./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec3_product35.cil.c --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 03d7b7b3 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_product35.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash e7448e2a4dcf9053e3462616ae6225740bd78f5c7802032dea6a738b62c6fd6a --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 18:09:08,495 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 18:09:08,497 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 18:09:08,529 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 18:09:08,530 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 18:09:08,533 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 18:09:08,535 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 18:09:08,537 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 18:09:08,539 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 18:09:08,542 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 18:09:08,543 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 18:09:08,545 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 18:09:08,545 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 18:09:08,552 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 18:09:08,554 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 18:09:08,555 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 18:09:08,557 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 18:09:08,557 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 18:09:08,559 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 18:09:08,561 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 18:09:08,562 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 18:09:08,563 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 18:09:08,564 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 18:09:08,564 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 18:09:08,566 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 18:09:08,566 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 18:09:08,567 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 18:09:08,567 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 18:09:08,568 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 18:09:08,568 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 18:09:08,569 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 18:09:08,569 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 18:09:08,570 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 18:09:08,570 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 18:09:08,571 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 18:09:08,571 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 18:09:08,572 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 18:09:08,572 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 18:09:08,572 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 18:09:08,573 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 18:09:08,574 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 18:09:08,582 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-02-20 18:09:08,616 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 18:09:08,617 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 18:09:08,617 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 18:09:08,618 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 18:09:08,619 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 18:09:08,619 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 18:09:08,619 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 18:09:08,620 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 18:09:08,620 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 18:09:08,620 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 18:09:08,621 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 18:09:08,621 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 18:09:08,621 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 18:09:08,621 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 18:09:08,622 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-02-20 18:09:08,622 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 18:09:08,622 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-02-20 18:09:08,622 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 18:09:08,622 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-02-20 18:09:08,622 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 18:09:08,623 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-02-20 18:09:08,623 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 18:09:08,623 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 18:09:08,623 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 18:09:08,624 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:09:08,624 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 18:09:08,624 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 18:09:08,624 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-02-20 18:09:08,624 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-02-20 18:09:08,625 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-02-20 18:09:08,625 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2022-02-20 18:09:08,625 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-02-20 18:09:08,625 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-02-20 18:09:08,625 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> e7448e2a4dcf9053e3462616ae6225740bd78f5c7802032dea6a738b62c6fd6a [2022-02-20 18:09:08,862 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 18:09:08,882 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 18:09:08,885 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 18:09:08,886 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 18:09:08,886 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 18:09:08,888 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_product35.cil.c [2022-02-20 18:09:08,952 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/4ee8a590f/3cb068d6680e4a768da7c2ded1ad531e/FLAGcf8ccec29 [2022-02-20 18:09:09,420 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 18:09:09,421 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product35.cil.c [2022-02-20 18:09:09,435 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/4ee8a590f/3cb068d6680e4a768da7c2ded1ad531e/FLAGcf8ccec29 [2022-02-20 18:09:09,751 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/4ee8a590f/3cb068d6680e4a768da7c2ded1ad531e [2022-02-20 18:09:09,755 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 18:09:09,757 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 18:09:09,762 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 18:09:09,762 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 18:09:09,765 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 18:09:09,767 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:09:09" (1/1) ... [2022-02-20 18:09:09,769 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@34c30278 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:09, skipping insertion in model container [2022-02-20 18:09:09,769 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:09:09" (1/1) ... [2022-02-20 18:09:09,776 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 18:09:09,823 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:09:10,042 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product35.cil.c[8262,8275] [2022-02-20 18:09:10,112 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:09:10,132 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 18:09:10,205 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product35.cil.c[8262,8275] [2022-02-20 18:09:10,255 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:09:10,274 INFO L208 MainTranslator]: Completed translation [2022-02-20 18:09:10,275 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:10 WrapperNode [2022-02-20 18:09:10,275 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 18:09:10,277 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 18:09:10,277 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 18:09:10,277 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 18:09:10,284 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:10" (1/1) ... [2022-02-20 18:09:10,302 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:10" (1/1) ... [2022-02-20 18:09:10,333 INFO L137 Inliner]: procedures = 53, calls = 152, calls flagged for inlining = 22, calls inlined = 19, statements flattened = 236 [2022-02-20 18:09:10,334 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 18:09:10,335 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 18:09:10,335 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 18:09:10,335 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 18:09:10,343 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:10" (1/1) ... [2022-02-20 18:09:10,343 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:10" (1/1) ... [2022-02-20 18:09:10,346 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:10" (1/1) ... [2022-02-20 18:09:10,346 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:10" (1/1) ... [2022-02-20 18:09:10,353 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:10" (1/1) ... [2022-02-20 18:09:10,358 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:10" (1/1) ... [2022-02-20 18:09:10,360 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:10" (1/1) ... [2022-02-20 18:09:10,362 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 18:09:10,363 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 18:09:10,363 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 18:09:10,363 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 18:09:10,364 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:10" (1/1) ... [2022-02-20 18:09:10,386 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:09:10,395 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 18:09:10,459 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 18:09:10,461 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 18:09:10,492 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 18:09:10,492 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-02-20 18:09:10,492 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-02-20 18:09:10,493 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-02-20 18:09:10,493 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-02-20 18:09:10,493 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-02-20 18:09:10,493 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-02-20 18:09:10,493 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-02-20 18:09:10,493 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-02-20 18:09:10,494 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-02-20 18:09:10,494 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-02-20 18:09:10,494 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-02-20 18:09:10,494 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-02-20 18:09:10,494 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-02-20 18:09:10,494 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 18:09:10,495 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 18:09:10,561 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 18:09:10,563 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 18:09:10,936 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 18:09:10,944 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 18:09:10,953 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-02-20 18:09:10,955 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:09:10 BoogieIcfgContainer [2022-02-20 18:09:10,955 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 18:09:10,957 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 18:09:10,957 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 18:09:10,963 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 18:09:10,963 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 06:09:09" (1/3) ... [2022-02-20 18:09:10,964 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@72f510cc and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:09:10, skipping insertion in model container [2022-02-20 18:09:10,964 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:10" (2/3) ... [2022-02-20 18:09:10,964 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@72f510cc and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:09:10, skipping insertion in model container [2022-02-20 18:09:10,964 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:09:10" (3/3) ... [2022-02-20 18:09:10,965 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product35.cil.c [2022-02-20 18:09:10,969 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 18:09:10,970 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-02-20 18:09:11,017 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 18:09:11,023 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 18:09:11,023 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-02-20 18:09:11,054 INFO L276 IsEmpty]: Start isEmpty. Operand has 80 states, 63 states have (on average 1.3968253968253967) internal successors, (88), 69 states have internal predecessors, (88), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:09:11,061 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 18:09:11,061 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:11,062 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:11,062 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:11,067 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:11,068 INFO L85 PathProgramCache]: Analyzing trace with hash -815916640, now seen corresponding path program 1 times [2022-02-20 18:09:11,078 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:11,078 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1714600720] [2022-02-20 18:09:11,078 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:11,079 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:11,197 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:11,308 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-02-20 18:09:11,311 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:11,322 INFO L290 TraceCheckUtils]: 0: Hoare triple {83#true} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {83#true} is VALID [2022-02-20 18:09:11,323 INFO L290 TraceCheckUtils]: 1: Hoare triple {83#true} assume true; {83#true} is VALID [2022-02-20 18:09:11,323 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {83#true} {84#false} #223#return; {84#false} is VALID [2022-02-20 18:09:11,331 INFO L290 TraceCheckUtils]: 0: Hoare triple {83#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(3, 5);call write~init~int(79, 5, 0, 1);call write~init~int(110, 5, 1, 1);call write~init~int(0, 5, 2, 1);call #Ultimate.allocInit(4, 6);call write~init~int(79, 6, 0, 1);call write~init~int(102, 6, 1, 1);call write~init~int(102, 6, 2, 1);call write~init~int(0, 6, 3, 1);call #Ultimate.allocInit(7, 7);call write~init~int(44, 7, 0, 1);call write~init~int(80, 7, 1, 1);call write~init~int(117, 7, 2, 1);call write~init~int(109, 7, 3, 1);call write~init~int(112, 7, 4, 1);call write~init~int(58, 7, 5, 1);call write~init~int(0, 7, 6, 1);call #Ultimate.allocInit(3, 8);call write~init~int(79, 8, 0, 1);call write~init~int(110, 8, 1, 1);call write~init~int(0, 8, 2, 1);call #Ultimate.allocInit(4, 9);call write~init~int(79, 9, 0, 1);call write~init~int(102, 9, 1, 1);call write~init~int(102, 9, 2, 1);call write~init~int(0, 9, 3, 1);call #Ultimate.allocInit(3, 10);call write~init~int(41, 10, 0, 1);call write~init~int(32, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(2, 11);call write~init~int(10, 11, 0, 1);call write~init~int(0, 11, 1, 1);call #Ultimate.allocInit(13, 12);call #Ultimate.allocInit(7, 13);call write~init~int(44, 13, 0, 1);call write~init~int(77, 13, 1, 1);call write~init~int(101, 13, 2, 1);call write~init~int(116, 13, 3, 1);call write~init~int(104, 13, 4, 1);call write~init~int(58, 13, 5, 1);call write~init~int(0, 13, 6, 1);call #Ultimate.allocInit(5, 14);call write~init~int(67, 14, 0, 1);call write~init~int(82, 14, 1, 1);call write~init~int(73, 14, 2, 1);call write~init~int(84, 14, 3, 1);call write~init~int(0, 14, 4, 1);call #Ultimate.allocInit(3, 15);call write~init~int(79, 15, 0, 1);call write~init~int(75, 15, 1, 1);call write~init~int(0, 15, 2, 1);call #Ultimate.allocInit(2, 16);call write~init~int(41, 16, 0, 1);call write~init~int(0, 16, 1, 1);call #Ultimate.allocInit(30, 17);call #Ultimate.allocInit(9, 18);call #Ultimate.allocInit(21, 19);call #Ultimate.allocInit(30, 20);call #Ultimate.allocInit(9, 21);call #Ultimate.allocInit(21, 22);call #Ultimate.allocInit(30, 23);call #Ultimate.allocInit(9, 24);call #Ultimate.allocInit(25, 25);call #Ultimate.allocInit(30, 26);call #Ultimate.allocInit(9, 27);call #Ultimate.allocInit(25, 28);~pumpRunning~0 := 0;~systemActive~0 := 1;~cleanupTimeShifts~0 := 4;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~head~0.base, ~head~0.offset := 0, 0; {83#true} is VALID [2022-02-20 18:09:11,333 INFO L290 TraceCheckUtils]: 1: Hoare triple {83#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret22#1, main_~retValue_acc~3#1, main_~tmp~4#1;havoc main_~retValue_acc~3#1;havoc main_~tmp~4#1;assume { :begin_inline_select_helpers } true; {83#true} is VALID [2022-02-20 18:09:11,333 INFO L290 TraceCheckUtils]: 2: Hoare triple {83#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {83#true} is VALID [2022-02-20 18:09:11,334 INFO L290 TraceCheckUtils]: 3: Hoare triple {83#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~8#1;havoc valid_product_~retValue_acc~8#1;valid_product_~retValue_acc~8#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~8#1; {83#true} is VALID [2022-02-20 18:09:11,334 INFO L290 TraceCheckUtils]: 4: Hoare triple {83#true} main_#t~ret22#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret22#1 && main_#t~ret22#1 <= 2147483647;main_~tmp~4#1 := main_#t~ret22#1;havoc main_#t~ret22#1; {83#true} is VALID [2022-02-20 18:09:11,335 INFO L290 TraceCheckUtils]: 5: Hoare triple {83#true} assume 0 != main_~tmp~4#1;assume { :begin_inline_setup } true; {83#true} is VALID [2022-02-20 18:09:11,335 INFO L290 TraceCheckUtils]: 6: Hoare triple {83#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet4#1, test_#t~nondet5#1, test_#t~nondet6#1, test_#t~nondet7#1, test_~splverifierCounter~0#1, test_~tmp~0#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~0#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {83#true} is VALID [2022-02-20 18:09:11,336 INFO L290 TraceCheckUtils]: 7: Hoare triple {83#true} assume !true; {84#false} is VALID [2022-02-20 18:09:11,337 INFO L272 TraceCheckUtils]: 8: Hoare triple {84#false} call cleanup(); {84#false} is VALID [2022-02-20 18:09:11,337 INFO L290 TraceCheckUtils]: 9: Hoare triple {84#false} havoc ~i~0;havoc ~__cil_tmp2~0; {84#false} is VALID [2022-02-20 18:09:11,338 INFO L272 TraceCheckUtils]: 10: Hoare triple {84#false} call timeShift(); {84#false} is VALID [2022-02-20 18:09:11,338 INFO L290 TraceCheckUtils]: 11: Hoare triple {84#false} assume !(0 != ~pumpRunning~0); {84#false} is VALID [2022-02-20 18:09:11,339 INFO L290 TraceCheckUtils]: 12: Hoare triple {84#false} assume !(0 != ~systemActive~0); {84#false} is VALID [2022-02-20 18:09:11,339 INFO L290 TraceCheckUtils]: 13: Hoare triple {84#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret19#1, __utac_acc__Specification3_spec__1_#t~ret20#1, __utac_acc__Specification3_spec__1_#t~ret21#1, __utac_acc__Specification3_spec__1_~tmp~3#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {84#false} is VALID [2022-02-20 18:09:11,340 INFO L272 TraceCheckUtils]: 14: Hoare triple {84#false} call __utac_acc__Specification3_spec__1_#t~ret19#1 := isMethaneLevelCritical(); {83#true} is VALID [2022-02-20 18:09:11,340 INFO L290 TraceCheckUtils]: 15: Hoare triple {83#true} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {83#true} is VALID [2022-02-20 18:09:11,340 INFO L290 TraceCheckUtils]: 16: Hoare triple {83#true} assume true; {83#true} is VALID [2022-02-20 18:09:11,340 INFO L284 TraceCheckUtils]: 17: Hoare quadruple {83#true} {84#false} #223#return; {84#false} is VALID [2022-02-20 18:09:11,340 INFO L290 TraceCheckUtils]: 18: Hoare triple {84#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret19#1 && __utac_acc__Specification3_spec__1_#t~ret19#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~3#1 := __utac_acc__Specification3_spec__1_#t~ret19#1;havoc __utac_acc__Specification3_spec__1_#t~ret19#1; {84#false} is VALID [2022-02-20 18:09:11,341 INFO L290 TraceCheckUtils]: 19: Hoare triple {84#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~3#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~5#1;havoc getWaterLevel_~retValue_acc~5#1;getWaterLevel_~retValue_acc~5#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~5#1; {84#false} is VALID [2022-02-20 18:09:11,341 INFO L290 TraceCheckUtils]: 20: Hoare triple {84#false} __utac_acc__Specification3_spec__1_#t~ret20#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret20#1 && __utac_acc__Specification3_spec__1_#t~ret20#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret20#1;havoc __utac_acc__Specification3_spec__1_#t~ret20#1; {84#false} is VALID [2022-02-20 18:09:11,341 INFO L290 TraceCheckUtils]: 21: Hoare triple {84#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~1#1;havoc isPumpRunning_~retValue_acc~1#1;isPumpRunning_~retValue_acc~1#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~1#1; {84#false} is VALID [2022-02-20 18:09:11,341 INFO L290 TraceCheckUtils]: 22: Hoare triple {84#false} __utac_acc__Specification3_spec__1_#t~ret21#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret21#1 && __utac_acc__Specification3_spec__1_#t~ret21#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret21#1;havoc __utac_acc__Specification3_spec__1_#t~ret21#1; {84#false} is VALID [2022-02-20 18:09:11,341 INFO L290 TraceCheckUtils]: 23: Hoare triple {84#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {84#false} is VALID [2022-02-20 18:09:11,342 INFO L290 TraceCheckUtils]: 24: Hoare triple {84#false} assume !false; {84#false} is VALID [2022-02-20 18:09:11,342 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:11,343 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:11,343 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1714600720] [2022-02-20 18:09:11,344 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1714600720] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:11,344 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:11,344 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:09:11,345 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [805652948] [2022-02-20 18:09:11,346 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:11,350 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:09:11,351 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:11,354 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:11,398 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:11,399 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-02-20 18:09:11,400 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:11,425 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-02-20 18:09:11,427 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:09:11,431 INFO L87 Difference]: Start difference. First operand has 80 states, 63 states have (on average 1.3968253968253967) internal successors, (88), 69 states have internal predecessors, (88), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:11,577 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:11,578 INFO L93 Difference]: Finished difference Result 152 states and 207 transitions. [2022-02-20 18:09:11,578 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-02-20 18:09:11,578 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:09:11,579 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:11,580 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:11,592 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 207 transitions. [2022-02-20 18:09:11,599 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:11,613 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 207 transitions. [2022-02-20 18:09:11,614 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 207 transitions. [2022-02-20 18:09:11,801 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 207 edges. 207 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:11,824 INFO L225 Difference]: With dead ends: 152 [2022-02-20 18:09:11,824 INFO L226 Difference]: Without dead ends: 71 [2022-02-20 18:09:11,829 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:09:11,832 INFO L933 BasicCegarLoop]: 100 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 100 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:11,833 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 100 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:11,849 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 71 states. [2022-02-20 18:09:11,866 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 71 to 71. [2022-02-20 18:09:11,866 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:11,868 INFO L82 GeneralOperation]: Start isEquivalent. First operand 71 states. Second operand has 71 states, 56 states have (on average 1.3214285714285714) internal successors, (74), 61 states have internal predecessors, (74), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:09:11,869 INFO L74 IsIncluded]: Start isIncluded. First operand 71 states. Second operand has 71 states, 56 states have (on average 1.3214285714285714) internal successors, (74), 61 states have internal predecessors, (74), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:09:11,870 INFO L87 Difference]: Start difference. First operand 71 states. Second operand has 71 states, 56 states have (on average 1.3214285714285714) internal successors, (74), 61 states have internal predecessors, (74), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:09:11,876 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:11,876 INFO L93 Difference]: Finished difference Result 71 states and 91 transitions. [2022-02-20 18:09:11,877 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 91 transitions. [2022-02-20 18:09:11,878 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:11,878 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:11,879 INFO L74 IsIncluded]: Start isIncluded. First operand has 71 states, 56 states have (on average 1.3214285714285714) internal successors, (74), 61 states have internal predecessors, (74), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) Second operand 71 states. [2022-02-20 18:09:11,880 INFO L87 Difference]: Start difference. First operand has 71 states, 56 states have (on average 1.3214285714285714) internal successors, (74), 61 states have internal predecessors, (74), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) Second operand 71 states. [2022-02-20 18:09:11,885 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:11,885 INFO L93 Difference]: Finished difference Result 71 states and 91 transitions. [2022-02-20 18:09:11,885 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 91 transitions. [2022-02-20 18:09:11,887 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:11,887 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:11,887 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:11,887 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:11,888 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 71 states, 56 states have (on average 1.3214285714285714) internal successors, (74), 61 states have internal predecessors, (74), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:09:11,892 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 71 states to 71 states and 91 transitions. [2022-02-20 18:09:11,894 INFO L78 Accepts]: Start accepts. Automaton has 71 states and 91 transitions. Word has length 25 [2022-02-20 18:09:11,894 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:11,895 INFO L470 AbstractCegarLoop]: Abstraction has 71 states and 91 transitions. [2022-02-20 18:09:11,895 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:11,895 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 91 transitions. [2022-02-20 18:09:11,903 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-02-20 18:09:11,903 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:11,903 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:11,903 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-02-20 18:09:11,905 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:11,908 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:11,908 INFO L85 PathProgramCache]: Analyzing trace with hash -1245391523, now seen corresponding path program 1 times [2022-02-20 18:09:11,909 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:11,909 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [264777047] [2022-02-20 18:09:11,909 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:11,910 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:11,940 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:11,994 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2022-02-20 18:09:11,997 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:12,000 INFO L290 TraceCheckUtils]: 0: Hoare triple {553#true} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {553#true} is VALID [2022-02-20 18:09:12,000 INFO L290 TraceCheckUtils]: 1: Hoare triple {553#true} assume true; {553#true} is VALID [2022-02-20 18:09:12,000 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {553#true} {554#false} #223#return; {554#false} is VALID [2022-02-20 18:09:12,001 INFO L290 TraceCheckUtils]: 0: Hoare triple {553#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(3, 5);call write~init~int(79, 5, 0, 1);call write~init~int(110, 5, 1, 1);call write~init~int(0, 5, 2, 1);call #Ultimate.allocInit(4, 6);call write~init~int(79, 6, 0, 1);call write~init~int(102, 6, 1, 1);call write~init~int(102, 6, 2, 1);call write~init~int(0, 6, 3, 1);call #Ultimate.allocInit(7, 7);call write~init~int(44, 7, 0, 1);call write~init~int(80, 7, 1, 1);call write~init~int(117, 7, 2, 1);call write~init~int(109, 7, 3, 1);call write~init~int(112, 7, 4, 1);call write~init~int(58, 7, 5, 1);call write~init~int(0, 7, 6, 1);call #Ultimate.allocInit(3, 8);call write~init~int(79, 8, 0, 1);call write~init~int(110, 8, 1, 1);call write~init~int(0, 8, 2, 1);call #Ultimate.allocInit(4, 9);call write~init~int(79, 9, 0, 1);call write~init~int(102, 9, 1, 1);call write~init~int(102, 9, 2, 1);call write~init~int(0, 9, 3, 1);call #Ultimate.allocInit(3, 10);call write~init~int(41, 10, 0, 1);call write~init~int(32, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(2, 11);call write~init~int(10, 11, 0, 1);call write~init~int(0, 11, 1, 1);call #Ultimate.allocInit(13, 12);call #Ultimate.allocInit(7, 13);call write~init~int(44, 13, 0, 1);call write~init~int(77, 13, 1, 1);call write~init~int(101, 13, 2, 1);call write~init~int(116, 13, 3, 1);call write~init~int(104, 13, 4, 1);call write~init~int(58, 13, 5, 1);call write~init~int(0, 13, 6, 1);call #Ultimate.allocInit(5, 14);call write~init~int(67, 14, 0, 1);call write~init~int(82, 14, 1, 1);call write~init~int(73, 14, 2, 1);call write~init~int(84, 14, 3, 1);call write~init~int(0, 14, 4, 1);call #Ultimate.allocInit(3, 15);call write~init~int(79, 15, 0, 1);call write~init~int(75, 15, 1, 1);call write~init~int(0, 15, 2, 1);call #Ultimate.allocInit(2, 16);call write~init~int(41, 16, 0, 1);call write~init~int(0, 16, 1, 1);call #Ultimate.allocInit(30, 17);call #Ultimate.allocInit(9, 18);call #Ultimate.allocInit(21, 19);call #Ultimate.allocInit(30, 20);call #Ultimate.allocInit(9, 21);call #Ultimate.allocInit(21, 22);call #Ultimate.allocInit(30, 23);call #Ultimate.allocInit(9, 24);call #Ultimate.allocInit(25, 25);call #Ultimate.allocInit(30, 26);call #Ultimate.allocInit(9, 27);call #Ultimate.allocInit(25, 28);~pumpRunning~0 := 0;~systemActive~0 := 1;~cleanupTimeShifts~0 := 4;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~head~0.base, ~head~0.offset := 0, 0; {553#true} is VALID [2022-02-20 18:09:12,001 INFO L290 TraceCheckUtils]: 1: Hoare triple {553#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret22#1, main_~retValue_acc~3#1, main_~tmp~4#1;havoc main_~retValue_acc~3#1;havoc main_~tmp~4#1;assume { :begin_inline_select_helpers } true; {553#true} is VALID [2022-02-20 18:09:12,001 INFO L290 TraceCheckUtils]: 2: Hoare triple {553#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {553#true} is VALID [2022-02-20 18:09:12,001 INFO L290 TraceCheckUtils]: 3: Hoare triple {553#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~8#1;havoc valid_product_~retValue_acc~8#1;valid_product_~retValue_acc~8#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~8#1; {553#true} is VALID [2022-02-20 18:09:12,002 INFO L290 TraceCheckUtils]: 4: Hoare triple {553#true} main_#t~ret22#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret22#1 && main_#t~ret22#1 <= 2147483647;main_~tmp~4#1 := main_#t~ret22#1;havoc main_#t~ret22#1; {553#true} is VALID [2022-02-20 18:09:12,002 INFO L290 TraceCheckUtils]: 5: Hoare triple {553#true} assume 0 != main_~tmp~4#1;assume { :begin_inline_setup } true; {553#true} is VALID [2022-02-20 18:09:12,002 INFO L290 TraceCheckUtils]: 6: Hoare triple {553#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet4#1, test_#t~nondet5#1, test_#t~nondet6#1, test_#t~nondet7#1, test_~splverifierCounter~0#1, test_~tmp~0#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~0#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {555#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:09:12,003 INFO L290 TraceCheckUtils]: 7: Hoare triple {555#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !false; {555#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:09:12,004 INFO L290 TraceCheckUtils]: 8: Hoare triple {555#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !(test_~splverifierCounter~0#1 < 4); {554#false} is VALID [2022-02-20 18:09:12,004 INFO L272 TraceCheckUtils]: 9: Hoare triple {554#false} call cleanup(); {554#false} is VALID [2022-02-20 18:09:12,004 INFO L290 TraceCheckUtils]: 10: Hoare triple {554#false} havoc ~i~0;havoc ~__cil_tmp2~0; {554#false} is VALID [2022-02-20 18:09:12,004 INFO L272 TraceCheckUtils]: 11: Hoare triple {554#false} call timeShift(); {554#false} is VALID [2022-02-20 18:09:12,004 INFO L290 TraceCheckUtils]: 12: Hoare triple {554#false} assume !(0 != ~pumpRunning~0); {554#false} is VALID [2022-02-20 18:09:12,005 INFO L290 TraceCheckUtils]: 13: Hoare triple {554#false} assume !(0 != ~systemActive~0); {554#false} is VALID [2022-02-20 18:09:12,005 INFO L290 TraceCheckUtils]: 14: Hoare triple {554#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret19#1, __utac_acc__Specification3_spec__1_#t~ret20#1, __utac_acc__Specification3_spec__1_#t~ret21#1, __utac_acc__Specification3_spec__1_~tmp~3#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {554#false} is VALID [2022-02-20 18:09:12,005 INFO L272 TraceCheckUtils]: 15: Hoare triple {554#false} call __utac_acc__Specification3_spec__1_#t~ret19#1 := isMethaneLevelCritical(); {553#true} is VALID [2022-02-20 18:09:12,005 INFO L290 TraceCheckUtils]: 16: Hoare triple {553#true} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {553#true} is VALID [2022-02-20 18:09:12,006 INFO L290 TraceCheckUtils]: 17: Hoare triple {553#true} assume true; {553#true} is VALID [2022-02-20 18:09:12,006 INFO L284 TraceCheckUtils]: 18: Hoare quadruple {553#true} {554#false} #223#return; {554#false} is VALID [2022-02-20 18:09:12,006 INFO L290 TraceCheckUtils]: 19: Hoare triple {554#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret19#1 && __utac_acc__Specification3_spec__1_#t~ret19#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~3#1 := __utac_acc__Specification3_spec__1_#t~ret19#1;havoc __utac_acc__Specification3_spec__1_#t~ret19#1; {554#false} is VALID [2022-02-20 18:09:12,006 INFO L290 TraceCheckUtils]: 20: Hoare triple {554#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~3#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~5#1;havoc getWaterLevel_~retValue_acc~5#1;getWaterLevel_~retValue_acc~5#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~5#1; {554#false} is VALID [2022-02-20 18:09:12,007 INFO L290 TraceCheckUtils]: 21: Hoare triple {554#false} __utac_acc__Specification3_spec__1_#t~ret20#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret20#1 && __utac_acc__Specification3_spec__1_#t~ret20#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret20#1;havoc __utac_acc__Specification3_spec__1_#t~ret20#1; {554#false} is VALID [2022-02-20 18:09:12,007 INFO L290 TraceCheckUtils]: 22: Hoare triple {554#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~1#1;havoc isPumpRunning_~retValue_acc~1#1;isPumpRunning_~retValue_acc~1#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~1#1; {554#false} is VALID [2022-02-20 18:09:12,011 INFO L290 TraceCheckUtils]: 23: Hoare triple {554#false} __utac_acc__Specification3_spec__1_#t~ret21#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret21#1 && __utac_acc__Specification3_spec__1_#t~ret21#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret21#1;havoc __utac_acc__Specification3_spec__1_#t~ret21#1; {554#false} is VALID [2022-02-20 18:09:12,011 INFO L290 TraceCheckUtils]: 24: Hoare triple {554#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {554#false} is VALID [2022-02-20 18:09:12,012 INFO L290 TraceCheckUtils]: 25: Hoare triple {554#false} assume !false; {554#false} is VALID [2022-02-20 18:09:12,012 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:12,012 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:12,013 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [264777047] [2022-02-20 18:09:12,014 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [264777047] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:12,014 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:12,014 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:09:12,014 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [993367149] [2022-02-20 18:09:12,014 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:12,017 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:09:12,017 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:12,018 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:12,048 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 26 edges. 26 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:12,049 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:12,050 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:12,051 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:12,052 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:12,052 INFO L87 Difference]: Start difference. First operand 71 states and 91 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:12,163 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:12,163 INFO L93 Difference]: Finished difference Result 104 states and 133 transitions. [2022-02-20 18:09:12,163 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:12,164 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:09:12,164 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:12,164 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:12,174 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 133 transitions. [2022-02-20 18:09:12,175 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:12,178 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 133 transitions. [2022-02-20 18:09:12,178 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 133 transitions. [2022-02-20 18:09:12,294 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 133 edges. 133 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:12,299 INFO L225 Difference]: With dead ends: 104 [2022-02-20 18:09:12,300 INFO L226 Difference]: Without dead ends: 62 [2022-02-20 18:09:12,300 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:12,302 INFO L933 BasicCegarLoop]: 78 mSDtfsCounter, 17 mSDsluCounter, 57 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 135 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:12,302 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [20 Valid, 135 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:12,303 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 62 states. [2022-02-20 18:09:12,308 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 62 to 62. [2022-02-20 18:09:12,309 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:12,310 INFO L82 GeneralOperation]: Start isEquivalent. First operand 62 states. Second operand has 62 states, 50 states have (on average 1.34) internal successors, (67), 55 states have internal predecessors, (67), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 18:09:12,310 INFO L74 IsIncluded]: Start isIncluded. First operand 62 states. Second operand has 62 states, 50 states have (on average 1.34) internal successors, (67), 55 states have internal predecessors, (67), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 18:09:12,311 INFO L87 Difference]: Start difference. First operand 62 states. Second operand has 62 states, 50 states have (on average 1.34) internal successors, (67), 55 states have internal predecessors, (67), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 18:09:12,313 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:12,314 INFO L93 Difference]: Finished difference Result 62 states and 79 transitions. [2022-02-20 18:09:12,314 INFO L276 IsEmpty]: Start isEmpty. Operand 62 states and 79 transitions. [2022-02-20 18:09:12,314 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:12,315 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:12,315 INFO L74 IsIncluded]: Start isIncluded. First operand has 62 states, 50 states have (on average 1.34) internal successors, (67), 55 states have internal predecessors, (67), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) Second operand 62 states. [2022-02-20 18:09:12,316 INFO L87 Difference]: Start difference. First operand has 62 states, 50 states have (on average 1.34) internal successors, (67), 55 states have internal predecessors, (67), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) Second operand 62 states. [2022-02-20 18:09:12,319 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:12,319 INFO L93 Difference]: Finished difference Result 62 states and 79 transitions. [2022-02-20 18:09:12,319 INFO L276 IsEmpty]: Start isEmpty. Operand 62 states and 79 transitions. [2022-02-20 18:09:12,320 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:12,320 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:12,320 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:12,320 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:12,321 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 62 states, 50 states have (on average 1.34) internal successors, (67), 55 states have internal predecessors, (67), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 18:09:12,323 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 62 states to 62 states and 79 transitions. [2022-02-20 18:09:12,323 INFO L78 Accepts]: Start accepts. Automaton has 62 states and 79 transitions. Word has length 26 [2022-02-20 18:09:12,323 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:12,324 INFO L470 AbstractCegarLoop]: Abstraction has 62 states and 79 transitions. [2022-02-20 18:09:12,324 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:12,324 INFO L276 IsEmpty]: Start isEmpty. Operand 62 states and 79 transitions. [2022-02-20 18:09:12,325 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-02-20 18:09:12,325 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:12,325 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:12,325 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-02-20 18:09:12,326 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:12,326 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:12,326 INFO L85 PathProgramCache]: Analyzing trace with hash -552576222, now seen corresponding path program 1 times [2022-02-20 18:09:12,327 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:12,327 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1447478982] [2022-02-20 18:09:12,327 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:12,327 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:12,358 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:12,389 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-02-20 18:09:12,391 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:12,395 INFO L290 TraceCheckUtils]: 0: Hoare triple {922#true} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {922#true} is VALID [2022-02-20 18:09:12,395 INFO L290 TraceCheckUtils]: 1: Hoare triple {922#true} assume true; {922#true} is VALID [2022-02-20 18:09:12,395 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {922#true} {923#false} #223#return; {923#false} is VALID [2022-02-20 18:09:12,398 INFO L290 TraceCheckUtils]: 0: Hoare triple {922#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(3, 5);call write~init~int(79, 5, 0, 1);call write~init~int(110, 5, 1, 1);call write~init~int(0, 5, 2, 1);call #Ultimate.allocInit(4, 6);call write~init~int(79, 6, 0, 1);call write~init~int(102, 6, 1, 1);call write~init~int(102, 6, 2, 1);call write~init~int(0, 6, 3, 1);call #Ultimate.allocInit(7, 7);call write~init~int(44, 7, 0, 1);call write~init~int(80, 7, 1, 1);call write~init~int(117, 7, 2, 1);call write~init~int(109, 7, 3, 1);call write~init~int(112, 7, 4, 1);call write~init~int(58, 7, 5, 1);call write~init~int(0, 7, 6, 1);call #Ultimate.allocInit(3, 8);call write~init~int(79, 8, 0, 1);call write~init~int(110, 8, 1, 1);call write~init~int(0, 8, 2, 1);call #Ultimate.allocInit(4, 9);call write~init~int(79, 9, 0, 1);call write~init~int(102, 9, 1, 1);call write~init~int(102, 9, 2, 1);call write~init~int(0, 9, 3, 1);call #Ultimate.allocInit(3, 10);call write~init~int(41, 10, 0, 1);call write~init~int(32, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(2, 11);call write~init~int(10, 11, 0, 1);call write~init~int(0, 11, 1, 1);call #Ultimate.allocInit(13, 12);call #Ultimate.allocInit(7, 13);call write~init~int(44, 13, 0, 1);call write~init~int(77, 13, 1, 1);call write~init~int(101, 13, 2, 1);call write~init~int(116, 13, 3, 1);call write~init~int(104, 13, 4, 1);call write~init~int(58, 13, 5, 1);call write~init~int(0, 13, 6, 1);call #Ultimate.allocInit(5, 14);call write~init~int(67, 14, 0, 1);call write~init~int(82, 14, 1, 1);call write~init~int(73, 14, 2, 1);call write~init~int(84, 14, 3, 1);call write~init~int(0, 14, 4, 1);call #Ultimate.allocInit(3, 15);call write~init~int(79, 15, 0, 1);call write~init~int(75, 15, 1, 1);call write~init~int(0, 15, 2, 1);call #Ultimate.allocInit(2, 16);call write~init~int(41, 16, 0, 1);call write~init~int(0, 16, 1, 1);call #Ultimate.allocInit(30, 17);call #Ultimate.allocInit(9, 18);call #Ultimate.allocInit(21, 19);call #Ultimate.allocInit(30, 20);call #Ultimate.allocInit(9, 21);call #Ultimate.allocInit(21, 22);call #Ultimate.allocInit(30, 23);call #Ultimate.allocInit(9, 24);call #Ultimate.allocInit(25, 25);call #Ultimate.allocInit(30, 26);call #Ultimate.allocInit(9, 27);call #Ultimate.allocInit(25, 28);~pumpRunning~0 := 0;~systemActive~0 := 1;~cleanupTimeShifts~0 := 4;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~head~0.base, ~head~0.offset := 0, 0; {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:12,398 INFO L290 TraceCheckUtils]: 1: Hoare triple {924#(= 1 ~systemActive~0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret22#1, main_~retValue_acc~3#1, main_~tmp~4#1;havoc main_~retValue_acc~3#1;havoc main_~tmp~4#1;assume { :begin_inline_select_helpers } true; {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:12,399 INFO L290 TraceCheckUtils]: 2: Hoare triple {924#(= 1 ~systemActive~0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:12,400 INFO L290 TraceCheckUtils]: 3: Hoare triple {924#(= 1 ~systemActive~0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~8#1;havoc valid_product_~retValue_acc~8#1;valid_product_~retValue_acc~8#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~8#1; {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:12,400 INFO L290 TraceCheckUtils]: 4: Hoare triple {924#(= 1 ~systemActive~0)} main_#t~ret22#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret22#1 && main_#t~ret22#1 <= 2147483647;main_~tmp~4#1 := main_#t~ret22#1;havoc main_#t~ret22#1; {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:12,401 INFO L290 TraceCheckUtils]: 5: Hoare triple {924#(= 1 ~systemActive~0)} assume 0 != main_~tmp~4#1;assume { :begin_inline_setup } true; {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:12,401 INFO L290 TraceCheckUtils]: 6: Hoare triple {924#(= 1 ~systemActive~0)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet4#1, test_#t~nondet5#1, test_#t~nondet6#1, test_#t~nondet7#1, test_~splverifierCounter~0#1, test_~tmp~0#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~0#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:12,402 INFO L290 TraceCheckUtils]: 7: Hoare triple {924#(= 1 ~systemActive~0)} assume !false; {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:12,402 INFO L290 TraceCheckUtils]: 8: Hoare triple {924#(= 1 ~systemActive~0)} assume test_~splverifierCounter~0#1 < 4; {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:12,403 INFO L290 TraceCheckUtils]: 9: Hoare triple {924#(= 1 ~systemActive~0)} assume -2147483648 <= test_#t~nondet4#1 && test_#t~nondet4#1 <= 2147483647;test_~tmp~0#1 := test_#t~nondet4#1;havoc test_#t~nondet4#1; {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:12,403 INFO L290 TraceCheckUtils]: 10: Hoare triple {924#(= 1 ~systemActive~0)} assume !(0 != test_~tmp~0#1); {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:12,404 INFO L290 TraceCheckUtils]: 11: Hoare triple {924#(= 1 ~systemActive~0)} assume -2147483648 <= test_#t~nondet5#1 && test_#t~nondet5#1 <= 2147483647;test_~tmp___0~0#1 := test_#t~nondet5#1;havoc test_#t~nondet5#1; {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:12,404 INFO L290 TraceCheckUtils]: 12: Hoare triple {924#(= 1 ~systemActive~0)} assume !(0 != test_~tmp___0~0#1); {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:12,405 INFO L290 TraceCheckUtils]: 13: Hoare triple {924#(= 1 ~systemActive~0)} assume -2147483648 <= test_#t~nondet6#1 && test_#t~nondet6#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet6#1;havoc test_#t~nondet6#1; {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:12,406 INFO L290 TraceCheckUtils]: 14: Hoare triple {924#(= 1 ~systemActive~0)} assume 0 != test_~tmp___2~0#1; {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:12,406 INFO L272 TraceCheckUtils]: 15: Hoare triple {924#(= 1 ~systemActive~0)} call timeShift(); {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:12,407 INFO L290 TraceCheckUtils]: 16: Hoare triple {924#(= 1 ~systemActive~0)} assume !(0 != ~pumpRunning~0); {924#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:12,407 INFO L290 TraceCheckUtils]: 17: Hoare triple {924#(= 1 ~systemActive~0)} assume !(0 != ~systemActive~0); {923#false} is VALID [2022-02-20 18:09:12,407 INFO L290 TraceCheckUtils]: 18: Hoare triple {923#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret19#1, __utac_acc__Specification3_spec__1_#t~ret20#1, __utac_acc__Specification3_spec__1_#t~ret21#1, __utac_acc__Specification3_spec__1_~tmp~3#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {923#false} is VALID [2022-02-20 18:09:12,408 INFO L272 TraceCheckUtils]: 19: Hoare triple {923#false} call __utac_acc__Specification3_spec__1_#t~ret19#1 := isMethaneLevelCritical(); {922#true} is VALID [2022-02-20 18:09:12,408 INFO L290 TraceCheckUtils]: 20: Hoare triple {922#true} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {922#true} is VALID [2022-02-20 18:09:12,408 INFO L290 TraceCheckUtils]: 21: Hoare triple {922#true} assume true; {922#true} is VALID [2022-02-20 18:09:12,408 INFO L284 TraceCheckUtils]: 22: Hoare quadruple {922#true} {923#false} #223#return; {923#false} is VALID [2022-02-20 18:09:12,408 INFO L290 TraceCheckUtils]: 23: Hoare triple {923#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret19#1 && __utac_acc__Specification3_spec__1_#t~ret19#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~3#1 := __utac_acc__Specification3_spec__1_#t~ret19#1;havoc __utac_acc__Specification3_spec__1_#t~ret19#1; {923#false} is VALID [2022-02-20 18:09:12,409 INFO L290 TraceCheckUtils]: 24: Hoare triple {923#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~3#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~5#1;havoc getWaterLevel_~retValue_acc~5#1;getWaterLevel_~retValue_acc~5#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~5#1; {923#false} is VALID [2022-02-20 18:09:12,409 INFO L290 TraceCheckUtils]: 25: Hoare triple {923#false} __utac_acc__Specification3_spec__1_#t~ret20#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret20#1 && __utac_acc__Specification3_spec__1_#t~ret20#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret20#1;havoc __utac_acc__Specification3_spec__1_#t~ret20#1; {923#false} is VALID [2022-02-20 18:09:12,409 INFO L290 TraceCheckUtils]: 26: Hoare triple {923#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~1#1;havoc isPumpRunning_~retValue_acc~1#1;isPumpRunning_~retValue_acc~1#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~1#1; {923#false} is VALID [2022-02-20 18:09:12,409 INFO L290 TraceCheckUtils]: 27: Hoare triple {923#false} __utac_acc__Specification3_spec__1_#t~ret21#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret21#1 && __utac_acc__Specification3_spec__1_#t~ret21#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret21#1;havoc __utac_acc__Specification3_spec__1_#t~ret21#1; {923#false} is VALID [2022-02-20 18:09:12,410 INFO L290 TraceCheckUtils]: 28: Hoare triple {923#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {923#false} is VALID [2022-02-20 18:09:12,410 INFO L290 TraceCheckUtils]: 29: Hoare triple {923#false} assume !false; {923#false} is VALID [2022-02-20 18:09:12,410 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:12,410 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:12,411 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1447478982] [2022-02-20 18:09:12,411 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1447478982] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:12,411 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:12,411 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:09:12,411 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [525656297] [2022-02-20 18:09:12,412 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:12,412 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:09:12,413 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:12,413 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:12,436 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 30 edges. 30 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:12,437 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:12,437 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:12,437 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:12,438 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:12,438 INFO L87 Difference]: Start difference. First operand 62 states and 79 transitions. Second operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:12,540 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:12,541 INFO L93 Difference]: Finished difference Result 171 states and 223 transitions. [2022-02-20 18:09:12,541 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:12,541 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:09:12,541 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:12,542 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:12,546 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 223 transitions. [2022-02-20 18:09:12,546 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:12,550 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 223 transitions. [2022-02-20 18:09:12,550 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 223 transitions. [2022-02-20 18:09:12,721 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 223 edges. 223 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:12,724 INFO L225 Difference]: With dead ends: 171 [2022-02-20 18:09:12,724 INFO L226 Difference]: Without dead ends: 116 [2022-02-20 18:09:12,725 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:12,726 INFO L933 BasicCegarLoop]: 100 mSDtfsCounter, 59 mSDsluCounter, 69 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 59 SdHoareTripleChecker+Valid, 169 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:12,726 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [59 Valid, 169 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:12,727 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 116 states. [2022-02-20 18:09:12,736 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 116 to 111. [2022-02-20 18:09:12,736 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:12,737 INFO L82 GeneralOperation]: Start isEquivalent. First operand 116 states. Second operand has 111 states, 88 states have (on average 1.3636363636363635) internal successors, (120), 97 states have internal predecessors, (120), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:12,737 INFO L74 IsIncluded]: Start isIncluded. First operand 116 states. Second operand has 111 states, 88 states have (on average 1.3636363636363635) internal successors, (120), 97 states have internal predecessors, (120), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:12,738 INFO L87 Difference]: Start difference. First operand 116 states. Second operand has 111 states, 88 states have (on average 1.3636363636363635) internal successors, (120), 97 states have internal predecessors, (120), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:12,742 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:12,742 INFO L93 Difference]: Finished difference Result 116 states and 149 transitions. [2022-02-20 18:09:12,742 INFO L276 IsEmpty]: Start isEmpty. Operand 116 states and 149 transitions. [2022-02-20 18:09:12,743 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:12,743 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:12,744 INFO L74 IsIncluded]: Start isIncluded. First operand has 111 states, 88 states have (on average 1.3636363636363635) internal successors, (120), 97 states have internal predecessors, (120), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand 116 states. [2022-02-20 18:09:12,744 INFO L87 Difference]: Start difference. First operand has 111 states, 88 states have (on average 1.3636363636363635) internal successors, (120), 97 states have internal predecessors, (120), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand 116 states. [2022-02-20 18:09:12,749 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:12,749 INFO L93 Difference]: Finished difference Result 116 states and 149 transitions. [2022-02-20 18:09:12,749 INFO L276 IsEmpty]: Start isEmpty. Operand 116 states and 149 transitions. [2022-02-20 18:09:12,750 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:12,750 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:12,750 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:12,750 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:12,750 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 111 states, 88 states have (on average 1.3636363636363635) internal successors, (120), 97 states have internal predecessors, (120), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:12,754 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 111 states to 111 states and 144 transitions. [2022-02-20 18:09:12,754 INFO L78 Accepts]: Start accepts. Automaton has 111 states and 144 transitions. Word has length 30 [2022-02-20 18:09:12,755 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:12,755 INFO L470 AbstractCegarLoop]: Abstraction has 111 states and 144 transitions. [2022-02-20 18:09:12,755 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:12,755 INFO L276 IsEmpty]: Start isEmpty. Operand 111 states and 144 transitions. [2022-02-20 18:09:12,756 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2022-02-20 18:09:12,756 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:12,756 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:12,756 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-02-20 18:09:12,756 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:12,757 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:12,757 INFO L85 PathProgramCache]: Analyzing trace with hash -551449311, now seen corresponding path program 1 times [2022-02-20 18:09:12,757 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:12,757 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [898190983] [2022-02-20 18:09:12,757 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:12,758 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:12,781 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:12,803 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-02-20 18:09:12,804 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:12,806 INFO L290 TraceCheckUtils]: 0: Hoare triple {1559#true} assume true; {1559#true} is VALID [2022-02-20 18:09:12,807 INFO L284 TraceCheckUtils]: 1: Hoare quadruple {1559#true} {1560#false} #221#return; {1560#false} is VALID [2022-02-20 18:09:12,807 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-02-20 18:09:12,808 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:12,810 INFO L290 TraceCheckUtils]: 0: Hoare triple {1559#true} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {1559#true} is VALID [2022-02-20 18:09:12,810 INFO L290 TraceCheckUtils]: 1: Hoare triple {1559#true} assume true; {1559#true} is VALID [2022-02-20 18:09:12,810 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1559#true} {1560#false} #223#return; {1560#false} is VALID [2022-02-20 18:09:12,811 INFO L290 TraceCheckUtils]: 0: Hoare triple {1559#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(3, 5);call write~init~int(79, 5, 0, 1);call write~init~int(110, 5, 1, 1);call write~init~int(0, 5, 2, 1);call #Ultimate.allocInit(4, 6);call write~init~int(79, 6, 0, 1);call write~init~int(102, 6, 1, 1);call write~init~int(102, 6, 2, 1);call write~init~int(0, 6, 3, 1);call #Ultimate.allocInit(7, 7);call write~init~int(44, 7, 0, 1);call write~init~int(80, 7, 1, 1);call write~init~int(117, 7, 2, 1);call write~init~int(109, 7, 3, 1);call write~init~int(112, 7, 4, 1);call write~init~int(58, 7, 5, 1);call write~init~int(0, 7, 6, 1);call #Ultimate.allocInit(3, 8);call write~init~int(79, 8, 0, 1);call write~init~int(110, 8, 1, 1);call write~init~int(0, 8, 2, 1);call #Ultimate.allocInit(4, 9);call write~init~int(79, 9, 0, 1);call write~init~int(102, 9, 1, 1);call write~init~int(102, 9, 2, 1);call write~init~int(0, 9, 3, 1);call #Ultimate.allocInit(3, 10);call write~init~int(41, 10, 0, 1);call write~init~int(32, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(2, 11);call write~init~int(10, 11, 0, 1);call write~init~int(0, 11, 1, 1);call #Ultimate.allocInit(13, 12);call #Ultimate.allocInit(7, 13);call write~init~int(44, 13, 0, 1);call write~init~int(77, 13, 1, 1);call write~init~int(101, 13, 2, 1);call write~init~int(116, 13, 3, 1);call write~init~int(104, 13, 4, 1);call write~init~int(58, 13, 5, 1);call write~init~int(0, 13, 6, 1);call #Ultimate.allocInit(5, 14);call write~init~int(67, 14, 0, 1);call write~init~int(82, 14, 1, 1);call write~init~int(73, 14, 2, 1);call write~init~int(84, 14, 3, 1);call write~init~int(0, 14, 4, 1);call #Ultimate.allocInit(3, 15);call write~init~int(79, 15, 0, 1);call write~init~int(75, 15, 1, 1);call write~init~int(0, 15, 2, 1);call #Ultimate.allocInit(2, 16);call write~init~int(41, 16, 0, 1);call write~init~int(0, 16, 1, 1);call #Ultimate.allocInit(30, 17);call #Ultimate.allocInit(9, 18);call #Ultimate.allocInit(21, 19);call #Ultimate.allocInit(30, 20);call #Ultimate.allocInit(9, 21);call #Ultimate.allocInit(21, 22);call #Ultimate.allocInit(30, 23);call #Ultimate.allocInit(9, 24);call #Ultimate.allocInit(25, 25);call #Ultimate.allocInit(30, 26);call #Ultimate.allocInit(9, 27);call #Ultimate.allocInit(25, 28);~pumpRunning~0 := 0;~systemActive~0 := 1;~cleanupTimeShifts~0 := 4;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~head~0.base, ~head~0.offset := 0, 0; {1559#true} is VALID [2022-02-20 18:09:12,811 INFO L290 TraceCheckUtils]: 1: Hoare triple {1559#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret22#1, main_~retValue_acc~3#1, main_~tmp~4#1;havoc main_~retValue_acc~3#1;havoc main_~tmp~4#1;assume { :begin_inline_select_helpers } true; {1559#true} is VALID [2022-02-20 18:09:12,811 INFO L290 TraceCheckUtils]: 2: Hoare triple {1559#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1559#true} is VALID [2022-02-20 18:09:12,811 INFO L290 TraceCheckUtils]: 3: Hoare triple {1559#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~8#1;havoc valid_product_~retValue_acc~8#1;valid_product_~retValue_acc~8#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~8#1; {1559#true} is VALID [2022-02-20 18:09:12,811 INFO L290 TraceCheckUtils]: 4: Hoare triple {1559#true} main_#t~ret22#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret22#1 && main_#t~ret22#1 <= 2147483647;main_~tmp~4#1 := main_#t~ret22#1;havoc main_#t~ret22#1; {1559#true} is VALID [2022-02-20 18:09:12,811 INFO L290 TraceCheckUtils]: 5: Hoare triple {1559#true} assume 0 != main_~tmp~4#1;assume { :begin_inline_setup } true; {1559#true} is VALID [2022-02-20 18:09:12,812 INFO L290 TraceCheckUtils]: 6: Hoare triple {1559#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet4#1, test_#t~nondet5#1, test_#t~nondet6#1, test_#t~nondet7#1, test_~splverifierCounter~0#1, test_~tmp~0#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~0#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {1559#true} is VALID [2022-02-20 18:09:12,812 INFO L290 TraceCheckUtils]: 7: Hoare triple {1559#true} assume !false; {1559#true} is VALID [2022-02-20 18:09:12,812 INFO L290 TraceCheckUtils]: 8: Hoare triple {1559#true} assume test_~splverifierCounter~0#1 < 4; {1559#true} is VALID [2022-02-20 18:09:12,812 INFO L290 TraceCheckUtils]: 9: Hoare triple {1559#true} assume -2147483648 <= test_#t~nondet4#1 && test_#t~nondet4#1 <= 2147483647;test_~tmp~0#1 := test_#t~nondet4#1;havoc test_#t~nondet4#1; {1559#true} is VALID [2022-02-20 18:09:12,812 INFO L290 TraceCheckUtils]: 10: Hoare triple {1559#true} assume !(0 != test_~tmp~0#1); {1559#true} is VALID [2022-02-20 18:09:12,812 INFO L290 TraceCheckUtils]: 11: Hoare triple {1559#true} assume -2147483648 <= test_#t~nondet5#1 && test_#t~nondet5#1 <= 2147483647;test_~tmp___0~0#1 := test_#t~nondet5#1;havoc test_#t~nondet5#1; {1559#true} is VALID [2022-02-20 18:09:12,813 INFO L290 TraceCheckUtils]: 12: Hoare triple {1559#true} assume !(0 != test_~tmp___0~0#1); {1559#true} is VALID [2022-02-20 18:09:12,813 INFO L290 TraceCheckUtils]: 13: Hoare triple {1559#true} assume -2147483648 <= test_#t~nondet6#1 && test_#t~nondet6#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet6#1;havoc test_#t~nondet6#1; {1559#true} is VALID [2022-02-20 18:09:12,813 INFO L290 TraceCheckUtils]: 14: Hoare triple {1559#true} assume 0 != test_~tmp___2~0#1; {1559#true} is VALID [2022-02-20 18:09:12,813 INFO L272 TraceCheckUtils]: 15: Hoare triple {1559#true} call timeShift(); {1559#true} is VALID [2022-02-20 18:09:12,826 INFO L290 TraceCheckUtils]: 16: Hoare triple {1559#true} assume !(0 != ~pumpRunning~0); {1561#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:12,827 INFO L290 TraceCheckUtils]: 17: Hoare triple {1561#(= ~pumpRunning~0 0)} assume 0 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret8#1, processEnvironment_~tmp~1#1;havoc processEnvironment_~tmp~1#1; {1561#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:12,827 INFO L290 TraceCheckUtils]: 18: Hoare triple {1561#(= ~pumpRunning~0 0)} assume !(0 == ~pumpRunning~0); {1560#false} is VALID [2022-02-20 18:09:12,828 INFO L272 TraceCheckUtils]: 19: Hoare triple {1560#false} call processEnvironment__wrappee__base(); {1559#true} is VALID [2022-02-20 18:09:12,828 INFO L290 TraceCheckUtils]: 20: Hoare triple {1559#true} assume true; {1559#true} is VALID [2022-02-20 18:09:12,828 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {1559#true} {1560#false} #221#return; {1560#false} is VALID [2022-02-20 18:09:12,828 INFO L290 TraceCheckUtils]: 22: Hoare triple {1560#false} assume { :end_inline_processEnvironment } true; {1560#false} is VALID [2022-02-20 18:09:12,828 INFO L290 TraceCheckUtils]: 23: Hoare triple {1560#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret19#1, __utac_acc__Specification3_spec__1_#t~ret20#1, __utac_acc__Specification3_spec__1_#t~ret21#1, __utac_acc__Specification3_spec__1_~tmp~3#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {1560#false} is VALID [2022-02-20 18:09:12,828 INFO L272 TraceCheckUtils]: 24: Hoare triple {1560#false} call __utac_acc__Specification3_spec__1_#t~ret19#1 := isMethaneLevelCritical(); {1559#true} is VALID [2022-02-20 18:09:12,829 INFO L290 TraceCheckUtils]: 25: Hoare triple {1559#true} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {1559#true} is VALID [2022-02-20 18:09:12,829 INFO L290 TraceCheckUtils]: 26: Hoare triple {1559#true} assume true; {1559#true} is VALID [2022-02-20 18:09:12,829 INFO L284 TraceCheckUtils]: 27: Hoare quadruple {1559#true} {1560#false} #223#return; {1560#false} is VALID [2022-02-20 18:09:12,829 INFO L290 TraceCheckUtils]: 28: Hoare triple {1560#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret19#1 && __utac_acc__Specification3_spec__1_#t~ret19#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~3#1 := __utac_acc__Specification3_spec__1_#t~ret19#1;havoc __utac_acc__Specification3_spec__1_#t~ret19#1; {1560#false} is VALID [2022-02-20 18:09:12,829 INFO L290 TraceCheckUtils]: 29: Hoare triple {1560#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~3#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~5#1;havoc getWaterLevel_~retValue_acc~5#1;getWaterLevel_~retValue_acc~5#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~5#1; {1560#false} is VALID [2022-02-20 18:09:12,829 INFO L290 TraceCheckUtils]: 30: Hoare triple {1560#false} __utac_acc__Specification3_spec__1_#t~ret20#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret20#1 && __utac_acc__Specification3_spec__1_#t~ret20#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret20#1;havoc __utac_acc__Specification3_spec__1_#t~ret20#1; {1560#false} is VALID [2022-02-20 18:09:12,830 INFO L290 TraceCheckUtils]: 31: Hoare triple {1560#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~1#1;havoc isPumpRunning_~retValue_acc~1#1;isPumpRunning_~retValue_acc~1#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~1#1; {1560#false} is VALID [2022-02-20 18:09:12,830 INFO L290 TraceCheckUtils]: 32: Hoare triple {1560#false} __utac_acc__Specification3_spec__1_#t~ret21#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret21#1 && __utac_acc__Specification3_spec__1_#t~ret21#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret21#1;havoc __utac_acc__Specification3_spec__1_#t~ret21#1; {1560#false} is VALID [2022-02-20 18:09:12,830 INFO L290 TraceCheckUtils]: 33: Hoare triple {1560#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {1560#false} is VALID [2022-02-20 18:09:12,830 INFO L290 TraceCheckUtils]: 34: Hoare triple {1560#false} assume !false; {1560#false} is VALID [2022-02-20 18:09:12,830 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:12,831 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:12,831 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [898190983] [2022-02-20 18:09:12,831 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [898190983] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:12,831 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:12,831 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:09:12,831 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [793944935] [2022-02-20 18:09:12,831 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:12,832 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 35 [2022-02-20 18:09:12,832 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:12,832 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:09:12,862 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 35 edges. 35 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:12,862 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:12,862 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:12,863 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:12,863 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:12,863 INFO L87 Difference]: Start difference. First operand 111 states and 144 transitions. Second operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:09:12,977 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:12,977 INFO L93 Difference]: Finished difference Result 294 states and 389 transitions. [2022-02-20 18:09:12,977 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:12,978 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 35 [2022-02-20 18:09:12,978 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:12,978 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:09:12,981 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 207 transitions. [2022-02-20 18:09:12,981 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:09:12,984 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 207 transitions. [2022-02-20 18:09:12,985 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 207 transitions. [2022-02-20 18:09:13,118 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 207 edges. 207 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:13,122 INFO L225 Difference]: With dead ends: 294 [2022-02-20 18:09:13,122 INFO L226 Difference]: Without dead ends: 190 [2022-02-20 18:09:13,123 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:13,124 INFO L933 BasicCegarLoop]: 81 mSDtfsCounter, 67 mSDsluCounter, 52 mSDsCounter, 0 mSdLazyCounter, 8 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 67 SdHoareTripleChecker+Valid, 133 SdHoareTripleChecker+Invalid, 14 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 8 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:13,125 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [67 Valid, 133 Invalid, 14 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 8 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:13,126 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 190 states. [2022-02-20 18:09:13,139 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 190 to 188. [2022-02-20 18:09:13,139 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:13,140 INFO L82 GeneralOperation]: Start isEquivalent. First operand 190 states. Second operand has 188 states, 147 states have (on average 1.346938775510204) internal successors, (198), 158 states have internal predecessors, (198), 20 states have call successors, (20), 20 states have call predecessors, (20), 20 states have return successors, (24), 20 states have call predecessors, (24), 20 states have call successors, (24) [2022-02-20 18:09:13,141 INFO L74 IsIncluded]: Start isIncluded. First operand 190 states. Second operand has 188 states, 147 states have (on average 1.346938775510204) internal successors, (198), 158 states have internal predecessors, (198), 20 states have call successors, (20), 20 states have call predecessors, (20), 20 states have return successors, (24), 20 states have call predecessors, (24), 20 states have call successors, (24) [2022-02-20 18:09:13,141 INFO L87 Difference]: Start difference. First operand 190 states. Second operand has 188 states, 147 states have (on average 1.346938775510204) internal successors, (198), 158 states have internal predecessors, (198), 20 states have call successors, (20), 20 states have call predecessors, (20), 20 states have return successors, (24), 20 states have call predecessors, (24), 20 states have call successors, (24) [2022-02-20 18:09:13,147 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:13,147 INFO L93 Difference]: Finished difference Result 190 states and 243 transitions. [2022-02-20 18:09:13,148 INFO L276 IsEmpty]: Start isEmpty. Operand 190 states and 243 transitions. [2022-02-20 18:09:13,148 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:13,164 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:13,165 INFO L74 IsIncluded]: Start isIncluded. First operand has 188 states, 147 states have (on average 1.346938775510204) internal successors, (198), 158 states have internal predecessors, (198), 20 states have call successors, (20), 20 states have call predecessors, (20), 20 states have return successors, (24), 20 states have call predecessors, (24), 20 states have call successors, (24) Second operand 190 states. [2022-02-20 18:09:13,167 INFO L87 Difference]: Start difference. First operand has 188 states, 147 states have (on average 1.346938775510204) internal successors, (198), 158 states have internal predecessors, (198), 20 states have call successors, (20), 20 states have call predecessors, (20), 20 states have return successors, (24), 20 states have call predecessors, (24), 20 states have call successors, (24) Second operand 190 states. [2022-02-20 18:09:13,174 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:13,175 INFO L93 Difference]: Finished difference Result 190 states and 243 transitions. [2022-02-20 18:09:13,175 INFO L276 IsEmpty]: Start isEmpty. Operand 190 states and 243 transitions. [2022-02-20 18:09:13,175 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:13,176 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:13,176 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:13,176 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:13,177 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 188 states, 147 states have (on average 1.346938775510204) internal successors, (198), 158 states have internal predecessors, (198), 20 states have call successors, (20), 20 states have call predecessors, (20), 20 states have return successors, (24), 20 states have call predecessors, (24), 20 states have call successors, (24) [2022-02-20 18:09:13,185 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 188 states to 188 states and 242 transitions. [2022-02-20 18:09:13,185 INFO L78 Accepts]: Start accepts. Automaton has 188 states and 242 transitions. Word has length 35 [2022-02-20 18:09:13,187 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:13,187 INFO L470 AbstractCegarLoop]: Abstraction has 188 states and 242 transitions. [2022-02-20 18:09:13,187 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:09:13,188 INFO L276 IsEmpty]: Start isEmpty. Operand 188 states and 242 transitions. [2022-02-20 18:09:13,190 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-02-20 18:09:13,190 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:13,190 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:13,190 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-02-20 18:09:13,191 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:13,191 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:13,191 INFO L85 PathProgramCache]: Analyzing trace with hash -1364338089, now seen corresponding path program 1 times [2022-02-20 18:09:13,192 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:13,192 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1222587954] [2022-02-20 18:09:13,192 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:13,192 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:13,221 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:13,262 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-02-20 18:09:13,264 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:13,267 INFO L290 TraceCheckUtils]: 0: Hoare triple {2621#true} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {2621#true} is VALID [2022-02-20 18:09:13,267 INFO L290 TraceCheckUtils]: 1: Hoare triple {2621#true} assume true; {2621#true} is VALID [2022-02-20 18:09:13,268 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {2621#true} {2623#(= ~waterLevel~0 1)} #223#return; {2623#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:13,268 INFO L290 TraceCheckUtils]: 0: Hoare triple {2621#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(3, 5);call write~init~int(79, 5, 0, 1);call write~init~int(110, 5, 1, 1);call write~init~int(0, 5, 2, 1);call #Ultimate.allocInit(4, 6);call write~init~int(79, 6, 0, 1);call write~init~int(102, 6, 1, 1);call write~init~int(102, 6, 2, 1);call write~init~int(0, 6, 3, 1);call #Ultimate.allocInit(7, 7);call write~init~int(44, 7, 0, 1);call write~init~int(80, 7, 1, 1);call write~init~int(117, 7, 2, 1);call write~init~int(109, 7, 3, 1);call write~init~int(112, 7, 4, 1);call write~init~int(58, 7, 5, 1);call write~init~int(0, 7, 6, 1);call #Ultimate.allocInit(3, 8);call write~init~int(79, 8, 0, 1);call write~init~int(110, 8, 1, 1);call write~init~int(0, 8, 2, 1);call #Ultimate.allocInit(4, 9);call write~init~int(79, 9, 0, 1);call write~init~int(102, 9, 1, 1);call write~init~int(102, 9, 2, 1);call write~init~int(0, 9, 3, 1);call #Ultimate.allocInit(3, 10);call write~init~int(41, 10, 0, 1);call write~init~int(32, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(2, 11);call write~init~int(10, 11, 0, 1);call write~init~int(0, 11, 1, 1);call #Ultimate.allocInit(13, 12);call #Ultimate.allocInit(7, 13);call write~init~int(44, 13, 0, 1);call write~init~int(77, 13, 1, 1);call write~init~int(101, 13, 2, 1);call write~init~int(116, 13, 3, 1);call write~init~int(104, 13, 4, 1);call write~init~int(58, 13, 5, 1);call write~init~int(0, 13, 6, 1);call #Ultimate.allocInit(5, 14);call write~init~int(67, 14, 0, 1);call write~init~int(82, 14, 1, 1);call write~init~int(73, 14, 2, 1);call write~init~int(84, 14, 3, 1);call write~init~int(0, 14, 4, 1);call #Ultimate.allocInit(3, 15);call write~init~int(79, 15, 0, 1);call write~init~int(75, 15, 1, 1);call write~init~int(0, 15, 2, 1);call #Ultimate.allocInit(2, 16);call write~init~int(41, 16, 0, 1);call write~init~int(0, 16, 1, 1);call #Ultimate.allocInit(30, 17);call #Ultimate.allocInit(9, 18);call #Ultimate.allocInit(21, 19);call #Ultimate.allocInit(30, 20);call #Ultimate.allocInit(9, 21);call #Ultimate.allocInit(21, 22);call #Ultimate.allocInit(30, 23);call #Ultimate.allocInit(9, 24);call #Ultimate.allocInit(25, 25);call #Ultimate.allocInit(30, 26);call #Ultimate.allocInit(9, 27);call #Ultimate.allocInit(25, 28);~pumpRunning~0 := 0;~systemActive~0 := 1;~cleanupTimeShifts~0 := 4;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~head~0.base, ~head~0.offset := 0, 0; {2623#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:13,269 INFO L290 TraceCheckUtils]: 1: Hoare triple {2623#(= ~waterLevel~0 1)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret22#1, main_~retValue_acc~3#1, main_~tmp~4#1;havoc main_~retValue_acc~3#1;havoc main_~tmp~4#1;assume { :begin_inline_select_helpers } true; {2623#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:13,269 INFO L290 TraceCheckUtils]: 2: Hoare triple {2623#(= ~waterLevel~0 1)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {2623#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:13,270 INFO L290 TraceCheckUtils]: 3: Hoare triple {2623#(= ~waterLevel~0 1)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~8#1;havoc valid_product_~retValue_acc~8#1;valid_product_~retValue_acc~8#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~8#1; {2623#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:13,270 INFO L290 TraceCheckUtils]: 4: Hoare triple {2623#(= ~waterLevel~0 1)} main_#t~ret22#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret22#1 && main_#t~ret22#1 <= 2147483647;main_~tmp~4#1 := main_#t~ret22#1;havoc main_#t~ret22#1; {2623#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:13,270 INFO L290 TraceCheckUtils]: 5: Hoare triple {2623#(= ~waterLevel~0 1)} assume 0 != main_~tmp~4#1;assume { :begin_inline_setup } true; {2623#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:13,271 INFO L290 TraceCheckUtils]: 6: Hoare triple {2623#(= ~waterLevel~0 1)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet4#1, test_#t~nondet5#1, test_#t~nondet6#1, test_#t~nondet7#1, test_~splverifierCounter~0#1, test_~tmp~0#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~0#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {2623#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:13,271 INFO L290 TraceCheckUtils]: 7: Hoare triple {2623#(= ~waterLevel~0 1)} assume !false; {2623#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:13,271 INFO L290 TraceCheckUtils]: 8: Hoare triple {2623#(= ~waterLevel~0 1)} assume test_~splverifierCounter~0#1 < 4; {2623#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:13,272 INFO L290 TraceCheckUtils]: 9: Hoare triple {2623#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet4#1 && test_#t~nondet4#1 <= 2147483647;test_~tmp~0#1 := test_#t~nondet4#1;havoc test_#t~nondet4#1; {2623#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:13,272 INFO L290 TraceCheckUtils]: 10: Hoare triple {2623#(= ~waterLevel~0 1)} assume !(0 != test_~tmp~0#1); {2623#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:13,273 INFO L290 TraceCheckUtils]: 11: Hoare triple {2623#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet5#1 && test_#t~nondet5#1 <= 2147483647;test_~tmp___0~0#1 := test_#t~nondet5#1;havoc test_#t~nondet5#1; {2623#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:13,273 INFO L290 TraceCheckUtils]: 12: Hoare triple {2623#(= ~waterLevel~0 1)} assume !(0 != test_~tmp___0~0#1); {2623#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:13,275 INFO L290 TraceCheckUtils]: 13: Hoare triple {2623#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet6#1 && test_#t~nondet6#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet6#1;havoc test_#t~nondet6#1; {2623#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:13,275 INFO L290 TraceCheckUtils]: 14: Hoare triple {2623#(= ~waterLevel~0 1)} assume !(0 != test_~tmp___2~0#1);assume -2147483648 <= test_#t~nondet7#1 && test_#t~nondet7#1 <= 2147483647;test_~tmp___1~0#1 := test_#t~nondet7#1;havoc test_#t~nondet7#1; {2623#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:13,276 INFO L290 TraceCheckUtils]: 15: Hoare triple {2623#(= ~waterLevel~0 1)} assume 0 != test_~tmp___1~0#1;assume { :begin_inline_stopSystem } true; {2623#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:13,276 INFO L290 TraceCheckUtils]: 16: Hoare triple {2623#(= ~waterLevel~0 1)} assume !(0 != ~pumpRunning~0); {2623#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:13,276 INFO L290 TraceCheckUtils]: 17: Hoare triple {2623#(= ~waterLevel~0 1)} ~systemActive~0 := 0; {2623#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:13,277 INFO L290 TraceCheckUtils]: 18: Hoare triple {2623#(= ~waterLevel~0 1)} assume { :end_inline_stopSystem } true; {2623#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:13,282 INFO L272 TraceCheckUtils]: 19: Hoare triple {2623#(= ~waterLevel~0 1)} call timeShift(); {2623#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:13,282 INFO L290 TraceCheckUtils]: 20: Hoare triple {2623#(= ~waterLevel~0 1)} assume !(0 != ~pumpRunning~0); {2623#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:13,283 INFO L290 TraceCheckUtils]: 21: Hoare triple {2623#(= ~waterLevel~0 1)} assume !(0 != ~systemActive~0); {2623#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:13,284 INFO L290 TraceCheckUtils]: 22: Hoare triple {2623#(= ~waterLevel~0 1)} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret19#1, __utac_acc__Specification3_spec__1_#t~ret20#1, __utac_acc__Specification3_spec__1_#t~ret21#1, __utac_acc__Specification3_spec__1_~tmp~3#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {2623#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:13,284 INFO L272 TraceCheckUtils]: 23: Hoare triple {2623#(= ~waterLevel~0 1)} call __utac_acc__Specification3_spec__1_#t~ret19#1 := isMethaneLevelCritical(); {2621#true} is VALID [2022-02-20 18:09:13,285 INFO L290 TraceCheckUtils]: 24: Hoare triple {2621#true} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {2621#true} is VALID [2022-02-20 18:09:13,285 INFO L290 TraceCheckUtils]: 25: Hoare triple {2621#true} assume true; {2621#true} is VALID [2022-02-20 18:09:13,285 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {2621#true} {2623#(= ~waterLevel~0 1)} #223#return; {2623#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:13,286 INFO L290 TraceCheckUtils]: 27: Hoare triple {2623#(= ~waterLevel~0 1)} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret19#1 && __utac_acc__Specification3_spec__1_#t~ret19#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~3#1 := __utac_acc__Specification3_spec__1_#t~ret19#1;havoc __utac_acc__Specification3_spec__1_#t~ret19#1; {2623#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:13,286 INFO L290 TraceCheckUtils]: 28: Hoare triple {2623#(= ~waterLevel~0 1)} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~3#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~5#1;havoc getWaterLevel_~retValue_acc~5#1;getWaterLevel_~retValue_acc~5#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~5#1; {2627#(= |timeShift_getWaterLevel_#res#1| 1)} is VALID [2022-02-20 18:09:13,287 INFO L290 TraceCheckUtils]: 29: Hoare triple {2627#(= |timeShift_getWaterLevel_#res#1| 1)} __utac_acc__Specification3_spec__1_#t~ret20#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret20#1 && __utac_acc__Specification3_spec__1_#t~ret20#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret20#1;havoc __utac_acc__Specification3_spec__1_#t~ret20#1; {2628#(= (+ (- 1) |timeShift___utac_acc__Specification3_spec__1_~tmp___0~2#1|) 0)} is VALID [2022-02-20 18:09:13,287 INFO L290 TraceCheckUtils]: 30: Hoare triple {2628#(= (+ (- 1) |timeShift___utac_acc__Specification3_spec__1_~tmp___0~2#1|) 0)} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~1#1;havoc isPumpRunning_~retValue_acc~1#1;isPumpRunning_~retValue_acc~1#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~1#1; {2622#false} is VALID [2022-02-20 18:09:13,288 INFO L290 TraceCheckUtils]: 31: Hoare triple {2622#false} __utac_acc__Specification3_spec__1_#t~ret21#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret21#1 && __utac_acc__Specification3_spec__1_#t~ret21#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret21#1;havoc __utac_acc__Specification3_spec__1_#t~ret21#1; {2622#false} is VALID [2022-02-20 18:09:13,288 INFO L290 TraceCheckUtils]: 32: Hoare triple {2622#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {2622#false} is VALID [2022-02-20 18:09:13,288 INFO L290 TraceCheckUtils]: 33: Hoare triple {2622#false} assume !false; {2622#false} is VALID [2022-02-20 18:09:13,288 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:13,289 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:13,289 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1222587954] [2022-02-20 18:09:13,289 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1222587954] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:13,289 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:13,289 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 18:09:13,289 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [201978565] [2022-02-20 18:09:13,290 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:13,290 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-20 18:09:13,290 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:13,291 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:13,314 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 34 edges. 34 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:13,315 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 18:09:13,315 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:13,316 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 18:09:13,316 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 18:09:13,316 INFO L87 Difference]: Start difference. First operand 188 states and 242 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:13,534 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:13,534 INFO L93 Difference]: Finished difference Result 532 states and 712 transitions. [2022-02-20 18:09:13,534 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 18:09:13,535 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-20 18:09:13,535 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:13,535 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:13,538 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 220 transitions. [2022-02-20 18:09:13,539 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:13,542 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 220 transitions. [2022-02-20 18:09:13,542 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 220 transitions. [2022-02-20 18:09:13,693 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 220 edges. 220 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:13,716 INFO L225 Difference]: With dead ends: 532 [2022-02-20 18:09:13,716 INFO L226 Difference]: Without dead ends: 351 [2022-02-20 18:09:13,717 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-02-20 18:09:13,718 INFO L933 BasicCegarLoop]: 81 mSDtfsCounter, 45 mSDsluCounter, 224 mSDsCounter, 0 mSdLazyCounter, 26 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 45 SdHoareTripleChecker+Valid, 305 SdHoareTripleChecker+Invalid, 29 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 26 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:13,719 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [45 Valid, 305 Invalid, 29 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 26 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:13,720 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 351 states. [2022-02-20 18:09:13,741 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 351 to 339. [2022-02-20 18:09:13,742 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:13,743 INFO L82 GeneralOperation]: Start isEquivalent. First operand 351 states. Second operand has 339 states, 266 states have (on average 1.3120300751879699) internal successors, (349), 281 states have internal predecessors, (349), 38 states have call successors, (38), 38 states have call predecessors, (38), 34 states have return successors, (50), 34 states have call predecessors, (50), 38 states have call successors, (50) [2022-02-20 18:09:13,744 INFO L74 IsIncluded]: Start isIncluded. First operand 351 states. Second operand has 339 states, 266 states have (on average 1.3120300751879699) internal successors, (349), 281 states have internal predecessors, (349), 38 states have call successors, (38), 38 states have call predecessors, (38), 34 states have return successors, (50), 34 states have call predecessors, (50), 38 states have call successors, (50) [2022-02-20 18:09:13,746 INFO L87 Difference]: Start difference. First operand 351 states. Second operand has 339 states, 266 states have (on average 1.3120300751879699) internal successors, (349), 281 states have internal predecessors, (349), 38 states have call successors, (38), 38 states have call predecessors, (38), 34 states have return successors, (50), 34 states have call predecessors, (50), 38 states have call successors, (50) [2022-02-20 18:09:13,760 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:13,760 INFO L93 Difference]: Finished difference Result 351 states and 453 transitions. [2022-02-20 18:09:13,760 INFO L276 IsEmpty]: Start isEmpty. Operand 351 states and 453 transitions. [2022-02-20 18:09:13,762 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:13,762 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:13,764 INFO L74 IsIncluded]: Start isIncluded. First operand has 339 states, 266 states have (on average 1.3120300751879699) internal successors, (349), 281 states have internal predecessors, (349), 38 states have call successors, (38), 38 states have call predecessors, (38), 34 states have return successors, (50), 34 states have call predecessors, (50), 38 states have call successors, (50) Second operand 351 states. [2022-02-20 18:09:13,765 INFO L87 Difference]: Start difference. First operand has 339 states, 266 states have (on average 1.3120300751879699) internal successors, (349), 281 states have internal predecessors, (349), 38 states have call successors, (38), 38 states have call predecessors, (38), 34 states have return successors, (50), 34 states have call predecessors, (50), 38 states have call successors, (50) Second operand 351 states. [2022-02-20 18:09:13,780 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:13,781 INFO L93 Difference]: Finished difference Result 351 states and 453 transitions. [2022-02-20 18:09:13,781 INFO L276 IsEmpty]: Start isEmpty. Operand 351 states and 453 transitions. [2022-02-20 18:09:13,782 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:13,783 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:13,783 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:13,783 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:13,784 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 339 states, 266 states have (on average 1.3120300751879699) internal successors, (349), 281 states have internal predecessors, (349), 38 states have call successors, (38), 38 states have call predecessors, (38), 34 states have return successors, (50), 34 states have call predecessors, (50), 38 states have call successors, (50) [2022-02-20 18:09:13,800 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 339 states to 339 states and 437 transitions. [2022-02-20 18:09:13,800 INFO L78 Accepts]: Start accepts. Automaton has 339 states and 437 transitions. Word has length 34 [2022-02-20 18:09:13,800 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:13,800 INFO L470 AbstractCegarLoop]: Abstraction has 339 states and 437 transitions. [2022-02-20 18:09:13,800 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:13,801 INFO L276 IsEmpty]: Start isEmpty. Operand 339 states and 437 transitions. [2022-02-20 18:09:13,801 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-02-20 18:09:13,801 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:13,801 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:13,802 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-02-20 18:09:13,802 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:13,802 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:13,802 INFO L85 PathProgramCache]: Analyzing trace with hash -1002526275, now seen corresponding path program 1 times [2022-02-20 18:09:13,802 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:13,803 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1716910211] [2022-02-20 18:09:13,803 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:13,803 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:13,845 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:09:13,846 INFO L352 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2022-02-20 18:09:13,863 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:09:13,890 INFO L138 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2022-02-20 18:09:13,890 INFO L628 BasicCegarLoop]: Counterexample is feasible [2022-02-20 18:09:13,891 INFO L764 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-02-20 18:09:13,893 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-02-20 18:09:13,896 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1] [2022-02-20 18:09:13,899 INFO L180 ceAbstractionStarter]: Computing trace abstraction results [2022-02-20 18:09:13,940 FATAL L489 DefaultTranslator]: Callstack has procedure call flag but succeeding procedure is empty at [CALL] call waterRise(); [2022-02-20 18:09:13,941 FATAL L? ?]: The Plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction has thrown an exception: java.lang.AssertionError: callstack broken after backtranslation by InlinerBacktranslator at de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:216) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:206) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getProgramExecutionAsString(CounterExampleResult.java:155) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getLongDescription(CounterExampleResult.java:134) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ResultService.reportResult(ResultService.java:86) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.CegarLoopResultReporter.reportResult(CegarLoopResultReporter.java:141) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.reportLocationResults(TraceAbstractionStarter.java:607) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.runCegarLoops(TraceAbstractionStarter.java:182) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.(TraceAbstractionStarter.java:156) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver.finish(TraceAbstractionObserver.java:123) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runObserver(PluginConnector.java:168) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runTool(PluginConnector.java:151) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.run(PluginConnector.java:128) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.executePluginConnector(ToolchainWalker.java:232) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.processPlugin(ToolchainWalker.java:226) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walkUnprotected(ToolchainWalker.java:142) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walk(ToolchainWalker.java:104) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainManager$Toolchain.processToolchain(ToolchainManager.java:320) at de.uni_freiburg.informatik.ultimate.core.coreplugin.toolchain.DefaultToolchainJob.run(DefaultToolchainJob.java:145) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:63) [2022-02-20 18:09:13,946 INFO L158 Benchmark]: Toolchain (without parser) took 4188.29ms. Allocated memory was 96.5MB in the beginning and 142.6MB in the end (delta: 46.1MB). Free memory was 57.0MB in the beginning and 88.4MB in the end (delta: -31.4MB). Peak memory consumption was 13.3MB. Max. memory is 16.1GB. [2022-02-20 18:09:13,946 INFO L158 Benchmark]: CDTParser took 0.24ms. Allocated memory is still 96.5MB. Free memory was 73.8MB in the beginning and 73.7MB in the end (delta: 46.7kB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:09:13,947 INFO L158 Benchmark]: CACSL2BoogieTranslator took 514.49ms. Allocated memory is still 96.5MB. Free memory was 56.8MB in the beginning and 62.0MB in the end (delta: -5.2MB). Peak memory consumption was 6.4MB. Max. memory is 16.1GB. [2022-02-20 18:09:13,949 INFO L158 Benchmark]: Boogie Procedure Inliner took 57.31ms. Allocated memory is still 96.5MB. Free memory was 62.0MB in the beginning and 59.1MB in the end (delta: 2.9MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-02-20 18:09:13,949 INFO L158 Benchmark]: Boogie Preprocessor took 27.23ms. Allocated memory is still 96.5MB. Free memory was 59.1MB in the beginning and 57.5MB in the end (delta: 1.6MB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:09:13,950 INFO L158 Benchmark]: RCFGBuilder took 592.75ms. Allocated memory is still 96.5MB. Free memory was 57.5MB in the beginning and 38.2MB in the end (delta: 19.4MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2022-02-20 18:09:13,951 INFO L158 Benchmark]: TraceAbstraction took 2986.57ms. Allocated memory was 96.5MB in the beginning and 142.6MB in the end (delta: 46.1MB). Free memory was 37.6MB in the beginning and 88.4MB in the end (delta: -50.7MB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:09:13,953 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.24ms. Allocated memory is still 96.5MB. Free memory was 73.8MB in the beginning and 73.7MB in the end (delta: 46.7kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 514.49ms. Allocated memory is still 96.5MB. Free memory was 56.8MB in the beginning and 62.0MB in the end (delta: -5.2MB). Peak memory consumption was 6.4MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 57.31ms. Allocated memory is still 96.5MB. Free memory was 62.0MB in the beginning and 59.1MB in the end (delta: 2.9MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 27.23ms. Allocated memory is still 96.5MB. Free memory was 59.1MB in the beginning and 57.5MB in the end (delta: 1.6MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 592.75ms. Allocated memory is still 96.5MB. Free memory was 57.5MB in the beginning and 38.2MB in the end (delta: 19.4MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * TraceAbstraction took 2986.57ms. Allocated memory was 96.5MB in the beginning and 142.6MB in the end (delta: 46.1MB). Free memory was 37.6MB in the beginning and 88.4MB in the end (delta: -50.7MB). There was no memory consumed. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: AssertionError: callstack broken after backtranslation by InlinerBacktranslator: de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) RESULT: Ultimate could not prove your program: Toolchain returned no result. [2022-02-20 18:09:13,989 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Using bit-precise analysis Retrying with bit-precise analysis ### Bit-precise run ### Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_product35.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Bitvector.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash e7448e2a4dcf9053e3462616ae6225740bd78f5c7802032dea6a738b62c6fd6a --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 18:09:15,912 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 18:09:15,915 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 18:09:15,953 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 18:09:15,953 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 18:09:15,957 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 18:09:15,959 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 18:09:15,964 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 18:09:15,966 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 18:09:15,970 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 18:09:15,971 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 18:09:15,974 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 18:09:15,975 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 18:09:15,977 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 18:09:15,978 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 18:09:15,980 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 18:09:15,981 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 18:09:15,982 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 18:09:15,984 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 18:09:15,989 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 18:09:15,990 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 18:09:15,991 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 18:09:15,992 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 18:09:15,994 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 18:09:16,000 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 18:09:16,001 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 18:09:16,001 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 18:09:16,002 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 18:09:16,003 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 18:09:16,004 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 18:09:16,004 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 18:09:16,005 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 18:09:16,006 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 18:09:16,007 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 18:09:16,008 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 18:09:16,008 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 18:09:16,009 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 18:09:16,009 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 18:09:16,009 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 18:09:16,011 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 18:09:16,011 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 18:09:16,019 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Bitvector.epf [2022-02-20 18:09:16,051 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 18:09:16,052 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 18:09:16,053 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 18:09:16,053 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 18:09:16,054 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 18:09:16,054 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 18:09:16,055 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 18:09:16,056 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 18:09:16,056 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 18:09:16,056 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 18:09:16,057 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 18:09:16,057 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 18:09:16,057 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 18:09:16,057 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-02-20 18:09:16,058 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 18:09:16,058 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-02-20 18:09:16,058 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-02-20 18:09:16,058 INFO L138 SettingsManager]: * Use bitvectors instead of ints=true [2022-02-20 18:09:16,059 INFO L138 SettingsManager]: * Memory model=HoenickeLindenmann_4ByteResolution [2022-02-20 18:09:16,059 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 18:09:16,059 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-02-20 18:09:16,059 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 18:09:16,059 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-02-20 18:09:16,060 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 18:09:16,060 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 18:09:16,060 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 18:09:16,061 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:09:16,061 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 18:09:16,061 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 18:09:16,067 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-02-20 18:09:16,068 INFO L138 SettingsManager]: * Trace refinement strategy=WOLF [2022-02-20 18:09:16,068 INFO L138 SettingsManager]: * Command for external solver=cvc4 --incremental --print-success --lang smt [2022-02-20 18:09:16,068 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2022-02-20 18:09:16,068 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-02-20 18:09:16,069 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-02-20 18:09:16,071 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2022-02-20 18:09:16,071 INFO L138 SettingsManager]: * Logic for external solver=AUFBV WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> e7448e2a4dcf9053e3462616ae6225740bd78f5c7802032dea6a738b62c6fd6a [2022-02-20 18:09:16,383 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 18:09:16,415 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 18:09:16,418 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 18:09:16,420 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 18:09:16,420 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 18:09:16,422 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_product35.cil.c [2022-02-20 18:09:16,481 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/e7783796c/1d37d3176c8d45a0bbef386cf3391a93/FLAG2383c81c2 [2022-02-20 18:09:16,989 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 18:09:16,989 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product35.cil.c [2022-02-20 18:09:17,000 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/e7783796c/1d37d3176c8d45a0bbef386cf3391a93/FLAG2383c81c2 [2022-02-20 18:09:17,330 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/e7783796c/1d37d3176c8d45a0bbef386cf3391a93 [2022-02-20 18:09:17,332 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 18:09:17,333 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 18:09:17,334 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 18:09:17,335 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 18:09:17,344 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 18:09:17,345 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:09:17" (1/1) ... [2022-02-20 18:09:17,346 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@2cac2315 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:17, skipping insertion in model container [2022-02-20 18:09:17,346 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:09:17" (1/1) ... [2022-02-20 18:09:17,356 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 18:09:17,405 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:09:17,640 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product35.cil.c[8262,8275] [2022-02-20 18:09:17,727 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:09:17,742 INFO L200 MainTranslator]: Restarting translation with changed settings: SettingsChange [mNewPreferredMemoryModel=HoenickeLindenmann_1ByteResolution] [2022-02-20 18:09:17,753 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:09:17,792 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product35.cil.c[8262,8275] [2022-02-20 18:09:17,822 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:09:17,844 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 18:09:17,884 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product35.cil.c[8262,8275] [2022-02-20 18:09:17,904 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:09:17,932 INFO L208 MainTranslator]: Completed translation [2022-02-20 18:09:17,932 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:17 WrapperNode [2022-02-20 18:09:17,932 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 18:09:17,934 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 18:09:17,934 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 18:09:17,934 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 18:09:17,940 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:17" (1/1) ... [2022-02-20 18:09:17,968 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:17" (1/1) ... [2022-02-20 18:09:18,007 INFO L137 Inliner]: procedures = 55, calls = 152, calls flagged for inlining = 22, calls inlined = 19, statements flattened = 226 [2022-02-20 18:09:18,008 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 18:09:18,008 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 18:09:18,008 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 18:09:18,009 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 18:09:18,016 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:17" (1/1) ... [2022-02-20 18:09:18,016 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:17" (1/1) ... [2022-02-20 18:09:18,018 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:17" (1/1) ... [2022-02-20 18:09:18,019 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:17" (1/1) ... [2022-02-20 18:09:18,030 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:17" (1/1) ... [2022-02-20 18:09:18,035 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:17" (1/1) ... [2022-02-20 18:09:18,039 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:17" (1/1) ... [2022-02-20 18:09:18,041 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 18:09:18,045 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 18:09:18,045 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 18:09:18,045 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 18:09:18,046 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:17" (1/1) ... [2022-02-20 18:09:18,056 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:09:18,063 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 18:09:18,075 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 18:09:18,081 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 18:09:18,109 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 18:09:18,110 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-02-20 18:09:18,110 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-02-20 18:09:18,110 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-02-20 18:09:18,110 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-02-20 18:09:18,110 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-02-20 18:09:18,110 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-02-20 18:09:18,111 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-02-20 18:09:18,111 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-02-20 18:09:18,111 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-02-20 18:09:18,111 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-02-20 18:09:18,111 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~intINTTYPE1 [2022-02-20 18:09:18,111 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-02-20 18:09:18,112 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-02-20 18:09:18,112 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 18:09:18,112 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 18:09:18,204 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 18:09:18,206 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 18:09:18,510 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 18:09:18,518 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 18:09:18,520 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-02-20 18:09:18,522 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:09:18 BoogieIcfgContainer [2022-02-20 18:09:18,522 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 18:09:18,524 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 18:09:18,524 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 18:09:18,527 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 18:09:18,527 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 06:09:17" (1/3) ... [2022-02-20 18:09:18,528 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7c78f0ca and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:09:18, skipping insertion in model container [2022-02-20 18:09:18,528 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:17" (2/3) ... [2022-02-20 18:09:18,528 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7c78f0ca and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:09:18, skipping insertion in model container [2022-02-20 18:09:18,528 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:09:18" (3/3) ... [2022-02-20 18:09:18,530 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product35.cil.c [2022-02-20 18:09:18,537 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 18:09:18,538 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-02-20 18:09:18,592 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 18:09:18,601 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 18:09:18,601 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-02-20 18:09:18,621 INFO L276 IsEmpty]: Start isEmpty. Operand has 80 states, 63 states have (on average 1.3968253968253967) internal successors, (88), 69 states have internal predecessors, (88), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:09:18,629 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 18:09:18,629 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:18,630 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:18,631 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:18,635 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:18,636 INFO L85 PathProgramCache]: Analyzing trace with hash -815916640, now seen corresponding path program 1 times [2022-02-20 18:09:18,649 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:18,649 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [511151708] [2022-02-20 18:09:18,649 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:18,650 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:18,651 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:18,657 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:18,659 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Waiting until timeout for monitored process [2022-02-20 18:09:18,777 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:18,781 INFO L263 TraceCheckSpWp]: Trace formula consists of 154 conjuncts, 1 conjunts are in the unsatisfiable core [2022-02-20 18:09:18,793 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:18,797 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:18,886 INFO L290 TraceCheckUtils]: 0: Hoare triple {83#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(13bv32, 4bv32);call #Ultimate.allocInit(3bv32, 5bv32);call write~init~intINTTYPE1(79bv8, 5bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 5bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 5bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 6bv32);call write~init~intINTTYPE1(79bv8, 6bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 6bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 6bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 6bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 7bv32);call write~init~intINTTYPE1(44bv8, 7bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 7bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 7bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 7bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 7bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 7bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 7bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 8bv32);call write~init~intINTTYPE1(79bv8, 8bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 8bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 8bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 9bv32);call write~init~intINTTYPE1(79bv8, 9bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 9bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 9bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 9bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 10bv32);call write~init~intINTTYPE1(41bv8, 10bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 10bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 10bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 11bv32);call write~init~intINTTYPE1(10bv8, 11bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 11bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 12bv32);call #Ultimate.allocInit(7bv32, 13bv32);call write~init~intINTTYPE1(44bv8, 13bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 13bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 13bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 13bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 13bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 13bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 13bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 14bv32);call write~init~intINTTYPE1(67bv8, 14bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 14bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 14bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 14bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 14bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 15bv32);call write~init~intINTTYPE1(79bv8, 15bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 15bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 15bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 16bv32);call write~init~intINTTYPE1(41bv8, 16bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 16bv32, 1bv32, 1bv32);call #Ultimate.allocInit(30bv32, 17bv32);call #Ultimate.allocInit(9bv32, 18bv32);call #Ultimate.allocInit(21bv32, 19bv32);call #Ultimate.allocInit(30bv32, 20bv32);call #Ultimate.allocInit(9bv32, 21bv32);call #Ultimate.allocInit(21bv32, 22bv32);call #Ultimate.allocInit(30bv32, 23bv32);call #Ultimate.allocInit(9bv32, 24bv32);call #Ultimate.allocInit(25bv32, 25bv32);call #Ultimate.allocInit(30bv32, 26bv32);call #Ultimate.allocInit(9bv32, 27bv32);call #Ultimate.allocInit(25bv32, 28bv32);~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~cleanupTimeShifts~0 := 4bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {83#true} is VALID [2022-02-20 18:09:18,886 INFO L290 TraceCheckUtils]: 1: Hoare triple {83#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret22#1, main_~retValue_acc~3#1, main_~tmp~4#1;havoc main_~retValue_acc~3#1;havoc main_~tmp~4#1;assume { :begin_inline_select_helpers } true; {83#true} is VALID [2022-02-20 18:09:18,887 INFO L290 TraceCheckUtils]: 2: Hoare triple {83#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {83#true} is VALID [2022-02-20 18:09:18,887 INFO L290 TraceCheckUtils]: 3: Hoare triple {83#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~8#1;havoc valid_product_~retValue_acc~8#1;valid_product_~retValue_acc~8#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~8#1; {83#true} is VALID [2022-02-20 18:09:18,887 INFO L290 TraceCheckUtils]: 4: Hoare triple {83#true} main_#t~ret22#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~4#1 := main_#t~ret22#1;havoc main_#t~ret22#1; {83#true} is VALID [2022-02-20 18:09:18,887 INFO L290 TraceCheckUtils]: 5: Hoare triple {83#true} assume 0bv32 != main_~tmp~4#1;assume { :begin_inline_setup } true; {83#true} is VALID [2022-02-20 18:09:18,888 INFO L290 TraceCheckUtils]: 6: Hoare triple {83#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet4#1, test_#t~nondet5#1, test_#t~nondet6#1, test_#t~nondet7#1, test_~splverifierCounter~0#1, test_~tmp~0#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~0#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {83#true} is VALID [2022-02-20 18:09:18,889 INFO L290 TraceCheckUtils]: 7: Hoare triple {83#true} assume !true; {84#false} is VALID [2022-02-20 18:09:18,889 INFO L272 TraceCheckUtils]: 8: Hoare triple {84#false} call cleanup(); {84#false} is VALID [2022-02-20 18:09:18,889 INFO L290 TraceCheckUtils]: 9: Hoare triple {84#false} havoc ~i~0;havoc ~__cil_tmp2~0; {84#false} is VALID [2022-02-20 18:09:18,889 INFO L272 TraceCheckUtils]: 10: Hoare triple {84#false} call timeShift(); {84#false} is VALID [2022-02-20 18:09:18,890 INFO L290 TraceCheckUtils]: 11: Hoare triple {84#false} assume !(0bv32 != ~pumpRunning~0); {84#false} is VALID [2022-02-20 18:09:18,890 INFO L290 TraceCheckUtils]: 12: Hoare triple {84#false} assume !(0bv32 != ~systemActive~0); {84#false} is VALID [2022-02-20 18:09:18,890 INFO L290 TraceCheckUtils]: 13: Hoare triple {84#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret19#1, __utac_acc__Specification3_spec__1_#t~ret20#1, __utac_acc__Specification3_spec__1_#t~ret21#1, __utac_acc__Specification3_spec__1_~tmp~3#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {84#false} is VALID [2022-02-20 18:09:18,890 INFO L272 TraceCheckUtils]: 14: Hoare triple {84#false} call __utac_acc__Specification3_spec__1_#t~ret19#1 := isMethaneLevelCritical(); {84#false} is VALID [2022-02-20 18:09:18,891 INFO L290 TraceCheckUtils]: 15: Hoare triple {84#false} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {84#false} is VALID [2022-02-20 18:09:18,891 INFO L290 TraceCheckUtils]: 16: Hoare triple {84#false} assume true; {84#false} is VALID [2022-02-20 18:09:18,891 INFO L284 TraceCheckUtils]: 17: Hoare quadruple {84#false} {84#false} #223#return; {84#false} is VALID [2022-02-20 18:09:18,891 INFO L290 TraceCheckUtils]: 18: Hoare triple {84#false} __utac_acc__Specification3_spec__1_~tmp~3#1 := __utac_acc__Specification3_spec__1_#t~ret19#1;havoc __utac_acc__Specification3_spec__1_#t~ret19#1; {84#false} is VALID [2022-02-20 18:09:18,892 INFO L290 TraceCheckUtils]: 19: Hoare triple {84#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~3#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~5#1;havoc getWaterLevel_~retValue_acc~5#1;getWaterLevel_~retValue_acc~5#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~5#1; {84#false} is VALID [2022-02-20 18:09:18,892 INFO L290 TraceCheckUtils]: 20: Hoare triple {84#false} __utac_acc__Specification3_spec__1_#t~ret20#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret20#1;havoc __utac_acc__Specification3_spec__1_#t~ret20#1; {84#false} is VALID [2022-02-20 18:09:18,892 INFO L290 TraceCheckUtils]: 21: Hoare triple {84#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~1#1;havoc isPumpRunning_~retValue_acc~1#1;isPumpRunning_~retValue_acc~1#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~1#1; {84#false} is VALID [2022-02-20 18:09:18,893 INFO L290 TraceCheckUtils]: 22: Hoare triple {84#false} __utac_acc__Specification3_spec__1_#t~ret21#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret21#1;havoc __utac_acc__Specification3_spec__1_#t~ret21#1; {84#false} is VALID [2022-02-20 18:09:18,894 INFO L290 TraceCheckUtils]: 23: Hoare triple {84#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {84#false} is VALID [2022-02-20 18:09:18,894 INFO L290 TraceCheckUtils]: 24: Hoare triple {84#false} assume !false; {84#false} is VALID [2022-02-20 18:09:18,895 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:18,895 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:18,896 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:18,896 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [511151708] [2022-02-20 18:09:18,897 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [511151708] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:18,897 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:18,897 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:09:18,899 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2078583347] [2022-02-20 18:09:18,901 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:18,907 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:09:18,909 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:18,912 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:18,967 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:18,968 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-02-20 18:09:18,968 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:18,991 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-02-20 18:09:18,991 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:09:18,994 INFO L87 Difference]: Start difference. First operand has 80 states, 63 states have (on average 1.3968253968253967) internal successors, (88), 69 states have internal predecessors, (88), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:19,112 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:19,112 INFO L93 Difference]: Finished difference Result 152 states and 207 transitions. [2022-02-20 18:09:19,112 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-02-20 18:09:19,113 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:09:19,113 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:19,114 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:19,126 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 207 transitions. [2022-02-20 18:09:19,126 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:19,135 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 207 transitions. [2022-02-20 18:09:19,135 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 207 transitions. [2022-02-20 18:09:19,346 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 207 edges. 207 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:19,359 INFO L225 Difference]: With dead ends: 152 [2022-02-20 18:09:19,361 INFO L226 Difference]: Without dead ends: 71 [2022-02-20 18:09:19,368 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 24 GetRequests, 24 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:09:19,372 INFO L933 BasicCegarLoop]: 100 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 100 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:19,372 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 100 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:19,385 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 71 states. [2022-02-20 18:09:19,400 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 71 to 71. [2022-02-20 18:09:19,401 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:19,403 INFO L82 GeneralOperation]: Start isEquivalent. First operand 71 states. Second operand has 71 states, 56 states have (on average 1.3214285714285714) internal successors, (74), 61 states have internal predecessors, (74), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:09:19,406 INFO L74 IsIncluded]: Start isIncluded. First operand 71 states. Second operand has 71 states, 56 states have (on average 1.3214285714285714) internal successors, (74), 61 states have internal predecessors, (74), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:09:19,412 INFO L87 Difference]: Start difference. First operand 71 states. Second operand has 71 states, 56 states have (on average 1.3214285714285714) internal successors, (74), 61 states have internal predecessors, (74), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:09:19,420 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:19,423 INFO L93 Difference]: Finished difference Result 71 states and 91 transitions. [2022-02-20 18:09:19,424 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 91 transitions. [2022-02-20 18:09:19,427 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:19,427 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:19,429 INFO L74 IsIncluded]: Start isIncluded. First operand has 71 states, 56 states have (on average 1.3214285714285714) internal successors, (74), 61 states have internal predecessors, (74), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) Second operand 71 states. [2022-02-20 18:09:19,431 INFO L87 Difference]: Start difference. First operand has 71 states, 56 states have (on average 1.3214285714285714) internal successors, (74), 61 states have internal predecessors, (74), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) Second operand 71 states. [2022-02-20 18:09:19,436 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:19,440 INFO L93 Difference]: Finished difference Result 71 states and 91 transitions. [2022-02-20 18:09:19,441 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 91 transitions. [2022-02-20 18:09:19,446 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:19,448 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:19,448 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:19,449 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:19,449 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 71 states, 56 states have (on average 1.3214285714285714) internal successors, (74), 61 states have internal predecessors, (74), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 18:09:19,454 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 71 states to 71 states and 91 transitions. [2022-02-20 18:09:19,460 INFO L78 Accepts]: Start accepts. Automaton has 71 states and 91 transitions. Word has length 25 [2022-02-20 18:09:19,461 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:19,461 INFO L470 AbstractCegarLoop]: Abstraction has 71 states and 91 transitions. [2022-02-20 18:09:19,462 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:19,462 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 91 transitions. [2022-02-20 18:09:19,464 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-02-20 18:09:19,464 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:19,464 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:19,473 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Ended with exit code 0 [2022-02-20 18:09:19,671 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:19,672 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:19,673 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:19,673 INFO L85 PathProgramCache]: Analyzing trace with hash -1245391523, now seen corresponding path program 1 times [2022-02-20 18:09:19,673 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:19,674 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [162785116] [2022-02-20 18:09:19,674 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:19,674 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:19,674 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:19,675 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:19,698 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Waiting until timeout for monitored process [2022-02-20 18:09:19,740 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:19,743 INFO L263 TraceCheckSpWp]: Trace formula consists of 155 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-20 18:09:19,773 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:19,774 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:19,886 INFO L290 TraceCheckUtils]: 0: Hoare triple {622#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(13bv32, 4bv32);call #Ultimate.allocInit(3bv32, 5bv32);call write~init~intINTTYPE1(79bv8, 5bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 5bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 5bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 6bv32);call write~init~intINTTYPE1(79bv8, 6bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 6bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 6bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 6bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 7bv32);call write~init~intINTTYPE1(44bv8, 7bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 7bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 7bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 7bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 7bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 7bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 7bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 8bv32);call write~init~intINTTYPE1(79bv8, 8bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 8bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 8bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 9bv32);call write~init~intINTTYPE1(79bv8, 9bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 9bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 9bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 9bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 10bv32);call write~init~intINTTYPE1(41bv8, 10bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 10bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 10bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 11bv32);call write~init~intINTTYPE1(10bv8, 11bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 11bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 12bv32);call #Ultimate.allocInit(7bv32, 13bv32);call write~init~intINTTYPE1(44bv8, 13bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 13bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 13bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 13bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 13bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 13bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 13bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 14bv32);call write~init~intINTTYPE1(67bv8, 14bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 14bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 14bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 14bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 14bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 15bv32);call write~init~intINTTYPE1(79bv8, 15bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 15bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 15bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 16bv32);call write~init~intINTTYPE1(41bv8, 16bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 16bv32, 1bv32, 1bv32);call #Ultimate.allocInit(30bv32, 17bv32);call #Ultimate.allocInit(9bv32, 18bv32);call #Ultimate.allocInit(21bv32, 19bv32);call #Ultimate.allocInit(30bv32, 20bv32);call #Ultimate.allocInit(9bv32, 21bv32);call #Ultimate.allocInit(21bv32, 22bv32);call #Ultimate.allocInit(30bv32, 23bv32);call #Ultimate.allocInit(9bv32, 24bv32);call #Ultimate.allocInit(25bv32, 25bv32);call #Ultimate.allocInit(30bv32, 26bv32);call #Ultimate.allocInit(9bv32, 27bv32);call #Ultimate.allocInit(25bv32, 28bv32);~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~cleanupTimeShifts~0 := 4bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {622#true} is VALID [2022-02-20 18:09:19,888 INFO L290 TraceCheckUtils]: 1: Hoare triple {622#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret22#1, main_~retValue_acc~3#1, main_~tmp~4#1;havoc main_~retValue_acc~3#1;havoc main_~tmp~4#1;assume { :begin_inline_select_helpers } true; {622#true} is VALID [2022-02-20 18:09:19,888 INFO L290 TraceCheckUtils]: 2: Hoare triple {622#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {622#true} is VALID [2022-02-20 18:09:19,888 INFO L290 TraceCheckUtils]: 3: Hoare triple {622#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~8#1;havoc valid_product_~retValue_acc~8#1;valid_product_~retValue_acc~8#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~8#1; {622#true} is VALID [2022-02-20 18:09:19,889 INFO L290 TraceCheckUtils]: 4: Hoare triple {622#true} main_#t~ret22#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~4#1 := main_#t~ret22#1;havoc main_#t~ret22#1; {622#true} is VALID [2022-02-20 18:09:19,889 INFO L290 TraceCheckUtils]: 5: Hoare triple {622#true} assume 0bv32 != main_~tmp~4#1;assume { :begin_inline_setup } true; {622#true} is VALID [2022-02-20 18:09:19,889 INFO L290 TraceCheckUtils]: 6: Hoare triple {622#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet4#1, test_#t~nondet5#1, test_#t~nondet6#1, test_#t~nondet7#1, test_~splverifierCounter~0#1, test_~tmp~0#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~0#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {645#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} is VALID [2022-02-20 18:09:19,890 INFO L290 TraceCheckUtils]: 7: Hoare triple {645#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} assume !false; {645#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} is VALID [2022-02-20 18:09:19,890 INFO L290 TraceCheckUtils]: 8: Hoare triple {645#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} assume !~bvslt32(test_~splverifierCounter~0#1, 4bv32); {623#false} is VALID [2022-02-20 18:09:19,891 INFO L272 TraceCheckUtils]: 9: Hoare triple {623#false} call cleanup(); {623#false} is VALID [2022-02-20 18:09:19,891 INFO L290 TraceCheckUtils]: 10: Hoare triple {623#false} havoc ~i~0;havoc ~__cil_tmp2~0; {623#false} is VALID [2022-02-20 18:09:19,891 INFO L272 TraceCheckUtils]: 11: Hoare triple {623#false} call timeShift(); {623#false} is VALID [2022-02-20 18:09:19,891 INFO L290 TraceCheckUtils]: 12: Hoare triple {623#false} assume !(0bv32 != ~pumpRunning~0); {623#false} is VALID [2022-02-20 18:09:19,891 INFO L290 TraceCheckUtils]: 13: Hoare triple {623#false} assume !(0bv32 != ~systemActive~0); {623#false} is VALID [2022-02-20 18:09:19,892 INFO L290 TraceCheckUtils]: 14: Hoare triple {623#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret19#1, __utac_acc__Specification3_spec__1_#t~ret20#1, __utac_acc__Specification3_spec__1_#t~ret21#1, __utac_acc__Specification3_spec__1_~tmp~3#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {623#false} is VALID [2022-02-20 18:09:19,892 INFO L272 TraceCheckUtils]: 15: Hoare triple {623#false} call __utac_acc__Specification3_spec__1_#t~ret19#1 := isMethaneLevelCritical(); {623#false} is VALID [2022-02-20 18:09:19,892 INFO L290 TraceCheckUtils]: 16: Hoare triple {623#false} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {623#false} is VALID [2022-02-20 18:09:19,892 INFO L290 TraceCheckUtils]: 17: Hoare triple {623#false} assume true; {623#false} is VALID [2022-02-20 18:09:19,893 INFO L284 TraceCheckUtils]: 18: Hoare quadruple {623#false} {623#false} #223#return; {623#false} is VALID [2022-02-20 18:09:19,893 INFO L290 TraceCheckUtils]: 19: Hoare triple {623#false} __utac_acc__Specification3_spec__1_~tmp~3#1 := __utac_acc__Specification3_spec__1_#t~ret19#1;havoc __utac_acc__Specification3_spec__1_#t~ret19#1; {623#false} is VALID [2022-02-20 18:09:19,894 INFO L290 TraceCheckUtils]: 20: Hoare triple {623#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~3#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~5#1;havoc getWaterLevel_~retValue_acc~5#1;getWaterLevel_~retValue_acc~5#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~5#1; {623#false} is VALID [2022-02-20 18:09:19,894 INFO L290 TraceCheckUtils]: 21: Hoare triple {623#false} __utac_acc__Specification3_spec__1_#t~ret20#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret20#1;havoc __utac_acc__Specification3_spec__1_#t~ret20#1; {623#false} is VALID [2022-02-20 18:09:19,894 INFO L290 TraceCheckUtils]: 22: Hoare triple {623#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~1#1;havoc isPumpRunning_~retValue_acc~1#1;isPumpRunning_~retValue_acc~1#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~1#1; {623#false} is VALID [2022-02-20 18:09:19,895 INFO L290 TraceCheckUtils]: 23: Hoare triple {623#false} __utac_acc__Specification3_spec__1_#t~ret21#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret21#1;havoc __utac_acc__Specification3_spec__1_#t~ret21#1; {623#false} is VALID [2022-02-20 18:09:19,895 INFO L290 TraceCheckUtils]: 24: Hoare triple {623#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {623#false} is VALID [2022-02-20 18:09:19,899 INFO L290 TraceCheckUtils]: 25: Hoare triple {623#false} assume !false; {623#false} is VALID [2022-02-20 18:09:19,899 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:19,899 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:19,900 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:19,900 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [162785116] [2022-02-20 18:09:19,900 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [162785116] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:19,901 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:19,901 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:09:19,901 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [372213579] [2022-02-20 18:09:19,902 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:19,904 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:09:19,905 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:19,905 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:19,936 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 26 edges. 26 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:19,942 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:19,943 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:19,944 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:19,944 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:19,944 INFO L87 Difference]: Start difference. First operand 71 states and 91 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:20,058 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:20,058 INFO L93 Difference]: Finished difference Result 104 states and 133 transitions. [2022-02-20 18:09:20,058 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:20,059 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:09:20,059 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:20,059 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:20,063 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 133 transitions. [2022-02-20 18:09:20,064 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:20,066 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 133 transitions. [2022-02-20 18:09:20,067 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 133 transitions. [2022-02-20 18:09:20,202 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 133 edges. 133 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:20,205 INFO L225 Difference]: With dead ends: 104 [2022-02-20 18:09:20,205 INFO L226 Difference]: Without dead ends: 62 [2022-02-20 18:09:20,206 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 25 GetRequests, 24 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:20,207 INFO L933 BasicCegarLoop]: 78 mSDtfsCounter, 17 mSDsluCounter, 57 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 135 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:20,207 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [20 Valid, 135 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:20,208 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 62 states. [2022-02-20 18:09:20,212 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 62 to 62. [2022-02-20 18:09:20,227 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:20,228 INFO L82 GeneralOperation]: Start isEquivalent. First operand 62 states. Second operand has 62 states, 50 states have (on average 1.34) internal successors, (67), 55 states have internal predecessors, (67), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 18:09:20,228 INFO L74 IsIncluded]: Start isIncluded. First operand 62 states. Second operand has 62 states, 50 states have (on average 1.34) internal successors, (67), 55 states have internal predecessors, (67), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 18:09:20,229 INFO L87 Difference]: Start difference. First operand 62 states. Second operand has 62 states, 50 states have (on average 1.34) internal successors, (67), 55 states have internal predecessors, (67), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 18:09:20,231 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:20,233 INFO L93 Difference]: Finished difference Result 62 states and 79 transitions. [2022-02-20 18:09:20,233 INFO L276 IsEmpty]: Start isEmpty. Operand 62 states and 79 transitions. [2022-02-20 18:09:20,233 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:20,233 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:20,234 INFO L74 IsIncluded]: Start isIncluded. First operand has 62 states, 50 states have (on average 1.34) internal successors, (67), 55 states have internal predecessors, (67), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) Second operand 62 states. [2022-02-20 18:09:20,234 INFO L87 Difference]: Start difference. First operand has 62 states, 50 states have (on average 1.34) internal successors, (67), 55 states have internal predecessors, (67), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) Second operand 62 states. [2022-02-20 18:09:20,237 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:20,237 INFO L93 Difference]: Finished difference Result 62 states and 79 transitions. [2022-02-20 18:09:20,237 INFO L276 IsEmpty]: Start isEmpty. Operand 62 states and 79 transitions. [2022-02-20 18:09:20,238 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:20,238 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:20,238 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:20,238 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:20,239 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 62 states, 50 states have (on average 1.34) internal successors, (67), 55 states have internal predecessors, (67), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 18:09:20,241 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 62 states to 62 states and 79 transitions. [2022-02-20 18:09:20,241 INFO L78 Accepts]: Start accepts. Automaton has 62 states and 79 transitions. Word has length 26 [2022-02-20 18:09:20,242 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:20,242 INFO L470 AbstractCegarLoop]: Abstraction has 62 states and 79 transitions. [2022-02-20 18:09:20,242 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:20,242 INFO L276 IsEmpty]: Start isEmpty. Operand 62 states and 79 transitions. [2022-02-20 18:09:20,243 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-02-20 18:09:20,251 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:20,251 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:20,278 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Forceful destruction successful, exit code 0 [2022-02-20 18:09:20,452 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:20,452 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:20,453 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:20,453 INFO L85 PathProgramCache]: Analyzing trace with hash -552576222, now seen corresponding path program 1 times [2022-02-20 18:09:20,453 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:20,453 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [842207160] [2022-02-20 18:09:20,454 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:20,454 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:20,454 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:20,455 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:20,457 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Waiting until timeout for monitored process [2022-02-20 18:09:20,523 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:20,526 INFO L263 TraceCheckSpWp]: Trace formula consists of 155 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-20 18:09:20,562 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:20,564 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:20,673 INFO L290 TraceCheckUtils]: 0: Hoare triple {1063#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(13bv32, 4bv32);call #Ultimate.allocInit(3bv32, 5bv32);call write~init~intINTTYPE1(79bv8, 5bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 5bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 5bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 6bv32);call write~init~intINTTYPE1(79bv8, 6bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 6bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 6bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 6bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 7bv32);call write~init~intINTTYPE1(44bv8, 7bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 7bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 7bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 7bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 7bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 7bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 7bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 8bv32);call write~init~intINTTYPE1(79bv8, 8bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 8bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 8bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 9bv32);call write~init~intINTTYPE1(79bv8, 9bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 9bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 9bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 9bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 10bv32);call write~init~intINTTYPE1(41bv8, 10bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 10bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 10bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 11bv32);call write~init~intINTTYPE1(10bv8, 11bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 11bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 12bv32);call #Ultimate.allocInit(7bv32, 13bv32);call write~init~intINTTYPE1(44bv8, 13bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 13bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 13bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 13bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 13bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 13bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 13bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 14bv32);call write~init~intINTTYPE1(67bv8, 14bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 14bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 14bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 14bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 14bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 15bv32);call write~init~intINTTYPE1(79bv8, 15bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 15bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 15bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 16bv32);call write~init~intINTTYPE1(41bv8, 16bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 16bv32, 1bv32, 1bv32);call #Ultimate.allocInit(30bv32, 17bv32);call #Ultimate.allocInit(9bv32, 18bv32);call #Ultimate.allocInit(21bv32, 19bv32);call #Ultimate.allocInit(30bv32, 20bv32);call #Ultimate.allocInit(9bv32, 21bv32);call #Ultimate.allocInit(21bv32, 22bv32);call #Ultimate.allocInit(30bv32, 23bv32);call #Ultimate.allocInit(9bv32, 24bv32);call #Ultimate.allocInit(25bv32, 25bv32);call #Ultimate.allocInit(30bv32, 26bv32);call #Ultimate.allocInit(9bv32, 27bv32);call #Ultimate.allocInit(25bv32, 28bv32);~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~cleanupTimeShifts~0 := 4bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {1068#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:20,673 INFO L290 TraceCheckUtils]: 1: Hoare triple {1068#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret22#1, main_~retValue_acc~3#1, main_~tmp~4#1;havoc main_~retValue_acc~3#1;havoc main_~tmp~4#1;assume { :begin_inline_select_helpers } true; {1068#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:20,674 INFO L290 TraceCheckUtils]: 2: Hoare triple {1068#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1068#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:20,675 INFO L290 TraceCheckUtils]: 3: Hoare triple {1068#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~8#1;havoc valid_product_~retValue_acc~8#1;valid_product_~retValue_acc~8#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~8#1; {1068#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:20,677 INFO L290 TraceCheckUtils]: 4: Hoare triple {1068#(= ~systemActive~0 (_ bv1 32))} main_#t~ret22#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~4#1 := main_#t~ret22#1;havoc main_#t~ret22#1; {1068#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:20,678 INFO L290 TraceCheckUtils]: 5: Hoare triple {1068#(= ~systemActive~0 (_ bv1 32))} assume 0bv32 != main_~tmp~4#1;assume { :begin_inline_setup } true; {1068#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:20,678 INFO L290 TraceCheckUtils]: 6: Hoare triple {1068#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet4#1, test_#t~nondet5#1, test_#t~nondet6#1, test_#t~nondet7#1, test_~splverifierCounter~0#1, test_~tmp~0#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~0#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {1068#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:20,679 INFO L290 TraceCheckUtils]: 7: Hoare triple {1068#(= ~systemActive~0 (_ bv1 32))} assume !false; {1068#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:20,680 INFO L290 TraceCheckUtils]: 8: Hoare triple {1068#(= ~systemActive~0 (_ bv1 32))} assume ~bvslt32(test_~splverifierCounter~0#1, 4bv32); {1068#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:20,680 INFO L290 TraceCheckUtils]: 9: Hoare triple {1068#(= ~systemActive~0 (_ bv1 32))} test_~tmp~0#1 := test_#t~nondet4#1;havoc test_#t~nondet4#1; {1068#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:20,681 INFO L290 TraceCheckUtils]: 10: Hoare triple {1068#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != test_~tmp~0#1); {1068#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:20,681 INFO L290 TraceCheckUtils]: 11: Hoare triple {1068#(= ~systemActive~0 (_ bv1 32))} test_~tmp___0~0#1 := test_#t~nondet5#1;havoc test_#t~nondet5#1; {1068#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:20,682 INFO L290 TraceCheckUtils]: 12: Hoare triple {1068#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___0~0#1); {1068#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:20,682 INFO L290 TraceCheckUtils]: 13: Hoare triple {1068#(= ~systemActive~0 (_ bv1 32))} test_~tmp___2~0#1 := test_#t~nondet6#1;havoc test_#t~nondet6#1; {1068#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:20,683 INFO L290 TraceCheckUtils]: 14: Hoare triple {1068#(= ~systemActive~0 (_ bv1 32))} assume 0bv32 != test_~tmp___2~0#1; {1068#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:20,683 INFO L272 TraceCheckUtils]: 15: Hoare triple {1068#(= ~systemActive~0 (_ bv1 32))} call timeShift(); {1068#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:20,684 INFO L290 TraceCheckUtils]: 16: Hoare triple {1068#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {1068#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:20,684 INFO L290 TraceCheckUtils]: 17: Hoare triple {1068#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != ~systemActive~0); {1064#false} is VALID [2022-02-20 18:09:20,684 INFO L290 TraceCheckUtils]: 18: Hoare triple {1064#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret19#1, __utac_acc__Specification3_spec__1_#t~ret20#1, __utac_acc__Specification3_spec__1_#t~ret21#1, __utac_acc__Specification3_spec__1_~tmp~3#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {1064#false} is VALID [2022-02-20 18:09:20,685 INFO L272 TraceCheckUtils]: 19: Hoare triple {1064#false} call __utac_acc__Specification3_spec__1_#t~ret19#1 := isMethaneLevelCritical(); {1064#false} is VALID [2022-02-20 18:09:20,685 INFO L290 TraceCheckUtils]: 20: Hoare triple {1064#false} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {1064#false} is VALID [2022-02-20 18:09:20,685 INFO L290 TraceCheckUtils]: 21: Hoare triple {1064#false} assume true; {1064#false} is VALID [2022-02-20 18:09:20,685 INFO L284 TraceCheckUtils]: 22: Hoare quadruple {1064#false} {1064#false} #223#return; {1064#false} is VALID [2022-02-20 18:09:20,686 INFO L290 TraceCheckUtils]: 23: Hoare triple {1064#false} __utac_acc__Specification3_spec__1_~tmp~3#1 := __utac_acc__Specification3_spec__1_#t~ret19#1;havoc __utac_acc__Specification3_spec__1_#t~ret19#1; {1064#false} is VALID [2022-02-20 18:09:20,686 INFO L290 TraceCheckUtils]: 24: Hoare triple {1064#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~3#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~5#1;havoc getWaterLevel_~retValue_acc~5#1;getWaterLevel_~retValue_acc~5#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~5#1; {1064#false} is VALID [2022-02-20 18:09:20,687 INFO L290 TraceCheckUtils]: 25: Hoare triple {1064#false} __utac_acc__Specification3_spec__1_#t~ret20#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret20#1;havoc __utac_acc__Specification3_spec__1_#t~ret20#1; {1064#false} is VALID [2022-02-20 18:09:20,687 INFO L290 TraceCheckUtils]: 26: Hoare triple {1064#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~1#1;havoc isPumpRunning_~retValue_acc~1#1;isPumpRunning_~retValue_acc~1#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~1#1; {1064#false} is VALID [2022-02-20 18:09:20,687 INFO L290 TraceCheckUtils]: 27: Hoare triple {1064#false} __utac_acc__Specification3_spec__1_#t~ret21#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret21#1;havoc __utac_acc__Specification3_spec__1_#t~ret21#1; {1064#false} is VALID [2022-02-20 18:09:20,687 INFO L290 TraceCheckUtils]: 28: Hoare triple {1064#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {1064#false} is VALID [2022-02-20 18:09:20,687 INFO L290 TraceCheckUtils]: 29: Hoare triple {1064#false} assume !false; {1064#false} is VALID [2022-02-20 18:09:20,688 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:20,688 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:20,688 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:20,688 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [842207160] [2022-02-20 18:09:20,689 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [842207160] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:20,692 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:20,692 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:09:20,693 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1441604780] [2022-02-20 18:09:20,693 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:20,694 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:09:20,696 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:20,696 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:20,724 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 30 edges. 30 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:20,724 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:20,725 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:20,726 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:20,726 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:20,726 INFO L87 Difference]: Start difference. First operand 62 states and 79 transitions. Second operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:20,905 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:20,905 INFO L93 Difference]: Finished difference Result 171 states and 223 transitions. [2022-02-20 18:09:20,905 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:20,906 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:09:20,906 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:20,906 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:20,914 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 223 transitions. [2022-02-20 18:09:20,914 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:20,921 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 223 transitions. [2022-02-20 18:09:20,922 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 223 transitions. [2022-02-20 18:09:21,113 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 223 edges. 223 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:21,120 INFO L225 Difference]: With dead ends: 171 [2022-02-20 18:09:21,121 INFO L226 Difference]: Without dead ends: 116 [2022-02-20 18:09:21,123 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 29 GetRequests, 28 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:21,125 INFO L933 BasicCegarLoop]: 100 mSDtfsCounter, 59 mSDsluCounter, 69 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 59 SdHoareTripleChecker+Valid, 169 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:21,126 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [59 Valid, 169 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:21,128 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 116 states. [2022-02-20 18:09:21,138 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 116 to 111. [2022-02-20 18:09:21,141 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:21,142 INFO L82 GeneralOperation]: Start isEquivalent. First operand 116 states. Second operand has 111 states, 88 states have (on average 1.3636363636363635) internal successors, (120), 97 states have internal predecessors, (120), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:21,143 INFO L74 IsIncluded]: Start isIncluded. First operand 116 states. Second operand has 111 states, 88 states have (on average 1.3636363636363635) internal successors, (120), 97 states have internal predecessors, (120), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:21,144 INFO L87 Difference]: Start difference. First operand 116 states. Second operand has 111 states, 88 states have (on average 1.3636363636363635) internal successors, (120), 97 states have internal predecessors, (120), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:21,148 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:21,149 INFO L93 Difference]: Finished difference Result 116 states and 149 transitions. [2022-02-20 18:09:21,149 INFO L276 IsEmpty]: Start isEmpty. Operand 116 states and 149 transitions. [2022-02-20 18:09:21,149 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:21,149 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:21,150 INFO L74 IsIncluded]: Start isIncluded. First operand has 111 states, 88 states have (on average 1.3636363636363635) internal successors, (120), 97 states have internal predecessors, (120), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand 116 states. [2022-02-20 18:09:21,150 INFO L87 Difference]: Start difference. First operand has 111 states, 88 states have (on average 1.3636363636363635) internal successors, (120), 97 states have internal predecessors, (120), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand 116 states. [2022-02-20 18:09:21,160 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:21,160 INFO L93 Difference]: Finished difference Result 116 states and 149 transitions. [2022-02-20 18:09:21,160 INFO L276 IsEmpty]: Start isEmpty. Operand 116 states and 149 transitions. [2022-02-20 18:09:21,161 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:21,161 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:21,161 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:21,161 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:21,162 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 111 states, 88 states have (on average 1.3636363636363635) internal successors, (120), 97 states have internal predecessors, (120), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-02-20 18:09:21,165 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 111 states to 111 states and 144 transitions. [2022-02-20 18:09:21,166 INFO L78 Accepts]: Start accepts. Automaton has 111 states and 144 transitions. Word has length 30 [2022-02-20 18:09:21,166 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:21,166 INFO L470 AbstractCegarLoop]: Abstraction has 111 states and 144 transitions. [2022-02-20 18:09:21,166 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:21,166 INFO L276 IsEmpty]: Start isEmpty. Operand 111 states and 144 transitions. [2022-02-20 18:09:21,167 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2022-02-20 18:09:21,167 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:21,167 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:21,179 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Forceful destruction successful, exit code 0 [2022-02-20 18:09:21,376 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:21,377 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:21,377 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:21,377 INFO L85 PathProgramCache]: Analyzing trace with hash -551449311, now seen corresponding path program 1 times [2022-02-20 18:09:21,378 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:21,378 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [2040140895] [2022-02-20 18:09:21,378 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:21,378 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:21,379 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:21,384 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:21,385 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Waiting until timeout for monitored process [2022-02-20 18:09:21,433 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:21,437 INFO L263 TraceCheckSpWp]: Trace formula consists of 162 conjuncts, 4 conjunts are in the unsatisfiable core [2022-02-20 18:09:21,456 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:21,463 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:21,582 INFO L290 TraceCheckUtils]: 0: Hoare triple {1784#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(13bv32, 4bv32);call #Ultimate.allocInit(3bv32, 5bv32);call write~init~intINTTYPE1(79bv8, 5bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 5bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 5bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 6bv32);call write~init~intINTTYPE1(79bv8, 6bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 6bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 6bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 6bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 7bv32);call write~init~intINTTYPE1(44bv8, 7bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 7bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 7bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 7bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 7bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 7bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 7bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 8bv32);call write~init~intINTTYPE1(79bv8, 8bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 8bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 8bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 9bv32);call write~init~intINTTYPE1(79bv8, 9bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 9bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 9bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 9bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 10bv32);call write~init~intINTTYPE1(41bv8, 10bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 10bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 10bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 11bv32);call write~init~intINTTYPE1(10bv8, 11bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 11bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 12bv32);call #Ultimate.allocInit(7bv32, 13bv32);call write~init~intINTTYPE1(44bv8, 13bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 13bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 13bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 13bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 13bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 13bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 13bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 14bv32);call write~init~intINTTYPE1(67bv8, 14bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 14bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 14bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 14bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 14bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 15bv32);call write~init~intINTTYPE1(79bv8, 15bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 15bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 15bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 16bv32);call write~init~intINTTYPE1(41bv8, 16bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 16bv32, 1bv32, 1bv32);call #Ultimate.allocInit(30bv32, 17bv32);call #Ultimate.allocInit(9bv32, 18bv32);call #Ultimate.allocInit(21bv32, 19bv32);call #Ultimate.allocInit(30bv32, 20bv32);call #Ultimate.allocInit(9bv32, 21bv32);call #Ultimate.allocInit(21bv32, 22bv32);call #Ultimate.allocInit(30bv32, 23bv32);call #Ultimate.allocInit(9bv32, 24bv32);call #Ultimate.allocInit(25bv32, 25bv32);call #Ultimate.allocInit(30bv32, 26bv32);call #Ultimate.allocInit(9bv32, 27bv32);call #Ultimate.allocInit(25bv32, 28bv32);~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~cleanupTimeShifts~0 := 4bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {1789#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:21,582 INFO L290 TraceCheckUtils]: 1: Hoare triple {1789#(= (_ bv0 32) ~pumpRunning~0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret22#1, main_~retValue_acc~3#1, main_~tmp~4#1;havoc main_~retValue_acc~3#1;havoc main_~tmp~4#1;assume { :begin_inline_select_helpers } true; {1789#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:21,583 INFO L290 TraceCheckUtils]: 2: Hoare triple {1789#(= (_ bv0 32) ~pumpRunning~0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1789#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:21,583 INFO L290 TraceCheckUtils]: 3: Hoare triple {1789#(= (_ bv0 32) ~pumpRunning~0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~8#1;havoc valid_product_~retValue_acc~8#1;valid_product_~retValue_acc~8#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~8#1; {1789#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:21,583 INFO L290 TraceCheckUtils]: 4: Hoare triple {1789#(= (_ bv0 32) ~pumpRunning~0)} main_#t~ret22#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~4#1 := main_#t~ret22#1;havoc main_#t~ret22#1; {1789#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:21,584 INFO L290 TraceCheckUtils]: 5: Hoare triple {1789#(= (_ bv0 32) ~pumpRunning~0)} assume 0bv32 != main_~tmp~4#1;assume { :begin_inline_setup } true; {1789#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:21,584 INFO L290 TraceCheckUtils]: 6: Hoare triple {1789#(= (_ bv0 32) ~pumpRunning~0)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet4#1, test_#t~nondet5#1, test_#t~nondet6#1, test_#t~nondet7#1, test_~splverifierCounter~0#1, test_~tmp~0#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~0#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {1789#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:21,584 INFO L290 TraceCheckUtils]: 7: Hoare triple {1789#(= (_ bv0 32) ~pumpRunning~0)} assume !false; {1789#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:21,585 INFO L290 TraceCheckUtils]: 8: Hoare triple {1789#(= (_ bv0 32) ~pumpRunning~0)} assume ~bvslt32(test_~splverifierCounter~0#1, 4bv32); {1789#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:21,585 INFO L290 TraceCheckUtils]: 9: Hoare triple {1789#(= (_ bv0 32) ~pumpRunning~0)} test_~tmp~0#1 := test_#t~nondet4#1;havoc test_#t~nondet4#1; {1789#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:21,585 INFO L290 TraceCheckUtils]: 10: Hoare triple {1789#(= (_ bv0 32) ~pumpRunning~0)} assume !(0bv32 != test_~tmp~0#1); {1789#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:21,586 INFO L290 TraceCheckUtils]: 11: Hoare triple {1789#(= (_ bv0 32) ~pumpRunning~0)} test_~tmp___0~0#1 := test_#t~nondet5#1;havoc test_#t~nondet5#1; {1789#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:21,586 INFO L290 TraceCheckUtils]: 12: Hoare triple {1789#(= (_ bv0 32) ~pumpRunning~0)} assume !(0bv32 != test_~tmp___0~0#1); {1789#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:21,586 INFO L290 TraceCheckUtils]: 13: Hoare triple {1789#(= (_ bv0 32) ~pumpRunning~0)} test_~tmp___2~0#1 := test_#t~nondet6#1;havoc test_#t~nondet6#1; {1789#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:21,587 INFO L290 TraceCheckUtils]: 14: Hoare triple {1789#(= (_ bv0 32) ~pumpRunning~0)} assume 0bv32 != test_~tmp___2~0#1; {1789#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:21,587 INFO L272 TraceCheckUtils]: 15: Hoare triple {1789#(= (_ bv0 32) ~pumpRunning~0)} call timeShift(); {1789#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:21,588 INFO L290 TraceCheckUtils]: 16: Hoare triple {1789#(= (_ bv0 32) ~pumpRunning~0)} assume !(0bv32 != ~pumpRunning~0); {1789#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:21,588 INFO L290 TraceCheckUtils]: 17: Hoare triple {1789#(= (_ bv0 32) ~pumpRunning~0)} assume 0bv32 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret8#1, processEnvironment_~tmp~1#1;havoc processEnvironment_~tmp~1#1; {1789#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:21,588 INFO L290 TraceCheckUtils]: 18: Hoare triple {1789#(= (_ bv0 32) ~pumpRunning~0)} assume !(0bv32 == ~pumpRunning~0); {1785#false} is VALID [2022-02-20 18:09:21,588 INFO L272 TraceCheckUtils]: 19: Hoare triple {1785#false} call processEnvironment__wrappee__base(); {1785#false} is VALID [2022-02-20 18:09:21,589 INFO L290 TraceCheckUtils]: 20: Hoare triple {1785#false} assume true; {1785#false} is VALID [2022-02-20 18:09:21,589 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {1785#false} {1785#false} #221#return; {1785#false} is VALID [2022-02-20 18:09:21,589 INFO L290 TraceCheckUtils]: 22: Hoare triple {1785#false} assume { :end_inline_processEnvironment } true; {1785#false} is VALID [2022-02-20 18:09:21,592 INFO L290 TraceCheckUtils]: 23: Hoare triple {1785#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret19#1, __utac_acc__Specification3_spec__1_#t~ret20#1, __utac_acc__Specification3_spec__1_#t~ret21#1, __utac_acc__Specification3_spec__1_~tmp~3#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {1785#false} is VALID [2022-02-20 18:09:21,592 INFO L272 TraceCheckUtils]: 24: Hoare triple {1785#false} call __utac_acc__Specification3_spec__1_#t~ret19#1 := isMethaneLevelCritical(); {1785#false} is VALID [2022-02-20 18:09:21,592 INFO L290 TraceCheckUtils]: 25: Hoare triple {1785#false} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {1785#false} is VALID [2022-02-20 18:09:21,592 INFO L290 TraceCheckUtils]: 26: Hoare triple {1785#false} assume true; {1785#false} is VALID [2022-02-20 18:09:21,592 INFO L284 TraceCheckUtils]: 27: Hoare quadruple {1785#false} {1785#false} #223#return; {1785#false} is VALID [2022-02-20 18:09:21,593 INFO L290 TraceCheckUtils]: 28: Hoare triple {1785#false} __utac_acc__Specification3_spec__1_~tmp~3#1 := __utac_acc__Specification3_spec__1_#t~ret19#1;havoc __utac_acc__Specification3_spec__1_#t~ret19#1; {1785#false} is VALID [2022-02-20 18:09:21,593 INFO L290 TraceCheckUtils]: 29: Hoare triple {1785#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~3#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~5#1;havoc getWaterLevel_~retValue_acc~5#1;getWaterLevel_~retValue_acc~5#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~5#1; {1785#false} is VALID [2022-02-20 18:09:21,593 INFO L290 TraceCheckUtils]: 30: Hoare triple {1785#false} __utac_acc__Specification3_spec__1_#t~ret20#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret20#1;havoc __utac_acc__Specification3_spec__1_#t~ret20#1; {1785#false} is VALID [2022-02-20 18:09:21,593 INFO L290 TraceCheckUtils]: 31: Hoare triple {1785#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~1#1;havoc isPumpRunning_~retValue_acc~1#1;isPumpRunning_~retValue_acc~1#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~1#1; {1785#false} is VALID [2022-02-20 18:09:21,593 INFO L290 TraceCheckUtils]: 32: Hoare triple {1785#false} __utac_acc__Specification3_spec__1_#t~ret21#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret21#1;havoc __utac_acc__Specification3_spec__1_#t~ret21#1; {1785#false} is VALID [2022-02-20 18:09:21,593 INFO L290 TraceCheckUtils]: 33: Hoare triple {1785#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {1785#false} is VALID [2022-02-20 18:09:21,593 INFO L290 TraceCheckUtils]: 34: Hoare triple {1785#false} assume !false; {1785#false} is VALID [2022-02-20 18:09:21,593 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:21,594 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:21,594 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:21,594 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [2040140895] [2022-02-20 18:09:21,594 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [2040140895] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:21,594 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:21,594 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:09:21,594 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1677370347] [2022-02-20 18:09:21,594 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:21,595 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 2 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 35 [2022-02-20 18:09:21,598 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:21,598 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 10.0) internal successors, (30), 2 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:09:21,630 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 35 edges. 35 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:21,630 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:21,631 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:21,631 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:21,631 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:21,631 INFO L87 Difference]: Start difference. First operand 111 states and 144 transitions. Second operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 2 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:09:21,774 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:21,774 INFO L93 Difference]: Finished difference Result 294 states and 389 transitions. [2022-02-20 18:09:21,774 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:21,774 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 2 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 35 [2022-02-20 18:09:21,774 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:21,775 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 2 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:09:21,778 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 207 transitions. [2022-02-20 18:09:21,778 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 2 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:09:21,782 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 207 transitions. [2022-02-20 18:09:21,782 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 207 transitions. [2022-02-20 18:09:21,955 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 207 edges. 207 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:21,960 INFO L225 Difference]: With dead ends: 294 [2022-02-20 18:09:21,961 INFO L226 Difference]: Without dead ends: 190 [2022-02-20 18:09:21,961 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 34 GetRequests, 33 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:21,962 INFO L933 BasicCegarLoop]: 81 mSDtfsCounter, 52 mSDsluCounter, 52 mSDsCounter, 0 mSdLazyCounter, 8 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 52 SdHoareTripleChecker+Valid, 133 SdHoareTripleChecker+Invalid, 14 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 8 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:21,962 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [52 Valid, 133 Invalid, 14 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 8 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:21,963 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 190 states. [2022-02-20 18:09:21,977 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 190 to 188. [2022-02-20 18:09:21,977 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:21,978 INFO L82 GeneralOperation]: Start isEquivalent. First operand 190 states. Second operand has 188 states, 147 states have (on average 1.346938775510204) internal successors, (198), 158 states have internal predecessors, (198), 20 states have call successors, (20), 20 states have call predecessors, (20), 20 states have return successors, (24), 20 states have call predecessors, (24), 20 states have call successors, (24) [2022-02-20 18:09:21,979 INFO L74 IsIncluded]: Start isIncluded. First operand 190 states. Second operand has 188 states, 147 states have (on average 1.346938775510204) internal successors, (198), 158 states have internal predecessors, (198), 20 states have call successors, (20), 20 states have call predecessors, (20), 20 states have return successors, (24), 20 states have call predecessors, (24), 20 states have call successors, (24) [2022-02-20 18:09:21,979 INFO L87 Difference]: Start difference. First operand 190 states. Second operand has 188 states, 147 states have (on average 1.346938775510204) internal successors, (198), 158 states have internal predecessors, (198), 20 states have call successors, (20), 20 states have call predecessors, (20), 20 states have return successors, (24), 20 states have call predecessors, (24), 20 states have call successors, (24) [2022-02-20 18:09:21,987 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:21,987 INFO L93 Difference]: Finished difference Result 190 states and 243 transitions. [2022-02-20 18:09:21,987 INFO L276 IsEmpty]: Start isEmpty. Operand 190 states and 243 transitions. [2022-02-20 18:09:21,988 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:21,988 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:21,988 INFO L74 IsIncluded]: Start isIncluded. First operand has 188 states, 147 states have (on average 1.346938775510204) internal successors, (198), 158 states have internal predecessors, (198), 20 states have call successors, (20), 20 states have call predecessors, (20), 20 states have return successors, (24), 20 states have call predecessors, (24), 20 states have call successors, (24) Second operand 190 states. [2022-02-20 18:09:21,989 INFO L87 Difference]: Start difference. First operand has 188 states, 147 states have (on average 1.346938775510204) internal successors, (198), 158 states have internal predecessors, (198), 20 states have call successors, (20), 20 states have call predecessors, (20), 20 states have return successors, (24), 20 states have call predecessors, (24), 20 states have call successors, (24) Second operand 190 states. [2022-02-20 18:09:21,996 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:21,996 INFO L93 Difference]: Finished difference Result 190 states and 243 transitions. [2022-02-20 18:09:21,996 INFO L276 IsEmpty]: Start isEmpty. Operand 190 states and 243 transitions. [2022-02-20 18:09:21,997 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:21,997 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:21,997 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:21,997 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:21,998 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 188 states, 147 states have (on average 1.346938775510204) internal successors, (198), 158 states have internal predecessors, (198), 20 states have call successors, (20), 20 states have call predecessors, (20), 20 states have return successors, (24), 20 states have call predecessors, (24), 20 states have call successors, (24) [2022-02-20 18:09:22,005 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 188 states to 188 states and 242 transitions. [2022-02-20 18:09:22,006 INFO L78 Accepts]: Start accepts. Automaton has 188 states and 242 transitions. Word has length 35 [2022-02-20 18:09:22,006 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:22,006 INFO L470 AbstractCegarLoop]: Abstraction has 188 states and 242 transitions. [2022-02-20 18:09:22,006 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 2 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:09:22,006 INFO L276 IsEmpty]: Start isEmpty. Operand 188 states and 242 transitions. [2022-02-20 18:09:22,013 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-02-20 18:09:22,013 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:22,013 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:22,025 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Forceful destruction successful, exit code 0 [2022-02-20 18:09:22,222 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:22,223 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:22,223 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:22,223 INFO L85 PathProgramCache]: Analyzing trace with hash -1364338089, now seen corresponding path program 1 times [2022-02-20 18:09:22,224 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:22,224 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1482937964] [2022-02-20 18:09:22,224 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:22,224 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:22,224 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:22,225 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:22,229 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Waiting until timeout for monitored process [2022-02-20 18:09:22,290 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:22,292 INFO L263 TraceCheckSpWp]: Trace formula consists of 160 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 18:09:22,304 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:22,305 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:22,428 INFO L290 TraceCheckUtils]: 0: Hoare triple {2943#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(13bv32, 4bv32);call #Ultimate.allocInit(3bv32, 5bv32);call write~init~intINTTYPE1(79bv8, 5bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 5bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 5bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 6bv32);call write~init~intINTTYPE1(79bv8, 6bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 6bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 6bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 6bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 7bv32);call write~init~intINTTYPE1(44bv8, 7bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 7bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 7bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 7bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 7bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 7bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 7bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 8bv32);call write~init~intINTTYPE1(79bv8, 8bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 8bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 8bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 9bv32);call write~init~intINTTYPE1(79bv8, 9bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 9bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 9bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 9bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 10bv32);call write~init~intINTTYPE1(41bv8, 10bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 10bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 10bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 11bv32);call write~init~intINTTYPE1(10bv8, 11bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 11bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 12bv32);call #Ultimate.allocInit(7bv32, 13bv32);call write~init~intINTTYPE1(44bv8, 13bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 13bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 13bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 13bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 13bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 13bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 13bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 14bv32);call write~init~intINTTYPE1(67bv8, 14bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 14bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 14bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 14bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 14bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 15bv32);call write~init~intINTTYPE1(79bv8, 15bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 15bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 15bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 16bv32);call write~init~intINTTYPE1(41bv8, 16bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 16bv32, 1bv32, 1bv32);call #Ultimate.allocInit(30bv32, 17bv32);call #Ultimate.allocInit(9bv32, 18bv32);call #Ultimate.allocInit(21bv32, 19bv32);call #Ultimate.allocInit(30bv32, 20bv32);call #Ultimate.allocInit(9bv32, 21bv32);call #Ultimate.allocInit(21bv32, 22bv32);call #Ultimate.allocInit(30bv32, 23bv32);call #Ultimate.allocInit(9bv32, 24bv32);call #Ultimate.allocInit(25bv32, 25bv32);call #Ultimate.allocInit(30bv32, 26bv32);call #Ultimate.allocInit(9bv32, 27bv32);call #Ultimate.allocInit(25bv32, 28bv32);~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~cleanupTimeShifts~0 := 4bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32; {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,430 INFO L290 TraceCheckUtils]: 1: Hoare triple {2948#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret22#1, main_~retValue_acc~3#1, main_~tmp~4#1;havoc main_~retValue_acc~3#1;havoc main_~tmp~4#1;assume { :begin_inline_select_helpers } true; {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,430 INFO L290 TraceCheckUtils]: 2: Hoare triple {2948#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,439 INFO L290 TraceCheckUtils]: 3: Hoare triple {2948#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~8#1;havoc valid_product_~retValue_acc~8#1;valid_product_~retValue_acc~8#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~8#1; {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,440 INFO L290 TraceCheckUtils]: 4: Hoare triple {2948#(= ~waterLevel~0 (_ bv1 32))} main_#t~ret22#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~4#1 := main_#t~ret22#1;havoc main_#t~ret22#1; {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,440 INFO L290 TraceCheckUtils]: 5: Hoare triple {2948#(= ~waterLevel~0 (_ bv1 32))} assume 0bv32 != main_~tmp~4#1;assume { :begin_inline_setup } true; {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,441 INFO L290 TraceCheckUtils]: 6: Hoare triple {2948#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet4#1, test_#t~nondet5#1, test_#t~nondet6#1, test_#t~nondet7#1, test_~splverifierCounter~0#1, test_~tmp~0#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~0#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,441 INFO L290 TraceCheckUtils]: 7: Hoare triple {2948#(= ~waterLevel~0 (_ bv1 32))} assume !false; {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,442 INFO L290 TraceCheckUtils]: 8: Hoare triple {2948#(= ~waterLevel~0 (_ bv1 32))} assume ~bvslt32(test_~splverifierCounter~0#1, 4bv32); {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,442 INFO L290 TraceCheckUtils]: 9: Hoare triple {2948#(= ~waterLevel~0 (_ bv1 32))} test_~tmp~0#1 := test_#t~nondet4#1;havoc test_#t~nondet4#1; {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,443 INFO L290 TraceCheckUtils]: 10: Hoare triple {2948#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != test_~tmp~0#1); {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,447 INFO L290 TraceCheckUtils]: 11: Hoare triple {2948#(= ~waterLevel~0 (_ bv1 32))} test_~tmp___0~0#1 := test_#t~nondet5#1;havoc test_#t~nondet5#1; {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,447 INFO L290 TraceCheckUtils]: 12: Hoare triple {2948#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___0~0#1); {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,448 INFO L290 TraceCheckUtils]: 13: Hoare triple {2948#(= ~waterLevel~0 (_ bv1 32))} test_~tmp___2~0#1 := test_#t~nondet6#1;havoc test_#t~nondet6#1; {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,448 INFO L290 TraceCheckUtils]: 14: Hoare triple {2948#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___2~0#1);test_~tmp___1~0#1 := test_#t~nondet7#1;havoc test_#t~nondet7#1; {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,449 INFO L290 TraceCheckUtils]: 15: Hoare triple {2948#(= ~waterLevel~0 (_ bv1 32))} assume 0bv32 != test_~tmp___1~0#1;assume { :begin_inline_stopSystem } true; {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,449 INFO L290 TraceCheckUtils]: 16: Hoare triple {2948#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,449 INFO L290 TraceCheckUtils]: 17: Hoare triple {2948#(= ~waterLevel~0 (_ bv1 32))} ~systemActive~0 := 0bv32; {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,450 INFO L290 TraceCheckUtils]: 18: Hoare triple {2948#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_stopSystem } true; {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,450 INFO L272 TraceCheckUtils]: 19: Hoare triple {2948#(= ~waterLevel~0 (_ bv1 32))} call timeShift(); {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,451 INFO L290 TraceCheckUtils]: 20: Hoare triple {2948#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,451 INFO L290 TraceCheckUtils]: 21: Hoare triple {2948#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != ~systemActive~0); {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,451 INFO L290 TraceCheckUtils]: 22: Hoare triple {2948#(= ~waterLevel~0 (_ bv1 32))} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret19#1, __utac_acc__Specification3_spec__1_#t~ret20#1, __utac_acc__Specification3_spec__1_#t~ret21#1, __utac_acc__Specification3_spec__1_~tmp~3#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,452 INFO L272 TraceCheckUtils]: 23: Hoare triple {2948#(= ~waterLevel~0 (_ bv1 32))} call __utac_acc__Specification3_spec__1_#t~ret19#1 := isMethaneLevelCritical(); {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,452 INFO L290 TraceCheckUtils]: 24: Hoare triple {2948#(= ~waterLevel~0 (_ bv1 32))} havoc ~retValue_acc~4;~retValue_acc~4 := ~methaneLevelCritical~0;#res := ~retValue_acc~4; {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,454 INFO L290 TraceCheckUtils]: 25: Hoare triple {2948#(= ~waterLevel~0 (_ bv1 32))} assume true; {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,454 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {2948#(= ~waterLevel~0 (_ bv1 32))} {2948#(= ~waterLevel~0 (_ bv1 32))} #223#return; {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,454 INFO L290 TraceCheckUtils]: 27: Hoare triple {2948#(= ~waterLevel~0 (_ bv1 32))} __utac_acc__Specification3_spec__1_~tmp~3#1 := __utac_acc__Specification3_spec__1_#t~ret19#1;havoc __utac_acc__Specification3_spec__1_#t~ret19#1; {2948#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:22,455 INFO L290 TraceCheckUtils]: 28: Hoare triple {2948#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~3#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~5#1;havoc getWaterLevel_~retValue_acc~5#1;getWaterLevel_~retValue_acc~5#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~5#1; {3033#(= |timeShift_getWaterLevel_#res#1| (_ bv1 32))} is VALID [2022-02-20 18:09:22,455 INFO L290 TraceCheckUtils]: 29: Hoare triple {3033#(= |timeShift_getWaterLevel_#res#1| (_ bv1 32))} __utac_acc__Specification3_spec__1_#t~ret20#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret20#1;havoc __utac_acc__Specification3_spec__1_#t~ret20#1; {3037#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~2#1| (_ bv1 32))} is VALID [2022-02-20 18:09:22,456 INFO L290 TraceCheckUtils]: 30: Hoare triple {3037#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~2#1| (_ bv1 32))} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~1#1;havoc isPumpRunning_~retValue_acc~1#1;isPumpRunning_~retValue_acc~1#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~1#1; {2944#false} is VALID [2022-02-20 18:09:22,457 INFO L290 TraceCheckUtils]: 31: Hoare triple {2944#false} __utac_acc__Specification3_spec__1_#t~ret21#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret21#1;havoc __utac_acc__Specification3_spec__1_#t~ret21#1; {2944#false} is VALID [2022-02-20 18:09:22,457 INFO L290 TraceCheckUtils]: 32: Hoare triple {2944#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {2944#false} is VALID [2022-02-20 18:09:22,457 INFO L290 TraceCheckUtils]: 33: Hoare triple {2944#false} assume !false; {2944#false} is VALID [2022-02-20 18:09:22,457 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:22,457 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:22,457 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:22,457 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1482937964] [2022-02-20 18:09:22,458 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1482937964] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:22,458 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:22,458 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 18:09:22,458 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1545341795] [2022-02-20 18:09:22,458 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:22,458 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-20 18:09:22,459 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:22,459 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:22,489 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 34 edges. 34 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:22,489 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 18:09:22,489 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:22,490 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 18:09:22,490 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 18:09:22,490 INFO L87 Difference]: Start difference. First operand 188 states and 242 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:22,782 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:22,782 INFO L93 Difference]: Finished difference Result 532 states and 712 transitions. [2022-02-20 18:09:22,782 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 18:09:22,782 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-20 18:09:22,783 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:22,783 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:22,786 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 220 transitions. [2022-02-20 18:09:22,786 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:22,789 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 220 transitions. [2022-02-20 18:09:22,789 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 220 transitions. [2022-02-20 18:09:22,961 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 220 edges. 220 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:22,972 INFO L225 Difference]: With dead ends: 532 [2022-02-20 18:09:22,972 INFO L226 Difference]: Without dead ends: 351 [2022-02-20 18:09:22,973 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 35 GetRequests, 30 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-02-20 18:09:22,974 INFO L933 BasicCegarLoop]: 81 mSDtfsCounter, 42 mSDsluCounter, 224 mSDsCounter, 0 mSdLazyCounter, 26 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 42 SdHoareTripleChecker+Valid, 305 SdHoareTripleChecker+Invalid, 29 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 26 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:22,974 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [42 Valid, 305 Invalid, 29 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 26 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:22,975 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 351 states. [2022-02-20 18:09:22,997 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 351 to 339. [2022-02-20 18:09:22,997 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:22,998 INFO L82 GeneralOperation]: Start isEquivalent. First operand 351 states. Second operand has 339 states, 266 states have (on average 1.3120300751879699) internal successors, (349), 281 states have internal predecessors, (349), 38 states have call successors, (38), 38 states have call predecessors, (38), 34 states have return successors, (50), 34 states have call predecessors, (50), 38 states have call successors, (50) [2022-02-20 18:09:22,999 INFO L74 IsIncluded]: Start isIncluded. First operand 351 states. Second operand has 339 states, 266 states have (on average 1.3120300751879699) internal successors, (349), 281 states have internal predecessors, (349), 38 states have call successors, (38), 38 states have call predecessors, (38), 34 states have return successors, (50), 34 states have call predecessors, (50), 38 states have call successors, (50) [2022-02-20 18:09:23,000 INFO L87 Difference]: Start difference. First operand 351 states. Second operand has 339 states, 266 states have (on average 1.3120300751879699) internal successors, (349), 281 states have internal predecessors, (349), 38 states have call successors, (38), 38 states have call predecessors, (38), 34 states have return successors, (50), 34 states have call predecessors, (50), 38 states have call successors, (50) [2022-02-20 18:09:23,014 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:23,014 INFO L93 Difference]: Finished difference Result 351 states and 453 transitions. [2022-02-20 18:09:23,014 INFO L276 IsEmpty]: Start isEmpty. Operand 351 states and 453 transitions. [2022-02-20 18:09:23,016 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:23,016 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:23,017 INFO L74 IsIncluded]: Start isIncluded. First operand has 339 states, 266 states have (on average 1.3120300751879699) internal successors, (349), 281 states have internal predecessors, (349), 38 states have call successors, (38), 38 states have call predecessors, (38), 34 states have return successors, (50), 34 states have call predecessors, (50), 38 states have call successors, (50) Second operand 351 states. [2022-02-20 18:09:23,018 INFO L87 Difference]: Start difference. First operand has 339 states, 266 states have (on average 1.3120300751879699) internal successors, (349), 281 states have internal predecessors, (349), 38 states have call successors, (38), 38 states have call predecessors, (38), 34 states have return successors, (50), 34 states have call predecessors, (50), 38 states have call successors, (50) Second operand 351 states. [2022-02-20 18:09:23,032 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:23,032 INFO L93 Difference]: Finished difference Result 351 states and 453 transitions. [2022-02-20 18:09:23,032 INFO L276 IsEmpty]: Start isEmpty. Operand 351 states and 453 transitions. [2022-02-20 18:09:23,034 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:23,034 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:23,034 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:23,034 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:23,035 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 339 states, 266 states have (on average 1.3120300751879699) internal successors, (349), 281 states have internal predecessors, (349), 38 states have call successors, (38), 38 states have call predecessors, (38), 34 states have return successors, (50), 34 states have call predecessors, (50), 38 states have call successors, (50) [2022-02-20 18:09:23,049 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 339 states to 339 states and 437 transitions. [2022-02-20 18:09:23,049 INFO L78 Accepts]: Start accepts. Automaton has 339 states and 437 transitions. Word has length 34 [2022-02-20 18:09:23,049 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:23,049 INFO L470 AbstractCegarLoop]: Abstraction has 339 states and 437 transitions. [2022-02-20 18:09:23,050 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:23,050 INFO L276 IsEmpty]: Start isEmpty. Operand 339 states and 437 transitions. [2022-02-20 18:09:23,050 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-02-20 18:09:23,050 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:23,051 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:23,062 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Forceful destruction successful, exit code 0 [2022-02-20 18:09:23,251 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:23,251 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:23,252 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:23,252 INFO L85 PathProgramCache]: Analyzing trace with hash -1002526275, now seen corresponding path program 1 times [2022-02-20 18:09:23,252 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:23,252 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [630797463] [2022-02-20 18:09:23,253 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:23,253 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:23,253 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:23,254 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:23,255 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Waiting until timeout for monitored process [2022-02-20 18:09:23,307 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:09:23,308 INFO L352 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2022-02-20 18:09:23,330 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:09:23,369 INFO L138 FreeRefinementEngine]: Strategy WOLF found a feasible trace [2022-02-20 18:09:23,369 INFO L628 BasicCegarLoop]: Counterexample is feasible [2022-02-20 18:09:23,370 INFO L764 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-02-20 18:09:23,382 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Ended with exit code 0 [2022-02-20 18:09:23,572 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:23,575 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1] [2022-02-20 18:09:23,577 INFO L180 ceAbstractionStarter]: Computing trace abstraction results [2022-02-20 18:09:23,602 FATAL L489 DefaultTranslator]: Callstack has procedure call flag but succeeding procedure is empty at [CALL] call waterRise(); [2022-02-20 18:09:23,602 FATAL L? ?]: The Plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction has thrown an exception: java.lang.AssertionError: callstack broken after backtranslation by InlinerBacktranslator at de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:216) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:206) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getProgramExecutionAsString(CounterExampleResult.java:155) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getLongDescription(CounterExampleResult.java:134) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ResultService.reportResult(ResultService.java:86) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.CegarLoopResultReporter.reportResult(CegarLoopResultReporter.java:141) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.reportLocationResults(TraceAbstractionStarter.java:607) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.runCegarLoops(TraceAbstractionStarter.java:182) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.(TraceAbstractionStarter.java:156) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver.finish(TraceAbstractionObserver.java:123) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runObserver(PluginConnector.java:168) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runTool(PluginConnector.java:151) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.run(PluginConnector.java:128) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.executePluginConnector(ToolchainWalker.java:232) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.processPlugin(ToolchainWalker.java:226) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walkUnprotected(ToolchainWalker.java:142) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walk(ToolchainWalker.java:104) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainManager$Toolchain.processToolchain(ToolchainManager.java:320) at de.uni_freiburg.informatik.ultimate.core.coreplugin.toolchain.DefaultToolchainJob.run(DefaultToolchainJob.java:145) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:63) [2022-02-20 18:09:23,604 INFO L158 Benchmark]: Toolchain (without parser) took 6270.78ms. Allocated memory was 65.0MB in the beginning and 98.6MB in the end (delta: 33.6MB). Free memory was 44.1MB in the beginning and 36.8MB in the end (delta: 7.2MB). Peak memory consumption was 39.0MB. Max. memory is 16.1GB. [2022-02-20 18:09:23,604 INFO L158 Benchmark]: CDTParser took 0.25ms. Allocated memory is still 65.0MB. Free memory was 46.5MB in the beginning and 46.5MB in the end (delta: 83.9kB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:09:23,605 INFO L158 Benchmark]: CACSL2BoogieTranslator took 598.41ms. Allocated memory is still 65.0MB. Free memory was 43.9MB in the beginning and 29.7MB in the end (delta: 14.2MB). Peak memory consumption was 12.6MB. Max. memory is 16.1GB. [2022-02-20 18:09:23,605 INFO L158 Benchmark]: Boogie Procedure Inliner took 74.00ms. Allocated memory was 65.0MB in the beginning and 81.8MB in the end (delta: 16.8MB). Free memory was 29.7MB in the beginning and 63.7MB in the end (delta: -34.0MB). Peak memory consumption was 7.2MB. Max. memory is 16.1GB. [2022-02-20 18:09:23,605 INFO L158 Benchmark]: Boogie Preprocessor took 35.59ms. Allocated memory is still 81.8MB. Free memory was 63.7MB in the beginning and 61.6MB in the end (delta: 2.0MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:09:23,606 INFO L158 Benchmark]: RCFGBuilder took 477.94ms. Allocated memory is still 81.8MB. Free memory was 61.6MB in the beginning and 44.9MB in the end (delta: 16.7MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2022-02-20 18:09:23,606 INFO L158 Benchmark]: TraceAbstraction took 5079.36ms. Allocated memory was 81.8MB in the beginning and 98.6MB in the end (delta: 16.8MB). Free memory was 44.1MB in the beginning and 36.8MB in the end (delta: 7.3MB). Peak memory consumption was 22.4MB. Max. memory is 16.1GB. [2022-02-20 18:09:23,608 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.25ms. Allocated memory is still 65.0MB. Free memory was 46.5MB in the beginning and 46.5MB in the end (delta: 83.9kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 598.41ms. Allocated memory is still 65.0MB. Free memory was 43.9MB in the beginning and 29.7MB in the end (delta: 14.2MB). Peak memory consumption was 12.6MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 74.00ms. Allocated memory was 65.0MB in the beginning and 81.8MB in the end (delta: 16.8MB). Free memory was 29.7MB in the beginning and 63.7MB in the end (delta: -34.0MB). Peak memory consumption was 7.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 35.59ms. Allocated memory is still 81.8MB. Free memory was 63.7MB in the beginning and 61.6MB in the end (delta: 2.0MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 477.94ms. Allocated memory is still 81.8MB. Free memory was 61.6MB in the beginning and 44.9MB in the end (delta: 16.7MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 5079.36ms. Allocated memory was 81.8MB in the beginning and 98.6MB in the end (delta: 16.8MB). Free memory was 44.1MB in the beginning and 36.8MB in the end (delta: 7.3MB). Peak memory consumption was 22.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: AssertionError: callstack broken after backtranslation by InlinerBacktranslator: de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) RESULT: Ultimate could not prove your program: Toolchain returned no result. [2022-02-20 18:09:23,647 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: ERROR: ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator