./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec3_product43.cil.c --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 03d7b7b3 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_product43.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash b1639abd1442c0be189a21b610783cf9fd230aa6a3ef085b8b036961bd01ca7b --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 18:09:17,417 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 18:09:17,419 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 18:09:17,439 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 18:09:17,441 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 18:09:17,442 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 18:09:17,443 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 18:09:17,447 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 18:09:17,448 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 18:09:17,449 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 18:09:17,449 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 18:09:17,450 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 18:09:17,451 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 18:09:17,451 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 18:09:17,452 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 18:09:17,453 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 18:09:17,453 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 18:09:17,454 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 18:09:17,455 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 18:09:17,457 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 18:09:17,458 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 18:09:17,458 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 18:09:17,459 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 18:09:17,460 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 18:09:17,462 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 18:09:17,462 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 18:09:17,462 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 18:09:17,463 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 18:09:17,463 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 18:09:17,464 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 18:09:17,464 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 18:09:17,464 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 18:09:17,465 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 18:09:17,466 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 18:09:17,466 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 18:09:17,467 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 18:09:17,467 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 18:09:17,467 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 18:09:17,467 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 18:09:17,468 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 18:09:17,469 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 18:09:17,469 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-02-20 18:09:17,483 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 18:09:17,484 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 18:09:17,484 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 18:09:17,484 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 18:09:17,485 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 18:09:17,485 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 18:09:17,485 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 18:09:17,485 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 18:09:17,486 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 18:09:17,486 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 18:09:17,486 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 18:09:17,486 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 18:09:17,486 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 18:09:17,486 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 18:09:17,487 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-02-20 18:09:17,487 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 18:09:17,487 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-02-20 18:09:17,487 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 18:09:17,487 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-02-20 18:09:17,487 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 18:09:17,488 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-02-20 18:09:17,488 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 18:09:17,488 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 18:09:17,488 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 18:09:17,488 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:09:17,488 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 18:09:17,489 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 18:09:17,489 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-02-20 18:09:17,489 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-02-20 18:09:17,489 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-02-20 18:09:17,490 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2022-02-20 18:09:17,490 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-02-20 18:09:17,490 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-02-20 18:09:17,490 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> b1639abd1442c0be189a21b610783cf9fd230aa6a3ef085b8b036961bd01ca7b [2022-02-20 18:09:17,653 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 18:09:17,672 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 18:09:17,674 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 18:09:17,675 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 18:09:17,675 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 18:09:17,676 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_product43.cil.c [2022-02-20 18:09:17,755 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/325a98de8/8584ce2b11b6421a9230f6a15f4442ae/FLAGa4bd20600 [2022-02-20 18:09:18,137 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 18:09:18,137 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product43.cil.c [2022-02-20 18:09:18,145 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/325a98de8/8584ce2b11b6421a9230f6a15f4442ae/FLAGa4bd20600 [2022-02-20 18:09:18,153 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/325a98de8/8584ce2b11b6421a9230f6a15f4442ae [2022-02-20 18:09:18,155 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 18:09:18,156 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 18:09:18,157 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 18:09:18,158 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 18:09:18,160 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 18:09:18,161 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:09:18" (1/1) ... [2022-02-20 18:09:18,162 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@5a4e6deb and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:18, skipping insertion in model container [2022-02-20 18:09:18,162 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:09:18" (1/1) ... [2022-02-20 18:09:18,170 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 18:09:18,209 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:09:18,347 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product43.cil.c[2897,2910] [2022-02-20 18:09:18,432 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:09:18,446 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 18:09:18,469 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product43.cil.c[2897,2910] [2022-02-20 18:09:18,531 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:09:18,546 INFO L208 MainTranslator]: Completed translation [2022-02-20 18:09:18,547 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:18 WrapperNode [2022-02-20 18:09:18,547 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 18:09:18,549 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 18:09:18,549 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 18:09:18,550 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 18:09:18,555 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:18" (1/1) ... [2022-02-20 18:09:18,571 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:18" (1/1) ... [2022-02-20 18:09:18,600 INFO L137 Inliner]: procedures = 54, calls = 154, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 253 [2022-02-20 18:09:18,600 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 18:09:18,601 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 18:09:18,601 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 18:09:18,601 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 18:09:18,609 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:18" (1/1) ... [2022-02-20 18:09:18,609 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:18" (1/1) ... [2022-02-20 18:09:18,611 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:18" (1/1) ... [2022-02-20 18:09:18,611 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:18" (1/1) ... [2022-02-20 18:09:18,618 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:18" (1/1) ... [2022-02-20 18:09:18,634 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:18" (1/1) ... [2022-02-20 18:09:18,635 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:18" (1/1) ... [2022-02-20 18:09:18,636 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 18:09:18,637 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 18:09:18,637 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 18:09:18,637 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 18:09:18,638 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:18" (1/1) ... [2022-02-20 18:09:18,655 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:09:18,664 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 18:09:18,675 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 18:09:18,682 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 18:09:18,711 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 18:09:18,711 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-02-20 18:09:18,711 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-02-20 18:09:18,711 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-02-20 18:09:18,711 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-02-20 18:09:18,711 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-02-20 18:09:18,711 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-02-20 18:09:18,711 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-02-20 18:09:18,712 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-02-20 18:09:18,712 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-02-20 18:09:18,712 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-02-20 18:09:18,712 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-02-20 18:09:18,712 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-02-20 18:09:18,712 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-02-20 18:09:18,712 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 18:09:18,712 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 18:09:18,764 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 18:09:18,765 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 18:09:19,090 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 18:09:19,095 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 18:09:19,096 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-02-20 18:09:19,097 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:09:19 BoogieIcfgContainer [2022-02-20 18:09:19,097 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 18:09:19,099 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 18:09:19,099 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 18:09:19,101 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 18:09:19,102 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 06:09:18" (1/3) ... [2022-02-20 18:09:19,102 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1f1240a1 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:09:19, skipping insertion in model container [2022-02-20 18:09:19,102 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:18" (2/3) ... [2022-02-20 18:09:19,103 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1f1240a1 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:09:19, skipping insertion in model container [2022-02-20 18:09:19,103 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:09:19" (3/3) ... [2022-02-20 18:09:19,104 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product43.cil.c [2022-02-20 18:09:19,107 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 18:09:19,108 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-02-20 18:09:19,162 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 18:09:19,171 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 18:09:19,171 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-02-20 18:09:19,216 INFO L276 IsEmpty]: Start isEmpty. Operand has 85 states, 67 states have (on average 1.3880597014925373) internal successors, (93), 73 states have internal predecessors, (93), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 18:09:19,221 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 18:09:19,221 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:19,222 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:19,222 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:19,226 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:19,226 INFO L85 PathProgramCache]: Analyzing trace with hash 35803391, now seen corresponding path program 1 times [2022-02-20 18:09:19,233 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:19,233 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1320553854] [2022-02-20 18:09:19,234 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:19,234 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:19,327 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:19,376 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-02-20 18:09:19,382 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:19,398 INFO L290 TraceCheckUtils]: 0: Hoare triple {88#true} havoc ~retValue_acc~9;~retValue_acc~9 := ~methaneLevelCritical~0;#res := ~retValue_acc~9; {88#true} is VALID [2022-02-20 18:09:19,398 INFO L290 TraceCheckUtils]: 1: Hoare triple {88#true} assume true; {88#true} is VALID [2022-02-20 18:09:19,399 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {88#true} {89#false} #233#return; {89#false} is VALID [2022-02-20 18:09:19,404 INFO L290 TraceCheckUtils]: 0: Hoare triple {88#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(30, 4);call #Ultimate.allocInit(9, 5);call #Ultimate.allocInit(21, 6);call #Ultimate.allocInit(30, 7);call #Ultimate.allocInit(9, 8);call #Ultimate.allocInit(21, 9);call #Ultimate.allocInit(30, 10);call #Ultimate.allocInit(9, 11);call #Ultimate.allocInit(25, 12);call #Ultimate.allocInit(30, 13);call #Ultimate.allocInit(9, 14);call #Ultimate.allocInit(25, 15);call #Ultimate.allocInit(13, 16);call #Ultimate.allocInit(3, 17);call write~init~int(79, 17, 0, 1);call write~init~int(110, 17, 1, 1);call write~init~int(0, 17, 2, 1);call #Ultimate.allocInit(4, 18);call write~init~int(79, 18, 0, 1);call write~init~int(102, 18, 1, 1);call write~init~int(102, 18, 2, 1);call write~init~int(0, 18, 3, 1);call #Ultimate.allocInit(7, 19);call write~init~int(44, 19, 0, 1);call write~init~int(80, 19, 1, 1);call write~init~int(117, 19, 2, 1);call write~init~int(109, 19, 3, 1);call write~init~int(112, 19, 4, 1);call write~init~int(58, 19, 5, 1);call write~init~int(0, 19, 6, 1);call #Ultimate.allocInit(3, 20);call write~init~int(79, 20, 0, 1);call write~init~int(110, 20, 1, 1);call write~init~int(0, 20, 2, 1);call #Ultimate.allocInit(4, 21);call write~init~int(79, 21, 0, 1);call write~init~int(102, 21, 1, 1);call write~init~int(102, 21, 2, 1);call write~init~int(0, 21, 3, 1);call #Ultimate.allocInit(3, 22);call write~init~int(41, 22, 0, 1);call write~init~int(32, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(2, 23);call write~init~int(10, 23, 0, 1);call write~init~int(0, 23, 1, 1);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~cleanupTimeShifts~0 := 4;~head~0.base, ~head~0.offset := 0, 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0; {88#true} is VALID [2022-02-20 18:09:19,405 INFO L290 TraceCheckUtils]: 1: Hoare triple {88#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret4#1, main_~retValue_acc~0#1, main_~tmp~0#1;havoc main_~retValue_acc~0#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {88#true} is VALID [2022-02-20 18:09:19,405 INFO L290 TraceCheckUtils]: 2: Hoare triple {88#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {88#true} is VALID [2022-02-20 18:09:19,405 INFO L290 TraceCheckUtils]: 3: Hoare triple {88#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~5#1;havoc valid_product_~retValue_acc~5#1;valid_product_~retValue_acc~5#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~5#1; {88#true} is VALID [2022-02-20 18:09:19,406 INFO L290 TraceCheckUtils]: 4: Hoare triple {88#true} main_#t~ret4#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret4#1 && main_#t~ret4#1 <= 2147483647;main_~tmp~0#1 := main_#t~ret4#1;havoc main_#t~ret4#1; {88#true} is VALID [2022-02-20 18:09:19,406 INFO L290 TraceCheckUtils]: 5: Hoare triple {88#true} assume 0 != main_~tmp~0#1;assume { :begin_inline_setup } true; {88#true} is VALID [2022-02-20 18:09:19,407 INFO L290 TraceCheckUtils]: 6: Hoare triple {88#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet44#1, test_#t~nondet45#1, test_#t~nondet46#1, test_#t~nondet47#1, test_~splverifierCounter~0#1, test_~tmp~8#1, test_~tmp___0~2#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~8#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {88#true} is VALID [2022-02-20 18:09:19,407 INFO L290 TraceCheckUtils]: 7: Hoare triple {88#true} assume false; {89#false} is VALID [2022-02-20 18:09:19,408 INFO L272 TraceCheckUtils]: 8: Hoare triple {89#false} call cleanup(); {89#false} is VALID [2022-02-20 18:09:19,408 INFO L290 TraceCheckUtils]: 9: Hoare triple {89#false} havoc ~i~0;havoc ~__cil_tmp2~0; {89#false} is VALID [2022-02-20 18:09:19,409 INFO L272 TraceCheckUtils]: 10: Hoare triple {89#false} call timeShift(); {89#false} is VALID [2022-02-20 18:09:19,409 INFO L290 TraceCheckUtils]: 11: Hoare triple {89#false} assume !(0 != ~pumpRunning~0); {89#false} is VALID [2022-02-20 18:09:19,409 INFO L290 TraceCheckUtils]: 12: Hoare triple {89#false} assume !(0 != ~systemActive~0); {89#false} is VALID [2022-02-20 18:09:19,409 INFO L290 TraceCheckUtils]: 13: Hoare triple {89#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret5#1, __utac_acc__Specification3_spec__1_#t~ret6#1, __utac_acc__Specification3_spec__1_#t~ret7#1, __utac_acc__Specification3_spec__1_~tmp~1#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~1#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {89#false} is VALID [2022-02-20 18:09:19,410 INFO L272 TraceCheckUtils]: 14: Hoare triple {89#false} call __utac_acc__Specification3_spec__1_#t~ret5#1 := isMethaneLevelCritical(); {88#true} is VALID [2022-02-20 18:09:19,410 INFO L290 TraceCheckUtils]: 15: Hoare triple {88#true} havoc ~retValue_acc~9;~retValue_acc~9 := ~methaneLevelCritical~0;#res := ~retValue_acc~9; {88#true} is VALID [2022-02-20 18:09:19,410 INFO L290 TraceCheckUtils]: 16: Hoare triple {88#true} assume true; {88#true} is VALID [2022-02-20 18:09:19,410 INFO L284 TraceCheckUtils]: 17: Hoare quadruple {88#true} {89#false} #233#return; {89#false} is VALID [2022-02-20 18:09:19,411 INFO L290 TraceCheckUtils]: 18: Hoare triple {89#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret5#1 && __utac_acc__Specification3_spec__1_#t~ret5#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~1#1 := __utac_acc__Specification3_spec__1_#t~ret5#1;havoc __utac_acc__Specification3_spec__1_#t~ret5#1; {89#false} is VALID [2022-02-20 18:09:19,411 INFO L290 TraceCheckUtils]: 19: Hoare triple {89#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~1#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~10#1;havoc getWaterLevel_~retValue_acc~10#1;getWaterLevel_~retValue_acc~10#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~10#1; {89#false} is VALID [2022-02-20 18:09:19,411 INFO L290 TraceCheckUtils]: 20: Hoare triple {89#false} __utac_acc__Specification3_spec__1_#t~ret6#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret6#1 && __utac_acc__Specification3_spec__1_#t~ret6#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret6#1;havoc __utac_acc__Specification3_spec__1_#t~ret6#1; {89#false} is VALID [2022-02-20 18:09:19,412 INFO L290 TraceCheckUtils]: 21: Hoare triple {89#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {89#false} is VALID [2022-02-20 18:09:19,412 INFO L290 TraceCheckUtils]: 22: Hoare triple {89#false} __utac_acc__Specification3_spec__1_#t~ret7#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret7#1 && __utac_acc__Specification3_spec__1_#t~ret7#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret7#1;havoc __utac_acc__Specification3_spec__1_#t~ret7#1; {89#false} is VALID [2022-02-20 18:09:19,413 INFO L290 TraceCheckUtils]: 23: Hoare triple {89#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {89#false} is VALID [2022-02-20 18:09:19,413 INFO L290 TraceCheckUtils]: 24: Hoare triple {89#false} assume !false; {89#false} is VALID [2022-02-20 18:09:19,413 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:19,414 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:19,414 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1320553854] [2022-02-20 18:09:19,415 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1320553854] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:19,415 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:19,415 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:09:19,416 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1649950492] [2022-02-20 18:09:19,417 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:19,422 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:09:19,423 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:19,426 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:19,460 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:19,461 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-02-20 18:09:19,461 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:19,481 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-02-20 18:09:19,483 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:09:19,485 INFO L87 Difference]: Start difference. First operand has 85 states, 67 states have (on average 1.3880597014925373) internal successors, (93), 73 states have internal predecessors, (93), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:19,597 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:19,597 INFO L93 Difference]: Finished difference Result 162 states and 221 transitions. [2022-02-20 18:09:19,597 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-02-20 18:09:19,598 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:09:19,598 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:19,599 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:19,617 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 221 transitions. [2022-02-20 18:09:19,618 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:19,626 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 221 transitions. [2022-02-20 18:09:19,626 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 221 transitions. [2022-02-20 18:09:19,774 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 221 edges. 221 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:19,781 INFO L225 Difference]: With dead ends: 162 [2022-02-20 18:09:19,782 INFO L226 Difference]: Without dead ends: 76 [2022-02-20 18:09:19,784 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:09:19,787 INFO L933 BasicCegarLoop]: 107 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 107 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:19,788 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 107 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:19,799 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 76 states. [2022-02-20 18:09:19,810 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 76 to 76. [2022-02-20 18:09:19,811 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:19,812 INFO L82 GeneralOperation]: Start isEquivalent. First operand 76 states. Second operand has 76 states, 60 states have (on average 1.3166666666666667) internal successors, (79), 65 states have internal predecessors, (79), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:09:19,812 INFO L74 IsIncluded]: Start isIncluded. First operand 76 states. Second operand has 76 states, 60 states have (on average 1.3166666666666667) internal successors, (79), 65 states have internal predecessors, (79), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:09:19,813 INFO L87 Difference]: Start difference. First operand 76 states. Second operand has 76 states, 60 states have (on average 1.3166666666666667) internal successors, (79), 65 states have internal predecessors, (79), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:09:19,817 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:19,817 INFO L93 Difference]: Finished difference Result 76 states and 98 transitions. [2022-02-20 18:09:19,817 INFO L276 IsEmpty]: Start isEmpty. Operand 76 states and 98 transitions. [2022-02-20 18:09:19,818 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:19,819 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:19,819 INFO L74 IsIncluded]: Start isIncluded. First operand has 76 states, 60 states have (on average 1.3166666666666667) internal successors, (79), 65 states have internal predecessors, (79), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) Second operand 76 states. [2022-02-20 18:09:19,819 INFO L87 Difference]: Start difference. First operand has 76 states, 60 states have (on average 1.3166666666666667) internal successors, (79), 65 states have internal predecessors, (79), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) Second operand 76 states. [2022-02-20 18:09:19,822 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:19,823 INFO L93 Difference]: Finished difference Result 76 states and 98 transitions. [2022-02-20 18:09:19,823 INFO L276 IsEmpty]: Start isEmpty. Operand 76 states and 98 transitions. [2022-02-20 18:09:19,824 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:19,824 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:19,824 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:19,824 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:19,825 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 76 states, 60 states have (on average 1.3166666666666667) internal successors, (79), 65 states have internal predecessors, (79), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:09:19,827 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 76 states to 76 states and 98 transitions. [2022-02-20 18:09:19,828 INFO L78 Accepts]: Start accepts. Automaton has 76 states and 98 transitions. Word has length 25 [2022-02-20 18:09:19,829 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:19,829 INFO L470 AbstractCegarLoop]: Abstraction has 76 states and 98 transitions. [2022-02-20 18:09:19,829 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:19,829 INFO L276 IsEmpty]: Start isEmpty. Operand 76 states and 98 transitions. [2022-02-20 18:09:19,830 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-02-20 18:09:19,830 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:19,830 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:19,831 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-02-20 18:09:19,831 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:19,831 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:19,831 INFO L85 PathProgramCache]: Analyzing trace with hash 667483741, now seen corresponding path program 1 times [2022-02-20 18:09:19,832 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:19,832 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [148484253] [2022-02-20 18:09:19,832 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:19,832 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:19,868 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:19,894 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2022-02-20 18:09:19,895 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:19,905 INFO L290 TraceCheckUtils]: 0: Hoare triple {592#true} havoc ~retValue_acc~9;~retValue_acc~9 := ~methaneLevelCritical~0;#res := ~retValue_acc~9; {592#true} is VALID [2022-02-20 18:09:19,905 INFO L290 TraceCheckUtils]: 1: Hoare triple {592#true} assume true; {592#true} is VALID [2022-02-20 18:09:19,906 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {592#true} {593#false} #233#return; {593#false} is VALID [2022-02-20 18:09:19,906 INFO L290 TraceCheckUtils]: 0: Hoare triple {592#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(30, 4);call #Ultimate.allocInit(9, 5);call #Ultimate.allocInit(21, 6);call #Ultimate.allocInit(30, 7);call #Ultimate.allocInit(9, 8);call #Ultimate.allocInit(21, 9);call #Ultimate.allocInit(30, 10);call #Ultimate.allocInit(9, 11);call #Ultimate.allocInit(25, 12);call #Ultimate.allocInit(30, 13);call #Ultimate.allocInit(9, 14);call #Ultimate.allocInit(25, 15);call #Ultimate.allocInit(13, 16);call #Ultimate.allocInit(3, 17);call write~init~int(79, 17, 0, 1);call write~init~int(110, 17, 1, 1);call write~init~int(0, 17, 2, 1);call #Ultimate.allocInit(4, 18);call write~init~int(79, 18, 0, 1);call write~init~int(102, 18, 1, 1);call write~init~int(102, 18, 2, 1);call write~init~int(0, 18, 3, 1);call #Ultimate.allocInit(7, 19);call write~init~int(44, 19, 0, 1);call write~init~int(80, 19, 1, 1);call write~init~int(117, 19, 2, 1);call write~init~int(109, 19, 3, 1);call write~init~int(112, 19, 4, 1);call write~init~int(58, 19, 5, 1);call write~init~int(0, 19, 6, 1);call #Ultimate.allocInit(3, 20);call write~init~int(79, 20, 0, 1);call write~init~int(110, 20, 1, 1);call write~init~int(0, 20, 2, 1);call #Ultimate.allocInit(4, 21);call write~init~int(79, 21, 0, 1);call write~init~int(102, 21, 1, 1);call write~init~int(102, 21, 2, 1);call write~init~int(0, 21, 3, 1);call #Ultimate.allocInit(3, 22);call write~init~int(41, 22, 0, 1);call write~init~int(32, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(2, 23);call write~init~int(10, 23, 0, 1);call write~init~int(0, 23, 1, 1);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~cleanupTimeShifts~0 := 4;~head~0.base, ~head~0.offset := 0, 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0; {592#true} is VALID [2022-02-20 18:09:19,906 INFO L290 TraceCheckUtils]: 1: Hoare triple {592#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret4#1, main_~retValue_acc~0#1, main_~tmp~0#1;havoc main_~retValue_acc~0#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {592#true} is VALID [2022-02-20 18:09:19,906 INFO L290 TraceCheckUtils]: 2: Hoare triple {592#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {592#true} is VALID [2022-02-20 18:09:19,906 INFO L290 TraceCheckUtils]: 3: Hoare triple {592#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~5#1;havoc valid_product_~retValue_acc~5#1;valid_product_~retValue_acc~5#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~5#1; {592#true} is VALID [2022-02-20 18:09:19,906 INFO L290 TraceCheckUtils]: 4: Hoare triple {592#true} main_#t~ret4#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret4#1 && main_#t~ret4#1 <= 2147483647;main_~tmp~0#1 := main_#t~ret4#1;havoc main_#t~ret4#1; {592#true} is VALID [2022-02-20 18:09:19,907 INFO L290 TraceCheckUtils]: 5: Hoare triple {592#true} assume 0 != main_~tmp~0#1;assume { :begin_inline_setup } true; {592#true} is VALID [2022-02-20 18:09:19,907 INFO L290 TraceCheckUtils]: 6: Hoare triple {592#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet44#1, test_#t~nondet45#1, test_#t~nondet46#1, test_#t~nondet47#1, test_~splverifierCounter~0#1, test_~tmp~8#1, test_~tmp___0~2#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~8#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {594#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:09:19,907 INFO L290 TraceCheckUtils]: 7: Hoare triple {594#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !false; {594#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:09:19,908 INFO L290 TraceCheckUtils]: 8: Hoare triple {594#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !(test_~splverifierCounter~0#1 < 4); {593#false} is VALID [2022-02-20 18:09:19,908 INFO L272 TraceCheckUtils]: 9: Hoare triple {593#false} call cleanup(); {593#false} is VALID [2022-02-20 18:09:19,908 INFO L290 TraceCheckUtils]: 10: Hoare triple {593#false} havoc ~i~0;havoc ~__cil_tmp2~0; {593#false} is VALID [2022-02-20 18:09:19,908 INFO L272 TraceCheckUtils]: 11: Hoare triple {593#false} call timeShift(); {593#false} is VALID [2022-02-20 18:09:19,908 INFO L290 TraceCheckUtils]: 12: Hoare triple {593#false} assume !(0 != ~pumpRunning~0); {593#false} is VALID [2022-02-20 18:09:19,909 INFO L290 TraceCheckUtils]: 13: Hoare triple {593#false} assume !(0 != ~systemActive~0); {593#false} is VALID [2022-02-20 18:09:19,909 INFO L290 TraceCheckUtils]: 14: Hoare triple {593#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret5#1, __utac_acc__Specification3_spec__1_#t~ret6#1, __utac_acc__Specification3_spec__1_#t~ret7#1, __utac_acc__Specification3_spec__1_~tmp~1#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~1#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {593#false} is VALID [2022-02-20 18:09:19,909 INFO L272 TraceCheckUtils]: 15: Hoare triple {593#false} call __utac_acc__Specification3_spec__1_#t~ret5#1 := isMethaneLevelCritical(); {592#true} is VALID [2022-02-20 18:09:19,909 INFO L290 TraceCheckUtils]: 16: Hoare triple {592#true} havoc ~retValue_acc~9;~retValue_acc~9 := ~methaneLevelCritical~0;#res := ~retValue_acc~9; {592#true} is VALID [2022-02-20 18:09:19,909 INFO L290 TraceCheckUtils]: 17: Hoare triple {592#true} assume true; {592#true} is VALID [2022-02-20 18:09:19,909 INFO L284 TraceCheckUtils]: 18: Hoare quadruple {592#true} {593#false} #233#return; {593#false} is VALID [2022-02-20 18:09:19,909 INFO L290 TraceCheckUtils]: 19: Hoare triple {593#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret5#1 && __utac_acc__Specification3_spec__1_#t~ret5#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~1#1 := __utac_acc__Specification3_spec__1_#t~ret5#1;havoc __utac_acc__Specification3_spec__1_#t~ret5#1; {593#false} is VALID [2022-02-20 18:09:19,909 INFO L290 TraceCheckUtils]: 20: Hoare triple {593#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~1#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~10#1;havoc getWaterLevel_~retValue_acc~10#1;getWaterLevel_~retValue_acc~10#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~10#1; {593#false} is VALID [2022-02-20 18:09:19,910 INFO L290 TraceCheckUtils]: 21: Hoare triple {593#false} __utac_acc__Specification3_spec__1_#t~ret6#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret6#1 && __utac_acc__Specification3_spec__1_#t~ret6#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret6#1;havoc __utac_acc__Specification3_spec__1_#t~ret6#1; {593#false} is VALID [2022-02-20 18:09:19,910 INFO L290 TraceCheckUtils]: 22: Hoare triple {593#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {593#false} is VALID [2022-02-20 18:09:19,910 INFO L290 TraceCheckUtils]: 23: Hoare triple {593#false} __utac_acc__Specification3_spec__1_#t~ret7#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret7#1 && __utac_acc__Specification3_spec__1_#t~ret7#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret7#1;havoc __utac_acc__Specification3_spec__1_#t~ret7#1; {593#false} is VALID [2022-02-20 18:09:19,910 INFO L290 TraceCheckUtils]: 24: Hoare triple {593#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {593#false} is VALID [2022-02-20 18:09:19,910 INFO L290 TraceCheckUtils]: 25: Hoare triple {593#false} assume !false; {593#false} is VALID [2022-02-20 18:09:19,910 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:19,910 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:19,910 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [148484253] [2022-02-20 18:09:19,911 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [148484253] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:19,911 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:19,911 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:09:19,911 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2046031563] [2022-02-20 18:09:19,911 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:19,912 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:09:19,913 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:19,913 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:19,930 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 26 edges. 26 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:19,930 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:19,931 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:19,931 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:19,931 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:19,931 INFO L87 Difference]: Start difference. First operand 76 states and 98 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:19,998 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:19,998 INFO L93 Difference]: Finished difference Result 114 states and 147 transitions. [2022-02-20 18:09:19,998 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:19,999 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:09:19,999 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:19,999 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:20,001 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 147 transitions. [2022-02-20 18:09:20,001 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:20,003 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 147 transitions. [2022-02-20 18:09:20,003 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 147 transitions. [2022-02-20 18:09:20,098 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 147 edges. 147 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:20,102 INFO L225 Difference]: With dead ends: 114 [2022-02-20 18:09:20,102 INFO L226 Difference]: Without dead ends: 67 [2022-02-20 18:09:20,107 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:20,109 INFO L933 BasicCegarLoop]: 85 mSDtfsCounter, 17 mSDsluCounter, 64 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 149 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:20,110 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [20 Valid, 149 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:20,111 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 67 states. [2022-02-20 18:09:20,115 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 67 to 67. [2022-02-20 18:09:20,115 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:20,116 INFO L82 GeneralOperation]: Start isEquivalent. First operand 67 states. Second operand has 67 states, 54 states have (on average 1.3333333333333333) internal successors, (72), 59 states have internal predecessors, (72), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:09:20,116 INFO L74 IsIncluded]: Start isIncluded. First operand 67 states. Second operand has 67 states, 54 states have (on average 1.3333333333333333) internal successors, (72), 59 states have internal predecessors, (72), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:09:20,116 INFO L87 Difference]: Start difference. First operand 67 states. Second operand has 67 states, 54 states have (on average 1.3333333333333333) internal successors, (72), 59 states have internal predecessors, (72), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:09:20,118 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:20,118 INFO L93 Difference]: Finished difference Result 67 states and 86 transitions. [2022-02-20 18:09:20,119 INFO L276 IsEmpty]: Start isEmpty. Operand 67 states and 86 transitions. [2022-02-20 18:09:20,119 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:20,119 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:20,119 INFO L74 IsIncluded]: Start isIncluded. First operand has 67 states, 54 states have (on average 1.3333333333333333) internal successors, (72), 59 states have internal predecessors, (72), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) Second operand 67 states. [2022-02-20 18:09:20,120 INFO L87 Difference]: Start difference. First operand has 67 states, 54 states have (on average 1.3333333333333333) internal successors, (72), 59 states have internal predecessors, (72), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) Second operand 67 states. [2022-02-20 18:09:20,121 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:20,122 INFO L93 Difference]: Finished difference Result 67 states and 86 transitions. [2022-02-20 18:09:20,122 INFO L276 IsEmpty]: Start isEmpty. Operand 67 states and 86 transitions. [2022-02-20 18:09:20,122 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:20,122 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:20,122 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:20,123 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:20,123 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 67 states, 54 states have (on average 1.3333333333333333) internal successors, (72), 59 states have internal predecessors, (72), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:09:20,125 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 67 states to 67 states and 86 transitions. [2022-02-20 18:09:20,125 INFO L78 Accepts]: Start accepts. Automaton has 67 states and 86 transitions. Word has length 26 [2022-02-20 18:09:20,125 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:20,125 INFO L470 AbstractCegarLoop]: Abstraction has 67 states and 86 transitions. [2022-02-20 18:09:20,125 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:20,125 INFO L276 IsEmpty]: Start isEmpty. Operand 67 states and 86 transitions. [2022-02-20 18:09:20,126 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-02-20 18:09:20,126 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:20,126 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:20,126 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-02-20 18:09:20,127 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:20,127 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:20,127 INFO L85 PathProgramCache]: Analyzing trace with hash -1089755984, now seen corresponding path program 1 times [2022-02-20 18:09:20,127 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:20,128 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [437277108] [2022-02-20 18:09:20,128 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:20,128 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:20,159 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:20,200 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-02-20 18:09:20,202 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:20,204 INFO L290 TraceCheckUtils]: 0: Hoare triple {995#true} havoc ~retValue_acc~9;~retValue_acc~9 := ~methaneLevelCritical~0;#res := ~retValue_acc~9; {995#true} is VALID [2022-02-20 18:09:20,204 INFO L290 TraceCheckUtils]: 1: Hoare triple {995#true} assume true; {995#true} is VALID [2022-02-20 18:09:20,205 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {995#true} {996#false} #233#return; {996#false} is VALID [2022-02-20 18:09:20,206 INFO L290 TraceCheckUtils]: 0: Hoare triple {995#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(30, 4);call #Ultimate.allocInit(9, 5);call #Ultimate.allocInit(21, 6);call #Ultimate.allocInit(30, 7);call #Ultimate.allocInit(9, 8);call #Ultimate.allocInit(21, 9);call #Ultimate.allocInit(30, 10);call #Ultimate.allocInit(9, 11);call #Ultimate.allocInit(25, 12);call #Ultimate.allocInit(30, 13);call #Ultimate.allocInit(9, 14);call #Ultimate.allocInit(25, 15);call #Ultimate.allocInit(13, 16);call #Ultimate.allocInit(3, 17);call write~init~int(79, 17, 0, 1);call write~init~int(110, 17, 1, 1);call write~init~int(0, 17, 2, 1);call #Ultimate.allocInit(4, 18);call write~init~int(79, 18, 0, 1);call write~init~int(102, 18, 1, 1);call write~init~int(102, 18, 2, 1);call write~init~int(0, 18, 3, 1);call #Ultimate.allocInit(7, 19);call write~init~int(44, 19, 0, 1);call write~init~int(80, 19, 1, 1);call write~init~int(117, 19, 2, 1);call write~init~int(109, 19, 3, 1);call write~init~int(112, 19, 4, 1);call write~init~int(58, 19, 5, 1);call write~init~int(0, 19, 6, 1);call #Ultimate.allocInit(3, 20);call write~init~int(79, 20, 0, 1);call write~init~int(110, 20, 1, 1);call write~init~int(0, 20, 2, 1);call #Ultimate.allocInit(4, 21);call write~init~int(79, 21, 0, 1);call write~init~int(102, 21, 1, 1);call write~init~int(102, 21, 2, 1);call write~init~int(0, 21, 3, 1);call #Ultimate.allocInit(3, 22);call write~init~int(41, 22, 0, 1);call write~init~int(32, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(2, 23);call write~init~int(10, 23, 0, 1);call write~init~int(0, 23, 1, 1);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~cleanupTimeShifts~0 := 4;~head~0.base, ~head~0.offset := 0, 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0; {997#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:20,207 INFO L290 TraceCheckUtils]: 1: Hoare triple {997#(= 1 ~systemActive~0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret4#1, main_~retValue_acc~0#1, main_~tmp~0#1;havoc main_~retValue_acc~0#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {997#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:20,207 INFO L290 TraceCheckUtils]: 2: Hoare triple {997#(= 1 ~systemActive~0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {997#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:20,207 INFO L290 TraceCheckUtils]: 3: Hoare triple {997#(= 1 ~systemActive~0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~5#1;havoc valid_product_~retValue_acc~5#1;valid_product_~retValue_acc~5#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~5#1; {998#(= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)} is VALID [2022-02-20 18:09:20,208 INFO L290 TraceCheckUtils]: 4: Hoare triple {998#(= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)} main_#t~ret4#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret4#1 && main_#t~ret4#1 <= 2147483647;main_~tmp~0#1 := main_#t~ret4#1;havoc main_#t~ret4#1; {999#(= |ULTIMATE.start_main_~tmp~0#1| ~systemActive~0)} is VALID [2022-02-20 18:09:20,208 INFO L290 TraceCheckUtils]: 5: Hoare triple {999#(= |ULTIMATE.start_main_~tmp~0#1| ~systemActive~0)} assume 0 != main_~tmp~0#1;assume { :begin_inline_setup } true; {1000#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:20,209 INFO L290 TraceCheckUtils]: 6: Hoare triple {1000#(not (= 0 ~systemActive~0))} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet44#1, test_#t~nondet45#1, test_#t~nondet46#1, test_#t~nondet47#1, test_~splverifierCounter~0#1, test_~tmp~8#1, test_~tmp___0~2#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~8#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {1000#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:20,209 INFO L290 TraceCheckUtils]: 7: Hoare triple {1000#(not (= 0 ~systemActive~0))} assume !false; {1000#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:20,209 INFO L290 TraceCheckUtils]: 8: Hoare triple {1000#(not (= 0 ~systemActive~0))} assume test_~splverifierCounter~0#1 < 4; {1000#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:20,210 INFO L290 TraceCheckUtils]: 9: Hoare triple {1000#(not (= 0 ~systemActive~0))} assume -2147483648 <= test_#t~nondet44#1 && test_#t~nondet44#1 <= 2147483647;test_~tmp~8#1 := test_#t~nondet44#1;havoc test_#t~nondet44#1; {1000#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:20,210 INFO L290 TraceCheckUtils]: 10: Hoare triple {1000#(not (= 0 ~systemActive~0))} assume !(0 != test_~tmp~8#1); {1000#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:20,210 INFO L290 TraceCheckUtils]: 11: Hoare triple {1000#(not (= 0 ~systemActive~0))} assume -2147483648 <= test_#t~nondet45#1 && test_#t~nondet45#1 <= 2147483647;test_~tmp___0~2#1 := test_#t~nondet45#1;havoc test_#t~nondet45#1; {1000#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:20,211 INFO L290 TraceCheckUtils]: 12: Hoare triple {1000#(not (= 0 ~systemActive~0))} assume !(0 != test_~tmp___0~2#1); {1000#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:20,211 INFO L290 TraceCheckUtils]: 13: Hoare triple {1000#(not (= 0 ~systemActive~0))} assume -2147483648 <= test_#t~nondet46#1 && test_#t~nondet46#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet46#1;havoc test_#t~nondet46#1; {1000#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:20,212 INFO L290 TraceCheckUtils]: 14: Hoare triple {1000#(not (= 0 ~systemActive~0))} assume 0 != test_~tmp___2~0#1; {1000#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:20,212 INFO L272 TraceCheckUtils]: 15: Hoare triple {1000#(not (= 0 ~systemActive~0))} call timeShift(); {1000#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:20,212 INFO L290 TraceCheckUtils]: 16: Hoare triple {1000#(not (= 0 ~systemActive~0))} assume !(0 != ~pumpRunning~0); {1000#(not (= 0 ~systemActive~0))} is VALID [2022-02-20 18:09:20,213 INFO L290 TraceCheckUtils]: 17: Hoare triple {1000#(not (= 0 ~systemActive~0))} assume !(0 != ~systemActive~0); {996#false} is VALID [2022-02-20 18:09:20,213 INFO L290 TraceCheckUtils]: 18: Hoare triple {996#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret5#1, __utac_acc__Specification3_spec__1_#t~ret6#1, __utac_acc__Specification3_spec__1_#t~ret7#1, __utac_acc__Specification3_spec__1_~tmp~1#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~1#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {996#false} is VALID [2022-02-20 18:09:20,213 INFO L272 TraceCheckUtils]: 19: Hoare triple {996#false} call __utac_acc__Specification3_spec__1_#t~ret5#1 := isMethaneLevelCritical(); {995#true} is VALID [2022-02-20 18:09:20,213 INFO L290 TraceCheckUtils]: 20: Hoare triple {995#true} havoc ~retValue_acc~9;~retValue_acc~9 := ~methaneLevelCritical~0;#res := ~retValue_acc~9; {995#true} is VALID [2022-02-20 18:09:20,213 INFO L290 TraceCheckUtils]: 21: Hoare triple {995#true} assume true; {995#true} is VALID [2022-02-20 18:09:20,213 INFO L284 TraceCheckUtils]: 22: Hoare quadruple {995#true} {996#false} #233#return; {996#false} is VALID [2022-02-20 18:09:20,213 INFO L290 TraceCheckUtils]: 23: Hoare triple {996#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret5#1 && __utac_acc__Specification3_spec__1_#t~ret5#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~1#1 := __utac_acc__Specification3_spec__1_#t~ret5#1;havoc __utac_acc__Specification3_spec__1_#t~ret5#1; {996#false} is VALID [2022-02-20 18:09:20,213 INFO L290 TraceCheckUtils]: 24: Hoare triple {996#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~1#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~10#1;havoc getWaterLevel_~retValue_acc~10#1;getWaterLevel_~retValue_acc~10#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~10#1; {996#false} is VALID [2022-02-20 18:09:20,213 INFO L290 TraceCheckUtils]: 25: Hoare triple {996#false} __utac_acc__Specification3_spec__1_#t~ret6#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret6#1 && __utac_acc__Specification3_spec__1_#t~ret6#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret6#1;havoc __utac_acc__Specification3_spec__1_#t~ret6#1; {996#false} is VALID [2022-02-20 18:09:20,214 INFO L290 TraceCheckUtils]: 26: Hoare triple {996#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {996#false} is VALID [2022-02-20 18:09:20,214 INFO L290 TraceCheckUtils]: 27: Hoare triple {996#false} __utac_acc__Specification3_spec__1_#t~ret7#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret7#1 && __utac_acc__Specification3_spec__1_#t~ret7#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret7#1;havoc __utac_acc__Specification3_spec__1_#t~ret7#1; {996#false} is VALID [2022-02-20 18:09:20,214 INFO L290 TraceCheckUtils]: 28: Hoare triple {996#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {996#false} is VALID [2022-02-20 18:09:20,214 INFO L290 TraceCheckUtils]: 29: Hoare triple {996#false} assume !false; {996#false} is VALID [2022-02-20 18:09:20,214 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:20,214 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:20,214 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [437277108] [2022-02-20 18:09:20,214 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [437277108] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:20,214 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:20,215 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 18:09:20,215 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [596067158] [2022-02-20 18:09:20,215 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:20,215 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:09:20,215 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:20,215 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:20,237 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 30 edges. 30 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:20,238 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 18:09:20,238 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:20,238 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 18:09:20,238 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-02-20 18:09:20,239 INFO L87 Difference]: Start difference. First operand 67 states and 86 transitions. Second operand has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:20,666 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:20,667 INFO L93 Difference]: Finished difference Result 227 states and 299 transitions. [2022-02-20 18:09:20,667 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 18:09:20,667 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:09:20,667 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:20,668 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:20,671 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 299 transitions. [2022-02-20 18:09:20,672 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:20,675 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 299 transitions. [2022-02-20 18:09:20,675 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 299 transitions. [2022-02-20 18:09:20,858 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 299 edges. 299 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:20,862 INFO L225 Difference]: With dead ends: 227 [2022-02-20 18:09:20,863 INFO L226 Difference]: Without dead ends: 167 [2022-02-20 18:09:20,863 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2022-02-20 18:09:20,864 INFO L933 BasicCegarLoop]: 108 mSDtfsCounter, 182 mSDsluCounter, 363 mSDsCounter, 0 mSdLazyCounter, 74 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 182 SdHoareTripleChecker+Valid, 471 SdHoareTripleChecker+Invalid, 85 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 74 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:20,864 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [182 Valid, 471 Invalid, 85 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 74 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 18:09:20,867 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 167 states. [2022-02-20 18:09:20,883 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 167 to 157. [2022-02-20 18:09:20,885 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:20,886 INFO L82 GeneralOperation]: Start isEquivalent. First operand 167 states. Second operand has 157 states, 124 states have (on average 1.3629032258064515) internal successors, (169), 135 states have internal predecessors, (169), 18 states have call successors, (18), 14 states have call predecessors, (18), 14 states have return successors, (19), 16 states have call predecessors, (19), 18 states have call successors, (19) [2022-02-20 18:09:20,886 INFO L74 IsIncluded]: Start isIncluded. First operand 167 states. Second operand has 157 states, 124 states have (on average 1.3629032258064515) internal successors, (169), 135 states have internal predecessors, (169), 18 states have call successors, (18), 14 states have call predecessors, (18), 14 states have return successors, (19), 16 states have call predecessors, (19), 18 states have call successors, (19) [2022-02-20 18:09:20,887 INFO L87 Difference]: Start difference. First operand 167 states. Second operand has 157 states, 124 states have (on average 1.3629032258064515) internal successors, (169), 135 states have internal predecessors, (169), 18 states have call successors, (18), 14 states have call predecessors, (18), 14 states have return successors, (19), 16 states have call predecessors, (19), 18 states have call successors, (19) [2022-02-20 18:09:20,893 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:20,894 INFO L93 Difference]: Finished difference Result 167 states and 216 transitions. [2022-02-20 18:09:20,894 INFO L276 IsEmpty]: Start isEmpty. Operand 167 states and 216 transitions. [2022-02-20 18:09:20,895 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:20,895 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:20,895 INFO L74 IsIncluded]: Start isIncluded. First operand has 157 states, 124 states have (on average 1.3629032258064515) internal successors, (169), 135 states have internal predecessors, (169), 18 states have call successors, (18), 14 states have call predecessors, (18), 14 states have return successors, (19), 16 states have call predecessors, (19), 18 states have call successors, (19) Second operand 167 states. [2022-02-20 18:09:20,896 INFO L87 Difference]: Start difference. First operand has 157 states, 124 states have (on average 1.3629032258064515) internal successors, (169), 135 states have internal predecessors, (169), 18 states have call successors, (18), 14 states have call predecessors, (18), 14 states have return successors, (19), 16 states have call predecessors, (19), 18 states have call successors, (19) Second operand 167 states. [2022-02-20 18:09:20,903 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:20,903 INFO L93 Difference]: Finished difference Result 167 states and 216 transitions. [2022-02-20 18:09:20,903 INFO L276 IsEmpty]: Start isEmpty. Operand 167 states and 216 transitions. [2022-02-20 18:09:20,904 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:20,904 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:20,904 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:20,904 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:20,905 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 157 states, 124 states have (on average 1.3629032258064515) internal successors, (169), 135 states have internal predecessors, (169), 18 states have call successors, (18), 14 states have call predecessors, (18), 14 states have return successors, (19), 16 states have call predecessors, (19), 18 states have call successors, (19) [2022-02-20 18:09:20,910 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 157 states to 157 states and 206 transitions. [2022-02-20 18:09:20,910 INFO L78 Accepts]: Start accepts. Automaton has 157 states and 206 transitions. Word has length 30 [2022-02-20 18:09:20,911 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:20,911 INFO L470 AbstractCegarLoop]: Abstraction has 157 states and 206 transitions. [2022-02-20 18:09:20,911 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:20,911 INFO L276 IsEmpty]: Start isEmpty. Operand 157 states and 206 transitions. [2022-02-20 18:09:20,912 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2022-02-20 18:09:20,912 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:20,912 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:20,912 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-02-20 18:09:20,913 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:20,913 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:20,913 INFO L85 PathProgramCache]: Analyzing trace with hash -1322642641, now seen corresponding path program 1 times [2022-02-20 18:09:20,913 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:20,914 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1956613730] [2022-02-20 18:09:20,914 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:20,914 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:20,940 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:20,959 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-02-20 18:09:20,960 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:20,962 INFO L290 TraceCheckUtils]: 0: Hoare triple {1885#true} assume true; {1885#true} is VALID [2022-02-20 18:09:20,962 INFO L284 TraceCheckUtils]: 1: Hoare quadruple {1885#true} {1886#false} #231#return; {1886#false} is VALID [2022-02-20 18:09:20,962 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-02-20 18:09:20,963 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:20,965 INFO L290 TraceCheckUtils]: 0: Hoare triple {1885#true} havoc ~retValue_acc~9;~retValue_acc~9 := ~methaneLevelCritical~0;#res := ~retValue_acc~9; {1885#true} is VALID [2022-02-20 18:09:20,965 INFO L290 TraceCheckUtils]: 1: Hoare triple {1885#true} assume true; {1885#true} is VALID [2022-02-20 18:09:20,965 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1885#true} {1886#false} #233#return; {1886#false} is VALID [2022-02-20 18:09:20,965 INFO L290 TraceCheckUtils]: 0: Hoare triple {1885#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(30, 4);call #Ultimate.allocInit(9, 5);call #Ultimate.allocInit(21, 6);call #Ultimate.allocInit(30, 7);call #Ultimate.allocInit(9, 8);call #Ultimate.allocInit(21, 9);call #Ultimate.allocInit(30, 10);call #Ultimate.allocInit(9, 11);call #Ultimate.allocInit(25, 12);call #Ultimate.allocInit(30, 13);call #Ultimate.allocInit(9, 14);call #Ultimate.allocInit(25, 15);call #Ultimate.allocInit(13, 16);call #Ultimate.allocInit(3, 17);call write~init~int(79, 17, 0, 1);call write~init~int(110, 17, 1, 1);call write~init~int(0, 17, 2, 1);call #Ultimate.allocInit(4, 18);call write~init~int(79, 18, 0, 1);call write~init~int(102, 18, 1, 1);call write~init~int(102, 18, 2, 1);call write~init~int(0, 18, 3, 1);call #Ultimate.allocInit(7, 19);call write~init~int(44, 19, 0, 1);call write~init~int(80, 19, 1, 1);call write~init~int(117, 19, 2, 1);call write~init~int(109, 19, 3, 1);call write~init~int(112, 19, 4, 1);call write~init~int(58, 19, 5, 1);call write~init~int(0, 19, 6, 1);call #Ultimate.allocInit(3, 20);call write~init~int(79, 20, 0, 1);call write~init~int(110, 20, 1, 1);call write~init~int(0, 20, 2, 1);call #Ultimate.allocInit(4, 21);call write~init~int(79, 21, 0, 1);call write~init~int(102, 21, 1, 1);call write~init~int(102, 21, 2, 1);call write~init~int(0, 21, 3, 1);call #Ultimate.allocInit(3, 22);call write~init~int(41, 22, 0, 1);call write~init~int(32, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(2, 23);call write~init~int(10, 23, 0, 1);call write~init~int(0, 23, 1, 1);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~cleanupTimeShifts~0 := 4;~head~0.base, ~head~0.offset := 0, 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0; {1887#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:20,966 INFO L290 TraceCheckUtils]: 1: Hoare triple {1887#(= ~pumpRunning~0 0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret4#1, main_~retValue_acc~0#1, main_~tmp~0#1;havoc main_~retValue_acc~0#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {1887#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:20,966 INFO L290 TraceCheckUtils]: 2: Hoare triple {1887#(= ~pumpRunning~0 0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1887#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:20,966 INFO L290 TraceCheckUtils]: 3: Hoare triple {1887#(= ~pumpRunning~0 0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~5#1;havoc valid_product_~retValue_acc~5#1;valid_product_~retValue_acc~5#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~5#1; {1887#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:20,967 INFO L290 TraceCheckUtils]: 4: Hoare triple {1887#(= ~pumpRunning~0 0)} main_#t~ret4#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret4#1 && main_#t~ret4#1 <= 2147483647;main_~tmp~0#1 := main_#t~ret4#1;havoc main_#t~ret4#1; {1887#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:20,967 INFO L290 TraceCheckUtils]: 5: Hoare triple {1887#(= ~pumpRunning~0 0)} assume 0 != main_~tmp~0#1;assume { :begin_inline_setup } true; {1887#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:20,967 INFO L290 TraceCheckUtils]: 6: Hoare triple {1887#(= ~pumpRunning~0 0)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet44#1, test_#t~nondet45#1, test_#t~nondet46#1, test_#t~nondet47#1, test_~splverifierCounter~0#1, test_~tmp~8#1, test_~tmp___0~2#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~8#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {1887#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:20,967 INFO L290 TraceCheckUtils]: 7: Hoare triple {1887#(= ~pumpRunning~0 0)} assume !false; {1887#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:20,968 INFO L290 TraceCheckUtils]: 8: Hoare triple {1887#(= ~pumpRunning~0 0)} assume test_~splverifierCounter~0#1 < 4; {1887#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:20,968 INFO L290 TraceCheckUtils]: 9: Hoare triple {1887#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet44#1 && test_#t~nondet44#1 <= 2147483647;test_~tmp~8#1 := test_#t~nondet44#1;havoc test_#t~nondet44#1; {1887#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:20,968 INFO L290 TraceCheckUtils]: 10: Hoare triple {1887#(= ~pumpRunning~0 0)} assume !(0 != test_~tmp~8#1); {1887#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:20,969 INFO L290 TraceCheckUtils]: 11: Hoare triple {1887#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet45#1 && test_#t~nondet45#1 <= 2147483647;test_~tmp___0~2#1 := test_#t~nondet45#1;havoc test_#t~nondet45#1; {1887#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:20,969 INFO L290 TraceCheckUtils]: 12: Hoare triple {1887#(= ~pumpRunning~0 0)} assume !(0 != test_~tmp___0~2#1); {1887#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:20,969 INFO L290 TraceCheckUtils]: 13: Hoare triple {1887#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet46#1 && test_#t~nondet46#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet46#1;havoc test_#t~nondet46#1; {1887#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:20,970 INFO L290 TraceCheckUtils]: 14: Hoare triple {1887#(= ~pumpRunning~0 0)} assume 0 != test_~tmp___2~0#1; {1887#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:20,970 INFO L272 TraceCheckUtils]: 15: Hoare triple {1887#(= ~pumpRunning~0 0)} call timeShift(); {1887#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:20,970 INFO L290 TraceCheckUtils]: 16: Hoare triple {1887#(= ~pumpRunning~0 0)} assume !(0 != ~pumpRunning~0); {1887#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:20,971 INFO L290 TraceCheckUtils]: 17: Hoare triple {1887#(= ~pumpRunning~0 0)} assume 0 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret32#1, processEnvironment_~tmp~5#1;havoc processEnvironment_~tmp~5#1; {1887#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:20,971 INFO L290 TraceCheckUtils]: 18: Hoare triple {1887#(= ~pumpRunning~0 0)} assume !(0 == ~pumpRunning~0); {1886#false} is VALID [2022-02-20 18:09:20,971 INFO L272 TraceCheckUtils]: 19: Hoare triple {1886#false} call processEnvironment__wrappee__base(); {1885#true} is VALID [2022-02-20 18:09:20,971 INFO L290 TraceCheckUtils]: 20: Hoare triple {1885#true} assume true; {1885#true} is VALID [2022-02-20 18:09:20,971 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {1885#true} {1886#false} #231#return; {1886#false} is VALID [2022-02-20 18:09:20,971 INFO L290 TraceCheckUtils]: 22: Hoare triple {1886#false} assume { :end_inline_processEnvironment } true; {1886#false} is VALID [2022-02-20 18:09:20,971 INFO L290 TraceCheckUtils]: 23: Hoare triple {1886#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret5#1, __utac_acc__Specification3_spec__1_#t~ret6#1, __utac_acc__Specification3_spec__1_#t~ret7#1, __utac_acc__Specification3_spec__1_~tmp~1#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~1#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {1886#false} is VALID [2022-02-20 18:09:20,971 INFO L272 TraceCheckUtils]: 24: Hoare triple {1886#false} call __utac_acc__Specification3_spec__1_#t~ret5#1 := isMethaneLevelCritical(); {1885#true} is VALID [2022-02-20 18:09:20,972 INFO L290 TraceCheckUtils]: 25: Hoare triple {1885#true} havoc ~retValue_acc~9;~retValue_acc~9 := ~methaneLevelCritical~0;#res := ~retValue_acc~9; {1885#true} is VALID [2022-02-20 18:09:20,972 INFO L290 TraceCheckUtils]: 26: Hoare triple {1885#true} assume true; {1885#true} is VALID [2022-02-20 18:09:20,972 INFO L284 TraceCheckUtils]: 27: Hoare quadruple {1885#true} {1886#false} #233#return; {1886#false} is VALID [2022-02-20 18:09:20,972 INFO L290 TraceCheckUtils]: 28: Hoare triple {1886#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret5#1 && __utac_acc__Specification3_spec__1_#t~ret5#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~1#1 := __utac_acc__Specification3_spec__1_#t~ret5#1;havoc __utac_acc__Specification3_spec__1_#t~ret5#1; {1886#false} is VALID [2022-02-20 18:09:20,972 INFO L290 TraceCheckUtils]: 29: Hoare triple {1886#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~1#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~10#1;havoc getWaterLevel_~retValue_acc~10#1;getWaterLevel_~retValue_acc~10#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~10#1; {1886#false} is VALID [2022-02-20 18:09:20,972 INFO L290 TraceCheckUtils]: 30: Hoare triple {1886#false} __utac_acc__Specification3_spec__1_#t~ret6#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret6#1 && __utac_acc__Specification3_spec__1_#t~ret6#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret6#1;havoc __utac_acc__Specification3_spec__1_#t~ret6#1; {1886#false} is VALID [2022-02-20 18:09:20,972 INFO L290 TraceCheckUtils]: 31: Hoare triple {1886#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {1886#false} is VALID [2022-02-20 18:09:20,972 INFO L290 TraceCheckUtils]: 32: Hoare triple {1886#false} __utac_acc__Specification3_spec__1_#t~ret7#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret7#1 && __utac_acc__Specification3_spec__1_#t~ret7#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret7#1;havoc __utac_acc__Specification3_spec__1_#t~ret7#1; {1886#false} is VALID [2022-02-20 18:09:20,972 INFO L290 TraceCheckUtils]: 33: Hoare triple {1886#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {1886#false} is VALID [2022-02-20 18:09:20,972 INFO L290 TraceCheckUtils]: 34: Hoare triple {1886#false} assume !false; {1886#false} is VALID [2022-02-20 18:09:20,973 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:20,973 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:20,973 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1956613730] [2022-02-20 18:09:20,973 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1956613730] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:20,973 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:20,973 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:09:20,973 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [65138031] [2022-02-20 18:09:20,973 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:20,974 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 35 [2022-02-20 18:09:20,974 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:20,974 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:09:20,992 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 35 edges. 35 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:20,992 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:20,992 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:20,993 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:20,993 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:20,993 INFO L87 Difference]: Start difference. First operand 157 states and 206 transitions. Second operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:09:21,077 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:21,077 INFO L93 Difference]: Finished difference Result 386 states and 514 transitions. [2022-02-20 18:09:21,077 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:21,077 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 35 [2022-02-20 18:09:21,077 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:21,077 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:09:21,081 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 221 transitions. [2022-02-20 18:09:21,081 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:09:21,084 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 221 transitions. [2022-02-20 18:09:21,084 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 221 transitions. [2022-02-20 18:09:21,198 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 221 edges. 221 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:21,204 INFO L225 Difference]: With dead ends: 386 [2022-02-20 18:09:21,204 INFO L226 Difference]: Without dead ends: 236 [2022-02-20 18:09:21,206 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:21,212 INFO L933 BasicCegarLoop]: 87 mSDtfsCounter, 59 mSDsluCounter, 52 mSDsCounter, 0 mSdLazyCounter, 8 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 59 SdHoareTripleChecker+Valid, 139 SdHoareTripleChecker+Invalid, 14 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 8 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:21,213 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [59 Valid, 139 Invalid, 14 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 8 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:21,216 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 236 states. [2022-02-20 18:09:21,232 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 236 to 234. [2022-02-20 18:09:21,232 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:21,233 INFO L82 GeneralOperation]: Start isEquivalent. First operand 236 states. Second operand has 234 states, 183 states have (on average 1.3333333333333333) internal successors, (244), 198 states have internal predecessors, (244), 26 states have call successors, (26), 24 states have call predecessors, (26), 24 states have return successors, (32), 26 states have call predecessors, (32), 26 states have call successors, (32) [2022-02-20 18:09:21,233 INFO L74 IsIncluded]: Start isIncluded. First operand 236 states. Second operand has 234 states, 183 states have (on average 1.3333333333333333) internal successors, (244), 198 states have internal predecessors, (244), 26 states have call successors, (26), 24 states have call predecessors, (26), 24 states have return successors, (32), 26 states have call predecessors, (32), 26 states have call successors, (32) [2022-02-20 18:09:21,234 INFO L87 Difference]: Start difference. First operand 236 states. Second operand has 234 states, 183 states have (on average 1.3333333333333333) internal successors, (244), 198 states have internal predecessors, (244), 26 states have call successors, (26), 24 states have call predecessors, (26), 24 states have return successors, (32), 26 states have call predecessors, (32), 26 states have call successors, (32) [2022-02-20 18:09:21,242 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:21,242 INFO L93 Difference]: Finished difference Result 236 states and 303 transitions. [2022-02-20 18:09:21,242 INFO L276 IsEmpty]: Start isEmpty. Operand 236 states and 303 transitions. [2022-02-20 18:09:21,242 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:21,242 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:21,244 INFO L74 IsIncluded]: Start isIncluded. First operand has 234 states, 183 states have (on average 1.3333333333333333) internal successors, (244), 198 states have internal predecessors, (244), 26 states have call successors, (26), 24 states have call predecessors, (26), 24 states have return successors, (32), 26 states have call predecessors, (32), 26 states have call successors, (32) Second operand 236 states. [2022-02-20 18:09:21,245 INFO L87 Difference]: Start difference. First operand has 234 states, 183 states have (on average 1.3333333333333333) internal successors, (244), 198 states have internal predecessors, (244), 26 states have call successors, (26), 24 states have call predecessors, (26), 24 states have return successors, (32), 26 states have call predecessors, (32), 26 states have call successors, (32) Second operand 236 states. [2022-02-20 18:09:21,252 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:21,252 INFO L93 Difference]: Finished difference Result 236 states and 303 transitions. [2022-02-20 18:09:21,252 INFO L276 IsEmpty]: Start isEmpty. Operand 236 states and 303 transitions. [2022-02-20 18:09:21,252 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:21,252 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:21,252 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:21,252 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:21,253 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 234 states, 183 states have (on average 1.3333333333333333) internal successors, (244), 198 states have internal predecessors, (244), 26 states have call successors, (26), 24 states have call predecessors, (26), 24 states have return successors, (32), 26 states have call predecessors, (32), 26 states have call successors, (32) [2022-02-20 18:09:21,259 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 234 states to 234 states and 302 transitions. [2022-02-20 18:09:21,259 INFO L78 Accepts]: Start accepts. Automaton has 234 states and 302 transitions. Word has length 35 [2022-02-20 18:09:21,260 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:21,260 INFO L470 AbstractCegarLoop]: Abstraction has 234 states and 302 transitions. [2022-02-20 18:09:21,261 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:09:21,261 INFO L276 IsEmpty]: Start isEmpty. Operand 234 states and 302 transitions. [2022-02-20 18:09:21,262 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-02-20 18:09:21,262 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:21,263 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:21,263 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-02-20 18:09:21,263 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:21,263 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:21,263 INFO L85 PathProgramCache]: Analyzing trace with hash -1351645467, now seen corresponding path program 1 times [2022-02-20 18:09:21,263 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:21,263 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1953880143] [2022-02-20 18:09:21,263 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:21,263 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:21,283 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:21,322 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-02-20 18:09:21,323 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:21,325 INFO L290 TraceCheckUtils]: 0: Hoare triple {3236#true} havoc ~retValue_acc~9;~retValue_acc~9 := ~methaneLevelCritical~0;#res := ~retValue_acc~9; {3236#true} is VALID [2022-02-20 18:09:21,325 INFO L290 TraceCheckUtils]: 1: Hoare triple {3236#true} assume true; {3236#true} is VALID [2022-02-20 18:09:21,326 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {3236#true} {3238#(= ~waterLevel~0 1)} #233#return; {3238#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:21,326 INFO L290 TraceCheckUtils]: 0: Hoare triple {3236#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(30, 4);call #Ultimate.allocInit(9, 5);call #Ultimate.allocInit(21, 6);call #Ultimate.allocInit(30, 7);call #Ultimate.allocInit(9, 8);call #Ultimate.allocInit(21, 9);call #Ultimate.allocInit(30, 10);call #Ultimate.allocInit(9, 11);call #Ultimate.allocInit(25, 12);call #Ultimate.allocInit(30, 13);call #Ultimate.allocInit(9, 14);call #Ultimate.allocInit(25, 15);call #Ultimate.allocInit(13, 16);call #Ultimate.allocInit(3, 17);call write~init~int(79, 17, 0, 1);call write~init~int(110, 17, 1, 1);call write~init~int(0, 17, 2, 1);call #Ultimate.allocInit(4, 18);call write~init~int(79, 18, 0, 1);call write~init~int(102, 18, 1, 1);call write~init~int(102, 18, 2, 1);call write~init~int(0, 18, 3, 1);call #Ultimate.allocInit(7, 19);call write~init~int(44, 19, 0, 1);call write~init~int(80, 19, 1, 1);call write~init~int(117, 19, 2, 1);call write~init~int(109, 19, 3, 1);call write~init~int(112, 19, 4, 1);call write~init~int(58, 19, 5, 1);call write~init~int(0, 19, 6, 1);call #Ultimate.allocInit(3, 20);call write~init~int(79, 20, 0, 1);call write~init~int(110, 20, 1, 1);call write~init~int(0, 20, 2, 1);call #Ultimate.allocInit(4, 21);call write~init~int(79, 21, 0, 1);call write~init~int(102, 21, 1, 1);call write~init~int(102, 21, 2, 1);call write~init~int(0, 21, 3, 1);call #Ultimate.allocInit(3, 22);call write~init~int(41, 22, 0, 1);call write~init~int(32, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(2, 23);call write~init~int(10, 23, 0, 1);call write~init~int(0, 23, 1, 1);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~cleanupTimeShifts~0 := 4;~head~0.base, ~head~0.offset := 0, 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0; {3238#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:21,327 INFO L290 TraceCheckUtils]: 1: Hoare triple {3238#(= ~waterLevel~0 1)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret4#1, main_~retValue_acc~0#1, main_~tmp~0#1;havoc main_~retValue_acc~0#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {3238#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:21,327 INFO L290 TraceCheckUtils]: 2: Hoare triple {3238#(= ~waterLevel~0 1)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {3238#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:21,328 INFO L290 TraceCheckUtils]: 3: Hoare triple {3238#(= ~waterLevel~0 1)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~5#1;havoc valid_product_~retValue_acc~5#1;valid_product_~retValue_acc~5#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~5#1; {3238#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:21,328 INFO L290 TraceCheckUtils]: 4: Hoare triple {3238#(= ~waterLevel~0 1)} main_#t~ret4#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret4#1 && main_#t~ret4#1 <= 2147483647;main_~tmp~0#1 := main_#t~ret4#1;havoc main_#t~ret4#1; {3238#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:21,329 INFO L290 TraceCheckUtils]: 5: Hoare triple {3238#(= ~waterLevel~0 1)} assume 0 != main_~tmp~0#1;assume { :begin_inline_setup } true; {3238#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:21,329 INFO L290 TraceCheckUtils]: 6: Hoare triple {3238#(= ~waterLevel~0 1)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet44#1, test_#t~nondet45#1, test_#t~nondet46#1, test_#t~nondet47#1, test_~splverifierCounter~0#1, test_~tmp~8#1, test_~tmp___0~2#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~8#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {3238#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:21,329 INFO L290 TraceCheckUtils]: 7: Hoare triple {3238#(= ~waterLevel~0 1)} assume !false; {3238#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:21,329 INFO L290 TraceCheckUtils]: 8: Hoare triple {3238#(= ~waterLevel~0 1)} assume test_~splverifierCounter~0#1 < 4; {3238#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:21,330 INFO L290 TraceCheckUtils]: 9: Hoare triple {3238#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet44#1 && test_#t~nondet44#1 <= 2147483647;test_~tmp~8#1 := test_#t~nondet44#1;havoc test_#t~nondet44#1; {3238#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:21,330 INFO L290 TraceCheckUtils]: 10: Hoare triple {3238#(= ~waterLevel~0 1)} assume !(0 != test_~tmp~8#1); {3238#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:21,330 INFO L290 TraceCheckUtils]: 11: Hoare triple {3238#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet45#1 && test_#t~nondet45#1 <= 2147483647;test_~tmp___0~2#1 := test_#t~nondet45#1;havoc test_#t~nondet45#1; {3238#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:21,331 INFO L290 TraceCheckUtils]: 12: Hoare triple {3238#(= ~waterLevel~0 1)} assume !(0 != test_~tmp___0~2#1); {3238#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:21,333 INFO L290 TraceCheckUtils]: 13: Hoare triple {3238#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet46#1 && test_#t~nondet46#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet46#1;havoc test_#t~nondet46#1; {3238#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:21,333 INFO L290 TraceCheckUtils]: 14: Hoare triple {3238#(= ~waterLevel~0 1)} assume !(0 != test_~tmp___2~0#1);assume -2147483648 <= test_#t~nondet47#1 && test_#t~nondet47#1 <= 2147483647;test_~tmp___1~1#1 := test_#t~nondet47#1;havoc test_#t~nondet47#1; {3238#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:21,333 INFO L290 TraceCheckUtils]: 15: Hoare triple {3238#(= ~waterLevel~0 1)} assume 0 != test_~tmp___1~1#1;assume { :begin_inline_stopSystem } true; {3238#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:21,334 INFO L290 TraceCheckUtils]: 16: Hoare triple {3238#(= ~waterLevel~0 1)} assume !(0 != ~pumpRunning~0); {3238#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:21,334 INFO L290 TraceCheckUtils]: 17: Hoare triple {3238#(= ~waterLevel~0 1)} ~systemActive~0 := 0; {3238#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:21,334 INFO L290 TraceCheckUtils]: 18: Hoare triple {3238#(= ~waterLevel~0 1)} assume { :end_inline_stopSystem } true; {3238#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:21,336 INFO L272 TraceCheckUtils]: 19: Hoare triple {3238#(= ~waterLevel~0 1)} call timeShift(); {3238#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:21,337 INFO L290 TraceCheckUtils]: 20: Hoare triple {3238#(= ~waterLevel~0 1)} assume !(0 != ~pumpRunning~0); {3238#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:21,337 INFO L290 TraceCheckUtils]: 21: Hoare triple {3238#(= ~waterLevel~0 1)} assume !(0 != ~systemActive~0); {3238#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:21,337 INFO L290 TraceCheckUtils]: 22: Hoare triple {3238#(= ~waterLevel~0 1)} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret5#1, __utac_acc__Specification3_spec__1_#t~ret6#1, __utac_acc__Specification3_spec__1_#t~ret7#1, __utac_acc__Specification3_spec__1_~tmp~1#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~1#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {3238#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:21,338 INFO L272 TraceCheckUtils]: 23: Hoare triple {3238#(= ~waterLevel~0 1)} call __utac_acc__Specification3_spec__1_#t~ret5#1 := isMethaneLevelCritical(); {3236#true} is VALID [2022-02-20 18:09:21,338 INFO L290 TraceCheckUtils]: 24: Hoare triple {3236#true} havoc ~retValue_acc~9;~retValue_acc~9 := ~methaneLevelCritical~0;#res := ~retValue_acc~9; {3236#true} is VALID [2022-02-20 18:09:21,338 INFO L290 TraceCheckUtils]: 25: Hoare triple {3236#true} assume true; {3236#true} is VALID [2022-02-20 18:09:21,338 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {3236#true} {3238#(= ~waterLevel~0 1)} #233#return; {3238#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:21,338 INFO L290 TraceCheckUtils]: 27: Hoare triple {3238#(= ~waterLevel~0 1)} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret5#1 && __utac_acc__Specification3_spec__1_#t~ret5#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~1#1 := __utac_acc__Specification3_spec__1_#t~ret5#1;havoc __utac_acc__Specification3_spec__1_#t~ret5#1; {3238#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:21,342 INFO L290 TraceCheckUtils]: 28: Hoare triple {3238#(= ~waterLevel~0 1)} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~1#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~10#1;havoc getWaterLevel_~retValue_acc~10#1;getWaterLevel_~retValue_acc~10#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~10#1; {3242#(= |timeShift_getWaterLevel_#res#1| 1)} is VALID [2022-02-20 18:09:21,343 INFO L290 TraceCheckUtils]: 29: Hoare triple {3242#(= |timeShift_getWaterLevel_#res#1| 1)} __utac_acc__Specification3_spec__1_#t~ret6#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret6#1 && __utac_acc__Specification3_spec__1_#t~ret6#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret6#1;havoc __utac_acc__Specification3_spec__1_#t~ret6#1; {3243#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1| 1)} is VALID [2022-02-20 18:09:21,343 INFO L290 TraceCheckUtils]: 30: Hoare triple {3243#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1| 1)} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {3237#false} is VALID [2022-02-20 18:09:21,343 INFO L290 TraceCheckUtils]: 31: Hoare triple {3237#false} __utac_acc__Specification3_spec__1_#t~ret7#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret7#1 && __utac_acc__Specification3_spec__1_#t~ret7#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret7#1;havoc __utac_acc__Specification3_spec__1_#t~ret7#1; {3237#false} is VALID [2022-02-20 18:09:21,343 INFO L290 TraceCheckUtils]: 32: Hoare triple {3237#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {3237#false} is VALID [2022-02-20 18:09:21,344 INFO L290 TraceCheckUtils]: 33: Hoare triple {3237#false} assume !false; {3237#false} is VALID [2022-02-20 18:09:21,344 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:21,344 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:21,344 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1953880143] [2022-02-20 18:09:21,344 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1953880143] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:21,344 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:21,344 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 18:09:21,344 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [998798198] [2022-02-20 18:09:21,344 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:21,345 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-20 18:09:21,345 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:21,345 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:21,363 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 34 edges. 34 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:21,364 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 18:09:21,364 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:21,364 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 18:09:21,364 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 18:09:21,364 INFO L87 Difference]: Start difference. First operand 234 states and 302 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:21,568 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:21,569 INFO L93 Difference]: Finished difference Result 669 states and 898 transitions. [2022-02-20 18:09:21,569 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 18:09:21,569 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-20 18:09:21,569 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:21,569 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:21,571 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 241 transitions. [2022-02-20 18:09:21,572 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:21,574 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 241 transitions. [2022-02-20 18:09:21,574 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 241 transitions. [2022-02-20 18:09:21,701 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 241 edges. 241 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:21,714 INFO L225 Difference]: With dead ends: 669 [2022-02-20 18:09:21,714 INFO L226 Difference]: Without dead ends: 442 [2022-02-20 18:09:21,715 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-02-20 18:09:21,715 INFO L933 BasicCegarLoop]: 89 mSDtfsCounter, 52 mSDsluCounter, 247 mSDsCounter, 0 mSdLazyCounter, 26 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 52 SdHoareTripleChecker+Valid, 336 SdHoareTripleChecker+Invalid, 29 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 26 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:21,715 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [52 Valid, 336 Invalid, 29 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 26 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:21,716 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 442 states. [2022-02-20 18:09:21,753 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 442 to 427. [2022-02-20 18:09:21,753 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:21,754 INFO L82 GeneralOperation]: Start isEquivalent. First operand 442 states. Second operand has 427 states, 335 states have (on average 1.3014925373134327) internal successors, (436), 357 states have internal predecessors, (436), 50 states have call successors, (50), 46 states have call predecessors, (50), 41 states have return successors, (66), 45 states have call predecessors, (66), 50 states have call successors, (66) [2022-02-20 18:09:21,755 INFO L74 IsIncluded]: Start isIncluded. First operand 442 states. Second operand has 427 states, 335 states have (on average 1.3014925373134327) internal successors, (436), 357 states have internal predecessors, (436), 50 states have call successors, (50), 46 states have call predecessors, (50), 41 states have return successors, (66), 45 states have call predecessors, (66), 50 states have call successors, (66) [2022-02-20 18:09:21,757 INFO L87 Difference]: Start difference. First operand 442 states. Second operand has 427 states, 335 states have (on average 1.3014925373134327) internal successors, (436), 357 states have internal predecessors, (436), 50 states have call successors, (50), 46 states have call predecessors, (50), 41 states have return successors, (66), 45 states have call predecessors, (66), 50 states have call successors, (66) [2022-02-20 18:09:21,788 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:21,789 INFO L93 Difference]: Finished difference Result 442 states and 573 transitions. [2022-02-20 18:09:21,789 INFO L276 IsEmpty]: Start isEmpty. Operand 442 states and 573 transitions. [2022-02-20 18:09:21,790 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:21,790 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:21,791 INFO L74 IsIncluded]: Start isIncluded. First operand has 427 states, 335 states have (on average 1.3014925373134327) internal successors, (436), 357 states have internal predecessors, (436), 50 states have call successors, (50), 46 states have call predecessors, (50), 41 states have return successors, (66), 45 states have call predecessors, (66), 50 states have call successors, (66) Second operand 442 states. [2022-02-20 18:09:21,792 INFO L87 Difference]: Start difference. First operand has 427 states, 335 states have (on average 1.3014925373134327) internal successors, (436), 357 states have internal predecessors, (436), 50 states have call successors, (50), 46 states have call predecessors, (50), 41 states have return successors, (66), 45 states have call predecessors, (66), 50 states have call successors, (66) Second operand 442 states. [2022-02-20 18:09:21,815 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:21,815 INFO L93 Difference]: Finished difference Result 442 states and 573 transitions. [2022-02-20 18:09:21,815 INFO L276 IsEmpty]: Start isEmpty. Operand 442 states and 573 transitions. [2022-02-20 18:09:21,818 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:21,818 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:21,818 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:21,818 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:21,820 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 427 states, 335 states have (on average 1.3014925373134327) internal successors, (436), 357 states have internal predecessors, (436), 50 states have call successors, (50), 46 states have call predecessors, (50), 41 states have return successors, (66), 45 states have call predecessors, (66), 50 states have call successors, (66) [2022-02-20 18:09:21,834 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 427 states to 427 states and 552 transitions. [2022-02-20 18:09:21,834 INFO L78 Accepts]: Start accepts. Automaton has 427 states and 552 transitions. Word has length 34 [2022-02-20 18:09:21,834 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:21,834 INFO L470 AbstractCegarLoop]: Abstraction has 427 states and 552 transitions. [2022-02-20 18:09:21,834 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:21,835 INFO L276 IsEmpty]: Start isEmpty. Operand 427 states and 552 transitions. [2022-02-20 18:09:21,835 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-02-20 18:09:21,836 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:21,836 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:21,836 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-02-20 18:09:21,836 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:21,837 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:21,837 INFO L85 PathProgramCache]: Analyzing trace with hash -259884917, now seen corresponding path program 1 times [2022-02-20 18:09:21,837 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:21,837 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [274045854] [2022-02-20 18:09:21,837 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:21,837 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:21,858 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:09:21,858 INFO L352 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2022-02-20 18:09:21,868 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:09:21,886 INFO L138 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2022-02-20 18:09:21,887 INFO L628 BasicCegarLoop]: Counterexample is feasible [2022-02-20 18:09:21,887 INFO L764 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-02-20 18:09:21,888 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-02-20 18:09:21,890 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1] [2022-02-20 18:09:21,892 INFO L180 ceAbstractionStarter]: Computing trace abstraction results [2022-02-20 18:09:21,909 FATAL L489 DefaultTranslator]: Callstack has procedure call flag but succeeding procedure is empty at [CALL] call waterRise(); [2022-02-20 18:09:21,910 FATAL L? ?]: The Plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction has thrown an exception: java.lang.AssertionError: callstack broken after backtranslation by InlinerBacktranslator at de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:216) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:206) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getProgramExecutionAsString(CounterExampleResult.java:155) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getLongDescription(CounterExampleResult.java:134) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ResultService.reportResult(ResultService.java:86) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.CegarLoopResultReporter.reportResult(CegarLoopResultReporter.java:141) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.reportLocationResults(TraceAbstractionStarter.java:607) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.runCegarLoops(TraceAbstractionStarter.java:182) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.(TraceAbstractionStarter.java:156) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver.finish(TraceAbstractionObserver.java:123) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runObserver(PluginConnector.java:168) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runTool(PluginConnector.java:151) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.run(PluginConnector.java:128) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.executePluginConnector(ToolchainWalker.java:232) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.processPlugin(ToolchainWalker.java:226) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walkUnprotected(ToolchainWalker.java:142) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walk(ToolchainWalker.java:104) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainManager$Toolchain.processToolchain(ToolchainManager.java:320) at de.uni_freiburg.informatik.ultimate.core.coreplugin.toolchain.DefaultToolchainJob.run(DefaultToolchainJob.java:145) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:63) [2022-02-20 18:09:21,912 INFO L158 Benchmark]: Toolchain (without parser) took 3755.61ms. Allocated memory was 102.8MB in the beginning and 155.2MB in the end (delta: 52.4MB). Free memory was 67.6MB in the beginning and 104.8MB in the end (delta: -37.2MB). Peak memory consumption was 14.4MB. Max. memory is 16.1GB. [2022-02-20 18:09:21,912 INFO L158 Benchmark]: CDTParser took 0.18ms. Allocated memory is still 102.8MB. Free memory was 74.0MB in the beginning and 74.0MB in the end (delta: 26.9kB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:09:21,912 INFO L158 Benchmark]: CACSL2BoogieTranslator took 389.87ms. Allocated memory is still 102.8MB. Free memory was 67.4MB in the beginning and 68.7MB in the end (delta: -1.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2022-02-20 18:09:21,912 INFO L158 Benchmark]: Boogie Procedure Inliner took 51.43ms. Allocated memory is still 102.8MB. Free memory was 68.7MB in the beginning and 65.9MB in the end (delta: 2.8MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-02-20 18:09:21,913 INFO L158 Benchmark]: Boogie Preprocessor took 35.71ms. Allocated memory is still 102.8MB. Free memory was 65.9MB in the beginning and 64.5MB in the end (delta: 1.4MB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:09:21,913 INFO L158 Benchmark]: RCFGBuilder took 460.14ms. Allocated memory is still 102.8MB. Free memory was 64.5MB in the beginning and 44.0MB in the end (delta: 20.4MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2022-02-20 18:09:21,913 INFO L158 Benchmark]: TraceAbstraction took 2812.71ms. Allocated memory was 102.8MB in the beginning and 155.2MB in the end (delta: 52.4MB). Free memory was 43.6MB in the beginning and 104.8MB in the end (delta: -61.2MB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:09:21,914 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.18ms. Allocated memory is still 102.8MB. Free memory was 74.0MB in the beginning and 74.0MB in the end (delta: 26.9kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 389.87ms. Allocated memory is still 102.8MB. Free memory was 67.4MB in the beginning and 68.7MB in the end (delta: -1.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 51.43ms. Allocated memory is still 102.8MB. Free memory was 68.7MB in the beginning and 65.9MB in the end (delta: 2.8MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 35.71ms. Allocated memory is still 102.8MB. Free memory was 65.9MB in the beginning and 64.5MB in the end (delta: 1.4MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 460.14ms. Allocated memory is still 102.8MB. Free memory was 64.5MB in the beginning and 44.0MB in the end (delta: 20.4MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * TraceAbstraction took 2812.71ms. Allocated memory was 102.8MB in the beginning and 155.2MB in the end (delta: 52.4MB). Free memory was 43.6MB in the beginning and 104.8MB in the end (delta: -61.2MB). There was no memory consumed. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: AssertionError: callstack broken after backtranslation by InlinerBacktranslator: de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) RESULT: Ultimate could not prove your program: Toolchain returned no result. [2022-02-20 18:09:21,936 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Using bit-precise analysis Retrying with bit-precise analysis ### Bit-precise run ### Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_product43.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Bitvector.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash b1639abd1442c0be189a21b610783cf9fd230aa6a3ef085b8b036961bd01ca7b --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 18:09:23,614 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 18:09:23,616 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 18:09:23,648 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 18:09:23,649 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 18:09:23,652 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 18:09:23,653 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 18:09:23,656 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 18:09:23,658 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 18:09:23,662 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 18:09:23,663 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 18:09:23,664 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 18:09:23,664 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 18:09:23,666 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 18:09:23,667 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 18:09:23,671 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 18:09:23,671 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 18:09:23,672 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 18:09:23,674 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 18:09:23,679 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 18:09:23,680 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 18:09:23,681 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 18:09:23,682 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 18:09:23,683 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 18:09:23,687 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 18:09:23,687 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 18:09:23,687 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 18:09:23,688 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 18:09:23,689 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 18:09:23,689 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 18:09:23,689 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 18:09:23,690 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 18:09:23,691 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 18:09:23,691 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 18:09:23,692 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 18:09:23,692 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 18:09:23,693 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 18:09:23,693 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 18:09:23,693 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 18:09:23,695 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 18:09:23,695 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 18:09:23,696 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Bitvector.epf [2022-02-20 18:09:23,721 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 18:09:23,721 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 18:09:23,722 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 18:09:23,722 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 18:09:23,723 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 18:09:23,723 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 18:09:23,724 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 18:09:23,724 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 18:09:23,724 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 18:09:23,725 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 18:09:23,725 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 18:09:23,725 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 18:09:23,726 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 18:09:23,726 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-02-20 18:09:23,726 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 18:09:23,726 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-02-20 18:09:23,726 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-02-20 18:09:23,726 INFO L138 SettingsManager]: * Use bitvectors instead of ints=true [2022-02-20 18:09:23,726 INFO L138 SettingsManager]: * Memory model=HoenickeLindenmann_4ByteResolution [2022-02-20 18:09:23,727 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 18:09:23,727 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-02-20 18:09:23,727 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 18:09:23,732 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-02-20 18:09:23,732 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 18:09:23,732 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 18:09:23,732 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 18:09:23,732 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:09:23,732 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 18:09:23,733 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 18:09:23,733 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-02-20 18:09:23,733 INFO L138 SettingsManager]: * Trace refinement strategy=WOLF [2022-02-20 18:09:23,733 INFO L138 SettingsManager]: * Command for external solver=cvc4 --incremental --print-success --lang smt [2022-02-20 18:09:23,733 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2022-02-20 18:09:23,733 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-02-20 18:09:23,734 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-02-20 18:09:23,734 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2022-02-20 18:09:23,734 INFO L138 SettingsManager]: * Logic for external solver=AUFBV WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> b1639abd1442c0be189a21b610783cf9fd230aa6a3ef085b8b036961bd01ca7b [2022-02-20 18:09:23,989 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 18:09:24,010 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 18:09:24,013 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 18:09:24,013 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 18:09:24,014 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 18:09:24,015 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_product43.cil.c [2022-02-20 18:09:24,061 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/805819ef0/4ba82dbfbecf485a84aaf90fadae3f59/FLAGab97ee49a [2022-02-20 18:09:24,450 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 18:09:24,451 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product43.cil.c [2022-02-20 18:09:24,462 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/805819ef0/4ba82dbfbecf485a84aaf90fadae3f59/FLAGab97ee49a [2022-02-20 18:09:24,836 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/805819ef0/4ba82dbfbecf485a84aaf90fadae3f59 [2022-02-20 18:09:24,838 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 18:09:24,840 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 18:09:24,843 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 18:09:24,843 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 18:09:24,845 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 18:09:24,846 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:09:24" (1/1) ... [2022-02-20 18:09:24,847 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@4d2103ab and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:24, skipping insertion in model container [2022-02-20 18:09:24,848 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:09:24" (1/1) ... [2022-02-20 18:09:24,852 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 18:09:24,891 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:09:25,028 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product43.cil.c[2897,2910] [2022-02-20 18:09:25,132 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:09:25,141 INFO L200 MainTranslator]: Restarting translation with changed settings: SettingsChange [mNewPreferredMemoryModel=HoenickeLindenmann_1ByteResolution] [2022-02-20 18:09:25,149 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:09:25,156 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product43.cil.c[2897,2910] [2022-02-20 18:09:25,225 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:09:25,240 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 18:09:25,250 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product43.cil.c[2897,2910] [2022-02-20 18:09:25,289 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:09:25,301 INFO L208 MainTranslator]: Completed translation [2022-02-20 18:09:25,302 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:25 WrapperNode [2022-02-20 18:09:25,302 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 18:09:25,303 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 18:09:25,308 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 18:09:25,308 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 18:09:25,313 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:25" (1/1) ... [2022-02-20 18:09:25,325 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:25" (1/1) ... [2022-02-20 18:09:25,350 INFO L137 Inliner]: procedures = 56, calls = 154, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 241 [2022-02-20 18:09:25,351 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 18:09:25,351 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 18:09:25,351 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 18:09:25,351 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 18:09:25,357 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:25" (1/1) ... [2022-02-20 18:09:25,357 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:25" (1/1) ... [2022-02-20 18:09:25,360 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:25" (1/1) ... [2022-02-20 18:09:25,360 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:25" (1/1) ... [2022-02-20 18:09:25,366 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:25" (1/1) ... [2022-02-20 18:09:25,370 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:25" (1/1) ... [2022-02-20 18:09:25,371 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:25" (1/1) ... [2022-02-20 18:09:25,373 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 18:09:25,379 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 18:09:25,379 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 18:09:25,379 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 18:09:25,380 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:25" (1/1) ... [2022-02-20 18:09:25,390 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:09:25,399 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 18:09:25,408 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 18:09:25,410 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 18:09:25,439 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 18:09:25,439 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-02-20 18:09:25,440 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-02-20 18:09:25,440 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-02-20 18:09:25,440 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-02-20 18:09:25,440 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-02-20 18:09:25,440 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-02-20 18:09:25,440 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-02-20 18:09:25,440 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-02-20 18:09:25,441 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-02-20 18:09:25,441 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-02-20 18:09:25,441 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~intINTTYPE1 [2022-02-20 18:09:25,441 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-02-20 18:09:25,441 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-02-20 18:09:25,441 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 18:09:25,441 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 18:09:25,542 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 18:09:25,544 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 18:09:25,870 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 18:09:25,876 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 18:09:25,876 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-02-20 18:09:25,877 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:09:25 BoogieIcfgContainer [2022-02-20 18:09:25,877 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 18:09:25,878 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 18:09:25,879 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 18:09:25,887 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 18:09:25,888 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 06:09:24" (1/3) ... [2022-02-20 18:09:25,888 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@125f886 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:09:25, skipping insertion in model container [2022-02-20 18:09:25,888 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:25" (2/3) ... [2022-02-20 18:09:25,888 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@125f886 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:09:25, skipping insertion in model container [2022-02-20 18:09:25,888 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:09:25" (3/3) ... [2022-02-20 18:09:25,889 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product43.cil.c [2022-02-20 18:09:25,893 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 18:09:25,893 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-02-20 18:09:25,929 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 18:09:25,933 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 18:09:25,934 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-02-20 18:09:25,949 INFO L276 IsEmpty]: Start isEmpty. Operand has 85 states, 67 states have (on average 1.3880597014925373) internal successors, (93), 73 states have internal predecessors, (93), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 18:09:25,956 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 18:09:25,956 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:25,956 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:25,957 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:25,964 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:25,965 INFO L85 PathProgramCache]: Analyzing trace with hash 35803391, now seen corresponding path program 1 times [2022-02-20 18:09:25,976 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:25,976 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [910227851] [2022-02-20 18:09:25,977 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:25,977 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:25,978 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:25,980 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:25,981 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Waiting until timeout for monitored process [2022-02-20 18:09:26,095 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:26,098 INFO L263 TraceCheckSpWp]: Trace formula consists of 154 conjuncts, 1 conjunts are in the unsatisfiable core [2022-02-20 18:09:26,110 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:26,113 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:26,212 INFO L290 TraceCheckUtils]: 0: Hoare triple {88#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(30bv32, 4bv32);call #Ultimate.allocInit(9bv32, 5bv32);call #Ultimate.allocInit(21bv32, 6bv32);call #Ultimate.allocInit(30bv32, 7bv32);call #Ultimate.allocInit(9bv32, 8bv32);call #Ultimate.allocInit(21bv32, 9bv32);call #Ultimate.allocInit(30bv32, 10bv32);call #Ultimate.allocInit(9bv32, 11bv32);call #Ultimate.allocInit(25bv32, 12bv32);call #Ultimate.allocInit(30bv32, 13bv32);call #Ultimate.allocInit(9bv32, 14bv32);call #Ultimate.allocInit(25bv32, 15bv32);call #Ultimate.allocInit(13bv32, 16bv32);call #Ultimate.allocInit(3bv32, 17bv32);call write~init~intINTTYPE1(79bv8, 17bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 17bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 17bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 18bv32);call write~init~intINTTYPE1(79bv8, 18bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 18bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 19bv32);call write~init~intINTTYPE1(44bv8, 19bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 19bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 19bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 19bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 19bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 19bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 19bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 20bv32);call write~init~intINTTYPE1(79bv8, 20bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 20bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 20bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 21bv32);call write~init~intINTTYPE1(79bv8, 21bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 21bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(41bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 23bv32);call write~init~intINTTYPE1(10bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 24bv32);call #Ultimate.allocInit(7bv32, 25bv32);call write~init~intINTTYPE1(44bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 25bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 25bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 25bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 25bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 26bv32);call write~init~intINTTYPE1(67bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 26bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(79bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(41bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~cleanupTimeShifts~0 := 4bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32; {88#true} is VALID [2022-02-20 18:09:26,213 INFO L290 TraceCheckUtils]: 1: Hoare triple {88#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret4#1, main_~retValue_acc~0#1, main_~tmp~0#1;havoc main_~retValue_acc~0#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {88#true} is VALID [2022-02-20 18:09:26,213 INFO L290 TraceCheckUtils]: 2: Hoare triple {88#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {88#true} is VALID [2022-02-20 18:09:26,213 INFO L290 TraceCheckUtils]: 3: Hoare triple {88#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~5#1;havoc valid_product_~retValue_acc~5#1;valid_product_~retValue_acc~5#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~5#1; {88#true} is VALID [2022-02-20 18:09:26,213 INFO L290 TraceCheckUtils]: 4: Hoare triple {88#true} main_#t~ret4#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~0#1 := main_#t~ret4#1;havoc main_#t~ret4#1; {88#true} is VALID [2022-02-20 18:09:26,213 INFO L290 TraceCheckUtils]: 5: Hoare triple {88#true} assume 0bv32 != main_~tmp~0#1;assume { :begin_inline_setup } true; {88#true} is VALID [2022-02-20 18:09:26,213 INFO L290 TraceCheckUtils]: 6: Hoare triple {88#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet44#1, test_#t~nondet45#1, test_#t~nondet46#1, test_#t~nondet47#1, test_~splverifierCounter~0#1, test_~tmp~8#1, test_~tmp___0~2#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~8#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {88#true} is VALID [2022-02-20 18:09:26,214 INFO L290 TraceCheckUtils]: 7: Hoare triple {88#true} assume false; {89#false} is VALID [2022-02-20 18:09:26,214 INFO L272 TraceCheckUtils]: 8: Hoare triple {89#false} call cleanup(); {89#false} is VALID [2022-02-20 18:09:26,214 INFO L290 TraceCheckUtils]: 9: Hoare triple {89#false} havoc ~i~0;havoc ~__cil_tmp2~0; {89#false} is VALID [2022-02-20 18:09:26,214 INFO L272 TraceCheckUtils]: 10: Hoare triple {89#false} call timeShift(); {89#false} is VALID [2022-02-20 18:09:26,215 INFO L290 TraceCheckUtils]: 11: Hoare triple {89#false} assume !(0bv32 != ~pumpRunning~0); {89#false} is VALID [2022-02-20 18:09:26,215 INFO L290 TraceCheckUtils]: 12: Hoare triple {89#false} assume !(0bv32 != ~systemActive~0); {89#false} is VALID [2022-02-20 18:09:26,215 INFO L290 TraceCheckUtils]: 13: Hoare triple {89#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret5#1, __utac_acc__Specification3_spec__1_#t~ret6#1, __utac_acc__Specification3_spec__1_#t~ret7#1, __utac_acc__Specification3_spec__1_~tmp~1#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~1#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {89#false} is VALID [2022-02-20 18:09:26,215 INFO L272 TraceCheckUtils]: 14: Hoare triple {89#false} call __utac_acc__Specification3_spec__1_#t~ret5#1 := isMethaneLevelCritical(); {89#false} is VALID [2022-02-20 18:09:26,215 INFO L290 TraceCheckUtils]: 15: Hoare triple {89#false} havoc ~retValue_acc~9;~retValue_acc~9 := ~methaneLevelCritical~0;#res := ~retValue_acc~9; {89#false} is VALID [2022-02-20 18:09:26,215 INFO L290 TraceCheckUtils]: 16: Hoare triple {89#false} assume true; {89#false} is VALID [2022-02-20 18:09:26,215 INFO L284 TraceCheckUtils]: 17: Hoare quadruple {89#false} {89#false} #233#return; {89#false} is VALID [2022-02-20 18:09:26,216 INFO L290 TraceCheckUtils]: 18: Hoare triple {89#false} __utac_acc__Specification3_spec__1_~tmp~1#1 := __utac_acc__Specification3_spec__1_#t~ret5#1;havoc __utac_acc__Specification3_spec__1_#t~ret5#1; {89#false} is VALID [2022-02-20 18:09:26,216 INFO L290 TraceCheckUtils]: 19: Hoare triple {89#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~1#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~10#1;havoc getWaterLevel_~retValue_acc~10#1;getWaterLevel_~retValue_acc~10#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~10#1; {89#false} is VALID [2022-02-20 18:09:26,216 INFO L290 TraceCheckUtils]: 20: Hoare triple {89#false} __utac_acc__Specification3_spec__1_#t~ret6#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret6#1;havoc __utac_acc__Specification3_spec__1_#t~ret6#1; {89#false} is VALID [2022-02-20 18:09:26,216 INFO L290 TraceCheckUtils]: 21: Hoare triple {89#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {89#false} is VALID [2022-02-20 18:09:26,216 INFO L290 TraceCheckUtils]: 22: Hoare triple {89#false} __utac_acc__Specification3_spec__1_#t~ret7#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret7#1;havoc __utac_acc__Specification3_spec__1_#t~ret7#1; {89#false} is VALID [2022-02-20 18:09:26,216 INFO L290 TraceCheckUtils]: 23: Hoare triple {89#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {89#false} is VALID [2022-02-20 18:09:26,216 INFO L290 TraceCheckUtils]: 24: Hoare triple {89#false} assume !false; {89#false} is VALID [2022-02-20 18:09:26,218 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:26,218 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:26,218 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:26,218 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [910227851] [2022-02-20 18:09:26,221 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [910227851] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:26,221 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:26,222 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:09:26,223 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [182209059] [2022-02-20 18:09:26,223 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:26,227 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:09:26,243 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:26,246 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:26,279 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:26,279 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-02-20 18:09:26,279 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:26,295 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-02-20 18:09:26,296 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:09:26,299 INFO L87 Difference]: Start difference. First operand has 85 states, 67 states have (on average 1.3880597014925373) internal successors, (93), 73 states have internal predecessors, (93), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:26,418 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:26,418 INFO L93 Difference]: Finished difference Result 162 states and 221 transitions. [2022-02-20 18:09:26,419 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-02-20 18:09:26,420 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:09:26,420 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:26,421 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:26,433 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 221 transitions. [2022-02-20 18:09:26,434 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:26,442 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 221 transitions. [2022-02-20 18:09:26,442 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 221 transitions. [2022-02-20 18:09:26,627 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 221 edges. 221 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:26,636 INFO L225 Difference]: With dead ends: 162 [2022-02-20 18:09:26,638 INFO L226 Difference]: Without dead ends: 76 [2022-02-20 18:09:26,642 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 24 GetRequests, 24 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:09:26,646 INFO L933 BasicCegarLoop]: 107 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 107 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:26,647 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 107 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:26,660 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 76 states. [2022-02-20 18:09:26,677 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 76 to 76. [2022-02-20 18:09:26,677 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:26,679 INFO L82 GeneralOperation]: Start isEquivalent. First operand 76 states. Second operand has 76 states, 60 states have (on average 1.3166666666666667) internal successors, (79), 65 states have internal predecessors, (79), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:09:26,682 INFO L74 IsIncluded]: Start isIncluded. First operand 76 states. Second operand has 76 states, 60 states have (on average 1.3166666666666667) internal successors, (79), 65 states have internal predecessors, (79), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:09:26,687 INFO L87 Difference]: Start difference. First operand 76 states. Second operand has 76 states, 60 states have (on average 1.3166666666666667) internal successors, (79), 65 states have internal predecessors, (79), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:09:26,695 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:26,695 INFO L93 Difference]: Finished difference Result 76 states and 98 transitions. [2022-02-20 18:09:26,695 INFO L276 IsEmpty]: Start isEmpty. Operand 76 states and 98 transitions. [2022-02-20 18:09:26,698 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:26,698 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:26,700 INFO L74 IsIncluded]: Start isIncluded. First operand has 76 states, 60 states have (on average 1.3166666666666667) internal successors, (79), 65 states have internal predecessors, (79), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) Second operand 76 states. [2022-02-20 18:09:26,700 INFO L87 Difference]: Start difference. First operand has 76 states, 60 states have (on average 1.3166666666666667) internal successors, (79), 65 states have internal predecessors, (79), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) Second operand 76 states. [2022-02-20 18:09:26,710 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:26,711 INFO L93 Difference]: Finished difference Result 76 states and 98 transitions. [2022-02-20 18:09:26,712 INFO L276 IsEmpty]: Start isEmpty. Operand 76 states and 98 transitions. [2022-02-20 18:09:26,715 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:26,716 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:26,716 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:26,717 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:26,717 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 76 states, 60 states have (on average 1.3166666666666667) internal successors, (79), 65 states have internal predecessors, (79), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-02-20 18:09:26,721 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 76 states to 76 states and 98 transitions. [2022-02-20 18:09:26,723 INFO L78 Accepts]: Start accepts. Automaton has 76 states and 98 transitions. Word has length 25 [2022-02-20 18:09:26,724 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:26,724 INFO L470 AbstractCegarLoop]: Abstraction has 76 states and 98 transitions. [2022-02-20 18:09:26,724 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:26,724 INFO L276 IsEmpty]: Start isEmpty. Operand 76 states and 98 transitions. [2022-02-20 18:09:26,725 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-02-20 18:09:26,725 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:26,725 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:26,751 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Forceful destruction successful, exit code 0 [2022-02-20 18:09:26,936 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:26,936 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:26,937 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:26,937 INFO L85 PathProgramCache]: Analyzing trace with hash 667483741, now seen corresponding path program 1 times [2022-02-20 18:09:26,937 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:26,937 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [73226637] [2022-02-20 18:09:26,937 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:26,938 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:26,938 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:26,939 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:26,940 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Waiting until timeout for monitored process [2022-02-20 18:09:26,989 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:26,991 INFO L263 TraceCheckSpWp]: Trace formula consists of 155 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-20 18:09:27,002 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:27,003 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:27,078 INFO L290 TraceCheckUtils]: 0: Hoare triple {661#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(30bv32, 4bv32);call #Ultimate.allocInit(9bv32, 5bv32);call #Ultimate.allocInit(21bv32, 6bv32);call #Ultimate.allocInit(30bv32, 7bv32);call #Ultimate.allocInit(9bv32, 8bv32);call #Ultimate.allocInit(21bv32, 9bv32);call #Ultimate.allocInit(30bv32, 10bv32);call #Ultimate.allocInit(9bv32, 11bv32);call #Ultimate.allocInit(25bv32, 12bv32);call #Ultimate.allocInit(30bv32, 13bv32);call #Ultimate.allocInit(9bv32, 14bv32);call #Ultimate.allocInit(25bv32, 15bv32);call #Ultimate.allocInit(13bv32, 16bv32);call #Ultimate.allocInit(3bv32, 17bv32);call write~init~intINTTYPE1(79bv8, 17bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 17bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 17bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 18bv32);call write~init~intINTTYPE1(79bv8, 18bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 18bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 19bv32);call write~init~intINTTYPE1(44bv8, 19bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 19bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 19bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 19bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 19bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 19bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 19bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 20bv32);call write~init~intINTTYPE1(79bv8, 20bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 20bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 20bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 21bv32);call write~init~intINTTYPE1(79bv8, 21bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 21bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(41bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 23bv32);call write~init~intINTTYPE1(10bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 24bv32);call #Ultimate.allocInit(7bv32, 25bv32);call write~init~intINTTYPE1(44bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 25bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 25bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 25bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 25bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 26bv32);call write~init~intINTTYPE1(67bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 26bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(79bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(41bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~cleanupTimeShifts~0 := 4bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32; {661#true} is VALID [2022-02-20 18:09:27,079 INFO L290 TraceCheckUtils]: 1: Hoare triple {661#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret4#1, main_~retValue_acc~0#1, main_~tmp~0#1;havoc main_~retValue_acc~0#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {661#true} is VALID [2022-02-20 18:09:27,079 INFO L290 TraceCheckUtils]: 2: Hoare triple {661#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {661#true} is VALID [2022-02-20 18:09:27,079 INFO L290 TraceCheckUtils]: 3: Hoare triple {661#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~5#1;havoc valid_product_~retValue_acc~5#1;valid_product_~retValue_acc~5#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~5#1; {661#true} is VALID [2022-02-20 18:09:27,079 INFO L290 TraceCheckUtils]: 4: Hoare triple {661#true} main_#t~ret4#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~0#1 := main_#t~ret4#1;havoc main_#t~ret4#1; {661#true} is VALID [2022-02-20 18:09:27,079 INFO L290 TraceCheckUtils]: 5: Hoare triple {661#true} assume 0bv32 != main_~tmp~0#1;assume { :begin_inline_setup } true; {661#true} is VALID [2022-02-20 18:09:27,080 INFO L290 TraceCheckUtils]: 6: Hoare triple {661#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet44#1, test_#t~nondet45#1, test_#t~nondet46#1, test_#t~nondet47#1, test_~splverifierCounter~0#1, test_~tmp~8#1, test_~tmp___0~2#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~8#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {684#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} is VALID [2022-02-20 18:09:27,080 INFO L290 TraceCheckUtils]: 7: Hoare triple {684#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} assume !false; {684#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} is VALID [2022-02-20 18:09:27,081 INFO L290 TraceCheckUtils]: 8: Hoare triple {684#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} assume !~bvslt32(test_~splverifierCounter~0#1, 4bv32); {662#false} is VALID [2022-02-20 18:09:27,081 INFO L272 TraceCheckUtils]: 9: Hoare triple {662#false} call cleanup(); {662#false} is VALID [2022-02-20 18:09:27,081 INFO L290 TraceCheckUtils]: 10: Hoare triple {662#false} havoc ~i~0;havoc ~__cil_tmp2~0; {662#false} is VALID [2022-02-20 18:09:27,081 INFO L272 TraceCheckUtils]: 11: Hoare triple {662#false} call timeShift(); {662#false} is VALID [2022-02-20 18:09:27,081 INFO L290 TraceCheckUtils]: 12: Hoare triple {662#false} assume !(0bv32 != ~pumpRunning~0); {662#false} is VALID [2022-02-20 18:09:27,082 INFO L290 TraceCheckUtils]: 13: Hoare triple {662#false} assume !(0bv32 != ~systemActive~0); {662#false} is VALID [2022-02-20 18:09:27,082 INFO L290 TraceCheckUtils]: 14: Hoare triple {662#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret5#1, __utac_acc__Specification3_spec__1_#t~ret6#1, __utac_acc__Specification3_spec__1_#t~ret7#1, __utac_acc__Specification3_spec__1_~tmp~1#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~1#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {662#false} is VALID [2022-02-20 18:09:27,082 INFO L272 TraceCheckUtils]: 15: Hoare triple {662#false} call __utac_acc__Specification3_spec__1_#t~ret5#1 := isMethaneLevelCritical(); {662#false} is VALID [2022-02-20 18:09:27,082 INFO L290 TraceCheckUtils]: 16: Hoare triple {662#false} havoc ~retValue_acc~9;~retValue_acc~9 := ~methaneLevelCritical~0;#res := ~retValue_acc~9; {662#false} is VALID [2022-02-20 18:09:27,082 INFO L290 TraceCheckUtils]: 17: Hoare triple {662#false} assume true; {662#false} is VALID [2022-02-20 18:09:27,082 INFO L284 TraceCheckUtils]: 18: Hoare quadruple {662#false} {662#false} #233#return; {662#false} is VALID [2022-02-20 18:09:27,083 INFO L290 TraceCheckUtils]: 19: Hoare triple {662#false} __utac_acc__Specification3_spec__1_~tmp~1#1 := __utac_acc__Specification3_spec__1_#t~ret5#1;havoc __utac_acc__Specification3_spec__1_#t~ret5#1; {662#false} is VALID [2022-02-20 18:09:27,083 INFO L290 TraceCheckUtils]: 20: Hoare triple {662#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~1#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~10#1;havoc getWaterLevel_~retValue_acc~10#1;getWaterLevel_~retValue_acc~10#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~10#1; {662#false} is VALID [2022-02-20 18:09:27,083 INFO L290 TraceCheckUtils]: 21: Hoare triple {662#false} __utac_acc__Specification3_spec__1_#t~ret6#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret6#1;havoc __utac_acc__Specification3_spec__1_#t~ret6#1; {662#false} is VALID [2022-02-20 18:09:27,083 INFO L290 TraceCheckUtils]: 22: Hoare triple {662#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {662#false} is VALID [2022-02-20 18:09:27,083 INFO L290 TraceCheckUtils]: 23: Hoare triple {662#false} __utac_acc__Specification3_spec__1_#t~ret7#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret7#1;havoc __utac_acc__Specification3_spec__1_#t~ret7#1; {662#false} is VALID [2022-02-20 18:09:27,084 INFO L290 TraceCheckUtils]: 24: Hoare triple {662#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {662#false} is VALID [2022-02-20 18:09:27,084 INFO L290 TraceCheckUtils]: 25: Hoare triple {662#false} assume !false; {662#false} is VALID [2022-02-20 18:09:27,084 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:27,084 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:27,084 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:27,085 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [73226637] [2022-02-20 18:09:27,085 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [73226637] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:27,085 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:27,085 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:09:27,085 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1651790999] [2022-02-20 18:09:27,085 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:27,086 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:09:27,087 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:27,087 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:27,112 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 26 edges. 26 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:27,113 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:27,113 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:27,113 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:27,113 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:27,114 INFO L87 Difference]: Start difference. First operand 76 states and 98 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:27,209 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:27,209 INFO L93 Difference]: Finished difference Result 114 states and 147 transitions. [2022-02-20 18:09:27,209 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:27,210 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:09:27,210 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:27,210 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:27,212 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 147 transitions. [2022-02-20 18:09:27,212 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:27,214 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 147 transitions. [2022-02-20 18:09:27,214 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 147 transitions. [2022-02-20 18:09:27,349 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 147 edges. 147 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:27,350 INFO L225 Difference]: With dead ends: 114 [2022-02-20 18:09:27,350 INFO L226 Difference]: Without dead ends: 67 [2022-02-20 18:09:27,351 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 25 GetRequests, 24 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:27,352 INFO L933 BasicCegarLoop]: 85 mSDtfsCounter, 17 mSDsluCounter, 64 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 149 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:27,352 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [20 Valid, 149 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:27,352 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 67 states. [2022-02-20 18:09:27,356 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 67 to 67. [2022-02-20 18:09:27,356 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:27,356 INFO L82 GeneralOperation]: Start isEquivalent. First operand 67 states. Second operand has 67 states, 54 states have (on average 1.3333333333333333) internal successors, (72), 59 states have internal predecessors, (72), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:09:27,357 INFO L74 IsIncluded]: Start isIncluded. First operand 67 states. Second operand has 67 states, 54 states have (on average 1.3333333333333333) internal successors, (72), 59 states have internal predecessors, (72), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:09:27,357 INFO L87 Difference]: Start difference. First operand 67 states. Second operand has 67 states, 54 states have (on average 1.3333333333333333) internal successors, (72), 59 states have internal predecessors, (72), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:09:27,358 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:27,359 INFO L93 Difference]: Finished difference Result 67 states and 86 transitions. [2022-02-20 18:09:27,359 INFO L276 IsEmpty]: Start isEmpty. Operand 67 states and 86 transitions. [2022-02-20 18:09:27,359 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:27,359 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:27,359 INFO L74 IsIncluded]: Start isIncluded. First operand has 67 states, 54 states have (on average 1.3333333333333333) internal successors, (72), 59 states have internal predecessors, (72), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) Second operand 67 states. [2022-02-20 18:09:27,359 INFO L87 Difference]: Start difference. First operand has 67 states, 54 states have (on average 1.3333333333333333) internal successors, (72), 59 states have internal predecessors, (72), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) Second operand 67 states. [2022-02-20 18:09:27,361 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:27,361 INFO L93 Difference]: Finished difference Result 67 states and 86 transitions. [2022-02-20 18:09:27,361 INFO L276 IsEmpty]: Start isEmpty. Operand 67 states and 86 transitions. [2022-02-20 18:09:27,361 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:27,361 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:27,362 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:27,362 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:27,362 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 67 states, 54 states have (on average 1.3333333333333333) internal successors, (72), 59 states have internal predecessors, (72), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-02-20 18:09:27,363 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 67 states to 67 states and 86 transitions. [2022-02-20 18:09:27,363 INFO L78 Accepts]: Start accepts. Automaton has 67 states and 86 transitions. Word has length 26 [2022-02-20 18:09:27,364 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:27,364 INFO L470 AbstractCegarLoop]: Abstraction has 67 states and 86 transitions. [2022-02-20 18:09:27,364 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:27,364 INFO L276 IsEmpty]: Start isEmpty. Operand 67 states and 86 transitions. [2022-02-20 18:09:27,364 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-02-20 18:09:27,364 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:27,364 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:27,384 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Forceful destruction successful, exit code 0 [2022-02-20 18:09:27,573 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:27,574 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:27,574 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:27,574 INFO L85 PathProgramCache]: Analyzing trace with hash -1089755984, now seen corresponding path program 1 times [2022-02-20 18:09:27,575 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:27,575 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1179716015] [2022-02-20 18:09:27,575 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:27,575 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:27,575 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:27,576 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:27,578 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Waiting until timeout for monitored process [2022-02-20 18:09:27,617 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:27,619 INFO L263 TraceCheckSpWp]: Trace formula consists of 155 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-20 18:09:27,627 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:27,628 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:27,695 INFO L290 TraceCheckUtils]: 0: Hoare triple {1136#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(30bv32, 4bv32);call #Ultimate.allocInit(9bv32, 5bv32);call #Ultimate.allocInit(21bv32, 6bv32);call #Ultimate.allocInit(30bv32, 7bv32);call #Ultimate.allocInit(9bv32, 8bv32);call #Ultimate.allocInit(21bv32, 9bv32);call #Ultimate.allocInit(30bv32, 10bv32);call #Ultimate.allocInit(9bv32, 11bv32);call #Ultimate.allocInit(25bv32, 12bv32);call #Ultimate.allocInit(30bv32, 13bv32);call #Ultimate.allocInit(9bv32, 14bv32);call #Ultimate.allocInit(25bv32, 15bv32);call #Ultimate.allocInit(13bv32, 16bv32);call #Ultimate.allocInit(3bv32, 17bv32);call write~init~intINTTYPE1(79bv8, 17bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 17bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 17bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 18bv32);call write~init~intINTTYPE1(79bv8, 18bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 18bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 19bv32);call write~init~intINTTYPE1(44bv8, 19bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 19bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 19bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 19bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 19bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 19bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 19bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 20bv32);call write~init~intINTTYPE1(79bv8, 20bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 20bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 20bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 21bv32);call write~init~intINTTYPE1(79bv8, 21bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 21bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(41bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 23bv32);call write~init~intINTTYPE1(10bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 24bv32);call #Ultimate.allocInit(7bv32, 25bv32);call write~init~intINTTYPE1(44bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 25bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 25bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 25bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 25bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 26bv32);call write~init~intINTTYPE1(67bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 26bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(79bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(41bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~cleanupTimeShifts~0 := 4bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32; {1141#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:27,695 INFO L290 TraceCheckUtils]: 1: Hoare triple {1141#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret4#1, main_~retValue_acc~0#1, main_~tmp~0#1;havoc main_~retValue_acc~0#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {1141#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:27,696 INFO L290 TraceCheckUtils]: 2: Hoare triple {1141#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1141#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:27,696 INFO L290 TraceCheckUtils]: 3: Hoare triple {1141#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~5#1;havoc valid_product_~retValue_acc~5#1;valid_product_~retValue_acc~5#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~5#1; {1141#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:27,696 INFO L290 TraceCheckUtils]: 4: Hoare triple {1141#(= ~systemActive~0 (_ bv1 32))} main_#t~ret4#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~0#1 := main_#t~ret4#1;havoc main_#t~ret4#1; {1141#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:27,697 INFO L290 TraceCheckUtils]: 5: Hoare triple {1141#(= ~systemActive~0 (_ bv1 32))} assume 0bv32 != main_~tmp~0#1;assume { :begin_inline_setup } true; {1141#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:27,697 INFO L290 TraceCheckUtils]: 6: Hoare triple {1141#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet44#1, test_#t~nondet45#1, test_#t~nondet46#1, test_#t~nondet47#1, test_~splverifierCounter~0#1, test_~tmp~8#1, test_~tmp___0~2#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~8#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {1141#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:27,697 INFO L290 TraceCheckUtils]: 7: Hoare triple {1141#(= ~systemActive~0 (_ bv1 32))} assume !false; {1141#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:27,698 INFO L290 TraceCheckUtils]: 8: Hoare triple {1141#(= ~systemActive~0 (_ bv1 32))} assume ~bvslt32(test_~splverifierCounter~0#1, 4bv32); {1141#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:27,698 INFO L290 TraceCheckUtils]: 9: Hoare triple {1141#(= ~systemActive~0 (_ bv1 32))} test_~tmp~8#1 := test_#t~nondet44#1;havoc test_#t~nondet44#1; {1141#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:27,698 INFO L290 TraceCheckUtils]: 10: Hoare triple {1141#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != test_~tmp~8#1); {1141#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:27,699 INFO L290 TraceCheckUtils]: 11: Hoare triple {1141#(= ~systemActive~0 (_ bv1 32))} test_~tmp___0~2#1 := test_#t~nondet45#1;havoc test_#t~nondet45#1; {1141#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:27,699 INFO L290 TraceCheckUtils]: 12: Hoare triple {1141#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___0~2#1); {1141#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:27,700 INFO L290 TraceCheckUtils]: 13: Hoare triple {1141#(= ~systemActive~0 (_ bv1 32))} test_~tmp___2~0#1 := test_#t~nondet46#1;havoc test_#t~nondet46#1; {1141#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:27,700 INFO L290 TraceCheckUtils]: 14: Hoare triple {1141#(= ~systemActive~0 (_ bv1 32))} assume 0bv32 != test_~tmp___2~0#1; {1141#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:27,700 INFO L272 TraceCheckUtils]: 15: Hoare triple {1141#(= ~systemActive~0 (_ bv1 32))} call timeShift(); {1141#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:27,701 INFO L290 TraceCheckUtils]: 16: Hoare triple {1141#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {1141#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:27,701 INFO L290 TraceCheckUtils]: 17: Hoare triple {1141#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != ~systemActive~0); {1137#false} is VALID [2022-02-20 18:09:27,701 INFO L290 TraceCheckUtils]: 18: Hoare triple {1137#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret5#1, __utac_acc__Specification3_spec__1_#t~ret6#1, __utac_acc__Specification3_spec__1_#t~ret7#1, __utac_acc__Specification3_spec__1_~tmp~1#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~1#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {1137#false} is VALID [2022-02-20 18:09:27,701 INFO L272 TraceCheckUtils]: 19: Hoare triple {1137#false} call __utac_acc__Specification3_spec__1_#t~ret5#1 := isMethaneLevelCritical(); {1137#false} is VALID [2022-02-20 18:09:27,701 INFO L290 TraceCheckUtils]: 20: Hoare triple {1137#false} havoc ~retValue_acc~9;~retValue_acc~9 := ~methaneLevelCritical~0;#res := ~retValue_acc~9; {1137#false} is VALID [2022-02-20 18:09:27,702 INFO L290 TraceCheckUtils]: 21: Hoare triple {1137#false} assume true; {1137#false} is VALID [2022-02-20 18:09:27,702 INFO L284 TraceCheckUtils]: 22: Hoare quadruple {1137#false} {1137#false} #233#return; {1137#false} is VALID [2022-02-20 18:09:27,702 INFO L290 TraceCheckUtils]: 23: Hoare triple {1137#false} __utac_acc__Specification3_spec__1_~tmp~1#1 := __utac_acc__Specification3_spec__1_#t~ret5#1;havoc __utac_acc__Specification3_spec__1_#t~ret5#1; {1137#false} is VALID [2022-02-20 18:09:27,702 INFO L290 TraceCheckUtils]: 24: Hoare triple {1137#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~1#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~10#1;havoc getWaterLevel_~retValue_acc~10#1;getWaterLevel_~retValue_acc~10#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~10#1; {1137#false} is VALID [2022-02-20 18:09:27,702 INFO L290 TraceCheckUtils]: 25: Hoare triple {1137#false} __utac_acc__Specification3_spec__1_#t~ret6#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret6#1;havoc __utac_acc__Specification3_spec__1_#t~ret6#1; {1137#false} is VALID [2022-02-20 18:09:27,702 INFO L290 TraceCheckUtils]: 26: Hoare triple {1137#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {1137#false} is VALID [2022-02-20 18:09:27,703 INFO L290 TraceCheckUtils]: 27: Hoare triple {1137#false} __utac_acc__Specification3_spec__1_#t~ret7#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret7#1;havoc __utac_acc__Specification3_spec__1_#t~ret7#1; {1137#false} is VALID [2022-02-20 18:09:27,703 INFO L290 TraceCheckUtils]: 28: Hoare triple {1137#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {1137#false} is VALID [2022-02-20 18:09:27,703 INFO L290 TraceCheckUtils]: 29: Hoare triple {1137#false} assume !false; {1137#false} is VALID [2022-02-20 18:09:27,703 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:27,703 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:27,703 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:27,703 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1179716015] [2022-02-20 18:09:27,704 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1179716015] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:27,704 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:27,704 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:09:27,704 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1175921804] [2022-02-20 18:09:27,704 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:27,705 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:09:27,705 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:27,705 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:27,728 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 30 edges. 30 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:27,728 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:27,728 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:27,729 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:27,734 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:27,734 INFO L87 Difference]: Start difference. First operand 67 states and 86 transitions. Second operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:27,901 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:27,901 INFO L93 Difference]: Finished difference Result 186 states and 244 transitions. [2022-02-20 18:09:27,901 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:27,901 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:09:27,901 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:27,902 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:27,904 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 244 transitions. [2022-02-20 18:09:27,904 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:27,907 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 244 transitions. [2022-02-20 18:09:27,907 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 244 transitions. [2022-02-20 18:09:28,084 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 244 edges. 244 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:28,086 INFO L225 Difference]: With dead ends: 186 [2022-02-20 18:09:28,086 INFO L226 Difference]: Without dead ends: 126 [2022-02-20 18:09:28,087 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 29 GetRequests, 28 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:28,087 INFO L933 BasicCegarLoop]: 108 mSDtfsCounter, 66 mSDsluCounter, 76 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 66 SdHoareTripleChecker+Valid, 184 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:28,088 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [66 Valid, 184 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:28,088 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 126 states. [2022-02-20 18:09:28,104 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 126 to 121. [2022-02-20 18:09:28,105 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:28,105 INFO L82 GeneralOperation]: Start isEquivalent. First operand 126 states. Second operand has 121 states, 96 states have (on average 1.3541666666666667) internal successors, (130), 105 states have internal predecessors, (130), 14 states have call successors, (14), 10 states have call predecessors, (14), 10 states have return successors, (14), 12 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 18:09:28,107 INFO L74 IsIncluded]: Start isIncluded. First operand 126 states. Second operand has 121 states, 96 states have (on average 1.3541666666666667) internal successors, (130), 105 states have internal predecessors, (130), 14 states have call successors, (14), 10 states have call predecessors, (14), 10 states have return successors, (14), 12 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 18:09:28,107 INFO L87 Difference]: Start difference. First operand 126 states. Second operand has 121 states, 96 states have (on average 1.3541666666666667) internal successors, (130), 105 states have internal predecessors, (130), 14 states have call successors, (14), 10 states have call predecessors, (14), 10 states have return successors, (14), 12 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 18:09:28,110 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:28,112 INFO L93 Difference]: Finished difference Result 126 states and 163 transitions. [2022-02-20 18:09:28,112 INFO L276 IsEmpty]: Start isEmpty. Operand 126 states and 163 transitions. [2022-02-20 18:09:28,112 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:28,112 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:28,113 INFO L74 IsIncluded]: Start isIncluded. First operand has 121 states, 96 states have (on average 1.3541666666666667) internal successors, (130), 105 states have internal predecessors, (130), 14 states have call successors, (14), 10 states have call predecessors, (14), 10 states have return successors, (14), 12 states have call predecessors, (14), 14 states have call successors, (14) Second operand 126 states. [2022-02-20 18:09:28,113 INFO L87 Difference]: Start difference. First operand has 121 states, 96 states have (on average 1.3541666666666667) internal successors, (130), 105 states have internal predecessors, (130), 14 states have call successors, (14), 10 states have call predecessors, (14), 10 states have return successors, (14), 12 states have call predecessors, (14), 14 states have call successors, (14) Second operand 126 states. [2022-02-20 18:09:28,116 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:28,121 INFO L93 Difference]: Finished difference Result 126 states and 163 transitions. [2022-02-20 18:09:28,121 INFO L276 IsEmpty]: Start isEmpty. Operand 126 states and 163 transitions. [2022-02-20 18:09:28,122 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:28,122 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:28,122 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:28,122 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:28,123 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 121 states, 96 states have (on average 1.3541666666666667) internal successors, (130), 105 states have internal predecessors, (130), 14 states have call successors, (14), 10 states have call predecessors, (14), 10 states have return successors, (14), 12 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 18:09:28,130 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 121 states to 121 states and 158 transitions. [2022-02-20 18:09:28,131 INFO L78 Accepts]: Start accepts. Automaton has 121 states and 158 transitions. Word has length 30 [2022-02-20 18:09:28,131 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:28,131 INFO L470 AbstractCegarLoop]: Abstraction has 121 states and 158 transitions. [2022-02-20 18:09:28,131 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:28,131 INFO L276 IsEmpty]: Start isEmpty. Operand 121 states and 158 transitions. [2022-02-20 18:09:28,132 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2022-02-20 18:09:28,132 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:28,132 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:28,143 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Forceful destruction successful, exit code 0 [2022-02-20 18:09:28,343 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:28,346 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:28,346 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:28,346 INFO L85 PathProgramCache]: Analyzing trace with hash -1322642641, now seen corresponding path program 1 times [2022-02-20 18:09:28,346 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:28,347 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1887632462] [2022-02-20 18:09:28,347 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:28,347 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:28,347 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:28,348 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:28,349 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Waiting until timeout for monitored process [2022-02-20 18:09:28,392 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:28,394 INFO L263 TraceCheckSpWp]: Trace formula consists of 162 conjuncts, 4 conjunts are in the unsatisfiable core [2022-02-20 18:09:28,422 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:28,423 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:28,529 INFO L290 TraceCheckUtils]: 0: Hoare triple {1917#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(30bv32, 4bv32);call #Ultimate.allocInit(9bv32, 5bv32);call #Ultimate.allocInit(21bv32, 6bv32);call #Ultimate.allocInit(30bv32, 7bv32);call #Ultimate.allocInit(9bv32, 8bv32);call #Ultimate.allocInit(21bv32, 9bv32);call #Ultimate.allocInit(30bv32, 10bv32);call #Ultimate.allocInit(9bv32, 11bv32);call #Ultimate.allocInit(25bv32, 12bv32);call #Ultimate.allocInit(30bv32, 13bv32);call #Ultimate.allocInit(9bv32, 14bv32);call #Ultimate.allocInit(25bv32, 15bv32);call #Ultimate.allocInit(13bv32, 16bv32);call #Ultimate.allocInit(3bv32, 17bv32);call write~init~intINTTYPE1(79bv8, 17bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 17bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 17bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 18bv32);call write~init~intINTTYPE1(79bv8, 18bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 18bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 19bv32);call write~init~intINTTYPE1(44bv8, 19bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 19bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 19bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 19bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 19bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 19bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 19bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 20bv32);call write~init~intINTTYPE1(79bv8, 20bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 20bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 20bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 21bv32);call write~init~intINTTYPE1(79bv8, 21bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 21bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(41bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 23bv32);call write~init~intINTTYPE1(10bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 24bv32);call #Ultimate.allocInit(7bv32, 25bv32);call write~init~intINTTYPE1(44bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 25bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 25bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 25bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 25bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 26bv32);call write~init~intINTTYPE1(67bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 26bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(79bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(41bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~cleanupTimeShifts~0 := 4bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32; {1922#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:28,530 INFO L290 TraceCheckUtils]: 1: Hoare triple {1922#(= (_ bv0 32) ~pumpRunning~0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret4#1, main_~retValue_acc~0#1, main_~tmp~0#1;havoc main_~retValue_acc~0#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {1922#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:28,530 INFO L290 TraceCheckUtils]: 2: Hoare triple {1922#(= (_ bv0 32) ~pumpRunning~0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1922#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:28,530 INFO L290 TraceCheckUtils]: 3: Hoare triple {1922#(= (_ bv0 32) ~pumpRunning~0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~5#1;havoc valid_product_~retValue_acc~5#1;valid_product_~retValue_acc~5#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~5#1; {1922#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:28,531 INFO L290 TraceCheckUtils]: 4: Hoare triple {1922#(= (_ bv0 32) ~pumpRunning~0)} main_#t~ret4#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~0#1 := main_#t~ret4#1;havoc main_#t~ret4#1; {1922#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:28,531 INFO L290 TraceCheckUtils]: 5: Hoare triple {1922#(= (_ bv0 32) ~pumpRunning~0)} assume 0bv32 != main_~tmp~0#1;assume { :begin_inline_setup } true; {1922#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:28,531 INFO L290 TraceCheckUtils]: 6: Hoare triple {1922#(= (_ bv0 32) ~pumpRunning~0)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet44#1, test_#t~nondet45#1, test_#t~nondet46#1, test_#t~nondet47#1, test_~splverifierCounter~0#1, test_~tmp~8#1, test_~tmp___0~2#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~8#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {1922#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:28,532 INFO L290 TraceCheckUtils]: 7: Hoare triple {1922#(= (_ bv0 32) ~pumpRunning~0)} assume !false; {1922#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:28,532 INFO L290 TraceCheckUtils]: 8: Hoare triple {1922#(= (_ bv0 32) ~pumpRunning~0)} assume ~bvslt32(test_~splverifierCounter~0#1, 4bv32); {1922#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:28,532 INFO L290 TraceCheckUtils]: 9: Hoare triple {1922#(= (_ bv0 32) ~pumpRunning~0)} test_~tmp~8#1 := test_#t~nondet44#1;havoc test_#t~nondet44#1; {1922#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:28,532 INFO L290 TraceCheckUtils]: 10: Hoare triple {1922#(= (_ bv0 32) ~pumpRunning~0)} assume !(0bv32 != test_~tmp~8#1); {1922#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:28,533 INFO L290 TraceCheckUtils]: 11: Hoare triple {1922#(= (_ bv0 32) ~pumpRunning~0)} test_~tmp___0~2#1 := test_#t~nondet45#1;havoc test_#t~nondet45#1; {1922#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:28,533 INFO L290 TraceCheckUtils]: 12: Hoare triple {1922#(= (_ bv0 32) ~pumpRunning~0)} assume !(0bv32 != test_~tmp___0~2#1); {1922#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:28,534 INFO L290 TraceCheckUtils]: 13: Hoare triple {1922#(= (_ bv0 32) ~pumpRunning~0)} test_~tmp___2~0#1 := test_#t~nondet46#1;havoc test_#t~nondet46#1; {1922#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:28,534 INFO L290 TraceCheckUtils]: 14: Hoare triple {1922#(= (_ bv0 32) ~pumpRunning~0)} assume 0bv32 != test_~tmp___2~0#1; {1922#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:28,535 INFO L272 TraceCheckUtils]: 15: Hoare triple {1922#(= (_ bv0 32) ~pumpRunning~0)} call timeShift(); {1922#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:28,535 INFO L290 TraceCheckUtils]: 16: Hoare triple {1922#(= (_ bv0 32) ~pumpRunning~0)} assume !(0bv32 != ~pumpRunning~0); {1922#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:28,535 INFO L290 TraceCheckUtils]: 17: Hoare triple {1922#(= (_ bv0 32) ~pumpRunning~0)} assume 0bv32 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret32#1, processEnvironment_~tmp~5#1;havoc processEnvironment_~tmp~5#1; {1922#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:28,535 INFO L290 TraceCheckUtils]: 18: Hoare triple {1922#(= (_ bv0 32) ~pumpRunning~0)} assume !(0bv32 == ~pumpRunning~0); {1918#false} is VALID [2022-02-20 18:09:28,536 INFO L272 TraceCheckUtils]: 19: Hoare triple {1918#false} call processEnvironment__wrappee__base(); {1918#false} is VALID [2022-02-20 18:09:28,536 INFO L290 TraceCheckUtils]: 20: Hoare triple {1918#false} assume true; {1918#false} is VALID [2022-02-20 18:09:28,536 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {1918#false} {1918#false} #231#return; {1918#false} is VALID [2022-02-20 18:09:28,536 INFO L290 TraceCheckUtils]: 22: Hoare triple {1918#false} assume { :end_inline_processEnvironment } true; {1918#false} is VALID [2022-02-20 18:09:28,536 INFO L290 TraceCheckUtils]: 23: Hoare triple {1918#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret5#1, __utac_acc__Specification3_spec__1_#t~ret6#1, __utac_acc__Specification3_spec__1_#t~ret7#1, __utac_acc__Specification3_spec__1_~tmp~1#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~1#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {1918#false} is VALID [2022-02-20 18:09:28,536 INFO L272 TraceCheckUtils]: 24: Hoare triple {1918#false} call __utac_acc__Specification3_spec__1_#t~ret5#1 := isMethaneLevelCritical(); {1918#false} is VALID [2022-02-20 18:09:28,536 INFO L290 TraceCheckUtils]: 25: Hoare triple {1918#false} havoc ~retValue_acc~9;~retValue_acc~9 := ~methaneLevelCritical~0;#res := ~retValue_acc~9; {1918#false} is VALID [2022-02-20 18:09:28,536 INFO L290 TraceCheckUtils]: 26: Hoare triple {1918#false} assume true; {1918#false} is VALID [2022-02-20 18:09:28,536 INFO L284 TraceCheckUtils]: 27: Hoare quadruple {1918#false} {1918#false} #233#return; {1918#false} is VALID [2022-02-20 18:09:28,536 INFO L290 TraceCheckUtils]: 28: Hoare triple {1918#false} __utac_acc__Specification3_spec__1_~tmp~1#1 := __utac_acc__Specification3_spec__1_#t~ret5#1;havoc __utac_acc__Specification3_spec__1_#t~ret5#1; {1918#false} is VALID [2022-02-20 18:09:28,536 INFO L290 TraceCheckUtils]: 29: Hoare triple {1918#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~1#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~10#1;havoc getWaterLevel_~retValue_acc~10#1;getWaterLevel_~retValue_acc~10#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~10#1; {1918#false} is VALID [2022-02-20 18:09:28,536 INFO L290 TraceCheckUtils]: 30: Hoare triple {1918#false} __utac_acc__Specification3_spec__1_#t~ret6#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret6#1;havoc __utac_acc__Specification3_spec__1_#t~ret6#1; {1918#false} is VALID [2022-02-20 18:09:28,537 INFO L290 TraceCheckUtils]: 31: Hoare triple {1918#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {1918#false} is VALID [2022-02-20 18:09:28,537 INFO L290 TraceCheckUtils]: 32: Hoare triple {1918#false} __utac_acc__Specification3_spec__1_#t~ret7#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret7#1;havoc __utac_acc__Specification3_spec__1_#t~ret7#1; {1918#false} is VALID [2022-02-20 18:09:28,537 INFO L290 TraceCheckUtils]: 33: Hoare triple {1918#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {1918#false} is VALID [2022-02-20 18:09:28,537 INFO L290 TraceCheckUtils]: 34: Hoare triple {1918#false} assume !false; {1918#false} is VALID [2022-02-20 18:09:28,537 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:28,537 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:28,537 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:28,537 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1887632462] [2022-02-20 18:09:28,537 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1887632462] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:28,539 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:28,539 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:09:28,539 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1579421538] [2022-02-20 18:09:28,539 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:28,540 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 2 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 35 [2022-02-20 18:09:28,540 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:28,540 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 10.0) internal successors, (30), 2 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:09:28,568 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 35 edges. 35 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:28,568 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:28,568 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:28,569 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:28,569 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:28,569 INFO L87 Difference]: Start difference. First operand 121 states and 158 transitions. Second operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 2 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:09:28,689 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:28,689 INFO L93 Difference]: Finished difference Result 316 states and 419 transitions. [2022-02-20 18:09:28,689 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:28,690 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 2 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 35 [2022-02-20 18:09:28,690 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:28,690 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 2 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:09:28,692 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 222 transitions. [2022-02-20 18:09:28,692 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 2 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:09:28,695 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 222 transitions. [2022-02-20 18:09:28,695 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 222 transitions. [2022-02-20 18:09:28,836 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 222 edges. 222 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:28,840 INFO L225 Difference]: With dead ends: 316 [2022-02-20 18:09:28,840 INFO L226 Difference]: Without dead ends: 202 [2022-02-20 18:09:28,841 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 34 GetRequests, 33 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:28,842 INFO L933 BasicCegarLoop]: 87 mSDtfsCounter, 59 mSDsluCounter, 53 mSDsCounter, 0 mSdLazyCounter, 8 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 59 SdHoareTripleChecker+Valid, 140 SdHoareTripleChecker+Invalid, 14 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 8 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:28,842 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [59 Valid, 140 Invalid, 14 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 8 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:28,842 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 202 states. [2022-02-20 18:09:28,851 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 202 to 200. [2022-02-20 18:09:28,851 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:28,851 INFO L82 GeneralOperation]: Start isEquivalent. First operand 202 states. Second operand has 200 states, 157 states have (on average 1.3375796178343948) internal successors, (210), 170 states have internal predecessors, (210), 22 states have call successors, (22), 20 states have call predecessors, (22), 20 states have return successors, (26), 22 states have call predecessors, (26), 22 states have call successors, (26) [2022-02-20 18:09:28,852 INFO L74 IsIncluded]: Start isIncluded. First operand 202 states. Second operand has 200 states, 157 states have (on average 1.3375796178343948) internal successors, (210), 170 states have internal predecessors, (210), 22 states have call successors, (22), 20 states have call predecessors, (22), 20 states have return successors, (26), 22 states have call predecessors, (26), 22 states have call successors, (26) [2022-02-20 18:09:28,852 INFO L87 Difference]: Start difference. First operand 202 states. Second operand has 200 states, 157 states have (on average 1.3375796178343948) internal successors, (210), 170 states have internal predecessors, (210), 22 states have call successors, (22), 20 states have call predecessors, (22), 20 states have return successors, (26), 22 states have call predecessors, (26), 22 states have call successors, (26) [2022-02-20 18:09:28,857 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:28,857 INFO L93 Difference]: Finished difference Result 202 states and 259 transitions. [2022-02-20 18:09:28,857 INFO L276 IsEmpty]: Start isEmpty. Operand 202 states and 259 transitions. [2022-02-20 18:09:28,858 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:28,858 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:28,858 INFO L74 IsIncluded]: Start isIncluded. First operand has 200 states, 157 states have (on average 1.3375796178343948) internal successors, (210), 170 states have internal predecessors, (210), 22 states have call successors, (22), 20 states have call predecessors, (22), 20 states have return successors, (26), 22 states have call predecessors, (26), 22 states have call successors, (26) Second operand 202 states. [2022-02-20 18:09:28,859 INFO L87 Difference]: Start difference. First operand has 200 states, 157 states have (on average 1.3375796178343948) internal successors, (210), 170 states have internal predecessors, (210), 22 states have call successors, (22), 20 states have call predecessors, (22), 20 states have return successors, (26), 22 states have call predecessors, (26), 22 states have call successors, (26) Second operand 202 states. [2022-02-20 18:09:28,864 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:28,864 INFO L93 Difference]: Finished difference Result 202 states and 259 transitions. [2022-02-20 18:09:28,864 INFO L276 IsEmpty]: Start isEmpty. Operand 202 states and 259 transitions. [2022-02-20 18:09:28,864 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:28,864 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:28,864 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:28,864 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:28,865 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 200 states, 157 states have (on average 1.3375796178343948) internal successors, (210), 170 states have internal predecessors, (210), 22 states have call successors, (22), 20 states have call predecessors, (22), 20 states have return successors, (26), 22 states have call predecessors, (26), 22 states have call successors, (26) [2022-02-20 18:09:28,870 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 200 states to 200 states and 258 transitions. [2022-02-20 18:09:28,870 INFO L78 Accepts]: Start accepts. Automaton has 200 states and 258 transitions. Word has length 35 [2022-02-20 18:09:28,870 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:28,870 INFO L470 AbstractCegarLoop]: Abstraction has 200 states and 258 transitions. [2022-02-20 18:09:28,870 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 2 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:09:28,870 INFO L276 IsEmpty]: Start isEmpty. Operand 200 states and 258 transitions. [2022-02-20 18:09:28,871 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-02-20 18:09:28,871 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:28,871 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:28,880 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Forceful destruction successful, exit code 0 [2022-02-20 18:09:29,078 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:29,078 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:29,078 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:29,078 INFO L85 PathProgramCache]: Analyzing trace with hash -1351645467, now seen corresponding path program 1 times [2022-02-20 18:09:29,078 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:29,079 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [899237108] [2022-02-20 18:09:29,079 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:29,079 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:29,079 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:29,080 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:29,081 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Waiting until timeout for monitored process [2022-02-20 18:09:29,119 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:29,121 INFO L263 TraceCheckSpWp]: Trace formula consists of 160 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 18:09:29,139 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:29,140 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:29,255 INFO L290 TraceCheckUtils]: 0: Hoare triple {3156#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(30bv32, 4bv32);call #Ultimate.allocInit(9bv32, 5bv32);call #Ultimate.allocInit(21bv32, 6bv32);call #Ultimate.allocInit(30bv32, 7bv32);call #Ultimate.allocInit(9bv32, 8bv32);call #Ultimate.allocInit(21bv32, 9bv32);call #Ultimate.allocInit(30bv32, 10bv32);call #Ultimate.allocInit(9bv32, 11bv32);call #Ultimate.allocInit(25bv32, 12bv32);call #Ultimate.allocInit(30bv32, 13bv32);call #Ultimate.allocInit(9bv32, 14bv32);call #Ultimate.allocInit(25bv32, 15bv32);call #Ultimate.allocInit(13bv32, 16bv32);call #Ultimate.allocInit(3bv32, 17bv32);call write~init~intINTTYPE1(79bv8, 17bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 17bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 17bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 18bv32);call write~init~intINTTYPE1(79bv8, 18bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 18bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 19bv32);call write~init~intINTTYPE1(44bv8, 19bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 19bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 19bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 19bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 19bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 19bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 19bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 20bv32);call write~init~intINTTYPE1(79bv8, 20bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 20bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 20bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 21bv32);call write~init~intINTTYPE1(79bv8, 21bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 21bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(41bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 23bv32);call write~init~intINTTYPE1(10bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 24bv32);call #Ultimate.allocInit(7bv32, 25bv32);call write~init~intINTTYPE1(44bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 25bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 25bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 25bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 25bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 26bv32);call write~init~intINTTYPE1(67bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 26bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(79bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(41bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~cleanupTimeShifts~0 := 4bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32; {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,256 INFO L290 TraceCheckUtils]: 1: Hoare triple {3161#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret4#1, main_~retValue_acc~0#1, main_~tmp~0#1;havoc main_~retValue_acc~0#1;havoc main_~tmp~0#1;assume { :begin_inline_select_helpers } true; {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,266 INFO L290 TraceCheckUtils]: 2: Hoare triple {3161#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,267 INFO L290 TraceCheckUtils]: 3: Hoare triple {3161#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~5#1;havoc valid_product_~retValue_acc~5#1;valid_product_~retValue_acc~5#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~5#1; {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,267 INFO L290 TraceCheckUtils]: 4: Hoare triple {3161#(= ~waterLevel~0 (_ bv1 32))} main_#t~ret4#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~0#1 := main_#t~ret4#1;havoc main_#t~ret4#1; {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,268 INFO L290 TraceCheckUtils]: 5: Hoare triple {3161#(= ~waterLevel~0 (_ bv1 32))} assume 0bv32 != main_~tmp~0#1;assume { :begin_inline_setup } true; {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,269 INFO L290 TraceCheckUtils]: 6: Hoare triple {3161#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet44#1, test_#t~nondet45#1, test_#t~nondet46#1, test_#t~nondet47#1, test_~splverifierCounter~0#1, test_~tmp~8#1, test_~tmp___0~2#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~8#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,269 INFO L290 TraceCheckUtils]: 7: Hoare triple {3161#(= ~waterLevel~0 (_ bv1 32))} assume !false; {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,269 INFO L290 TraceCheckUtils]: 8: Hoare triple {3161#(= ~waterLevel~0 (_ bv1 32))} assume ~bvslt32(test_~splverifierCounter~0#1, 4bv32); {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,270 INFO L290 TraceCheckUtils]: 9: Hoare triple {3161#(= ~waterLevel~0 (_ bv1 32))} test_~tmp~8#1 := test_#t~nondet44#1;havoc test_#t~nondet44#1; {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,270 INFO L290 TraceCheckUtils]: 10: Hoare triple {3161#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != test_~tmp~8#1); {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,270 INFO L290 TraceCheckUtils]: 11: Hoare triple {3161#(= ~waterLevel~0 (_ bv1 32))} test_~tmp___0~2#1 := test_#t~nondet45#1;havoc test_#t~nondet45#1; {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,271 INFO L290 TraceCheckUtils]: 12: Hoare triple {3161#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___0~2#1); {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,271 INFO L290 TraceCheckUtils]: 13: Hoare triple {3161#(= ~waterLevel~0 (_ bv1 32))} test_~tmp___2~0#1 := test_#t~nondet46#1;havoc test_#t~nondet46#1; {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,271 INFO L290 TraceCheckUtils]: 14: Hoare triple {3161#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___2~0#1);test_~tmp___1~1#1 := test_#t~nondet47#1;havoc test_#t~nondet47#1; {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,272 INFO L290 TraceCheckUtils]: 15: Hoare triple {3161#(= ~waterLevel~0 (_ bv1 32))} assume 0bv32 != test_~tmp___1~1#1;assume { :begin_inline_stopSystem } true; {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,272 INFO L290 TraceCheckUtils]: 16: Hoare triple {3161#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,272 INFO L290 TraceCheckUtils]: 17: Hoare triple {3161#(= ~waterLevel~0 (_ bv1 32))} ~systemActive~0 := 0bv32; {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,273 INFO L290 TraceCheckUtils]: 18: Hoare triple {3161#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_stopSystem } true; {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,273 INFO L272 TraceCheckUtils]: 19: Hoare triple {3161#(= ~waterLevel~0 (_ bv1 32))} call timeShift(); {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,273 INFO L290 TraceCheckUtils]: 20: Hoare triple {3161#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,274 INFO L290 TraceCheckUtils]: 21: Hoare triple {3161#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != ~systemActive~0); {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,274 INFO L290 TraceCheckUtils]: 22: Hoare triple {3161#(= ~waterLevel~0 (_ bv1 32))} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret5#1, __utac_acc__Specification3_spec__1_#t~ret6#1, __utac_acc__Specification3_spec__1_#t~ret7#1, __utac_acc__Specification3_spec__1_~tmp~1#1, __utac_acc__Specification3_spec__1_~tmp___0~0#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~1#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~0#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,274 INFO L272 TraceCheckUtils]: 23: Hoare triple {3161#(= ~waterLevel~0 (_ bv1 32))} call __utac_acc__Specification3_spec__1_#t~ret5#1 := isMethaneLevelCritical(); {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,274 INFO L290 TraceCheckUtils]: 24: Hoare triple {3161#(= ~waterLevel~0 (_ bv1 32))} havoc ~retValue_acc~9;~retValue_acc~9 := ~methaneLevelCritical~0;#res := ~retValue_acc~9; {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,275 INFO L290 TraceCheckUtils]: 25: Hoare triple {3161#(= ~waterLevel~0 (_ bv1 32))} assume true; {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,275 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {3161#(= ~waterLevel~0 (_ bv1 32))} {3161#(= ~waterLevel~0 (_ bv1 32))} #233#return; {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,276 INFO L290 TraceCheckUtils]: 27: Hoare triple {3161#(= ~waterLevel~0 (_ bv1 32))} __utac_acc__Specification3_spec__1_~tmp~1#1 := __utac_acc__Specification3_spec__1_#t~ret5#1;havoc __utac_acc__Specification3_spec__1_#t~ret5#1; {3161#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:29,276 INFO L290 TraceCheckUtils]: 28: Hoare triple {3161#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~1#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~10#1;havoc getWaterLevel_~retValue_acc~10#1;getWaterLevel_~retValue_acc~10#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~10#1; {3246#(= |timeShift_getWaterLevel_#res#1| (_ bv1 32))} is VALID [2022-02-20 18:09:29,276 INFO L290 TraceCheckUtils]: 29: Hoare triple {3246#(= |timeShift_getWaterLevel_#res#1| (_ bv1 32))} __utac_acc__Specification3_spec__1_#t~ret6#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~0#1 := __utac_acc__Specification3_spec__1_#t~ret6#1;havoc __utac_acc__Specification3_spec__1_#t~ret6#1; {3250#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1| (_ bv1 32))} is VALID [2022-02-20 18:09:29,277 INFO L290 TraceCheckUtils]: 30: Hoare triple {3250#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1| (_ bv1 32))} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~0#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~7#1;havoc isPumpRunning_~retValue_acc~7#1;isPumpRunning_~retValue_acc~7#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; {3157#false} is VALID [2022-02-20 18:09:29,277 INFO L290 TraceCheckUtils]: 31: Hoare triple {3157#false} __utac_acc__Specification3_spec__1_#t~ret7#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret7#1;havoc __utac_acc__Specification3_spec__1_#t~ret7#1; {3157#false} is VALID [2022-02-20 18:09:29,277 INFO L290 TraceCheckUtils]: 32: Hoare triple {3157#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {3157#false} is VALID [2022-02-20 18:09:29,277 INFO L290 TraceCheckUtils]: 33: Hoare triple {3157#false} assume !false; {3157#false} is VALID [2022-02-20 18:09:29,277 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:29,277 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:29,278 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:29,278 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [899237108] [2022-02-20 18:09:29,278 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [899237108] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:29,278 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:29,278 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 18:09:29,278 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [90119610] [2022-02-20 18:09:29,278 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:29,279 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-20 18:09:29,279 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:29,279 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:29,302 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 34 edges. 34 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:29,303 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 18:09:29,303 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:29,303 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 18:09:29,303 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 18:09:29,304 INFO L87 Difference]: Start difference. First operand 200 states and 258 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:29,571 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:29,572 INFO L93 Difference]: Finished difference Result 568 states and 760 transitions. [2022-02-20 18:09:29,572 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 18:09:29,572 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-20 18:09:29,572 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:29,573 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:29,576 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 241 transitions. [2022-02-20 18:09:29,576 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:29,579 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 241 transitions. [2022-02-20 18:09:29,579 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 241 transitions. [2022-02-20 18:09:29,746 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 241 edges. 241 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:29,756 INFO L225 Difference]: With dead ends: 568 [2022-02-20 18:09:29,757 INFO L226 Difference]: Without dead ends: 375 [2022-02-20 18:09:29,758 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 35 GetRequests, 30 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-02-20 18:09:29,758 INFO L933 BasicCegarLoop]: 89 mSDtfsCounter, 49 mSDsluCounter, 247 mSDsCounter, 0 mSdLazyCounter, 26 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 49 SdHoareTripleChecker+Valid, 336 SdHoareTripleChecker+Invalid, 29 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 26 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:29,758 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [49 Valid, 336 Invalid, 29 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 26 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:29,759 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 375 states. [2022-02-20 18:09:29,775 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 375 to 363. [2022-02-20 18:09:29,776 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:29,777 INFO L82 GeneralOperation]: Start isEquivalent. First operand 375 states. Second operand has 363 states, 286 states have (on average 1.3041958041958042) internal successors, (373), 305 states have internal predecessors, (373), 42 states have call successors, (42), 38 states have call predecessors, (42), 34 states have return successors, (54), 38 states have call predecessors, (54), 42 states have call successors, (54) [2022-02-20 18:09:29,777 INFO L74 IsIncluded]: Start isIncluded. First operand 375 states. Second operand has 363 states, 286 states have (on average 1.3041958041958042) internal successors, (373), 305 states have internal predecessors, (373), 42 states have call successors, (42), 38 states have call predecessors, (42), 34 states have return successors, (54), 38 states have call predecessors, (54), 42 states have call successors, (54) [2022-02-20 18:09:29,778 INFO L87 Difference]: Start difference. First operand 375 states. Second operand has 363 states, 286 states have (on average 1.3041958041958042) internal successors, (373), 305 states have internal predecessors, (373), 42 states have call successors, (42), 38 states have call predecessors, (42), 34 states have return successors, (54), 38 states have call predecessors, (54), 42 states have call successors, (54) [2022-02-20 18:09:29,793 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:29,793 INFO L93 Difference]: Finished difference Result 375 states and 485 transitions. [2022-02-20 18:09:29,794 INFO L276 IsEmpty]: Start isEmpty. Operand 375 states and 485 transitions. [2022-02-20 18:09:29,795 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:29,795 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:29,796 INFO L74 IsIncluded]: Start isIncluded. First operand has 363 states, 286 states have (on average 1.3041958041958042) internal successors, (373), 305 states have internal predecessors, (373), 42 states have call successors, (42), 38 states have call predecessors, (42), 34 states have return successors, (54), 38 states have call predecessors, (54), 42 states have call successors, (54) Second operand 375 states. [2022-02-20 18:09:29,797 INFO L87 Difference]: Start difference. First operand has 363 states, 286 states have (on average 1.3041958041958042) internal successors, (373), 305 states have internal predecessors, (373), 42 states have call successors, (42), 38 states have call predecessors, (42), 34 states have return successors, (54), 38 states have call predecessors, (54), 42 states have call successors, (54) Second operand 375 states. [2022-02-20 18:09:29,807 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:29,808 INFO L93 Difference]: Finished difference Result 375 states and 485 transitions. [2022-02-20 18:09:29,808 INFO L276 IsEmpty]: Start isEmpty. Operand 375 states and 485 transitions. [2022-02-20 18:09:29,809 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:29,809 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:29,809 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:29,809 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:29,810 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 363 states, 286 states have (on average 1.3041958041958042) internal successors, (373), 305 states have internal predecessors, (373), 42 states have call successors, (42), 38 states have call predecessors, (42), 34 states have return successors, (54), 38 states have call predecessors, (54), 42 states have call successors, (54) [2022-02-20 18:09:29,823 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 363 states to 363 states and 469 transitions. [2022-02-20 18:09:29,824 INFO L78 Accepts]: Start accepts. Automaton has 363 states and 469 transitions. Word has length 34 [2022-02-20 18:09:29,824 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:29,824 INFO L470 AbstractCegarLoop]: Abstraction has 363 states and 469 transitions. [2022-02-20 18:09:29,824 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:29,824 INFO L276 IsEmpty]: Start isEmpty. Operand 363 states and 469 transitions. [2022-02-20 18:09:29,825 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-02-20 18:09:29,825 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:29,825 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:29,834 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Forceful destruction successful, exit code 0 [2022-02-20 18:09:30,034 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:30,034 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:30,035 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:30,035 INFO L85 PathProgramCache]: Analyzing trace with hash -259884917, now seen corresponding path program 1 times [2022-02-20 18:09:30,035 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:30,035 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1634739900] [2022-02-20 18:09:30,035 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:30,035 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:30,035 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:30,036 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:30,037 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Waiting until timeout for monitored process [2022-02-20 18:09:30,084 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:09:30,084 INFO L352 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2022-02-20 18:09:30,104 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:09:30,131 INFO L138 FreeRefinementEngine]: Strategy WOLF found a feasible trace [2022-02-20 18:09:30,131 INFO L628 BasicCegarLoop]: Counterexample is feasible [2022-02-20 18:09:30,132 INFO L764 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-02-20 18:09:30,168 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Forceful destruction successful, exit code 0 [2022-02-20 18:09:30,339 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:30,348 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1] [2022-02-20 18:09:30,350 INFO L180 ceAbstractionStarter]: Computing trace abstraction results [2022-02-20 18:09:30,368 FATAL L489 DefaultTranslator]: Callstack has procedure call flag but succeeding procedure is empty at [CALL] call waterRise(); [2022-02-20 18:09:30,370 FATAL L? ?]: The Plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction has thrown an exception: java.lang.AssertionError: callstack broken after backtranslation by InlinerBacktranslator at de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:216) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:206) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getProgramExecutionAsString(CounterExampleResult.java:155) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getLongDescription(CounterExampleResult.java:134) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ResultService.reportResult(ResultService.java:86) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.CegarLoopResultReporter.reportResult(CegarLoopResultReporter.java:141) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.reportLocationResults(TraceAbstractionStarter.java:607) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.runCegarLoops(TraceAbstractionStarter.java:182) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.(TraceAbstractionStarter.java:156) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver.finish(TraceAbstractionObserver.java:123) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runObserver(PluginConnector.java:168) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runTool(PluginConnector.java:151) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.run(PluginConnector.java:128) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.executePluginConnector(ToolchainWalker.java:232) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.processPlugin(ToolchainWalker.java:226) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walkUnprotected(ToolchainWalker.java:142) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walk(ToolchainWalker.java:104) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainManager$Toolchain.processToolchain(ToolchainManager.java:320) at de.uni_freiburg.informatik.ultimate.core.coreplugin.toolchain.DefaultToolchainJob.run(DefaultToolchainJob.java:145) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:63) [2022-02-20 18:09:30,372 INFO L158 Benchmark]: Toolchain (without parser) took 5532.07ms. Allocated memory was 58.7MB in the beginning and 104.9MB in the end (delta: 46.1MB). Free memory was 36.3MB in the beginning and 60.3MB in the end (delta: -23.9MB). Peak memory consumption was 23.5MB. Max. memory is 16.1GB. [2022-02-20 18:09:30,372 INFO L158 Benchmark]: CDTParser took 0.17ms. Allocated memory is still 58.7MB. Free memory was 40.3MB in the beginning and 40.2MB in the end (delta: 46.5kB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:09:30,372 INFO L158 Benchmark]: CACSL2BoogieTranslator took 459.72ms. Allocated memory is still 58.7MB. Free memory was 36.2MB in the beginning and 38.1MB in the end (delta: -1.9MB). Peak memory consumption was 17.2MB. Max. memory is 16.1GB. [2022-02-20 18:09:30,373 INFO L158 Benchmark]: Boogie Procedure Inliner took 47.73ms. Allocated memory is still 58.7MB. Free memory was 38.1MB in the beginning and 35.2MB in the end (delta: 2.9MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:09:30,373 INFO L158 Benchmark]: Boogie Preprocessor took 22.49ms. Allocated memory is still 58.7MB. Free memory was 35.2MB in the beginning and 33.4MB in the end (delta: 1.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:09:30,373 INFO L158 Benchmark]: RCFGBuilder took 498.29ms. Allocated memory was 58.7MB in the beginning and 71.3MB in the end (delta: 12.6MB). Free memory was 33.4MB in the beginning and 44.2MB in the end (delta: -10.8MB). Peak memory consumption was 11.5MB. Max. memory is 16.1GB. [2022-02-20 18:09:30,373 INFO L158 Benchmark]: TraceAbstraction took 4492.59ms. Allocated memory was 71.3MB in the beginning and 104.9MB in the end (delta: 33.6MB). Free memory was 43.9MB in the beginning and 60.3MB in the end (delta: -16.4MB). Peak memory consumption was 15.7MB. Max. memory is 16.1GB. [2022-02-20 18:09:30,374 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.17ms. Allocated memory is still 58.7MB. Free memory was 40.3MB in the beginning and 40.2MB in the end (delta: 46.5kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 459.72ms. Allocated memory is still 58.7MB. Free memory was 36.2MB in the beginning and 38.1MB in the end (delta: -1.9MB). Peak memory consumption was 17.2MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 47.73ms. Allocated memory is still 58.7MB. Free memory was 38.1MB in the beginning and 35.2MB in the end (delta: 2.9MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 22.49ms. Allocated memory is still 58.7MB. Free memory was 35.2MB in the beginning and 33.4MB in the end (delta: 1.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 498.29ms. Allocated memory was 58.7MB in the beginning and 71.3MB in the end (delta: 12.6MB). Free memory was 33.4MB in the beginning and 44.2MB in the end (delta: -10.8MB). Peak memory consumption was 11.5MB. Max. memory is 16.1GB. * TraceAbstraction took 4492.59ms. Allocated memory was 71.3MB in the beginning and 104.9MB in the end (delta: 33.6MB). Free memory was 43.9MB in the beginning and 60.3MB in the end (delta: -16.4MB). Peak memory consumption was 15.7MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: AssertionError: callstack broken after backtranslation by InlinerBacktranslator: de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) RESULT: Ultimate could not prove your program: Toolchain returned no result. [2022-02-20 18:09:30,401 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: ERROR: ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator