20 18:09:07,876 INFO L290 TraceCheckUtils]: 30: Hoare triple {4200#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~8#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~1#1;havoc getWaterLevel_~retValue_acc~1#1;getWaterLevel_~retValue_acc~1#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; {4200#false} is VALID [2022-02-20 18:09:07,876 INFO L290 TraceCheckUtils]: 31: Hoare triple {4200#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret50#1 && __utac_acc__Specification3_spec__1_#t~ret50#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {4200#false} is VALID [2022-02-20 18:09:07,877 INFO L290 TraceCheckUtils]: 32: Hoare triple {4200#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {4200#false} is VALID [2022-02-20 18:09:07,877 INFO L290 TraceCheckUtils]: 33: Hoare triple {4200#false} __utac_acc__Specification3_spec__1_#t~ret51#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret51#1 && __utac_acc__Specification3_spec__1_#t~ret51#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret51#1;havoc __utac_acc__Specification3_spec__1_#t~ret51#1; {4200#false} is VALID [2022-02-20 18:09:07,877 INFO L290 TraceCheckUtils]: 34: Hoare triple {4200#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {4200#false} is VALID [2022-02-20 18:09:07,877 INFO L290 TraceCheckUtils]: 35: Hoare triple {4200#false} assume !false; {4200#false} is VALID [2022-02-20 18:09:07,877 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:07,877 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:07,878 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [844542754] [2022-02-20 18:09:07,878 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [844542754] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:07,878 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:07,878 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:09:07,878 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [490751390] [2022-02-20 18:09:07,878 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:07,879 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 36 [2022-02-20 18:09:07,879 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:07,879 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:07,899 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 36 edges. 36 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:07,899 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:07,899 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:07,900 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:07,900 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:07,901 INFO L87 Difference]: Start difference. First operand 352 states and 462 transitions. Second operand has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:08,000 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:08,000 INFO L93 Difference]: Finished difference Result 596 states and 792 transitions. [2022-02-20 18:09:08,001 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:08,001 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 36 [2022-02-20 18:09:08,001 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:08,001 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:08,003 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 165 transitions. [2022-02-20 18:09:08,003 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:08,005 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 165 transitions. [2022-02-20 18:09:08,005 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 165 transitions. [2022-02-20 18:09:08,113 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 165 edges. 165 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:08,119 INFO L225 Difference]: With dead ends: 596 [2022-02-20 18:09:08,119 INFO L226 Difference]: Without dead ends: 251 [2022-02-20 18:09:08,121 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:08,124 INFO L933 BasicCegarLoop]: 60 mSDtfsCounter, 45 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 5 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 45 SdHoareTripleChecker+Valid, 60 SdHoareTripleChecker+Invalid, 8 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 5 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:08,125 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [45 Valid, 60 Invalid, 8 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 5 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:08,126 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 251 states. [2022-02-20 18:09:08,139 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 251 to 247. [2022-02-20 18:09:08,139 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:08,140 INFO L82 GeneralOperation]: Start isEquivalent. First operand 251 states. Second operand has 247 states, 185 states have (on average 1.2540540540540541) internal successors, (232), 195 states have internal predecessors, (232), 32 states have call successors, (32), 32 states have call predecessors, (32), 29 states have return successors, (34), 29 states have call predecessors, (34), 32 states have call successors, (34) [2022-02-20 18:09:08,140 INFO L74 IsIncluded]: Start isIncluded. First operand 251 states. Second operand has 247 states, 185 states have (on average 1.2540540540540541) internal successors, (232), 195 states have internal predecessors, (232), 32 states have call successors, (32), 32 states have call predecessors, (32), 29 states have return successors, (34), 29 states have call predecessors, (34), 32 states have call successors, (34) [2022-02-20 18:09:08,141 INFO L87 Difference]: Start difference. First operand 251 states. Second operand has 247 states, 185 states have (on average 1.2540540540540541) internal successors, (232), 195 states have internal predecessors, (232), 32 states have call successors, (32), 32 states have call predecessors, (32), 29 states have return successors, (34), 29 states have call predecessors, (34), 32 states have call successors, (34) [2022-02-20 18:09:08,145 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:08,145 INFO L93 Difference]: Finished difference Result 251 states and 302 transitions. [2022-02-20 18:09:08,145 INFO L276 IsEmpty]: Start isEmpty. Operand 251 states and 302 transitions. [2022-02-20 18:09:08,146 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:08,146 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:08,147 INFO L74 IsIncluded]: Start isIncluded. First operand has 247 states, 185 states have (on average 1.2540540540540541) internal successors, (232), 195 states have internal predecessors, (232), 32 states have call successors, (32), 32 states have call predecessors, (32), 29 states have return successors, (34), 29 states have call predecessors, (34), 32 states have call successors, (34) Second operand 251 states. [2022-02-20 18:09:08,147 INFO L87 Difference]: Start difference. First operand has 247 states, 185 states have (on average 1.2540540540540541) internal successors, (232), 195 states have internal predecessors, (232), 32 states have call successors, (32), 32 states have call predecessors, (32), 29 states have return successors, (34), 29 states have call predecessors, (34), 32 states have call successors, (34) Second operand 251 states. [2022-02-20 18:09:08,151 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:08,152 INFO L93 Difference]: Finished difference Result 251 states and 302 transitions. [2022-02-20 18:09:08,152 INFO L276 IsEmpty]: Start isEmpty. Operand 251 states and 302 transitions. [2022-02-20 18:09:08,152 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:08,152 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:08,153 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:08,153 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:08,154 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 247 states, 185 states have (on average 1.2540540540540541) internal successors, (232), 195 states have internal predecessors, (232), 32 states have call successors, (32), 32 states have call predecessors, (32), 29 states have return successors, (34), 29 states have call predecessors, (34), 32 states have call successors, (34) [2022-02-20 18:09:08,160 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 247 states to 247 states and 298 transitions. [2022-02-20 18:09:08,160 INFO L78 Accepts]: Start accepts. Automaton has 247 states and 298 transitions. Word has length 36 [2022-02-20 18:09:08,160 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:08,160 INFO L470 AbstractCegarLoop]: Abstraction has 247 states and 298 transitions. [2022-02-20 18:09:08,161 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:08,161 INFO L276 IsEmpty]: Start isEmpty. Operand 247 states and 298 transitions. [2022-02-20 18:09:08,161 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-02-20 18:09:08,161 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:08,161 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:08,162 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-02-20 18:09:08,162 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:08,162 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:08,162 INFO L85 PathProgramCache]: Analyzing trace with hash -2133609996, now seen corresponding path program 1 times [2022-02-20 18:09:08,162 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:08,162 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2142746262] [2022-02-20 18:09:08,162 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:08,163 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:08,206 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:09:08,207 INFO L352 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2022-02-20 18:09:08,230 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:09:08,255 INFO L138 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2022-02-20 18:09:08,255 INFO L628 BasicCegarLoop]: Counterexample is feasible [2022-02-20 18:09:08,256 INFO L764 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-02-20 18:09:08,257 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-02-20 18:09:08,259 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1] [2022-02-20 18:09:08,261 INFO L180 ceAbstractionStarter]: Computing trace abstraction results [2022-02-20 18:09:08,278 FATAL L489 DefaultTranslator]: Callstack has procedure call flag but succeeding procedure is empty at [CALL] call waterRise(); [2022-02-20 18:09:08,279 FATAL L? ?]: The Plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction has thrown an exception: java.lang.AssertionError: callstack broken after backtranslation by InlinerBacktranslator at de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:216) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:206) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getProgramExecutionAsString(CounterExampleResult.java:155) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getLongDescription(CounterExampleResult.java:134) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ResultService.reportResult(ResultService.java:86) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.CegarLoopResultReporter.reportResult(CegarLoopResultReporter.java:141) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.reportLocationResults(TraceAbstractionStarter.java:607) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.runCegarLoops(TraceAbstractionStarter.java:182) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.(TraceAbstractionStarter.java:156) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver.finish(TraceAbstractionObserver.java:123) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runObserver(PluginConnector.java:168) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runTool(PluginConnector.java:151) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.run(PluginConnector.java:128) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.executePluginConnector(ToolchainWalker.java:232) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.processPlugin(ToolchainWalker.java:226) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walkUnprotected(ToolchainWalker.java:142) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walk(ToolchainWalker.java:104) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainManager$Toolchain.processToolchain(ToolchainManager.java:320) at de.uni_freiburg.informatik.ultimate.core.coreplugin.toolchain.DefaultToolchainJob.run(DefaultToolchainJob.java:145) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:63) [2022-02-20 18:09:08,282 INFO L158 Benchmark]: Toolchain (without parser) took 4709.72ms. Allocated memory was 115.3MB in the beginning and 182.5MB in the end (delta: 67.1MB). Free memory was 85.4MB in the beginning and 106.9MB in the end (delta: -21.5MB). Peak memory consumption was 44.4MB. Max. memory is 16.1GB. [2022-02-20 18:09:08,282 INFO L158 Benchmark]: CDTParser took 0.21ms. Allocated memory is still 115.3MB. Free memory is still 70.5MB. There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:09:08,282 INFO L158 Benchmark]: CACSL2BoogieTranslator took 429.36ms. Allocated memory is still 115.3MB. Free memory was 85.1MB in the beginning and 80.7MB in the end (delta: 4.4MB). Peak memory consumption was 9.8MB. Max. memory is 16.1GB. [2022-02-20 18:09:08,282 INFO L158 Benchmark]: Boogie Procedure Inliner took 53.61ms. Allocated memory is still 115.3MB. Free memory was 80.3MB in the beginning and 77.7MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:09:08,282 INFO L158 Benchmark]: Boogie Preprocessor took 34.03ms. Allocated memory is still 115.3MB. Free memory was 77.7MB in the beginning and 76.1MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:09:08,283 INFO L158 Benchmark]: RCFGBuilder took 846.00ms. Allocated memory is still 115.3MB. Free memory was 76.1MB in the beginning and 55.7MB in the end (delta: 20.4MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2022-02-20 18:09:08,283 INFO L158 Benchmark]: TraceAbstraction took 3340.38ms. Allocated memory was 115.3MB in the beginning and 182.5MB in the end (delta: 67.1MB). Free memory was 55.1MB in the beginning and 106.9MB in the end (delta: -51.8MB). Peak memory consumption was 13.7MB. Max. memory is 16.1GB. [2022-02-20 18:09:08,284 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.21ms. Allocated memory is still 115.3MB. Free memory is still 70.5MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 429.36ms. Allocated memory is still 115.3MB. Free memory was 85.1MB in the beginning and 80.7MB in the end (delta: 4.4MB). Peak memory consumption was 9.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 53.61ms. Allocated memory is still 115.3MB. Free memory was 80.3MB in the beginning and 77.7MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 34.03ms. Allocated memory is still 115.3MB. Free memory was 77.7MB in the beginning and 76.1MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 846.00ms. Allocated memory is still 115.3MB. Free memory was 76.1MB in the beginning and 55.7MB in the end (delta: 20.4MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 3340.38ms. Allocated memory was 115.3MB in the beginning and 182.5MB in the end (delta: 67.1MB). Free memory was 55.1MB in the beginning and 106.9MB in the end (delta: -51.8MB). Peak memory consumption was 13.7MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: AssertionError: callstack broken after backtranslation by InlinerBacktranslator: de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) RESULT: Ultimate could not prove your program: Toolchain returned no result. [2022-02-20 18:09:08,346 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Using bit-precise analysis Retrying with bit-precise analysis ### Bit-precise run ### Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_product31.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Bitvector.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 5b1e1d3e485748d25a44a97cbcf16885148403d3faf86da44fdb361034bb1dc7 --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 18:09:10,449 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 18:09:10,452 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 18:09:10,484 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 18:09:10,485 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 18:09:10,487 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 18:09:10,489 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 18:09:10,492 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 18:09:10,494 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 18:09:10,497 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 18:09:10,498 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 18:09:10,500 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 18:09:10,500 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 18:09:10,502 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 18:09:10,503 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 18:09:10,507 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 18:09:10,508 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 18:09:10,508 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 18:09:10,510 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 18:09:10,514 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 18:09:10,515 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 18:09:10,516 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 18:09:10,517 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 18:09:10,518 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 18:09:10,523 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 18:09:10,523 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 18:09:10,524 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 18:09:10,525 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 18:09:10,525 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 18:09:10,526 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 18:09:10,526 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 18:09:10,527 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 18:09:10,528 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 18:09:10,528 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 18:09:10,529 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 18:09:10,529 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 18:09:10,530 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 18:09:10,530 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 18:09:10,530 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 18:09:10,532 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 18:09:10,532 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 18:09:10,535 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Bitvector.epf [2022-02-20 18:09:10,571 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 18:09:10,571 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 18:09:10,572 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 18:09:10,572 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 18:09:10,573 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 18:09:10,573 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 18:09:10,574 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 18:09:10,574 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 18:09:10,574 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 18:09:10,574 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 18:09:10,575 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 18:09:10,575 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 18:09:10,575 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 18:09:10,575 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-02-20 18:09:10,575 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 18:09:10,575 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-02-20 18:09:10,576 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-02-20 18:09:10,576 INFO L138 SettingsManager]: * Use bitvectors instead of ints=true [2022-02-20 18:09:10,576 INFO L138 SettingsManager]: * Memory model=HoenickeLindenmann_4ByteResolution [2022-02-20 18:09:10,576 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 18:09:10,576 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-02-20 18:09:10,576 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 18:09:10,576 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-02-20 18:09:10,576 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 18:09:10,577 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 18:09:10,577 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 18:09:10,577 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:09:10,577 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 18:09:10,577 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 18:09:10,578 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-02-20 18:09:10,578 INFO L138 SettingsManager]: * Trace refinement strategy=WOLF [2022-02-20 18:09:10,578 INFO L138 SettingsManager]: * Command for external solver=cvc4 --incremental --print-success --lang smt [2022-02-20 18:09:10,578 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2022-02-20 18:09:10,578 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-02-20 18:09:10,578 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-02-20 18:09:10,578 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2022-02-20 18:09:10,579 INFO L138 SettingsManager]: * Logic for external solver=AUFBV WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 5b1e1d3e485748d25a44a97cbcf16885148403d3faf86da44fdb361034bb1dc7 [2022-02-20 18:09:10,871 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 18:09:10,897 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 18:09:10,899 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 18:09:10,900 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 18:09:10,901 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 18:09:10,902 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_product31.cil.c [2022-02-20 18:09:10,951 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/c26a5661d/bbd3d1a8bebe4a0abfb2d9b8d0a9c4bf/FLAGc2c1d5e3e [2022-02-20 18:09:11,383 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 18:09:11,384 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product31.cil.c [2022-02-20 18:09:11,396 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/c26a5661d/bbd3d1a8bebe4a0abfb2d9b8d0a9c4bf/FLAGc2c1d5e3e [2022-02-20 18:09:11,757 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/c26a5661d/bbd3d1a8bebe4a0abfb2d9b8d0a9c4bf [2022-02-20 18:09:11,759 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 18:09:11,760 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 18:09:11,763 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 18:09:11,763 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 18:09:11,766 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 18:09:11,767 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:09:11" (1/1) ... [2022-02-20 18:09:11,768 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@77a83d4e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:11, skipping insertion in model container [2022-02-20 18:09:11,768 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:09:11" (1/1) ... [2022-02-20 18:09:11,785 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 18:09:11,833 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:09:12,034 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product31.cil.c[2984,2997] [2022-02-20 18:09:12,160 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:09:12,191 INFO L200 MainTranslator]: Restarting translation with changed settings: SettingsChange [mNewPreferredMemoryModel=HoenickeLindenmann_1ByteResolution] [2022-02-20 18:09:12,205 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:09:12,218 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product31.cil.c[2984,2997] [2022-02-20 18:09:12,304 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:09:12,308 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 18:09:12,321 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product31.cil.c[2984,2997] [2022-02-20 18:09:12,356 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:09:12,375 INFO L208 MainTranslator]: Completed translation [2022-02-20 18:09:12,376 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:12 WrapperNode [2022-02-20 18:09:12,376 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 18:09:12,377 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 18:09:12,377 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 18:09:12,377 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 18:09:12,383 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:12" (1/1) ... [2022-02-20 18:09:12,411 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:12" (1/1) ... [2022-02-20 18:09:12,449 INFO L137 Inliner]: procedures = 57, calls = 158, calls flagged for inlining = 21, calls inlined = 17, statements flattened = 228 [2022-02-20 18:09:12,450 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 18:09:12,451 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 18:09:12,452 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 18:09:12,452 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 18:09:12,459 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:12" (1/1) ... [2022-02-20 18:09:12,459 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:12" (1/1) ... [2022-02-20 18:09:12,477 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:12" (1/1) ... [2022-02-20 18:09:12,481 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:12" (1/1) ... [2022-02-20 18:09:12,487 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:12" (1/1) ... [2022-02-20 18:09:12,506 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:12" (1/1) ... [2022-02-20 18:09:12,507 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:12" (1/1) ... [2022-02-20 18:09:12,510 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 18:09:12,510 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 18:09:12,511 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 18:09:12,511 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 18:09:12,523 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:12" (1/1) ... [2022-02-20 18:09:12,532 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:09:12,540 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 18:09:12,550 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 18:09:12,553 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 18:09:12,580 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 18:09:12,580 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-02-20 18:09:12,580 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-02-20 18:09:12,581 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-02-20 18:09:12,581 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-02-20 18:09:12,581 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-02-20 18:09:12,581 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-02-20 18:09:12,581 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-02-20 18:09:12,581 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-02-20 18:09:12,582 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-02-20 18:09:12,582 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-02-20 18:09:12,582 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~intINTTYPE1 [2022-02-20 18:09:12,582 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2022-02-20 18:09:12,582 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2022-02-20 18:09:12,582 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2022-02-20 18:09:12,582 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2022-02-20 18:09:12,583 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-02-20 18:09:12,583 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-02-20 18:09:12,583 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-02-20 18:09:12,583 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-02-20 18:09:12,583 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 18:09:12,583 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 18:09:12,646 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 18:09:12,647 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 18:09:13,042 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 18:09:13,049 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 18:09:13,049 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-02-20 18:09:13,050 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:09:13 BoogieIcfgContainer [2022-02-20 18:09:13,051 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 18:09:13,052 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 18:09:13,052 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 18:09:13,054 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 18:09:13,055 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 06:09:11" (1/3) ... [2022-02-20 18:09:13,055 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@16314bd and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:09:13, skipping insertion in model container [2022-02-20 18:09:13,055 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:12" (2/3) ... [2022-02-20 18:09:13,057 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@16314bd and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:09:13, skipping insertion in model container [2022-02-20 18:09:13,057 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:09:13" (3/3) ... [2022-02-20 18:09:13,058 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product31.cil.c [2022-02-20 18:09:13,063 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 18:09:13,064 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-02-20 18:09:13,101 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 18:09:13,120 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 18:09:13,121 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-02-20 18:09:13,141 INFO L276 IsEmpty]: Start isEmpty. Operand has 97 states, 70 states have (on average 1.3714285714285714) internal successors, (96), 79 states have internal predecessors, (96), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 12 states have call predecessors, (16), 16 states have call successors, (16) [2022-02-20 18:09:13,147 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 18:09:13,147 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:13,148 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:13,148 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:13,155 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:13,156 INFO L85 PathProgramCache]: Analyzing trace with hash 2124240942, now seen corresponding path program 1 times [2022-02-20 18:09:13,167 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:13,168 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1329173986] [2022-02-20 18:09:13,168 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:13,168 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:13,169 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:13,171 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:13,245 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Waiting until timeout for monitored process [2022-02-20 18:09:13,329 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:13,334 INFO L263 TraceCheckSpWp]: Trace formula consists of 154 conjuncts, 1 conjunts are in the unsatisfiable core [2022-02-20 18:09:13,350 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:13,354 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:13,455 INFO L290 TraceCheckUtils]: 0: Hoare triple {100#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(13bv32, 4bv32);call #Ultimate.allocInit(7bv32, 5bv32);call write~init~intINTTYPE1(44bv8, 5bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 5bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 5bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 5bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 5bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 5bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 5bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 6bv32);call write~init~intINTTYPE1(67bv8, 6bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 6bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 6bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 6bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 6bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 7bv32);call write~init~intINTTYPE1(79bv8, 7bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 7bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 7bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 8bv32);call write~init~intINTTYPE1(41bv8, 8bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 8bv32, 1bv32, 1bv32);call #Ultimate.allocInit(30bv32, 9bv32);call #Ultimate.allocInit(9bv32, 10bv32);call #Ultimate.allocInit(21bv32, 11bv32);call #Ultimate.allocInit(30bv32, 12bv32);call #Ultimate.allocInit(9bv32, 13bv32);call #Ultimate.allocInit(21bv32, 14bv32);call #Ultimate.allocInit(30bv32, 15bv32);call #Ultimate.allocInit(9bv32, 16bv32);call #Ultimate.allocInit(25bv32, 17bv32);call #Ultimate.allocInit(30bv32, 18bv32);call #Ultimate.allocInit(9bv32, 19bv32);call #Ultimate.allocInit(25bv32, 20bv32);call #Ultimate.allocInit(13bv32, 21bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(79bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 23bv32);call write~init~intINTTYPE1(79bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 23bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 23bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 24bv32);call write~init~intINTTYPE1(44bv8, 24bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 24bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 24bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 24bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 24bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 24bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 24bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 25bv32);call write~init~intINTTYPE1(79bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 26bv32);call write~init~intINTTYPE1(79bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(41bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(10bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~cleanupTimeShifts~0 := 4bv32; {100#true} is VALID [2022-02-20 18:09:13,459 INFO L290 TraceCheckUtils]: 1: Hoare triple {100#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret53#1, main_~retValue_acc~11#1, main_~tmp~9#1;havoc main_~retValue_acc~11#1;havoc main_~tmp~9#1;assume { :begin_inline_select_helpers } true; {100#true} is VALID [2022-02-20 18:09:13,459 INFO L290 TraceCheckUtils]: 2: Hoare triple {100#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {100#true} is VALID [2022-02-20 18:09:13,459 INFO L290 TraceCheckUtils]: 3: Hoare triple {100#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~10#1;havoc valid_product_~retValue_acc~10#1;valid_product_~retValue_acc~10#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~10#1; {100#true} is VALID [2022-02-20 18:09:13,460 INFO L290 TraceCheckUtils]: 4: Hoare triple {100#true} main_#t~ret53#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~9#1 := main_#t~ret53#1;havoc main_#t~ret53#1; {100#true} is VALID [2022-02-20 18:09:13,460 INFO L290 TraceCheckUtils]: 5: Hoare triple {100#true} assume 0bv32 != main_~tmp~9#1;assume { :begin_inline_setup } true; {100#true} is VALID [2022-02-20 18:09:13,460 INFO L290 TraceCheckUtils]: 6: Hoare triple {100#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet32#1, test_#t~nondet33#1, test_#t~nondet34#1, test_#t~nondet35#1, test_~splverifierCounter~0#1, test_~tmp~3#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~3#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {100#true} is VALID [2022-02-20 18:09:13,461 INFO L290 TraceCheckUtils]: 7: Hoare triple {100#true} assume false; {101#false} is VALID [2022-02-20 18:09:13,461 INFO L272 TraceCheckUtils]: 8: Hoare triple {101#false} call cleanup(); {101#false} is VALID [2022-02-20 18:09:13,461 INFO L290 TraceCheckUtils]: 9: Hoare triple {101#false} havoc ~i~0;havoc ~__cil_tmp2~0; {101#false} is VALID [2022-02-20 18:09:13,462 INFO L272 TraceCheckUtils]: 10: Hoare triple {101#false} call timeShift(); {101#false} is VALID [2022-02-20 18:09:13,462 INFO L290 TraceCheckUtils]: 11: Hoare triple {101#false} assume !(0bv32 != ~pumpRunning~0); {101#false} is VALID [2022-02-20 18:09:13,462 INFO L290 TraceCheckUtils]: 12: Hoare triple {101#false} assume !(0bv32 != ~systemActive~0); {101#false} is VALID [2022-02-20 18:09:13,462 INFO L290 TraceCheckUtils]: 13: Hoare triple {101#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_#t~ret51#1, __utac_acc__Specification3_spec__1_~tmp~8#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~8#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {101#false} is VALID [2022-02-20 18:09:13,463 INFO L272 TraceCheckUtils]: 14: Hoare triple {101#false} call __utac_acc__Specification3_spec__1_#t~ret49#1 := isMethaneLevelCritical(); {101#false} is VALID [2022-02-20 18:09:13,463 INFO L290 TraceCheckUtils]: 15: Hoare triple {101#false} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {101#false} is VALID [2022-02-20 18:09:13,463 INFO L290 TraceCheckUtils]: 16: Hoare triple {101#false} assume true; {101#false} is VALID [2022-02-20 18:09:13,463 INFO L284 TraceCheckUtils]: 17: Hoare quadruple {101#false} {101#false} #245#return; {101#false} is VALID [2022-02-20 18:09:13,463 INFO L290 TraceCheckUtils]: 18: Hoare triple {101#false} __utac_acc__Specification3_spec__1_~tmp~8#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {101#false} is VALID [2022-02-20 18:09:13,463 INFO L290 TraceCheckUtils]: 19: Hoare triple {101#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~8#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~1#1;havoc getWaterLevel_~retValue_acc~1#1;getWaterLevel_~retValue_acc~1#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; {101#false} is VALID [2022-02-20 18:09:13,464 INFO L290 TraceCheckUtils]: 20: Hoare triple {101#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {101#false} is VALID [2022-02-20 18:09:13,464 INFO L290 TraceCheckUtils]: 21: Hoare triple {101#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {101#false} is VALID [2022-02-20 18:09:13,464 INFO L290 TraceCheckUtils]: 22: Hoare triple {101#false} __utac_acc__Specification3_spec__1_#t~ret51#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret51#1;havoc __utac_acc__Specification3_spec__1_#t~ret51#1; {101#false} is VALID [2022-02-20 18:09:13,465 INFO L290 TraceCheckUtils]: 23: Hoare triple {101#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {101#false} is VALID [2022-02-20 18:09:13,465 INFO L290 TraceCheckUtils]: 24: Hoare triple {101#false} assume !false; {101#false} is VALID [2022-02-20 18:09:13,466 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:13,466 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:13,467 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:13,467 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1329173986] [2022-02-20 18:09:13,468 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1329173986] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:13,468 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:13,468 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:09:13,469 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1349192418] [2022-02-20 18:09:13,470 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:13,474 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:09:13,476 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:13,478 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:13,507 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:13,508 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-02-20 18:09:13,508 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:13,526 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-02-20 18:09:13,526 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:09:13,529 INFO L87 Difference]: Start difference. First operand has 97 states, 70 states have (on average 1.3714285714285714) internal successors, (96), 79 states have internal predecessors, (96), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 12 states have call predecessors, (16), 16 states have call successors, (16) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:13,640 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:13,641 INFO L93 Difference]: Finished difference Result 186 states and 251 transitions. [2022-02-20 18:09:13,641 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-02-20 18:09:13,641 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:09:13,641 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:13,642 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:13,652 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 251 transitions. [2022-02-20 18:09:13,652 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:13,657 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 251 transitions. [2022-02-20 18:09:13,658 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 251 transitions. [2022-02-20 18:09:13,842 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 251 edges. 251 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:13,850 INFO L225 Difference]: With dead ends: 186 [2022-02-20 18:09:13,850 INFO L226 Difference]: Without dead ends: 88 [2022-02-20 18:09:13,853 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 24 GetRequests, 24 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:09:13,855 INFO L933 BasicCegarLoop]: 122 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 122 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:13,855 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 122 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:13,867 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 88 states. [2022-02-20 18:09:13,879 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 88 to 88. [2022-02-20 18:09:13,879 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:13,880 INFO L82 GeneralOperation]: Start isEquivalent. First operand 88 states. Second operand has 88 states, 63 states have (on average 1.3015873015873016) internal successors, (82), 71 states have internal predecessors, (82), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 11 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-20 18:09:13,881 INFO L74 IsIncluded]: Start isIncluded. First operand 88 states. Second operand has 88 states, 63 states have (on average 1.3015873015873016) internal successors, (82), 71 states have internal predecessors, (82), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 11 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-20 18:09:13,881 INFO L87 Difference]: Start difference. First operand 88 states. Second operand has 88 states, 63 states have (on average 1.3015873015873016) internal successors, (82), 71 states have internal predecessors, (82), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 11 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-20 18:09:13,886 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:13,886 INFO L93 Difference]: Finished difference Result 88 states and 113 transitions. [2022-02-20 18:09:13,886 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 113 transitions. [2022-02-20 18:09:13,887 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:13,887 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:13,888 INFO L74 IsIncluded]: Start isIncluded. First operand has 88 states, 63 states have (on average 1.3015873015873016) internal successors, (82), 71 states have internal predecessors, (82), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 11 states have call predecessors, (15), 15 states have call successors, (15) Second operand 88 states. [2022-02-20 18:09:13,888 INFO L87 Difference]: Start difference. First operand has 88 states, 63 states have (on average 1.3015873015873016) internal successors, (82), 71 states have internal predecessors, (82), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 11 states have call predecessors, (15), 15 states have call successors, (15) Second operand 88 states. [2022-02-20 18:09:13,892 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:13,892 INFO L93 Difference]: Finished difference Result 88 states and 113 transitions. [2022-02-20 18:09:13,892 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 113 transitions. [2022-02-20 18:09:13,893 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:13,893 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:13,893 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:13,893 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:13,894 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 88 states, 63 states have (on average 1.3015873015873016) internal successors, (82), 71 states have internal predecessors, (82), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 11 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-20 18:09:13,897 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 88 states to 88 states and 113 transitions. [2022-02-20 18:09:13,898 INFO L78 Accepts]: Start accepts. Automaton has 88 states and 113 transitions. Word has length 25 [2022-02-20 18:09:13,898 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:13,898 INFO L470 AbstractCegarLoop]: Abstraction has 88 states and 113 transitions. [2022-02-20 18:09:13,898 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:13,898 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 113 transitions. [2022-02-20 18:09:13,900 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-02-20 18:09:13,900 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:13,900 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:13,922 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Forceful destruction successful, exit code 0 [2022-02-20 18:09:14,107 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:14,108 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:14,108 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:14,108 INFO L85 PathProgramCache]: Analyzing trace with hash 1980426117, now seen corresponding path program 1 times [2022-02-20 18:09:14,109 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:14,125 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [510122809] [2022-02-20 18:09:14,125 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:14,126 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:14,126 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:14,156 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:14,172 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Waiting until timeout for monitored process [2022-02-20 18:09:14,234 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:14,236 INFO L263 TraceCheckSpWp]: Trace formula consists of 155 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-20 18:09:14,255 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:14,256 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:14,339 INFO L290 TraceCheckUtils]: 0: Hoare triple {748#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(13bv32, 4bv32);call #Ultimate.allocInit(7bv32, 5bv32);call write~init~intINTTYPE1(44bv8, 5bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 5bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 5bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 5bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 5bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 5bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 5bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 6bv32);call write~init~intINTTYPE1(67bv8, 6bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 6bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 6bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 6bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 6bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 7bv32);call write~init~intINTTYPE1(79bv8, 7bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 7bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 7bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 8bv32);call write~init~intINTTYPE1(41bv8, 8bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 8bv32, 1bv32, 1bv32);call #Ultimate.allocInit(30bv32, 9bv32);call #Ultimate.allocInit(9bv32, 10bv32);call #Ultimate.allocInit(21bv32, 11bv32);call #Ultimate.allocInit(30bv32, 12bv32);call #Ultimate.allocInit(9bv32, 13bv32);call #Ultimate.allocInit(21bv32, 14bv32);call #Ultimate.allocInit(30bv32, 15bv32);call #Ultimate.allocInit(9bv32, 16bv32);call #Ultimate.allocInit(25bv32, 17bv32);call #Ultimate.allocInit(30bv32, 18bv32);call #Ultimate.allocInit(9bv32, 19bv32);call #Ultimate.allocInit(25bv32, 20bv32);call #Ultimate.allocInit(13bv32, 21bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(79bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 23bv32);call write~init~intINTTYPE1(79bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 23bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 23bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 24bv32);call write~init~intINTTYPE1(44bv8, 24bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 24bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 24bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 24bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 24bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 24bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 24bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 25bv32);call write~init~intINTTYPE1(79bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 26bv32);call write~init~intINTTYPE1(79bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(41bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(10bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~cleanupTimeShifts~0 := 4bv32; {748#true} is VALID [2022-02-20 18:09:14,339 INFO L290 TraceCheckUtils]: 1: Hoare triple {748#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret53#1, main_~retValue_acc~11#1, main_~tmp~9#1;havoc main_~retValue_acc~11#1;havoc main_~tmp~9#1;assume { :begin_inline_select_helpers } true; {748#true} is VALID [2022-02-20 18:09:14,339 INFO L290 TraceCheckUtils]: 2: Hoare triple {748#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {748#true} is VALID [2022-02-20 18:09:14,339 INFO L290 TraceCheckUtils]: 3: Hoare triple {748#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~10#1;havoc valid_product_~retValue_acc~10#1;valid_product_~retValue_acc~10#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~10#1; {748#true} is VALID [2022-02-20 18:09:14,340 INFO L290 TraceCheckUtils]: 4: Hoare triple {748#true} main_#t~ret53#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~9#1 := main_#t~ret53#1;havoc main_#t~ret53#1; {748#true} is VALID [2022-02-20 18:09:14,340 INFO L290 TraceCheckUtils]: 5: Hoare triple {748#true} assume 0bv32 != main_~tmp~9#1;assume { :begin_inline_setup } true; {748#true} is VALID [2022-02-20 18:09:14,340 INFO L290 TraceCheckUtils]: 6: Hoare triple {748#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet32#1, test_#t~nondet33#1, test_#t~nondet34#1, test_#t~nondet35#1, test_~splverifierCounter~0#1, test_~tmp~3#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~3#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {771#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} is VALID [2022-02-20 18:09:14,341 INFO L290 TraceCheckUtils]: 7: Hoare triple {771#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} assume !false; {771#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} is VALID [2022-02-20 18:09:14,341 INFO L290 TraceCheckUtils]: 8: Hoare triple {771#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} assume !~bvslt32(test_~splverifierCounter~0#1, 4bv32); {749#false} is VALID [2022-02-20 18:09:14,342 INFO L272 TraceCheckUtils]: 9: Hoare triple {749#false} call cleanup(); {749#false} is VALID [2022-02-20 18:09:14,342 INFO L290 TraceCheckUtils]: 10: Hoare triple {749#false} havoc ~i~0;havoc ~__cil_tmp2~0; {749#false} is VALID [2022-02-20 18:09:14,342 INFO L272 TraceCheckUtils]: 11: Hoare triple {749#false} call timeShift(); {749#false} is VALID [2022-02-20 18:09:14,343 INFO L290 TraceCheckUtils]: 12: Hoare triple {749#false} assume !(0bv32 != ~pumpRunning~0); {749#false} is VALID [2022-02-20 18:09:14,343 INFO L290 TraceCheckUtils]: 13: Hoare triple {749#false} assume !(0bv32 != ~systemActive~0); {749#false} is VALID [2022-02-20 18:09:14,343 INFO L290 TraceCheckUtils]: 14: Hoare triple {749#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_#t~ret51#1, __utac_acc__Specification3_spec__1_~tmp~8#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~8#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {749#false} is VALID [2022-02-20 18:09:14,343 INFO L272 TraceCheckUtils]: 15: Hoare triple {749#false} call __utac_acc__Specification3_spec__1_#t~ret49#1 := isMethaneLevelCritical(); {749#false} is VALID [2022-02-20 18:09:14,343 INFO L290 TraceCheckUtils]: 16: Hoare triple {749#false} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {749#false} is VALID [2022-02-20 18:09:14,344 INFO L290 TraceCheckUtils]: 17: Hoare triple {749#false} assume true; {749#false} is VALID [2022-02-20 18:09:14,344 INFO L284 TraceCheckUtils]: 18: Hoare quadruple {749#false} {749#false} #245#return; {749#false} is VALID [2022-02-20 18:09:14,345 INFO L290 TraceCheckUtils]: 19: Hoare triple {749#false} __utac_acc__Specification3_spec__1_~tmp~8#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {749#false} is VALID [2022-02-20 18:09:14,345 INFO L290 TraceCheckUtils]: 20: Hoare triple {749#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~8#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~1#1;havoc getWaterLevel_~retValue_acc~1#1;getWaterLevel_~retValue_acc~1#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; {749#false} is VALID [2022-02-20 18:09:14,345 INFO L290 TraceCheckUtils]: 21: Hoare triple {749#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {749#false} is VALID [2022-02-20 18:09:14,346 INFO L290 TraceCheckUtils]: 22: Hoare triple {749#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {749#false} is VALID [2022-02-20 18:09:14,346 INFO L290 TraceCheckUtils]: 23: Hoare triple {749#false} __utac_acc__Specification3_spec__1_#t~ret51#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret51#1;havoc __utac_acc__Specification3_spec__1_#t~ret51#1; {749#false} is VALID [2022-02-20 18:09:14,348 INFO L290 TraceCheckUtils]: 24: Hoare triple {749#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {749#false} is VALID [2022-02-20 18:09:14,348 INFO L290 TraceCheckUtils]: 25: Hoare triple {749#false} assume !false; {749#false} is VALID [2022-02-20 18:09:14,348 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:14,348 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:14,349 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:14,349 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [510122809] [2022-02-20 18:09:14,349 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [510122809] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:14,349 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:14,349 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:09:14,352 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1667272641] [2022-02-20 18:09:14,353 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:14,354 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:09:14,354 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:14,355 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:14,376 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 26 edges. 26 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:14,377 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:14,377 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:14,378 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:14,378 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:14,378 INFO L87 Difference]: Start difference. First operand 88 states and 113 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:14,504 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:14,505 INFO L93 Difference]: Finished difference Result 138 states and 176 transitions. [2022-02-20 18:09:14,505 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:14,505 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:09:14,505 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:14,505 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:14,515 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 176 transitions. [2022-02-20 18:09:14,515 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:14,519 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 176 transitions. [2022-02-20 18:09:14,519 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 176 transitions. [2022-02-20 18:09:14,655 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 176 edges. 176 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:14,657 INFO L225 Difference]: With dead ends: 138 [2022-02-20 18:09:14,657 INFO L226 Difference]: Without dead ends: 79 [2022-02-20 18:09:14,658 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 25 GetRequests, 24 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:14,659 INFO L933 BasicCegarLoop]: 100 mSDtfsCounter, 16 mSDsluCounter, 79 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 179 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:14,659 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [20 Valid, 179 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:14,660 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 79 states. [2022-02-20 18:09:14,664 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 79 to 79. [2022-02-20 18:09:14,664 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:14,665 INFO L82 GeneralOperation]: Start isEquivalent. First operand 79 states. Second operand has 79 states, 57 states have (on average 1.3157894736842106) internal successors, (75), 65 states have internal predecessors, (75), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) [2022-02-20 18:09:14,665 INFO L74 IsIncluded]: Start isIncluded. First operand 79 states. Second operand has 79 states, 57 states have (on average 1.3157894736842106) internal successors, (75), 65 states have internal predecessors, (75), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) [2022-02-20 18:09:14,665 INFO L87 Difference]: Start difference. First operand 79 states. Second operand has 79 states, 57 states have (on average 1.3157894736842106) internal successors, (75), 65 states have internal predecessors, (75), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) [2022-02-20 18:09:14,668 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:14,668 INFO L93 Difference]: Finished difference Result 79 states and 101 transitions. [2022-02-20 18:09:14,668 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 101 transitions. [2022-02-20 18:09:14,669 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:14,669 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:14,669 INFO L74 IsIncluded]: Start isIncluded. First operand has 79 states, 57 states have (on average 1.3157894736842106) internal successors, (75), 65 states have internal predecessors, (75), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) Second operand 79 states. [2022-02-20 18:09:14,670 INFO L87 Difference]: Start difference. First operand has 79 states, 57 states have (on average 1.3157894736842106) internal successors, (75), 65 states have internal predecessors, (75), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) Second operand 79 states. [2022-02-20 18:09:14,672 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:14,672 INFO L93 Difference]: Finished difference Result 79 states and 101 transitions. [2022-02-20 18:09:14,672 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 101 transitions. [2022-02-20 18:09:14,673 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:14,673 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:14,673 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:14,673 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:14,673 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 79 states, 57 states have (on average 1.3157894736842106) internal successors, (75), 65 states have internal predecessors, (75), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) [2022-02-20 18:09:14,676 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 79 states to 79 states and 101 transitions. [2022-02-20 18:09:14,676 INFO L78 Accepts]: Start accepts. Automaton has 79 states and 101 transitions. Word has length 26 [2022-02-20 18:09:14,676 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:14,676 INFO L470 AbstractCegarLoop]: Abstraction has 79 states and 101 transitions. [2022-02-20 18:09:14,676 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:14,676 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 101 transitions. [2022-02-20 18:09:14,677 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-02-20 18:09:14,677 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:14,677 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:14,687 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Ended with exit code 0 [2022-02-20 18:09:14,884 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:14,885 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:14,886 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:14,886 INFO L85 PathProgramCache]: Analyzing trace with hash 1475806488, now seen corresponding path program 1 times [2022-02-20 18:09:14,886 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:14,886 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1145610570] [2022-02-20 18:09:14,887 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:14,887 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:14,887 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:14,907 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:14,909 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Waiting until timeout for monitored process [2022-02-20 18:09:14,948 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:14,950 INFO L263 TraceCheckSpWp]: Trace formula consists of 155 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-20 18:09:14,968 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:14,969 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:15,047 INFO L290 TraceCheckUtils]: 0: Hoare triple {1298#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(13bv32, 4bv32);call #Ultimate.allocInit(7bv32, 5bv32);call write~init~intINTTYPE1(44bv8, 5bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 5bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 5bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 5bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 5bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 5bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 5bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 6bv32);call write~init~intINTTYPE1(67bv8, 6bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 6bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 6bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 6bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 6bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 7bv32);call write~init~intINTTYPE1(79bv8, 7bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 7bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 7bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 8bv32);call write~init~intINTTYPE1(41bv8, 8bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 8bv32, 1bv32, 1bv32);call #Ultimate.allocInit(30bv32, 9bv32);call #Ultimate.allocInit(9bv32, 10bv32);call #Ultimate.allocInit(21bv32, 11bv32);call #Ultimate.allocInit(30bv32, 12bv32);call #Ultimate.allocInit(9bv32, 13bv32);call #Ultimate.allocInit(21bv32, 14bv32);call #Ultimate.allocInit(30bv32, 15bv32);call #Ultimate.allocInit(9bv32, 16bv32);call #Ultimate.allocInit(25bv32, 17bv32);call #Ultimate.allocInit(30bv32, 18bv32);call #Ultimate.allocInit(9bv32, 19bv32);call #Ultimate.allocInit(25bv32, 20bv32);call #Ultimate.allocInit(13bv32, 21bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(79bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 23bv32);call write~init~intINTTYPE1(79bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 23bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 23bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 24bv32);call write~init~intINTTYPE1(44bv8, 24bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 24bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 24bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 24bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 24bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 24bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 24bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 25bv32);call write~init~intINTTYPE1(79bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 26bv32);call write~init~intINTTYPE1(79bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(41bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(10bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~cleanupTimeShifts~0 := 4bv32; {1303#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,047 INFO L290 TraceCheckUtils]: 1: Hoare triple {1303#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret53#1, main_~retValue_acc~11#1, main_~tmp~9#1;havoc main_~retValue_acc~11#1;havoc main_~tmp~9#1;assume { :begin_inline_select_helpers } true; {1303#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,048 INFO L290 TraceCheckUtils]: 2: Hoare triple {1303#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1303#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,048 INFO L290 TraceCheckUtils]: 3: Hoare triple {1303#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~10#1;havoc valid_product_~retValue_acc~10#1;valid_product_~retValue_acc~10#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~10#1; {1303#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,048 INFO L290 TraceCheckUtils]: 4: Hoare triple {1303#(= ~systemActive~0 (_ bv1 32))} main_#t~ret53#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~9#1 := main_#t~ret53#1;havoc main_#t~ret53#1; {1303#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,049 INFO L290 TraceCheckUtils]: 5: Hoare triple {1303#(= ~systemActive~0 (_ bv1 32))} assume 0bv32 != main_~tmp~9#1;assume { :begin_inline_setup } true; {1303#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,049 INFO L290 TraceCheckUtils]: 6: Hoare triple {1303#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet32#1, test_#t~nondet33#1, test_#t~nondet34#1, test_#t~nondet35#1, test_~splverifierCounter~0#1, test_~tmp~3#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~3#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {1303#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,050 INFO L290 TraceCheckUtils]: 7: Hoare triple {1303#(= ~systemActive~0 (_ bv1 32))} assume !false; {1303#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,050 INFO L290 TraceCheckUtils]: 8: Hoare triple {1303#(= ~systemActive~0 (_ bv1 32))} assume ~bvslt32(test_~splverifierCounter~0#1, 4bv32); {1303#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,050 INFO L290 TraceCheckUtils]: 9: Hoare triple {1303#(= ~systemActive~0 (_ bv1 32))} test_~tmp~3#1 := test_#t~nondet32#1;havoc test_#t~nondet32#1; {1303#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,051 INFO L290 TraceCheckUtils]: 10: Hoare triple {1303#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != test_~tmp~3#1); {1303#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,051 INFO L290 TraceCheckUtils]: 11: Hoare triple {1303#(= ~systemActive~0 (_ bv1 32))} test_~tmp___0~0#1 := test_#t~nondet33#1;havoc test_#t~nondet33#1; {1303#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,051 INFO L290 TraceCheckUtils]: 12: Hoare triple {1303#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___0~0#1); {1303#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,052 INFO L290 TraceCheckUtils]: 13: Hoare triple {1303#(= ~systemActive~0 (_ bv1 32))} test_~tmp___2~0#1 := test_#t~nondet34#1;havoc test_#t~nondet34#1; {1303#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,052 INFO L290 TraceCheckUtils]: 14: Hoare triple {1303#(= ~systemActive~0 (_ bv1 32))} assume 0bv32 != test_~tmp___2~0#1; {1303#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,053 INFO L272 TraceCheckUtils]: 15: Hoare triple {1303#(= ~systemActive~0 (_ bv1 32))} call timeShift(); {1303#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,053 INFO L290 TraceCheckUtils]: 16: Hoare triple {1303#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {1303#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,053 INFO L290 TraceCheckUtils]: 17: Hoare triple {1303#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != ~systemActive~0); {1299#false} is VALID [2022-02-20 18:09:15,053 INFO L290 TraceCheckUtils]: 18: Hoare triple {1299#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_#t~ret51#1, __utac_acc__Specification3_spec__1_~tmp~8#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~8#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {1299#false} is VALID [2022-02-20 18:09:15,054 INFO L272 TraceCheckUtils]: 19: Hoare triple {1299#false} call __utac_acc__Specification3_spec__1_#t~ret49#1 := isMethaneLevelCritical(); {1299#false} is VALID [2022-02-20 18:09:15,054 INFO L290 TraceCheckUtils]: 20: Hoare triple {1299#false} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {1299#false} is VALID [2022-02-20 18:09:15,054 INFO L290 TraceCheckUtils]: 21: Hoare triple {1299#false} assume true; {1299#false} is VALID [2022-02-20 18:09:15,054 INFO L284 TraceCheckUtils]: 22: Hoare quadruple {1299#false} {1299#false} #245#return; {1299#false} is VALID [2022-02-20 18:09:15,054 INFO L290 TraceCheckUtils]: 23: Hoare triple {1299#false} __utac_acc__Specification3_spec__1_~tmp~8#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {1299#false} is VALID [2022-02-20 18:09:15,054 INFO L290 TraceCheckUtils]: 24: Hoare triple {1299#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~8#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~1#1;havoc getWaterLevel_~retValue_acc~1#1;getWaterLevel_~retValue_acc~1#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; {1299#false} is VALID [2022-02-20 18:09:15,055 INFO L290 TraceCheckUtils]: 25: Hoare triple {1299#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {1299#false} is VALID [2022-02-20 18:09:15,055 INFO L290 TraceCheckUtils]: 26: Hoare triple {1299#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {1299#false} is VALID [2022-02-20 18:09:15,055 INFO L290 TraceCheckUtils]: 27: Hoare triple {1299#false} __utac_acc__Specification3_spec__1_#t~ret51#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret51#1;havoc __utac_acc__Specification3_spec__1_#t~ret51#1; {1299#false} is VALID [2022-02-20 18:09:15,055 INFO L290 TraceCheckUtils]: 28: Hoare triple {1299#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {1299#false} is VALID [2022-02-20 18:09:15,055 INFO L290 TraceCheckUtils]: 29: Hoare triple {1299#false} assume !false; {1299#false} is VALID [2022-02-20 18:09:15,055 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:15,056 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:15,056 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:15,056 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1145610570] [2022-02-20 18:09:15,056 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1145610570] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:15,056 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:15,056 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:09:15,056 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1947709706] [2022-02-20 18:09:15,057 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:15,057 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:09:15,057 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:15,058 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:15,082 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 30 edges. 30 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:15,082 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:15,083 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:15,083 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:15,083 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:15,083 INFO L87 Difference]: Start difference. First operand 79 states and 101 transitions. Second operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:15,259 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:15,259 INFO L93 Difference]: Finished difference Result 222 states and 289 transitions. [2022-02-20 18:09:15,260 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:15,260 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:09:15,260 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:15,260 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:15,263 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 289 transitions. [2022-02-20 18:09:15,264 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:15,266 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 289 transitions. [2022-02-20 18:09:15,267 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 289 transitions. [2022-02-20 18:09:15,465 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 289 edges. 289 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:15,469 INFO L225 Difference]: With dead ends: 222 [2022-02-20 18:09:15,469 INFO L226 Difference]: Without dead ends: 150 [2022-02-20 18:09:15,470 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 29 GetRequests, 28 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:15,471 INFO L933 BasicCegarLoop]: 127 mSDtfsCounter, 81 mSDsluCounter, 91 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 81 SdHoareTripleChecker+Valid, 218 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:15,471 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [81 Valid, 218 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:15,472 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 150 states. [2022-02-20 18:09:15,480 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 150 to 147. [2022-02-20 18:09:15,480 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:15,481 INFO L82 GeneralOperation]: Start isEquivalent. First operand 150 states. Second operand has 147 states, 104 states have (on average 1.3365384615384615) internal successors, (139), 119 states have internal predecessors, (139), 26 states have call successors, (26), 16 states have call predecessors, (26), 16 states have return successors, (26), 17 states have call predecessors, (26), 26 states have call successors, (26) [2022-02-20 18:09:15,481 INFO L74 IsIncluded]: Start isIncluded. First operand 150 states. Second operand has 147 states, 104 states have (on average 1.3365384615384615) internal successors, (139), 119 states have internal predecessors, (139), 26 states have call successors, (26), 16 states have call predecessors, (26), 16 states have return successors, (26), 17 states have call predecessors, (26), 26 states have call successors, (26) [2022-02-20 18:09:15,482 INFO L87 Difference]: Start difference. First operand 150 states. Second operand has 147 states, 104 states have (on average 1.3365384615384615) internal successors, (139), 119 states have internal predecessors, (139), 26 states have call successors, (26), 16 states have call predecessors, (26), 16 states have return successors, (26), 17 states have call predecessors, (26), 26 states have call successors, (26) [2022-02-20 18:09:15,485 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:15,486 INFO L93 Difference]: Finished difference Result 150 states and 193 transitions. [2022-02-20 18:09:15,486 INFO L276 IsEmpty]: Start isEmpty. Operand 150 states and 193 transitions. [2022-02-20 18:09:15,487 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:15,487 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:15,487 INFO L74 IsIncluded]: Start isIncluded. First operand has 147 states, 104 states have (on average 1.3365384615384615) internal successors, (139), 119 states have internal predecessors, (139), 26 states have call successors, (26), 16 states have call predecessors, (26), 16 states have return successors, (26), 17 states have call predecessors, (26), 26 states have call successors, (26) Second operand 150 states. [2022-02-20 18:09:15,488 INFO L87 Difference]: Start difference. First operand has 147 states, 104 states have (on average 1.3365384615384615) internal successors, (139), 119 states have internal predecessors, (139), 26 states have call successors, (26), 16 states have call predecessors, (26), 16 states have return successors, (26), 17 states have call predecessors, (26), 26 states have call successors, (26) Second operand 150 states. [2022-02-20 18:09:15,492 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:15,492 INFO L93 Difference]: Finished difference Result 150 states and 193 transitions. [2022-02-20 18:09:15,492 INFO L276 IsEmpty]: Start isEmpty. Operand 150 states and 193 transitions. [2022-02-20 18:09:15,493 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:15,493 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:15,493 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:15,493 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:15,493 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 147 states, 104 states have (on average 1.3365384615384615) internal successors, (139), 119 states have internal predecessors, (139), 26 states have call successors, (26), 16 states have call predecessors, (26), 16 states have return successors, (26), 17 states have call predecessors, (26), 26 states have call successors, (26) [2022-02-20 18:09:15,498 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 147 states to 147 states and 191 transitions. [2022-02-20 18:09:15,498 INFO L78 Accepts]: Start accepts. Automaton has 147 states and 191 transitions. Word has length 30 [2022-02-20 18:09:15,498 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:15,498 INFO L470 AbstractCegarLoop]: Abstraction has 147 states and 191 transitions. [2022-02-20 18:09:15,498 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:15,499 INFO L276 IsEmpty]: Start isEmpty. Operand 147 states and 191 transitions. [2022-02-20 18:09:15,499 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-02-20 18:09:15,500 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:15,500 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:15,512 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Forceful destruction successful, exit code 0 [2022-02-20 18:09:15,708 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:15,709 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:15,709 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:15,709 INFO L85 PathProgramCache]: Analyzing trace with hash -1209009394, now seen corresponding path program 1 times [2022-02-20 18:09:15,710 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:15,710 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [898721247] [2022-02-20 18:09:15,710 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:15,710 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:15,710 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:15,717 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:15,718 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Waiting until timeout for monitored process [2022-02-20 18:09:15,760 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:15,762 INFO L263 TraceCheckSpWp]: Trace formula consists of 160 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 18:09:15,769 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:15,770 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:15,872 INFO L290 TraceCheckUtils]: 0: Hoare triple {2215#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(13bv32, 4bv32);call #Ultimate.allocInit(7bv32, 5bv32);call write~init~intINTTYPE1(44bv8, 5bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 5bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 5bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 5bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 5bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 5bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 5bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 6bv32);call write~init~intINTTYPE1(67bv8, 6bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 6bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 6bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 6bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 6bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 7bv32);call write~init~intINTTYPE1(79bv8, 7bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 7bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 7bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 8bv32);call write~init~intINTTYPE1(41bv8, 8bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 8bv32, 1bv32, 1bv32);call #Ultimate.allocInit(30bv32, 9bv32);call #Ultimate.allocInit(9bv32, 10bv32);call #Ultimate.allocInit(21bv32, 11bv32);call #Ultimate.allocInit(30bv32, 12bv32);call #Ultimate.allocInit(9bv32, 13bv32);call #Ultimate.allocInit(21bv32, 14bv32);call #Ultimate.allocInit(30bv32, 15bv32);call #Ultimate.allocInit(9bv32, 16bv32);call #Ultimate.allocInit(25bv32, 17bv32);call #Ultimate.allocInit(30bv32, 18bv32);call #Ultimate.allocInit(9bv32, 19bv32);call #Ultimate.allocInit(25bv32, 20bv32);call #Ultimate.allocInit(13bv32, 21bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(79bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 23bv32);call write~init~intINTTYPE1(79bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 23bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 23bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 24bv32);call write~init~intINTTYPE1(44bv8, 24bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 24bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 24bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 24bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 24bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 24bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 24bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 25bv32);call write~init~intINTTYPE1(79bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 26bv32);call write~init~intINTTYPE1(79bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(41bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(10bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~cleanupTimeShifts~0 := 4bv32; {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,873 INFO L290 TraceCheckUtils]: 1: Hoare triple {2220#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret53#1, main_~retValue_acc~11#1, main_~tmp~9#1;havoc main_~retValue_acc~11#1;havoc main_~tmp~9#1;assume { :begin_inline_select_helpers } true; {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,873 INFO L290 TraceCheckUtils]: 2: Hoare triple {2220#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,873 INFO L290 TraceCheckUtils]: 3: Hoare triple {2220#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~10#1;havoc valid_product_~retValue_acc~10#1;valid_product_~retValue_acc~10#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~10#1; {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,874 INFO L290 TraceCheckUtils]: 4: Hoare triple {2220#(= ~waterLevel~0 (_ bv1 32))} main_#t~ret53#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~9#1 := main_#t~ret53#1;havoc main_#t~ret53#1; {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,874 INFO L290 TraceCheckUtils]: 5: Hoare triple {2220#(= ~waterLevel~0 (_ bv1 32))} assume 0bv32 != main_~tmp~9#1;assume { :begin_inline_setup } true; {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,874 INFO L290 TraceCheckUtils]: 6: Hoare triple {2220#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet32#1, test_#t~nondet33#1, test_#t~nondet34#1, test_#t~nondet35#1, test_~splverifierCounter~0#1, test_~tmp~3#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~3#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,875 INFO L290 TraceCheckUtils]: 7: Hoare triple {2220#(= ~waterLevel~0 (_ bv1 32))} assume !false; {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,875 INFO L290 TraceCheckUtils]: 8: Hoare triple {2220#(= ~waterLevel~0 (_ bv1 32))} assume ~bvslt32(test_~splverifierCounter~0#1, 4bv32); {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,875 INFO L290 TraceCheckUtils]: 9: Hoare triple {2220#(= ~waterLevel~0 (_ bv1 32))} test_~tmp~3#1 := test_#t~nondet32#1;havoc test_#t~nondet32#1; {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,875 INFO L290 TraceCheckUtils]: 10: Hoare triple {2220#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != test_~tmp~3#1); {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,876 INFO L290 TraceCheckUtils]: 11: Hoare triple {2220#(= ~waterLevel~0 (_ bv1 32))} test_~tmp___0~0#1 := test_#t~nondet33#1;havoc test_#t~nondet33#1; {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,876 INFO L290 TraceCheckUtils]: 12: Hoare triple {2220#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___0~0#1); {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,876 INFO L290 TraceCheckUtils]: 13: Hoare triple {2220#(= ~waterLevel~0 (_ bv1 32))} test_~tmp___2~0#1 := test_#t~nondet34#1;havoc test_#t~nondet34#1; {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,877 INFO L290 TraceCheckUtils]: 14: Hoare triple {2220#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___2~0#1);test_~tmp___1~0#1 := test_#t~nondet35#1;havoc test_#t~nondet35#1; {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,877 INFO L290 TraceCheckUtils]: 15: Hoare triple {2220#(= ~waterLevel~0 (_ bv1 32))} assume 0bv32 != test_~tmp___1~0#1;assume { :begin_inline_stopSystem } true; {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,877 INFO L290 TraceCheckUtils]: 16: Hoare triple {2220#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,878 INFO L290 TraceCheckUtils]: 17: Hoare triple {2220#(= ~waterLevel~0 (_ bv1 32))} ~systemActive~0 := 0bv32; {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,878 INFO L290 TraceCheckUtils]: 18: Hoare triple {2220#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_stopSystem } true; {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,878 INFO L272 TraceCheckUtils]: 19: Hoare triple {2220#(= ~waterLevel~0 (_ bv1 32))} call timeShift(); {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,879 INFO L290 TraceCheckUtils]: 20: Hoare triple {2220#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,879 INFO L290 TraceCheckUtils]: 21: Hoare triple {2220#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != ~systemActive~0); {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,879 INFO L290 TraceCheckUtils]: 22: Hoare triple {2220#(= ~waterLevel~0 (_ bv1 32))} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_#t~ret51#1, __utac_acc__Specification3_spec__1_~tmp~8#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~8#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,880 INFO L272 TraceCheckUtils]: 23: Hoare triple {2220#(= ~waterLevel~0 (_ bv1 32))} call __utac_acc__Specification3_spec__1_#t~ret49#1 := isMethaneLevelCritical(); {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,880 INFO L290 TraceCheckUtils]: 24: Hoare triple {2220#(= ~waterLevel~0 (_ bv1 32))} havoc ~retValue_acc~0;~retValue_acc~0 := ~methaneLevelCritical~0;#res := ~retValue_acc~0; {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,880 INFO L290 TraceCheckUtils]: 25: Hoare triple {2220#(= ~waterLevel~0 (_ bv1 32))} assume true; {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,881 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {2220#(= ~waterLevel~0 (_ bv1 32))} {2220#(= ~waterLevel~0 (_ bv1 32))} #245#return; {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,881 INFO L290 TraceCheckUtils]: 27: Hoare triple {2220#(= ~waterLevel~0 (_ bv1 32))} __utac_acc__Specification3_spec__1_~tmp~8#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {2220#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:15,882 INFO L290 TraceCheckUtils]: 28: Hoare triple {2220#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~8#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~1#1;havoc getWaterLevel_~retValue_acc~1#1;getWaterLevel_~retValue_acc~1#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; {2305#(= |timeShift_getWaterLevel_#res#1| (_ bv1 32))} is VALID [2022-02-20 18:09:15,882 INFO L290 TraceCheckUtils]: 29: Hoare triple {2305#(= |timeShift_getWaterLevel_#res#1| (_ bv1 32))} __utac_acc__Specification3_spec__1_#t~ret50#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {2309#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~2#1| (_ bv1 32))} is VALID [2022-02-20 18:09:15,883 INFO L290 TraceCheckUtils]: 30: Hoare triple {2309#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~2#1| (_ bv1 32))} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {2216#false} is VALID [2022-02-20 18:09:15,883 INFO L290 TraceCheckUtils]: 31: Hoare triple {2216#false} __utac_acc__Specification3_spec__1_#t~ret51#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret51#1;havoc __utac_acc__Specification3_spec__1_#t~ret51#1; {2216#false} is VALID [2022-02-20 18:09:15,883 INFO L290 TraceCheckUtils]: 32: Hoare triple {2216#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {2216#false} is VALID [2022-02-20 18:09:15,883 INFO L290 TraceCheckUtils]: 33: Hoare triple {2216#false} assume !false; {2216#false} is VALID [2022-02-20 18:09:15,883 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:15,883 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:15,883 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:15,884 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [898721247] [2022-02-20 18:09:15,884 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [898721247] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:15,884 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:15,884 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 18:09:15,884 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [894961975] [2022-02-20 18:09:15,884 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:15,885 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-20 18:09:15,885 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:15,885 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:15,911 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 34 edges. 34 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:15,911 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 18:09:15,911 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:15,912 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 18:09:15,912 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 18:09:15,912 INFO L87 Difference]: Start difference. First operand 147 states and 191 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:16,188 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:16,189 INFO L93 Difference]: Finished difference Result 421 states and 560 transitions. [2022-02-20 18:09:16,189 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 18:09:16,189 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-20 18:09:16,189 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:16,189 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:16,192 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 289 transitions. [2022-02-20 18:09:16,193 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:16,196 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 289 transitions. [2022-02-20 18:09:16,196 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 289 transitions. [2022-02-20 18:09:16,397 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 289 edges. 289 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:16,404 INFO L225 Difference]: With dead ends: 421 [2022-02-20 18:09:16,404 INFO L226 Difference]: Without dead ends: 281 [2022-02-20 18:09:16,405 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 35 GetRequests, 30 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-02-20 18:09:16,406 INFO L933 BasicCegarLoop]: 111 mSDtfsCounter, 68 mSDsluCounter, 307 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 68 SdHoareTripleChecker+Valid, 418 SdHoareTripleChecker+Invalid, 27 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:16,406 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [68 Valid, 418 Invalid, 27 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:16,406 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 281 states. [2022-02-20 18:09:16,423 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 281 to 275. [2022-02-20 18:09:16,424 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:16,424 INFO L82 GeneralOperation]: Start isEquivalent. First operand 281 states. Second operand has 275 states, 192 states have (on average 1.3229166666666667) internal successors, (254), 219 states have internal predecessors, (254), 52 states have call successors, (52), 32 states have call predecessors, (52), 30 states have return successors, (54), 32 states have call predecessors, (54), 52 states have call successors, (54) [2022-02-20 18:09:16,425 INFO L74 IsIncluded]: Start isIncluded. First operand 281 states. Second operand has 275 states, 192 states have (on average 1.3229166666666667) internal successors, (254), 219 states have internal predecessors, (254), 52 states have call successors, (52), 32 states have call predecessors, (52), 30 states have return successors, (54), 32 states have call predecessors, (54), 52 states have call successors, (54) [2022-02-20 18:09:16,426 INFO L87 Difference]: Start difference. First operand 281 states. Second operand has 275 states, 192 states have (on average 1.3229166666666667) internal successors, (254), 219 states have internal predecessors, (254), 52 states have call successors, (52), 32 states have call predecessors, (52), 30 states have return successors, (54), 32 states have call predecessors, (54), 52 states have call successors, (54) [2022-02-20 18:09:16,434 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:16,434 INFO L93 Difference]: Finished difference Result 281 states and 366 transitions. [2022-02-20 18:09:16,434 INFO L276 IsEmpty]: Start isEmpty. Operand 281 states and 366 transitions. [2022-02-20 18:09:16,435 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:16,435 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:16,436 INFO L74 IsIncluded]: Start isIncluded. First operand has 275 states, 192 states have (on average 1.3229166666666667) internal successors, (254), 219 states have internal predecessors, (254), 52 states have call successors, (52), 32 states have call predecessors, (52), 30 states have return successors, (54), 32 states have call predecessors, (54), 52 states have call successors, (54) Second operand 281 states. [2022-02-20 18:09:16,437 INFO L87 Difference]: Start difference. First operand has 275 states, 192 states have (on average 1.3229166666666667) internal successors, (254), 219 states have internal predecessors, (254), 52 states have call successors, (52), 32 states have call predecessors, (52), 30 states have return successors, (54), 32 states have call predecessors, (54), 52 states have call successors, (54) Second operand 281 states. [2022-02-20 18:09:16,444 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:16,445 INFO L93 Difference]: Finished difference Result 281 states and 366 transitions. [2022-02-20 18:09:16,445 INFO L276 IsEmpty]: Start isEmpty. Operand 281 states and 366 transitions. [2022-02-20 18:09:16,461 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:16,462 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:16,462 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:16,462 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:16,463 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 275 states, 192 states have (on average 1.3229166666666667) internal successors, (254), 219 states have internal predecessors, (254), 52 states have call successors, (52), 32 states have call predecessors, (52), 30 states have return successors, (54), 32 states have call predecessors, (54), 52 states have call successors, (54) [2022-02-20 18:09:16,471 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 275 states to 275 states and 360 transitions. [2022-02-20 18:09:16,471 INFO L78 Accepts]: Start accepts. Automaton has 275 states and 360 transitions. Word has length 34 [2022-02-20 18:09:16,472 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:16,472 INFO L470 AbstractCegarLoop]: Abstraction has 275 states and 360 transitions. [2022-02-20 18:09:16,472 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:16,472 INFO L276 IsEmpty]: Start isEmpty. Operand 275 states and 360 transitions. [2022-02-20 18:09:16,473 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-02-20 18:09:16,473 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:16,473 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:16,495 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Forceful destruction successful, exit code 0 [2022-02-20 18:09:16,679 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:16,680 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:16,680 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:16,680 INFO L85 PathProgramCache]: Analyzing trace with hash -2133609996, now seen corresponding path program 1 times [2022-02-20 18:09:16,681 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:16,681 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [685209091] [2022-02-20 18:09:16,681 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:16,681 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:16,682 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:16,682 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:16,688 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Waiting until timeout for monitored process [2022-02-20 18:09:16,776 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:09:16,776 INFO L352 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2022-02-20 18:09:16,812 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:09:16,868 INFO L138 FreeRefinementEngine]: Strategy WOLF found a feasible trace [2022-02-20 18:09:16,868 INFO L628 BasicCegarLoop]: Counterexample is feasible [2022-02-20 18:09:16,869 INFO L764 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-02-20 18:09:16,903 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Forceful destruction successful, exit code 0 [2022-02-20 18:09:17,078 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:17,080 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1] [2022-02-20 18:09:17,082 INFO L180 ceAbstractionStarter]: Computing trace abstraction results [2022-02-20 18:09:17,123 FATAL L489 DefaultTranslator]: Callstack has procedure call flag but succeeding procedure is empty at [CALL] call waterRise(); [2022-02-20 18:09:17,124 FATAL L? ?]: The Plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction has thrown an exception: java.lang.AssertionError: callstack broken after backtranslation by InlinerBacktranslator at de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:216) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:206) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getProgramExecutionAsString(CounterExampleResult.java:155) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getLongDescription(CounterExampleResult.java:134) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ResultService.reportResult(ResultService.java:86) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.CegarLoopResultReporter.reportResult(CegarLoopResultReporter.java:141) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.reportLocationResults(TraceAbstractionStarter.java:607) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.runCegarLoops(TraceAbstractionStarter.java:182) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.(TraceAbstractionStarter.java:156) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver.finish(TraceAbstractionObserver.java:123) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runObserver(PluginConnector.java:168) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runTool(PluginConnector.java:151) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.run(PluginConnector.java:128) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.executePluginConnector(ToolchainWalker.java:232) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.processPlugin(ToolchainWalker.java:226) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walkUnprotected(ToolchainWalker.java:142) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walk(ToolchainWalker.java:104) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainManager$Toolchain.processToolchain(ToolchainManager.java:320) at de.uni_freiburg.informatik.ultimate.core.coreplugin.toolchain.DefaultToolchainJob.run(DefaultToolchainJob.java:145) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:63) [2022-02-20 18:09:17,127 INFO L158 Benchmark]: Toolchain (without parser) took 5366.14ms. Allocated memory was 54.5MB in the beginning and 123.7MB in the end (delta: 69.2MB). Free memory was 31.1MB in the beginning and 84.7MB in the end (delta: -53.7MB). Peak memory consumption was 13.7MB. Max. memory is 16.1GB. [2022-02-20 18:09:17,127 INFO L158 Benchmark]: CDTParser took 0.16ms. Allocated memory is still 54.5MB. Free memory was 36.1MB in the beginning and 36.0MB in the end (delta: 51.3kB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:09:17,127 INFO L158 Benchmark]: CACSL2BoogieTranslator took 613.21ms. Allocated memory was 54.5MB in the beginning and 96.5MB in the end (delta: 41.9MB). Free memory was 30.8MB in the beginning and 61.2MB in the end (delta: -30.4MB). Peak memory consumption was 11.9MB. Max. memory is 16.1GB. [2022-02-20 18:09:17,127 INFO L158 Benchmark]: Boogie Procedure Inliner took 73.17ms. Allocated memory is still 96.5MB. Free memory was 61.2MB in the beginning and 58.4MB in the end (delta: 2.8MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-02-20 18:09:17,127 INFO L158 Benchmark]: Boogie Preprocessor took 58.62ms. Allocated memory is still 96.5MB. Free memory was 58.4MB in the beginning and 56.7MB in the end (delta: 1.7MB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:09:17,128 INFO L158 Benchmark]: RCFGBuilder took 540.22ms. Allocated memory is still 96.5MB. Free memory was 56.6MB in the beginning and 62.1MB in the end (delta: -5.6MB). Peak memory consumption was 5.6MB. Max. memory is 16.1GB. [2022-02-20 18:09:17,128 INFO L158 Benchmark]: TraceAbstraction took 4073.92ms. Allocated memory was 96.5MB in the beginning and 123.7MB in the end (delta: 27.3MB). Free memory was 61.7MB in the beginning and 84.7MB in the end (delta: -23.1MB). Peak memory consumption was 3.9MB. Max. memory is 16.1GB. [2022-02-20 18:09:17,130 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.16ms. Allocated memory is still 54.5MB. Free memory was 36.1MB in the beginning and 36.0MB in the end (delta: 51.3kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 613.21ms. Allocated memory was 54.5MB in the beginning and 96.5MB in the end (delta: 41.9MB). Free memory was 30.8MB in the beginning and 61.2MB in the end (delta: -30.4MB). Peak memory consumption was 11.9MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 73.17ms. Allocated memory is still 96.5MB. Free memory was 61.2MB in the beginning and 58.4MB in the end (delta: 2.8MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 58.62ms. Allocated memory is still 96.5MB. Free memory was 58.4MB in the beginning and 56.7MB in the end (delta: 1.7MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 540.22ms. Allocated memory is still 96.5MB. Free memory was 56.6MB in the beginning and 62.1MB in the end (delta: -5.6MB). Peak memory consumption was 5.6MB. Max. memory is 16.1GB. * TraceAbstraction took 4073.92ms. Allocated memory was 96.5MB in the beginning and 123.7MB in the end (delta: 27.3MB). Free memory was 61.7MB in the beginning and 84.7MB in the end (delta: -23.1MB). Peak memory consumption was 3.9MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: AssertionError: callstack broken after backtranslation by InlinerBacktranslator: de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) RESULT: Ultimate could not prove your program: Toolchain returned no result. [2022-02-20 18:09:17,176 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: ERROR: ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator