./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec3_product55.cil.c --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 03d7b7b3 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_product55.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash ee424d693dfd8c88be1863ebdbdf37ea7e1818258f96fab9b4ff8bf142707b41 --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 18:09:35,336 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 18:09:35,338 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 18:09:35,371 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 18:09:35,372 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 18:09:35,374 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 18:09:35,375 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 18:09:35,378 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 18:09:35,379 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 18:09:35,382 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 18:09:35,383 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 18:09:35,384 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 18:09:35,384 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 18:09:35,386 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 18:09:35,387 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 18:09:35,389 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 18:09:35,390 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 18:09:35,390 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 18:09:35,392 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 18:09:35,396 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 18:09:35,397 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 18:09:35,397 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 18:09:35,398 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 18:09:35,399 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 18:09:35,404 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 18:09:35,404 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 18:09:35,404 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 18:09:35,406 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 18:09:35,406 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 18:09:35,406 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 18:09:35,407 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 18:09:35,408 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 18:09:35,409 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 18:09:35,410 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 18:09:35,411 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 18:09:35,411 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 18:09:35,412 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 18:09:35,412 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 18:09:35,412 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 18:09:35,412 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 18:09:35,413 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 18:09:35,414 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-02-20 18:09:35,436 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 18:09:35,437 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 18:09:35,437 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 18:09:35,437 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 18:09:35,438 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 18:09:35,438 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 18:09:35,439 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 18:09:35,439 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 18:09:35,439 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 18:09:35,439 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 18:09:35,440 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 18:09:35,440 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 18:09:35,440 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 18:09:35,440 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 18:09:35,440 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-02-20 18:09:35,440 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 18:09:35,441 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-02-20 18:09:35,441 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 18:09:35,441 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-02-20 18:09:35,441 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 18:09:35,441 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-02-20 18:09:35,441 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 18:09:35,442 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 18:09:35,442 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 18:09:35,442 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:09:35,442 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 18:09:35,442 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 18:09:35,442 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-02-20 18:09:35,443 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-02-20 18:09:35,443 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-02-20 18:09:35,443 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2022-02-20 18:09:35,443 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-02-20 18:09:35,443 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-02-20 18:09:35,443 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> ee424d693dfd8c88be1863ebdbdf37ea7e1818258f96fab9b4ff8bf142707b41 [2022-02-20 18:09:35,660 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 18:09:35,693 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 18:09:35,695 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 18:09:35,696 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 18:09:35,697 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 18:09:35,698 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_product55.cil.c [2022-02-20 18:09:35,752 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/17ace3a80/5c775ec01e8b47628caadc6662dd7850/FLAG614581932 [2022-02-20 18:09:36,104 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 18:09:36,107 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product55.cil.c [2022-02-20 18:09:36,126 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/17ace3a80/5c775ec01e8b47628caadc6662dd7850/FLAG614581932 [2022-02-20 18:09:36,510 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/17ace3a80/5c775ec01e8b47628caadc6662dd7850 [2022-02-20 18:09:36,513 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 18:09:36,514 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 18:09:36,517 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 18:09:36,517 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 18:09:36,521 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 18:09:36,522 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:09:36" (1/1) ... [2022-02-20 18:09:36,523 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@3d6846df and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:36, skipping insertion in model container [2022-02-20 18:09:36,523 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:09:36" (1/1) ... [2022-02-20 18:09:36,527 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 18:09:36,565 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:09:36,696 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product55.cil.c[3777,3790] [2022-02-20 18:09:36,778 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:09:36,784 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 18:09:36,809 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product55.cil.c[3777,3790] [2022-02-20 18:09:36,854 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:09:36,865 INFO L208 MainTranslator]: Completed translation [2022-02-20 18:09:36,866 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:36 WrapperNode [2022-02-20 18:09:36,866 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 18:09:36,867 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 18:09:36,867 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 18:09:36,867 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 18:09:36,876 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:36" (1/1) ... [2022-02-20 18:09:36,886 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:36" (1/1) ... [2022-02-20 18:09:36,915 INFO L137 Inliner]: procedures = 57, calls = 161, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 286 [2022-02-20 18:09:36,915 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 18:09:36,916 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 18:09:36,916 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 18:09:36,916 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 18:09:36,926 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:36" (1/1) ... [2022-02-20 18:09:36,926 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:36" (1/1) ... [2022-02-20 18:09:36,935 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:36" (1/1) ... [2022-02-20 18:09:36,938 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:36" (1/1) ... [2022-02-20 18:09:36,942 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:36" (1/1) ... [2022-02-20 18:09:36,955 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:36" (1/1) ... [2022-02-20 18:09:36,957 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:36" (1/1) ... [2022-02-20 18:09:36,962 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 18:09:36,963 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 18:09:36,963 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 18:09:36,963 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 18:09:36,964 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:36" (1/1) ... [2022-02-20 18:09:36,968 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:09:36,975 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 18:09:36,985 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 18:09:36,987 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 18:09:37,010 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 18:09:37,011 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-02-20 18:09:37,011 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-02-20 18:09:37,012 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-02-20 18:09:37,012 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-02-20 18:09:37,012 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-02-20 18:09:37,012 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-02-20 18:09:37,012 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-02-20 18:09:37,015 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-02-20 18:09:37,015 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-02-20 18:09:37,015 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-02-20 18:09:37,015 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-02-20 18:09:37,015 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-02-20 18:09:37,015 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2022-02-20 18:09:37,015 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2022-02-20 18:09:37,015 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-02-20 18:09:37,016 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-02-20 18:09:37,016 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-02-20 18:09:37,016 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-02-20 18:09:37,016 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-02-20 18:09:37,016 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 18:09:37,016 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 18:09:37,083 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 18:09:37,085 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 18:09:37,512 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 18:09:37,517 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 18:09:37,517 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-02-20 18:09:37,519 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:09:37 BoogieIcfgContainer [2022-02-20 18:09:37,519 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 18:09:37,520 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 18:09:37,520 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 18:09:37,524 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 18:09:37,525 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 06:09:36" (1/3) ... [2022-02-20 18:09:37,525 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7d8050a2 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:09:37, skipping insertion in model container [2022-02-20 18:09:37,525 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:36" (2/3) ... [2022-02-20 18:09:37,526 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7d8050a2 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:09:37, skipping insertion in model container [2022-02-20 18:09:37,526 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:09:37" (3/3) ... [2022-02-20 18:09:37,527 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product55.cil.c [2022-02-20 18:09:37,532 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 18:09:37,532 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-02-20 18:09:37,567 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 18:09:37,571 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 18:09:37,571 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-02-20 18:09:37,586 INFO L276 IsEmpty]: Start isEmpty. Operand has 106 states, 78 states have (on average 1.3846153846153846) internal successors, (108), 89 states have internal predecessors, (108), 17 states have call successors, (17), 9 states have call predecessors, (17), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) [2022-02-20 18:09:37,600 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 18:09:37,601 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:37,602 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:37,602 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:37,606 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:37,606 INFO L85 PathProgramCache]: Analyzing trace with hash -460090863, now seen corresponding path program 1 times [2022-02-20 18:09:37,613 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:37,613 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [268942973] [2022-02-20 18:09:37,613 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:37,614 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:37,757 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:37,835 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-02-20 18:09:37,841 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:37,852 INFO L290 TraceCheckUtils]: 0: Hoare triple {109#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {109#true} is VALID [2022-02-20 18:09:37,853 INFO L290 TraceCheckUtils]: 1: Hoare triple {109#true} assume true; {109#true} is VALID [2022-02-20 18:09:37,853 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {109#true} {110#false} #273#return; {110#false} is VALID [2022-02-20 18:09:37,858 INFO L290 TraceCheckUtils]: 0: Hoare triple {109#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(30, 9);call #Ultimate.allocInit(9, 10);call #Ultimate.allocInit(21, 11);call #Ultimate.allocInit(30, 12);call #Ultimate.allocInit(9, 13);call #Ultimate.allocInit(21, 14);call #Ultimate.allocInit(30, 15);call #Ultimate.allocInit(9, 16);call #Ultimate.allocInit(25, 17);call #Ultimate.allocInit(30, 18);call #Ultimate.allocInit(9, 19);call #Ultimate.allocInit(25, 20);call #Ultimate.allocInit(13, 21);call #Ultimate.allocInit(3, 22);call write~init~int(79, 22, 0, 1);call write~init~int(110, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(4, 23);call write~init~int(79, 23, 0, 1);call write~init~int(102, 23, 1, 1);call write~init~int(102, 23, 2, 1);call write~init~int(0, 23, 3, 1);call #Ultimate.allocInit(7, 24);call write~init~int(44, 24, 0, 1);call write~init~int(80, 24, 1, 1);call write~init~int(117, 24, 2, 1);call write~init~int(109, 24, 3, 1);call write~init~int(112, 24, 4, 1);call write~init~int(58, 24, 5, 1);call write~init~int(0, 24, 6, 1);call #Ultimate.allocInit(3, 25);call write~init~int(79, 25, 0, 1);call write~init~int(110, 25, 1, 1);call write~init~int(0, 25, 2, 1);call #Ultimate.allocInit(4, 26);call write~init~int(79, 26, 0, 1);call write~init~int(102, 26, 1, 1);call write~init~int(102, 26, 2, 1);call write~init~int(0, 26, 3, 1);call #Ultimate.allocInit(3, 27);call write~init~int(41, 27, 0, 1);call write~init~int(32, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(10, 28, 0, 1);call write~init~int(0, 28, 1, 1);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~head~0.base, ~head~0.offset := 0, 0;~cleanupTimeShifts~0 := 4;~pumpRunning~0 := 0;~systemActive~0 := 1; {109#true} is VALID [2022-02-20 18:09:37,859 INFO L290 TraceCheckUtils]: 1: Hoare triple {109#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret33#1, main_~retValue_acc~9#1, main_~tmp~3#1;havoc main_~retValue_acc~9#1;havoc main_~tmp~3#1;assume { :begin_inline_select_helpers } true; {109#true} is VALID [2022-02-20 18:09:37,859 INFO L290 TraceCheckUtils]: 2: Hoare triple {109#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {109#true} is VALID [2022-02-20 18:09:37,860 INFO L290 TraceCheckUtils]: 3: Hoare triple {109#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {109#true} is VALID [2022-02-20 18:09:37,860 INFO L290 TraceCheckUtils]: 4: Hoare triple {109#true} main_#t~ret33#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret33#1 && main_#t~ret33#1 <= 2147483647;main_~tmp~3#1 := main_#t~ret33#1;havoc main_#t~ret33#1; {109#true} is VALID [2022-02-20 18:09:37,860 INFO L290 TraceCheckUtils]: 5: Hoare triple {109#true} assume 0 != main_~tmp~3#1;assume { :begin_inline_setup } true; {109#true} is VALID [2022-02-20 18:09:37,860 INFO L290 TraceCheckUtils]: 6: Hoare triple {109#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet51#1, test_#t~nondet52#1, test_#t~nondet53#1, test_#t~nondet54#1, test_~splverifierCounter~0#1, test_~tmp~10#1, test_~tmp___0~3#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~10#1;havoc test_~tmp___0~3#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {109#true} is VALID [2022-02-20 18:09:37,861 INFO L290 TraceCheckUtils]: 7: Hoare triple {109#true} assume false; {110#false} is VALID [2022-02-20 18:09:37,861 INFO L272 TraceCheckUtils]: 8: Hoare triple {110#false} call cleanup(); {110#false} is VALID [2022-02-20 18:09:37,862 INFO L290 TraceCheckUtils]: 9: Hoare triple {110#false} havoc ~i~0;havoc ~__cil_tmp2~0; {110#false} is VALID [2022-02-20 18:09:37,862 INFO L272 TraceCheckUtils]: 10: Hoare triple {110#false} call timeShift(); {110#false} is VALID [2022-02-20 18:09:37,862 INFO L290 TraceCheckUtils]: 11: Hoare triple {110#false} assume !(0 != ~pumpRunning~0); {110#false} is VALID [2022-02-20 18:09:37,862 INFO L290 TraceCheckUtils]: 12: Hoare triple {110#false} assume !(0 != ~systemActive~0); {110#false} is VALID [2022-02-20 18:09:37,863 INFO L290 TraceCheckUtils]: 13: Hoare triple {110#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret48#1, __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_~tmp~9#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~9#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {110#false} is VALID [2022-02-20 18:09:37,863 INFO L272 TraceCheckUtils]: 14: Hoare triple {110#false} call __utac_acc__Specification3_spec__1_#t~ret48#1 := isMethaneLevelCritical(); {109#true} is VALID [2022-02-20 18:09:37,863 INFO L290 TraceCheckUtils]: 15: Hoare triple {109#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {109#true} is VALID [2022-02-20 18:09:37,863 INFO L290 TraceCheckUtils]: 16: Hoare triple {109#true} assume true; {109#true} is VALID [2022-02-20 18:09:37,863 INFO L284 TraceCheckUtils]: 17: Hoare quadruple {109#true} {110#false} #273#return; {110#false} is VALID [2022-02-20 18:09:37,864 INFO L290 TraceCheckUtils]: 18: Hoare triple {110#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret48#1 && __utac_acc__Specification3_spec__1_#t~ret48#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~9#1 := __utac_acc__Specification3_spec__1_#t~ret48#1;havoc __utac_acc__Specification3_spec__1_#t~ret48#1; {110#false} is VALID [2022-02-20 18:09:37,864 INFO L290 TraceCheckUtils]: 19: Hoare triple {110#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~9#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~3#1;havoc getWaterLevel_~retValue_acc~3#1;getWaterLevel_~retValue_acc~3#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~3#1; {110#false} is VALID [2022-02-20 18:09:37,864 INFO L290 TraceCheckUtils]: 20: Hoare triple {110#false} __utac_acc__Specification3_spec__1_#t~ret49#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret49#1 && __utac_acc__Specification3_spec__1_#t~ret49#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {110#false} is VALID [2022-02-20 18:09:37,864 INFO L290 TraceCheckUtils]: 21: Hoare triple {110#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~11#1;havoc isPumpRunning_~retValue_acc~11#1;isPumpRunning_~retValue_acc~11#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~11#1; {110#false} is VALID [2022-02-20 18:09:37,865 INFO L290 TraceCheckUtils]: 22: Hoare triple {110#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret50#1 && __utac_acc__Specification3_spec__1_#t~ret50#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {110#false} is VALID [2022-02-20 18:09:37,865 INFO L290 TraceCheckUtils]: 23: Hoare triple {110#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {110#false} is VALID [2022-02-20 18:09:37,866 INFO L290 TraceCheckUtils]: 24: Hoare triple {110#false} assume !false; {110#false} is VALID [2022-02-20 18:09:37,867 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:37,867 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:37,867 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [268942973] [2022-02-20 18:09:37,868 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [268942973] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:37,868 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:37,869 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:09:37,870 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [315795366] [2022-02-20 18:09:37,871 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:37,875 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:09:37,877 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:37,880 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:37,910 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:37,910 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-02-20 18:09:37,911 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:37,928 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-02-20 18:09:37,929 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:09:37,934 INFO L87 Difference]: Start difference. First operand has 106 states, 78 states have (on average 1.3846153846153846) internal successors, (108), 89 states have internal predecessors, (108), 17 states have call successors, (17), 9 states have call predecessors, (17), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:38,076 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:38,077 INFO L93 Difference]: Finished difference Result 204 states and 279 transitions. [2022-02-20 18:09:38,077 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-02-20 18:09:38,077 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:09:38,077 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:38,078 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:38,094 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 279 transitions. [2022-02-20 18:09:38,095 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:38,102 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 279 transitions. [2022-02-20 18:09:38,103 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 279 transitions. [2022-02-20 18:09:38,290 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 279 edges. 279 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:38,301 INFO L225 Difference]: With dead ends: 204 [2022-02-20 18:09:38,301 INFO L226 Difference]: Without dead ends: 97 [2022-02-20 18:09:38,304 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:09:38,306 INFO L933 BasicCegarLoop]: 136 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 136 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:38,307 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 136 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:38,319 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 97 states. [2022-02-20 18:09:38,339 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 97 to 97. [2022-02-20 18:09:38,339 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:38,340 INFO L82 GeneralOperation]: Start isEquivalent. First operand 97 states. Second operand has 97 states, 71 states have (on average 1.323943661971831) internal successors, (94), 81 states have internal predecessors, (94), 17 states have call successors, (17), 9 states have call predecessors, (17), 8 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2022-02-20 18:09:38,341 INFO L74 IsIncluded]: Start isIncluded. First operand 97 states. Second operand has 97 states, 71 states have (on average 1.323943661971831) internal successors, (94), 81 states have internal predecessors, (94), 17 states have call successors, (17), 9 states have call predecessors, (17), 8 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2022-02-20 18:09:38,342 INFO L87 Difference]: Start difference. First operand 97 states. Second operand has 97 states, 71 states have (on average 1.323943661971831) internal successors, (94), 81 states have internal predecessors, (94), 17 states have call successors, (17), 9 states have call predecessors, (17), 8 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2022-02-20 18:09:38,347 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:38,347 INFO L93 Difference]: Finished difference Result 97 states and 127 transitions. [2022-02-20 18:09:38,347 INFO L276 IsEmpty]: Start isEmpty. Operand 97 states and 127 transitions. [2022-02-20 18:09:38,349 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:38,349 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:38,349 INFO L74 IsIncluded]: Start isIncluded. First operand has 97 states, 71 states have (on average 1.323943661971831) internal successors, (94), 81 states have internal predecessors, (94), 17 states have call successors, (17), 9 states have call predecessors, (17), 8 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) Second operand 97 states. [2022-02-20 18:09:38,350 INFO L87 Difference]: Start difference. First operand has 97 states, 71 states have (on average 1.323943661971831) internal successors, (94), 81 states have internal predecessors, (94), 17 states have call successors, (17), 9 states have call predecessors, (17), 8 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) Second operand 97 states. [2022-02-20 18:09:38,354 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:38,355 INFO L93 Difference]: Finished difference Result 97 states and 127 transitions. [2022-02-20 18:09:38,355 INFO L276 IsEmpty]: Start isEmpty. Operand 97 states and 127 transitions. [2022-02-20 18:09:38,356 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:38,356 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:38,357 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:38,357 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:38,357 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 97 states, 71 states have (on average 1.323943661971831) internal successors, (94), 81 states have internal predecessors, (94), 17 states have call successors, (17), 9 states have call predecessors, (17), 8 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2022-02-20 18:09:38,362 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 97 states to 97 states and 127 transitions. [2022-02-20 18:09:38,363 INFO L78 Accepts]: Start accepts. Automaton has 97 states and 127 transitions. Word has length 25 [2022-02-20 18:09:38,364 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:38,364 INFO L470 AbstractCegarLoop]: Abstraction has 97 states and 127 transitions. [2022-02-20 18:09:38,364 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:38,364 INFO L276 IsEmpty]: Start isEmpty. Operand 97 states and 127 transitions. [2022-02-20 18:09:38,365 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-02-20 18:09:38,366 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:38,366 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:38,366 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-02-20 18:09:38,366 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:38,367 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:38,367 INFO L85 PathProgramCache]: Analyzing trace with hash -541866074, now seen corresponding path program 1 times [2022-02-20 18:09:38,370 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:38,370 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1743581867] [2022-02-20 18:09:38,370 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:38,371 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:38,388 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:38,426 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2022-02-20 18:09:38,427 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:38,436 INFO L290 TraceCheckUtils]: 0: Hoare triple {748#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {748#true} is VALID [2022-02-20 18:09:38,436 INFO L290 TraceCheckUtils]: 1: Hoare triple {748#true} assume true; {748#true} is VALID [2022-02-20 18:09:38,436 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {748#true} {749#false} #273#return; {749#false} is VALID [2022-02-20 18:09:38,436 INFO L290 TraceCheckUtils]: 0: Hoare triple {748#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(30, 9);call #Ultimate.allocInit(9, 10);call #Ultimate.allocInit(21, 11);call #Ultimate.allocInit(30, 12);call #Ultimate.allocInit(9, 13);call #Ultimate.allocInit(21, 14);call #Ultimate.allocInit(30, 15);call #Ultimate.allocInit(9, 16);call #Ultimate.allocInit(25, 17);call #Ultimate.allocInit(30, 18);call #Ultimate.allocInit(9, 19);call #Ultimate.allocInit(25, 20);call #Ultimate.allocInit(13, 21);call #Ultimate.allocInit(3, 22);call write~init~int(79, 22, 0, 1);call write~init~int(110, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(4, 23);call write~init~int(79, 23, 0, 1);call write~init~int(102, 23, 1, 1);call write~init~int(102, 23, 2, 1);call write~init~int(0, 23, 3, 1);call #Ultimate.allocInit(7, 24);call write~init~int(44, 24, 0, 1);call write~init~int(80, 24, 1, 1);call write~init~int(117, 24, 2, 1);call write~init~int(109, 24, 3, 1);call write~init~int(112, 24, 4, 1);call write~init~int(58, 24, 5, 1);call write~init~int(0, 24, 6, 1);call #Ultimate.allocInit(3, 25);call write~init~int(79, 25, 0, 1);call write~init~int(110, 25, 1, 1);call write~init~int(0, 25, 2, 1);call #Ultimate.allocInit(4, 26);call write~init~int(79, 26, 0, 1);call write~init~int(102, 26, 1, 1);call write~init~int(102, 26, 2, 1);call write~init~int(0, 26, 3, 1);call #Ultimate.allocInit(3, 27);call write~init~int(41, 27, 0, 1);call write~init~int(32, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(10, 28, 0, 1);call write~init~int(0, 28, 1, 1);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~head~0.base, ~head~0.offset := 0, 0;~cleanupTimeShifts~0 := 4;~pumpRunning~0 := 0;~systemActive~0 := 1; {748#true} is VALID [2022-02-20 18:09:38,436 INFO L290 TraceCheckUtils]: 1: Hoare triple {748#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret33#1, main_~retValue_acc~9#1, main_~tmp~3#1;havoc main_~retValue_acc~9#1;havoc main_~tmp~3#1;assume { :begin_inline_select_helpers } true; {748#true} is VALID [2022-02-20 18:09:38,437 INFO L290 TraceCheckUtils]: 2: Hoare triple {748#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {748#true} is VALID [2022-02-20 18:09:38,437 INFO L290 TraceCheckUtils]: 3: Hoare triple {748#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {748#true} is VALID [2022-02-20 18:09:38,437 INFO L290 TraceCheckUtils]: 4: Hoare triple {748#true} main_#t~ret33#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret33#1 && main_#t~ret33#1 <= 2147483647;main_~tmp~3#1 := main_#t~ret33#1;havoc main_#t~ret33#1; {748#true} is VALID [2022-02-20 18:09:38,437 INFO L290 TraceCheckUtils]: 5: Hoare triple {748#true} assume 0 != main_~tmp~3#1;assume { :begin_inline_setup } true; {748#true} is VALID [2022-02-20 18:09:38,437 INFO L290 TraceCheckUtils]: 6: Hoare triple {748#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet51#1, test_#t~nondet52#1, test_#t~nondet53#1, test_#t~nondet54#1, test_~splverifierCounter~0#1, test_~tmp~10#1, test_~tmp___0~3#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~10#1;havoc test_~tmp___0~3#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {750#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:09:38,438 INFO L290 TraceCheckUtils]: 7: Hoare triple {750#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !false; {750#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:09:38,438 INFO L290 TraceCheckUtils]: 8: Hoare triple {750#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !(test_~splverifierCounter~0#1 < 4); {749#false} is VALID [2022-02-20 18:09:38,438 INFO L272 TraceCheckUtils]: 9: Hoare triple {749#false} call cleanup(); {749#false} is VALID [2022-02-20 18:09:38,438 INFO L290 TraceCheckUtils]: 10: Hoare triple {749#false} havoc ~i~0;havoc ~__cil_tmp2~0; {749#false} is VALID [2022-02-20 18:09:38,439 INFO L272 TraceCheckUtils]: 11: Hoare triple {749#false} call timeShift(); {749#false} is VALID [2022-02-20 18:09:38,439 INFO L290 TraceCheckUtils]: 12: Hoare triple {749#false} assume !(0 != ~pumpRunning~0); {749#false} is VALID [2022-02-20 18:09:38,439 INFO L290 TraceCheckUtils]: 13: Hoare triple {749#false} assume !(0 != ~systemActive~0); {749#false} is VALID [2022-02-20 18:09:38,439 INFO L290 TraceCheckUtils]: 14: Hoare triple {749#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret48#1, __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_~tmp~9#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~9#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {749#false} is VALID [2022-02-20 18:09:38,439 INFO L272 TraceCheckUtils]: 15: Hoare triple {749#false} call __utac_acc__Specification3_spec__1_#t~ret48#1 := isMethaneLevelCritical(); {748#true} is VALID [2022-02-20 18:09:38,439 INFO L290 TraceCheckUtils]: 16: Hoare triple {748#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {748#true} is VALID [2022-02-20 18:09:38,439 INFO L290 TraceCheckUtils]: 17: Hoare triple {748#true} assume true; {748#true} is VALID [2022-02-20 18:09:38,439 INFO L284 TraceCheckUtils]: 18: Hoare quadruple {748#true} {749#false} #273#return; {749#false} is VALID [2022-02-20 18:09:38,440 INFO L290 TraceCheckUtils]: 19: Hoare triple {749#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret48#1 && __utac_acc__Specification3_spec__1_#t~ret48#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~9#1 := __utac_acc__Specification3_spec__1_#t~ret48#1;havoc __utac_acc__Specification3_spec__1_#t~ret48#1; {749#false} is VALID [2022-02-20 18:09:38,440 INFO L290 TraceCheckUtils]: 20: Hoare triple {749#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~9#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~3#1;havoc getWaterLevel_~retValue_acc~3#1;getWaterLevel_~retValue_acc~3#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~3#1; {749#false} is VALID [2022-02-20 18:09:38,440 INFO L290 TraceCheckUtils]: 21: Hoare triple {749#false} __utac_acc__Specification3_spec__1_#t~ret49#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret49#1 && __utac_acc__Specification3_spec__1_#t~ret49#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {749#false} is VALID [2022-02-20 18:09:38,440 INFO L290 TraceCheckUtils]: 22: Hoare triple {749#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~11#1;havoc isPumpRunning_~retValue_acc~11#1;isPumpRunning_~retValue_acc~11#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~11#1; {749#false} is VALID [2022-02-20 18:09:38,440 INFO L290 TraceCheckUtils]: 23: Hoare triple {749#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret50#1 && __utac_acc__Specification3_spec__1_#t~ret50#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {749#false} is VALID [2022-02-20 18:09:38,440 INFO L290 TraceCheckUtils]: 24: Hoare triple {749#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {749#false} is VALID [2022-02-20 18:09:38,440 INFO L290 TraceCheckUtils]: 25: Hoare triple {749#false} assume !false; {749#false} is VALID [2022-02-20 18:09:38,440 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:38,441 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:38,441 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1743581867] [2022-02-20 18:09:38,441 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1743581867] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:38,441 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:38,441 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:09:38,441 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1737920227] [2022-02-20 18:09:38,441 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:38,442 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:09:38,442 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:38,442 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:38,458 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 26 edges. 26 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:38,459 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:38,459 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:38,459 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:38,459 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:38,460 INFO L87 Difference]: Start difference. First operand 97 states and 127 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:38,547 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:38,547 INFO L93 Difference]: Finished difference Result 156 states and 204 transitions. [2022-02-20 18:09:38,547 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:38,547 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:09:38,547 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:38,547 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:38,550 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 204 transitions. [2022-02-20 18:09:38,550 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:38,562 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 204 transitions. [2022-02-20 18:09:38,562 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 204 transitions. [2022-02-20 18:09:38,731 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 204 edges. 204 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:38,733 INFO L225 Difference]: With dead ends: 156 [2022-02-20 18:09:38,733 INFO L226 Difference]: Without dead ends: 88 [2022-02-20 18:09:38,734 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:38,735 INFO L933 BasicCegarLoop]: 114 mSDtfsCounter, 16 mSDsluCounter, 93 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 207 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:38,735 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [20 Valid, 207 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:38,736 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 88 states. [2022-02-20 18:09:38,740 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 88 to 88. [2022-02-20 18:09:38,740 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:38,741 INFO L82 GeneralOperation]: Start isEquivalent. First operand 88 states. Second operand has 88 states, 65 states have (on average 1.3384615384615384) internal successors, (87), 75 states have internal predecessors, (87), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 18:09:38,741 INFO L74 IsIncluded]: Start isIncluded. First operand 88 states. Second operand has 88 states, 65 states have (on average 1.3384615384615384) internal successors, (87), 75 states have internal predecessors, (87), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 18:09:38,741 INFO L87 Difference]: Start difference. First operand 88 states. Second operand has 88 states, 65 states have (on average 1.3384615384615384) internal successors, (87), 75 states have internal predecessors, (87), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 18:09:38,745 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:38,745 INFO L93 Difference]: Finished difference Result 88 states and 115 transitions. [2022-02-20 18:09:38,745 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 115 transitions. [2022-02-20 18:09:38,747 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:38,748 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:38,748 INFO L74 IsIncluded]: Start isIncluded. First operand has 88 states, 65 states have (on average 1.3384615384615384) internal successors, (87), 75 states have internal predecessors, (87), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) Second operand 88 states. [2022-02-20 18:09:38,748 INFO L87 Difference]: Start difference. First operand has 88 states, 65 states have (on average 1.3384615384615384) internal successors, (87), 75 states have internal predecessors, (87), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) Second operand 88 states. [2022-02-20 18:09:38,752 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:38,753 INFO L93 Difference]: Finished difference Result 88 states and 115 transitions. [2022-02-20 18:09:38,753 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 115 transitions. [2022-02-20 18:09:38,754 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:38,754 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:38,754 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:38,754 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:38,756 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 88 states, 65 states have (on average 1.3384615384615384) internal successors, (87), 75 states have internal predecessors, (87), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 18:09:38,759 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 88 states to 88 states and 115 transitions. [2022-02-20 18:09:38,759 INFO L78 Accepts]: Start accepts. Automaton has 88 states and 115 transitions. Word has length 26 [2022-02-20 18:09:38,759 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:38,762 INFO L470 AbstractCegarLoop]: Abstraction has 88 states and 115 transitions. [2022-02-20 18:09:38,763 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:38,763 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 115 transitions. [2022-02-20 18:09:38,763 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-02-20 18:09:38,763 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:38,764 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:38,764 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-02-20 18:09:38,764 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:38,765 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:38,769 INFO L85 PathProgramCache]: Analyzing trace with hash -470908360, now seen corresponding path program 1 times [2022-02-20 18:09:38,769 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:38,770 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [879033538] [2022-02-20 18:09:38,770 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:38,770 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:38,796 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:38,829 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-02-20 18:09:38,831 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:38,833 INFO L290 TraceCheckUtils]: 0: Hoare triple {1286#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {1286#true} is VALID [2022-02-20 18:09:38,833 INFO L290 TraceCheckUtils]: 1: Hoare triple {1286#true} assume true; {1286#true} is VALID [2022-02-20 18:09:38,833 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1286#true} {1287#false} #273#return; {1287#false} is VALID [2022-02-20 18:09:38,835 INFO L290 TraceCheckUtils]: 0: Hoare triple {1286#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(30, 9);call #Ultimate.allocInit(9, 10);call #Ultimate.allocInit(21, 11);call #Ultimate.allocInit(30, 12);call #Ultimate.allocInit(9, 13);call #Ultimate.allocInit(21, 14);call #Ultimate.allocInit(30, 15);call #Ultimate.allocInit(9, 16);call #Ultimate.allocInit(25, 17);call #Ultimate.allocInit(30, 18);call #Ultimate.allocInit(9, 19);call #Ultimate.allocInit(25, 20);call #Ultimate.allocInit(13, 21);call #Ultimate.allocInit(3, 22);call write~init~int(79, 22, 0, 1);call write~init~int(110, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(4, 23);call write~init~int(79, 23, 0, 1);call write~init~int(102, 23, 1, 1);call write~init~int(102, 23, 2, 1);call write~init~int(0, 23, 3, 1);call #Ultimate.allocInit(7, 24);call write~init~int(44, 24, 0, 1);call write~init~int(80, 24, 1, 1);call write~init~int(117, 24, 2, 1);call write~init~int(109, 24, 3, 1);call write~init~int(112, 24, 4, 1);call write~init~int(58, 24, 5, 1);call write~init~int(0, 24, 6, 1);call #Ultimate.allocInit(3, 25);call write~init~int(79, 25, 0, 1);call write~init~int(110, 25, 1, 1);call write~init~int(0, 25, 2, 1);call #Ultimate.allocInit(4, 26);call write~init~int(79, 26, 0, 1);call write~init~int(102, 26, 1, 1);call write~init~int(102, 26, 2, 1);call write~init~int(0, 26, 3, 1);call #Ultimate.allocInit(3, 27);call write~init~int(41, 27, 0, 1);call write~init~int(32, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(10, 28, 0, 1);call write~init~int(0, 28, 1, 1);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~head~0.base, ~head~0.offset := 0, 0;~cleanupTimeShifts~0 := 4;~pumpRunning~0 := 0;~systemActive~0 := 1; {1288#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:38,835 INFO L290 TraceCheckUtils]: 1: Hoare triple {1288#(= 1 ~systemActive~0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret33#1, main_~retValue_acc~9#1, main_~tmp~3#1;havoc main_~retValue_acc~9#1;havoc main_~tmp~3#1;assume { :begin_inline_select_helpers } true; {1288#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:38,836 INFO L290 TraceCheckUtils]: 2: Hoare triple {1288#(= 1 ~systemActive~0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1288#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:38,836 INFO L290 TraceCheckUtils]: 3: Hoare triple {1288#(= 1 ~systemActive~0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {1288#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:38,837 INFO L290 TraceCheckUtils]: 4: Hoare triple {1288#(= 1 ~systemActive~0)} main_#t~ret33#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret33#1 && main_#t~ret33#1 <= 2147483647;main_~tmp~3#1 := main_#t~ret33#1;havoc main_#t~ret33#1; {1288#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:38,837 INFO L290 TraceCheckUtils]: 5: Hoare triple {1288#(= 1 ~systemActive~0)} assume 0 != main_~tmp~3#1;assume { :begin_inline_setup } true; {1288#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:38,837 INFO L290 TraceCheckUtils]: 6: Hoare triple {1288#(= 1 ~systemActive~0)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet51#1, test_#t~nondet52#1, test_#t~nondet53#1, test_#t~nondet54#1, test_~splverifierCounter~0#1, test_~tmp~10#1, test_~tmp___0~3#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~10#1;havoc test_~tmp___0~3#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {1288#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:38,838 INFO L290 TraceCheckUtils]: 7: Hoare triple {1288#(= 1 ~systemActive~0)} assume !false; {1288#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:38,838 INFO L290 TraceCheckUtils]: 8: Hoare triple {1288#(= 1 ~systemActive~0)} assume test_~splverifierCounter~0#1 < 4; {1288#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:38,838 INFO L290 TraceCheckUtils]: 9: Hoare triple {1288#(= 1 ~systemActive~0)} assume -2147483648 <= test_#t~nondet51#1 && test_#t~nondet51#1 <= 2147483647;test_~tmp~10#1 := test_#t~nondet51#1;havoc test_#t~nondet51#1; {1288#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:38,839 INFO L290 TraceCheckUtils]: 10: Hoare triple {1288#(= 1 ~systemActive~0)} assume !(0 != test_~tmp~10#1); {1288#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:38,841 INFO L290 TraceCheckUtils]: 11: Hoare triple {1288#(= 1 ~systemActive~0)} assume -2147483648 <= test_#t~nondet52#1 && test_#t~nondet52#1 <= 2147483647;test_~tmp___0~3#1 := test_#t~nondet52#1;havoc test_#t~nondet52#1; {1288#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:38,841 INFO L290 TraceCheckUtils]: 12: Hoare triple {1288#(= 1 ~systemActive~0)} assume !(0 != test_~tmp___0~3#1); {1288#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:38,842 INFO L290 TraceCheckUtils]: 13: Hoare triple {1288#(= 1 ~systemActive~0)} assume -2147483648 <= test_#t~nondet53#1 && test_#t~nondet53#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet53#1;havoc test_#t~nondet53#1; {1288#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:38,842 INFO L290 TraceCheckUtils]: 14: Hoare triple {1288#(= 1 ~systemActive~0)} assume 0 != test_~tmp___2~0#1; {1288#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:38,843 INFO L272 TraceCheckUtils]: 15: Hoare triple {1288#(= 1 ~systemActive~0)} call timeShift(); {1288#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:38,843 INFO L290 TraceCheckUtils]: 16: Hoare triple {1288#(= 1 ~systemActive~0)} assume !(0 != ~pumpRunning~0); {1288#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:38,843 INFO L290 TraceCheckUtils]: 17: Hoare triple {1288#(= 1 ~systemActive~0)} assume !(0 != ~systemActive~0); {1287#false} is VALID [2022-02-20 18:09:38,843 INFO L290 TraceCheckUtils]: 18: Hoare triple {1287#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret48#1, __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_~tmp~9#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~9#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {1287#false} is VALID [2022-02-20 18:09:38,844 INFO L272 TraceCheckUtils]: 19: Hoare triple {1287#false} call __utac_acc__Specification3_spec__1_#t~ret48#1 := isMethaneLevelCritical(); {1286#true} is VALID [2022-02-20 18:09:38,844 INFO L290 TraceCheckUtils]: 20: Hoare triple {1286#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {1286#true} is VALID [2022-02-20 18:09:38,844 INFO L290 TraceCheckUtils]: 21: Hoare triple {1286#true} assume true; {1286#true} is VALID [2022-02-20 18:09:38,844 INFO L284 TraceCheckUtils]: 22: Hoare quadruple {1286#true} {1287#false} #273#return; {1287#false} is VALID [2022-02-20 18:09:38,844 INFO L290 TraceCheckUtils]: 23: Hoare triple {1287#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret48#1 && __utac_acc__Specification3_spec__1_#t~ret48#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~9#1 := __utac_acc__Specification3_spec__1_#t~ret48#1;havoc __utac_acc__Specification3_spec__1_#t~ret48#1; {1287#false} is VALID [2022-02-20 18:09:38,844 INFO L290 TraceCheckUtils]: 24: Hoare triple {1287#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~9#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~3#1;havoc getWaterLevel_~retValue_acc~3#1;getWaterLevel_~retValue_acc~3#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~3#1; {1287#false} is VALID [2022-02-20 18:09:38,845 INFO L290 TraceCheckUtils]: 25: Hoare triple {1287#false} __utac_acc__Specification3_spec__1_#t~ret49#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret49#1 && __utac_acc__Specification3_spec__1_#t~ret49#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {1287#false} is VALID [2022-02-20 18:09:38,845 INFO L290 TraceCheckUtils]: 26: Hoare triple {1287#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~11#1;havoc isPumpRunning_~retValue_acc~11#1;isPumpRunning_~retValue_acc~11#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~11#1; {1287#false} is VALID [2022-02-20 18:09:38,845 INFO L290 TraceCheckUtils]: 27: Hoare triple {1287#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret50#1 && __utac_acc__Specification3_spec__1_#t~ret50#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {1287#false} is VALID [2022-02-20 18:09:38,845 INFO L290 TraceCheckUtils]: 28: Hoare triple {1287#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {1287#false} is VALID [2022-02-20 18:09:38,846 INFO L290 TraceCheckUtils]: 29: Hoare triple {1287#false} assume !false; {1287#false} is VALID [2022-02-20 18:09:38,846 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:38,846 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:38,846 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [879033538] [2022-02-20 18:09:38,846 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [879033538] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:38,846 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:38,847 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:09:38,847 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1957039534] [2022-02-20 18:09:38,847 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:38,848 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:09:38,848 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:38,848 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:38,866 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 30 edges. 30 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:38,867 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:38,867 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:38,867 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:38,867 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:38,867 INFO L87 Difference]: Start difference. First operand 88 states and 115 transitions. Second operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:39,023 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:39,023 INFO L93 Difference]: Finished difference Result 249 states and 331 transitions. [2022-02-20 18:09:39,023 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:39,023 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:09:39,024 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:39,024 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:39,027 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 331 transitions. [2022-02-20 18:09:39,028 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:39,031 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 331 transitions. [2022-02-20 18:09:39,031 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 331 transitions. [2022-02-20 18:09:39,240 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 331 edges. 331 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:39,244 INFO L225 Difference]: With dead ends: 249 [2022-02-20 18:09:39,245 INFO L226 Difference]: Without dead ends: 168 [2022-02-20 18:09:39,246 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:39,248 INFO L933 BasicCegarLoop]: 142 mSDtfsCounter, 95 mSDsluCounter, 105 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 95 SdHoareTripleChecker+Valid, 247 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:39,250 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [95 Valid, 247 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:39,252 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 168 states. [2022-02-20 18:09:39,263 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 168 to 165. [2022-02-20 18:09:39,263 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:39,264 INFO L82 GeneralOperation]: Start isEquivalent. First operand 168 states. Second operand has 165 states, 120 states have (on average 1.3583333333333334) internal successors, (163), 139 states have internal predecessors, (163), 28 states have call successors, (28), 16 states have call predecessors, (28), 16 states have return successors, (28), 17 states have call predecessors, (28), 28 states have call successors, (28) [2022-02-20 18:09:39,264 INFO L74 IsIncluded]: Start isIncluded. First operand 168 states. Second operand has 165 states, 120 states have (on average 1.3583333333333334) internal successors, (163), 139 states have internal predecessors, (163), 28 states have call successors, (28), 16 states have call predecessors, (28), 16 states have return successors, (28), 17 states have call predecessors, (28), 28 states have call successors, (28) [2022-02-20 18:09:39,265 INFO L87 Difference]: Start difference. First operand 168 states. Second operand has 165 states, 120 states have (on average 1.3583333333333334) internal successors, (163), 139 states have internal predecessors, (163), 28 states have call successors, (28), 16 states have call predecessors, (28), 16 states have return successors, (28), 17 states have call predecessors, (28), 28 states have call successors, (28) [2022-02-20 18:09:39,269 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:39,270 INFO L93 Difference]: Finished difference Result 168 states and 221 transitions. [2022-02-20 18:09:39,270 INFO L276 IsEmpty]: Start isEmpty. Operand 168 states and 221 transitions. [2022-02-20 18:09:39,270 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:39,270 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:39,271 INFO L74 IsIncluded]: Start isIncluded. First operand has 165 states, 120 states have (on average 1.3583333333333334) internal successors, (163), 139 states have internal predecessors, (163), 28 states have call successors, (28), 16 states have call predecessors, (28), 16 states have return successors, (28), 17 states have call predecessors, (28), 28 states have call successors, (28) Second operand 168 states. [2022-02-20 18:09:39,271 INFO L87 Difference]: Start difference. First operand has 165 states, 120 states have (on average 1.3583333333333334) internal successors, (163), 139 states have internal predecessors, (163), 28 states have call successors, (28), 16 states have call predecessors, (28), 16 states have return successors, (28), 17 states have call predecessors, (28), 28 states have call successors, (28) Second operand 168 states. [2022-02-20 18:09:39,276 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:39,276 INFO L93 Difference]: Finished difference Result 168 states and 221 transitions. [2022-02-20 18:09:39,276 INFO L276 IsEmpty]: Start isEmpty. Operand 168 states and 221 transitions. [2022-02-20 18:09:39,278 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:39,279 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:39,279 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:39,279 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:39,280 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 165 states, 120 states have (on average 1.3583333333333334) internal successors, (163), 139 states have internal predecessors, (163), 28 states have call successors, (28), 16 states have call predecessors, (28), 16 states have return successors, (28), 17 states have call predecessors, (28), 28 states have call successors, (28) [2022-02-20 18:09:39,285 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 165 states to 165 states and 219 transitions. [2022-02-20 18:09:39,286 INFO L78 Accepts]: Start accepts. Automaton has 165 states and 219 transitions. Word has length 30 [2022-02-20 18:09:39,286 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:39,287 INFO L470 AbstractCegarLoop]: Abstraction has 165 states and 219 transitions. [2022-02-20 18:09:39,287 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:39,287 INFO L276 IsEmpty]: Start isEmpty. Operand 165 states and 219 transitions. [2022-02-20 18:09:39,288 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-02-20 18:09:39,288 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:39,288 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:39,288 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-02-20 18:09:39,289 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:39,290 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:39,290 INFO L85 PathProgramCache]: Analyzing trace with hash -200767314, now seen corresponding path program 1 times [2022-02-20 18:09:39,290 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:39,290 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [873975902] [2022-02-20 18:09:39,290 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:39,291 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:39,323 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:39,381 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-02-20 18:09:39,383 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:39,385 INFO L290 TraceCheckUtils]: 0: Hoare triple {2225#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {2225#true} is VALID [2022-02-20 18:09:39,386 INFO L290 TraceCheckUtils]: 1: Hoare triple {2225#true} assume true; {2225#true} is VALID [2022-02-20 18:09:39,386 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {2225#true} {2227#(= ~waterLevel~0 1)} #273#return; {2227#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:39,388 INFO L290 TraceCheckUtils]: 0: Hoare triple {2225#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(7, 5);call write~init~int(44, 5, 0, 1);call write~init~int(77, 5, 1, 1);call write~init~int(101, 5, 2, 1);call write~init~int(116, 5, 3, 1);call write~init~int(104, 5, 4, 1);call write~init~int(58, 5, 5, 1);call write~init~int(0, 5, 6, 1);call #Ultimate.allocInit(5, 6);call write~init~int(67, 6, 0, 1);call write~init~int(82, 6, 1, 1);call write~init~int(73, 6, 2, 1);call write~init~int(84, 6, 3, 1);call write~init~int(0, 6, 4, 1);call #Ultimate.allocInit(3, 7);call write~init~int(79, 7, 0, 1);call write~init~int(75, 7, 1, 1);call write~init~int(0, 7, 2, 1);call #Ultimate.allocInit(2, 8);call write~init~int(41, 8, 0, 1);call write~init~int(0, 8, 1, 1);call #Ultimate.allocInit(30, 9);call #Ultimate.allocInit(9, 10);call #Ultimate.allocInit(21, 11);call #Ultimate.allocInit(30, 12);call #Ultimate.allocInit(9, 13);call #Ultimate.allocInit(21, 14);call #Ultimate.allocInit(30, 15);call #Ultimate.allocInit(9, 16);call #Ultimate.allocInit(25, 17);call #Ultimate.allocInit(30, 18);call #Ultimate.allocInit(9, 19);call #Ultimate.allocInit(25, 20);call #Ultimate.allocInit(13, 21);call #Ultimate.allocInit(3, 22);call write~init~int(79, 22, 0, 1);call write~init~int(110, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(4, 23);call write~init~int(79, 23, 0, 1);call write~init~int(102, 23, 1, 1);call write~init~int(102, 23, 2, 1);call write~init~int(0, 23, 3, 1);call #Ultimate.allocInit(7, 24);call write~init~int(44, 24, 0, 1);call write~init~int(80, 24, 1, 1);call write~init~int(117, 24, 2, 1);call write~init~int(109, 24, 3, 1);call write~init~int(112, 24, 4, 1);call write~init~int(58, 24, 5, 1);call write~init~int(0, 24, 6, 1);call #Ultimate.allocInit(3, 25);call write~init~int(79, 25, 0, 1);call write~init~int(110, 25, 1, 1);call write~init~int(0, 25, 2, 1);call #Ultimate.allocInit(4, 26);call write~init~int(79, 26, 0, 1);call write~init~int(102, 26, 1, 1);call write~init~int(102, 26, 2, 1);call write~init~int(0, 26, 3, 1);call #Ultimate.allocInit(3, 27);call write~init~int(41, 27, 0, 1);call write~init~int(32, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(10, 28, 0, 1);call write~init~int(0, 28, 1, 1);~waterLevel~0 := 1;~methaneLevelCritical~0 := 0;~head~0.base, ~head~0.offset := 0, 0;~cleanupTimeShifts~0 := 4;~pumpRunning~0 := 0;~systemActive~0 := 1; {2227#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:39,389 INFO L290 TraceCheckUtils]: 1: Hoare triple {2227#(= ~waterLevel~0 1)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret33#1, main_~retValue_acc~9#1, main_~tmp~3#1;havoc main_~retValue_acc~9#1;havoc main_~tmp~3#1;assume { :begin_inline_select_helpers } true; {2227#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:39,389 INFO L290 TraceCheckUtils]: 2: Hoare triple {2227#(= ~waterLevel~0 1)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {2227#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:39,389 INFO L290 TraceCheckUtils]: 3: Hoare triple {2227#(= ~waterLevel~0 1)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {2227#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:39,390 INFO L290 TraceCheckUtils]: 4: Hoare triple {2227#(= ~waterLevel~0 1)} main_#t~ret33#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret33#1 && main_#t~ret33#1 <= 2147483647;main_~tmp~3#1 := main_#t~ret33#1;havoc main_#t~ret33#1; {2227#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:39,390 INFO L290 TraceCheckUtils]: 5: Hoare triple {2227#(= ~waterLevel~0 1)} assume 0 != main_~tmp~3#1;assume { :begin_inline_setup } true; {2227#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:39,390 INFO L290 TraceCheckUtils]: 6: Hoare triple {2227#(= ~waterLevel~0 1)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet51#1, test_#t~nondet52#1, test_#t~nondet53#1, test_#t~nondet54#1, test_~splverifierCounter~0#1, test_~tmp~10#1, test_~tmp___0~3#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~10#1;havoc test_~tmp___0~3#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {2227#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:39,391 INFO L290 TraceCheckUtils]: 7: Hoare triple {2227#(= ~waterLevel~0 1)} assume !false; {2227#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:39,391 INFO L290 TraceCheckUtils]: 8: Hoare triple {2227#(= ~waterLevel~0 1)} assume test_~splverifierCounter~0#1 < 4; {2227#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:39,392 INFO L290 TraceCheckUtils]: 9: Hoare triple {2227#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet51#1 && test_#t~nondet51#1 <= 2147483647;test_~tmp~10#1 := test_#t~nondet51#1;havoc test_#t~nondet51#1; {2227#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:39,392 INFO L290 TraceCheckUtils]: 10: Hoare triple {2227#(= ~waterLevel~0 1)} assume !(0 != test_~tmp~10#1); {2227#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:39,393 INFO L290 TraceCheckUtils]: 11: Hoare triple {2227#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet52#1 && test_#t~nondet52#1 <= 2147483647;test_~tmp___0~3#1 := test_#t~nondet52#1;havoc test_#t~nondet52#1; {2227#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:39,394 INFO L290 TraceCheckUtils]: 12: Hoare triple {2227#(= ~waterLevel~0 1)} assume !(0 != test_~tmp___0~3#1); {2227#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:39,394 INFO L290 TraceCheckUtils]: 13: Hoare triple {2227#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet53#1 && test_#t~nondet53#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet53#1;havoc test_#t~nondet53#1; {2227#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:39,395 INFO L290 TraceCheckUtils]: 14: Hoare triple {2227#(= ~waterLevel~0 1)} assume !(0 != test_~tmp___2~0#1);assume -2147483648 <= test_#t~nondet54#1 && test_#t~nondet54#1 <= 2147483647;test_~tmp___1~1#1 := test_#t~nondet54#1;havoc test_#t~nondet54#1; {2227#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:39,395 INFO L290 TraceCheckUtils]: 15: Hoare triple {2227#(= ~waterLevel~0 1)} assume 0 != test_~tmp___1~1#1;assume { :begin_inline_stopSystem } true; {2227#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:39,395 INFO L290 TraceCheckUtils]: 16: Hoare triple {2227#(= ~waterLevel~0 1)} assume !(0 != ~pumpRunning~0); {2227#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:39,396 INFO L290 TraceCheckUtils]: 17: Hoare triple {2227#(= ~waterLevel~0 1)} ~systemActive~0 := 0; {2227#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:39,396 INFO L290 TraceCheckUtils]: 18: Hoare triple {2227#(= ~waterLevel~0 1)} assume { :end_inline_stopSystem } true; {2227#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:39,396 INFO L272 TraceCheckUtils]: 19: Hoare triple {2227#(= ~waterLevel~0 1)} call timeShift(); {2227#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:39,397 INFO L290 TraceCheckUtils]: 20: Hoare triple {2227#(= ~waterLevel~0 1)} assume !(0 != ~pumpRunning~0); {2227#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:39,397 INFO L290 TraceCheckUtils]: 21: Hoare triple {2227#(= ~waterLevel~0 1)} assume !(0 != ~systemActive~0); {2227#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:39,397 INFO L290 TraceCheckUtils]: 22: Hoare triple {2227#(= ~waterLevel~0 1)} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret48#1, __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_~tmp~9#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~9#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {2227#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:39,398 INFO L272 TraceCheckUtils]: 23: Hoare triple {2227#(= ~waterLevel~0 1)} call __utac_acc__Specification3_spec__1_#t~ret48#1 := isMethaneLevelCritical(); {2225#true} is VALID [2022-02-20 18:09:39,398 INFO L290 TraceCheckUtils]: 24: Hoare triple {2225#true} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {2225#true} is VALID [2022-02-20 18:09:39,398 INFO L290 TraceCheckUtils]: 25: Hoare triple {2225#true} assume true; {2225#true} is VALID [2022-02-20 18:09:39,399 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {2225#true} {2227#(= ~waterLevel~0 1)} #273#return; {2227#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:39,399 INFO L290 TraceCheckUtils]: 27: Hoare triple {2227#(= ~waterLevel~0 1)} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret48#1 && __utac_acc__Specification3_spec__1_#t~ret48#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~9#1 := __utac_acc__Specification3_spec__1_#t~ret48#1;havoc __utac_acc__Specification3_spec__1_#t~ret48#1; {2227#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:39,400 INFO L290 TraceCheckUtils]: 28: Hoare triple {2227#(= ~waterLevel~0 1)} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~9#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~3#1;havoc getWaterLevel_~retValue_acc~3#1;getWaterLevel_~retValue_acc~3#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~3#1; {2231#(= |timeShift_getWaterLevel_#res#1| 1)} is VALID [2022-02-20 18:09:39,400 INFO L290 TraceCheckUtils]: 29: Hoare triple {2231#(= |timeShift_getWaterLevel_#res#1| 1)} __utac_acc__Specification3_spec__1_#t~ret49#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret49#1 && __utac_acc__Specification3_spec__1_#t~ret49#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {2232#(= (+ (- 1) |timeShift___utac_acc__Specification3_spec__1_~tmp___0~2#1|) 0)} is VALID [2022-02-20 18:09:39,407 INFO L290 TraceCheckUtils]: 30: Hoare triple {2232#(= (+ (- 1) |timeShift___utac_acc__Specification3_spec__1_~tmp___0~2#1|) 0)} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~11#1;havoc isPumpRunning_~retValue_acc~11#1;isPumpRunning_~retValue_acc~11#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~11#1; {2226#false} is VALID [2022-02-20 18:09:39,408 INFO L290 TraceCheckUtils]: 31: Hoare triple {2226#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret50#1 && __utac_acc__Specification3_spec__1_#t~ret50#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {2226#false} is VALID [2022-02-20 18:09:39,408 INFO L290 TraceCheckUtils]: 32: Hoare triple {2226#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {2226#false} is VALID [2022-02-20 18:09:39,408 INFO L290 TraceCheckUtils]: 33: Hoare triple {2226#false} assume !false; {2226#false} is VALID [2022-02-20 18:09:39,408 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:39,409 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:39,409 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [873975902] [2022-02-20 18:09:39,409 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [873975902] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:39,409 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:39,409 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 18:09:39,409 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [157384203] [2022-02-20 18:09:39,409 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:39,410 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-20 18:09:39,410 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:39,410 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:39,432 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 34 edges. 34 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:39,432 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 18:09:39,433 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:39,433 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 18:09:39,433 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 18:09:39,433 INFO L87 Difference]: Start difference. First operand 165 states and 219 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:39,710 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:39,710 INFO L93 Difference]: Finished difference Result 475 states and 652 transitions. [2022-02-20 18:09:39,710 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 18:09:39,710 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-20 18:09:39,711 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:39,711 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:39,714 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 335 transitions. [2022-02-20 18:09:39,714 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:39,717 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 335 transitions. [2022-02-20 18:09:39,717 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 335 transitions. [2022-02-20 18:09:39,935 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 335 edges. 335 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:39,943 INFO L225 Difference]: With dead ends: 475 [2022-02-20 18:09:39,943 INFO L226 Difference]: Without dead ends: 317 [2022-02-20 18:09:39,944 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-02-20 18:09:39,945 INFO L933 BasicCegarLoop]: 125 mSDtfsCounter, 84 mSDsluCounter, 347 mSDsCounter, 0 mSdLazyCounter, 30 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 84 SdHoareTripleChecker+Valid, 472 SdHoareTripleChecker+Invalid, 33 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 30 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:39,945 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [84 Valid, 472 Invalid, 33 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 30 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:39,945 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 317 states. [2022-02-20 18:09:39,962 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 317 to 311. [2022-02-20 18:09:39,962 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:39,963 INFO L82 GeneralOperation]: Start isEquivalent. First operand 317 states. Second operand has 311 states, 224 states have (on average 1.3392857142857142) internal successors, (300), 259 states have internal predecessors, (300), 56 states have call successors, (56), 32 states have call predecessors, (56), 30 states have return successors, (58), 32 states have call predecessors, (58), 56 states have call successors, (58) [2022-02-20 18:09:39,964 INFO L74 IsIncluded]: Start isIncluded. First operand 317 states. Second operand has 311 states, 224 states have (on average 1.3392857142857142) internal successors, (300), 259 states have internal predecessors, (300), 56 states have call successors, (56), 32 states have call predecessors, (56), 30 states have return successors, (58), 32 states have call predecessors, (58), 56 states have call successors, (58) [2022-02-20 18:09:39,964 INFO L87 Difference]: Start difference. First operand 317 states. Second operand has 311 states, 224 states have (on average 1.3392857142857142) internal successors, (300), 259 states have internal predecessors, (300), 56 states have call successors, (56), 32 states have call predecessors, (56), 30 states have return successors, (58), 32 states have call predecessors, (58), 56 states have call successors, (58) [2022-02-20 18:09:39,973 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:39,973 INFO L93 Difference]: Finished difference Result 317 states and 420 transitions. [2022-02-20 18:09:39,973 INFO L276 IsEmpty]: Start isEmpty. Operand 317 states and 420 transitions. [2022-02-20 18:09:39,974 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:39,974 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:39,975 INFO L74 IsIncluded]: Start isIncluded. First operand has 311 states, 224 states have (on average 1.3392857142857142) internal successors, (300), 259 states have internal predecessors, (300), 56 states have call successors, (56), 32 states have call predecessors, (56), 30 states have return successors, (58), 32 states have call predecessors, (58), 56 states have call successors, (58) Second operand 317 states. [2022-02-20 18:09:39,979 INFO L87 Difference]: Start difference. First operand has 311 states, 224 states have (on average 1.3392857142857142) internal successors, (300), 259 states have internal predecessors, (300), 56 states have call successors, (56), 32 states have call predecessors, (56), 30 states have return successors, (58), 32 states have call predecessors, (58), 56 states have call successors, (58) Second operand 317 states. [2022-02-20 18:09:39,988 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:39,989 INFO L93 Difference]: Finished difference Result 317 states and 420 transitions. [2022-02-20 18:09:39,989 INFO L276 IsEmpty]: Start isEmpty. Operand 317 states and 420 transitions. [2022-02-20 18:09:39,990 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:39,990 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:39,990 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:39,990 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:39,991 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 311 states, 224 states have (on average 1.3392857142857142) internal successors, (300), 259 states have internal predecessors, (300), 56 states have call successors, (56), 32 states have call predecessors, (56), 30 states have return successors, (58), 32 states have call predecessors, (58), 56 states have call successors, (58) [2022-02-20 18:09:40,000 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 311 states to 311 states and 414 transitions. [2022-02-20 18:09:40,001 INFO L78 Accepts]: Start accepts. Automaton has 311 states and 414 transitions. Word has length 34 [2022-02-20 18:09:40,001 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:40,001 INFO L470 AbstractCegarLoop]: Abstraction has 311 states and 414 transitions. [2022-02-20 18:09:40,001 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:40,001 INFO L276 IsEmpty]: Start isEmpty. Operand 311 states and 414 transitions. [2022-02-20 18:09:40,003 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-02-20 18:09:40,003 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:40,003 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:40,003 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-02-20 18:09:40,003 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:40,003 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:40,004 INFO L85 PathProgramCache]: Analyzing trace with hash 1778845972, now seen corresponding path program 1 times [2022-02-20 18:09:40,004 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:40,004 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [361354352] [2022-02-20 18:09:40,004 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:40,004 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:40,034 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:09:40,034 INFO L352 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2022-02-20 18:09:40,046 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:09:40,071 INFO L138 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2022-02-20 18:09:40,071 INFO L628 BasicCegarLoop]: Counterexample is feasible [2022-02-20 18:09:40,072 INFO L764 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-02-20 18:09:40,073 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-02-20 18:09:40,075 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1] [2022-02-20 18:09:40,077 INFO L180 ceAbstractionStarter]: Computing trace abstraction results [2022-02-20 18:09:40,092 FATAL L489 DefaultTranslator]: Callstack has procedure call flag but succeeding procedure is empty at [CALL] call waterRise(); [2022-02-20 18:09:40,092 FATAL L? ?]: The Plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction has thrown an exception: java.lang.AssertionError: callstack broken after backtranslation by InlinerBacktranslator at de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:216) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:206) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getProgramExecutionAsString(CounterExampleResult.java:155) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getLongDescription(CounterExampleResult.java:134) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ResultService.reportResult(ResultService.java:86) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.CegarLoopResultReporter.reportResult(CegarLoopResultReporter.java:141) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.reportLocationResults(TraceAbstractionStarter.java:607) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.runCegarLoops(TraceAbstractionStarter.java:182) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.(TraceAbstractionStarter.java:156) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver.finish(TraceAbstractionObserver.java:123) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runObserver(PluginConnector.java:168) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runTool(PluginConnector.java:151) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.run(PluginConnector.java:128) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.executePluginConnector(ToolchainWalker.java:232) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.processPlugin(ToolchainWalker.java:226) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walkUnprotected(ToolchainWalker.java:142) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walk(ToolchainWalker.java:104) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainManager$Toolchain.processToolchain(ToolchainManager.java:320) at de.uni_freiburg.informatik.ultimate.core.coreplugin.toolchain.DefaultToolchainJob.run(DefaultToolchainJob.java:145) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:63) [2022-02-20 18:09:40,095 INFO L158 Benchmark]: Toolchain (without parser) took 3580.74ms. Allocated memory was 119.5MB in the beginning and 144.7MB in the end (delta: 25.2MB). Free memory was 80.1MB in the beginning and 110.2MB in the end (delta: -30.1MB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:09:40,095 INFO L158 Benchmark]: CDTParser took 0.15ms. Allocated memory is still 119.5MB. Free memory is still 97.0MB. There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:09:40,096 INFO L158 Benchmark]: CACSL2BoogieTranslator took 349.53ms. Allocated memory is still 119.5MB. Free memory was 79.9MB in the beginning and 82.1MB in the end (delta: -2.2MB). Peak memory consumption was 12.6MB. Max. memory is 16.1GB. [2022-02-20 18:09:40,096 INFO L158 Benchmark]: Boogie Procedure Inliner took 48.69ms. Allocated memory is still 119.5MB. Free memory was 81.5MB in the beginning and 78.9MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:09:40,102 INFO L158 Benchmark]: Boogie Preprocessor took 46.23ms. Allocated memory is still 119.5MB. Free memory was 78.9MB in the beginning and 76.8MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:09:40,103 INFO L158 Benchmark]: RCFGBuilder took 556.01ms. Allocated memory is still 119.5MB. Free memory was 76.8MB in the beginning and 54.3MB in the end (delta: 22.5MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2022-02-20 18:09:40,103 INFO L158 Benchmark]: TraceAbstraction took 2574.66ms. Allocated memory was 119.5MB in the beginning and 144.7MB in the end (delta: 25.2MB). Free memory was 53.8MB in the beginning and 110.2MB in the end (delta: -56.4MB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:09:40,104 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.15ms. Allocated memory is still 119.5MB. Free memory is still 97.0MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 349.53ms. Allocated memory is still 119.5MB. Free memory was 79.9MB in the beginning and 82.1MB in the end (delta: -2.2MB). Peak memory consumption was 12.6MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 48.69ms. Allocated memory is still 119.5MB. Free memory was 81.5MB in the beginning and 78.9MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 46.23ms. Allocated memory is still 119.5MB. Free memory was 78.9MB in the beginning and 76.8MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 556.01ms. Allocated memory is still 119.5MB. Free memory was 76.8MB in the beginning and 54.3MB in the end (delta: 22.5MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * TraceAbstraction took 2574.66ms. Allocated memory was 119.5MB in the beginning and 144.7MB in the end (delta: 25.2MB). Free memory was 53.8MB in the beginning and 110.2MB in the end (delta: -56.4MB). There was no memory consumed. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: AssertionError: callstack broken after backtranslation by InlinerBacktranslator: de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) RESULT: Ultimate could not prove your program: Toolchain returned no result. [2022-02-20 18:09:40,145 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Using bit-precise analysis Retrying with bit-precise analysis ### Bit-precise run ### Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_product55.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Bitvector.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash ee424d693dfd8c88be1863ebdbdf37ea7e1818258f96fab9b4ff8bf142707b41 --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 18:09:41,746 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 18:09:41,747 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 18:09:41,775 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 18:09:41,776 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 18:09:41,779 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 18:09:41,780 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 18:09:41,784 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 18:09:41,786 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 18:09:41,789 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 18:09:41,790 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 18:09:41,793 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 18:09:41,793 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 18:09:41,794 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 18:09:41,796 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 18:09:41,796 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 18:09:41,797 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 18:09:41,798 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 18:09:41,799 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 18:09:41,802 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 18:09:41,804 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 18:09:41,805 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 18:09:41,806 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 18:09:41,807 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 18:09:41,809 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 18:09:41,811 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 18:09:41,811 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 18:09:41,812 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 18:09:41,817 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 18:09:41,818 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 18:09:41,818 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 18:09:41,819 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 18:09:41,820 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 18:09:41,820 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 18:09:41,821 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 18:09:41,821 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 18:09:41,822 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 18:09:41,822 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 18:09:41,822 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 18:09:41,823 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 18:09:41,824 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 18:09:41,827 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Bitvector.epf [2022-02-20 18:09:41,845 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 18:09:41,846 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 18:09:41,847 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 18:09:41,847 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 18:09:41,848 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 18:09:41,848 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 18:09:41,849 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 18:09:41,849 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 18:09:41,849 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 18:09:41,850 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 18:09:41,850 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 18:09:41,850 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 18:09:41,850 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 18:09:41,851 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-02-20 18:09:41,851 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 18:09:41,851 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-02-20 18:09:41,851 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-02-20 18:09:41,851 INFO L138 SettingsManager]: * Use bitvectors instead of ints=true [2022-02-20 18:09:41,851 INFO L138 SettingsManager]: * Memory model=HoenickeLindenmann_4ByteResolution [2022-02-20 18:09:41,851 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 18:09:41,852 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-02-20 18:09:41,852 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 18:09:41,852 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-02-20 18:09:41,852 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 18:09:41,852 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 18:09:41,852 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 18:09:41,852 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:09:41,853 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 18:09:41,853 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 18:09:41,853 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-02-20 18:09:41,853 INFO L138 SettingsManager]: * Trace refinement strategy=WOLF [2022-02-20 18:09:41,853 INFO L138 SettingsManager]: * Command for external solver=cvc4 --incremental --print-success --lang smt [2022-02-20 18:09:41,853 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2022-02-20 18:09:41,854 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-02-20 18:09:41,854 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-02-20 18:09:41,854 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2022-02-20 18:09:41,854 INFO L138 SettingsManager]: * Logic for external solver=AUFBV WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> ee424d693dfd8c88be1863ebdbdf37ea7e1818258f96fab9b4ff8bf142707b41 [2022-02-20 18:09:42,129 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 18:09:42,144 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 18:09:42,146 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 18:09:42,147 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 18:09:42,147 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 18:09:42,148 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_product55.cil.c [2022-02-20 18:09:42,191 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/7d5b5f05f/e89834cae2ea4f57a40c9550e0ccf2ac/FLAGcb109ffc9 [2022-02-20 18:09:42,606 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 18:09:42,609 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product55.cil.c [2022-02-20 18:09:42,619 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/7d5b5f05f/e89834cae2ea4f57a40c9550e0ccf2ac/FLAGcb109ffc9 [2022-02-20 18:09:42,630 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/7d5b5f05f/e89834cae2ea4f57a40c9550e0ccf2ac [2022-02-20 18:09:42,632 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 18:09:42,633 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 18:09:42,635 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 18:09:42,635 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 18:09:42,637 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 18:09:42,638 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:09:42" (1/1) ... [2022-02-20 18:09:42,639 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@49e3f733 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:42, skipping insertion in model container [2022-02-20 18:09:42,639 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:09:42" (1/1) ... [2022-02-20 18:09:42,644 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 18:09:42,684 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:09:42,862 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product55.cil.c[3777,3790] [2022-02-20 18:09:42,957 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:09:42,965 INFO L200 MainTranslator]: Restarting translation with changed settings: SettingsChange [mNewPreferredMemoryModel=HoenickeLindenmann_1ByteResolution] [2022-02-20 18:09:42,972 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:09:42,980 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product55.cil.c[3777,3790] [2022-02-20 18:09:43,012 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:09:43,016 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 18:09:43,030 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product55.cil.c[3777,3790] [2022-02-20 18:09:43,089 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:09:43,112 INFO L208 MainTranslator]: Completed translation [2022-02-20 18:09:43,113 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:43 WrapperNode [2022-02-20 18:09:43,113 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 18:09:43,114 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 18:09:43,114 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 18:09:43,114 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 18:09:43,119 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:43" (1/1) ... [2022-02-20 18:09:43,130 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:43" (1/1) ... [2022-02-20 18:09:43,154 INFO L137 Inliner]: procedures = 59, calls = 161, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 272 [2022-02-20 18:09:43,155 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 18:09:43,155 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 18:09:43,155 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 18:09:43,155 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 18:09:43,161 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:43" (1/1) ... [2022-02-20 18:09:43,161 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:43" (1/1) ... [2022-02-20 18:09:43,163 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:43" (1/1) ... [2022-02-20 18:09:43,163 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:43" (1/1) ... [2022-02-20 18:09:43,170 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:43" (1/1) ... [2022-02-20 18:09:43,177 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:43" (1/1) ... [2022-02-20 18:09:43,179 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:43" (1/1) ... [2022-02-20 18:09:43,181 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 18:09:43,181 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 18:09:43,181 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 18:09:43,182 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 18:09:43,182 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:43" (1/1) ... [2022-02-20 18:09:43,186 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:09:43,195 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 18:09:43,212 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 18:09:43,223 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 18:09:43,238 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 18:09:43,238 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-02-20 18:09:43,238 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-02-20 18:09:43,238 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-02-20 18:09:43,239 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-02-20 18:09:43,239 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-02-20 18:09:43,239 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-02-20 18:09:43,239 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-02-20 18:09:43,239 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-02-20 18:09:43,239 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-02-20 18:09:43,239 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-02-20 18:09:43,239 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-02-20 18:09:43,240 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-02-20 18:09:43,240 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2022-02-20 18:09:43,240 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2022-02-20 18:09:43,240 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~intINTTYPE1 [2022-02-20 18:09:43,240 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-02-20 18:09:43,240 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-02-20 18:09:43,240 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-02-20 18:09:43,240 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-02-20 18:09:43,241 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 18:09:43,241 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 18:09:43,320 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 18:09:43,321 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 18:09:43,627 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 18:09:43,633 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 18:09:43,634 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-02-20 18:09:43,635 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:09:43 BoogieIcfgContainer [2022-02-20 18:09:43,635 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 18:09:43,636 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 18:09:43,636 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 18:09:43,638 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 18:09:43,638 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 06:09:42" (1/3) ... [2022-02-20 18:09:43,638 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@23e44165 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:09:43, skipping insertion in model container [2022-02-20 18:09:43,638 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:43" (2/3) ... [2022-02-20 18:09:43,639 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@23e44165 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:09:43, skipping insertion in model container [2022-02-20 18:09:43,639 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:09:43" (3/3) ... [2022-02-20 18:09:43,639 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product55.cil.c [2022-02-20 18:09:43,642 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 18:09:43,642 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-02-20 18:09:43,669 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 18:09:43,673 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 18:09:43,673 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-02-20 18:09:43,690 INFO L276 IsEmpty]: Start isEmpty. Operand has 106 states, 78 states have (on average 1.3846153846153846) internal successors, (108), 89 states have internal predecessors, (108), 17 states have call successors, (17), 9 states have call predecessors, (17), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) [2022-02-20 18:09:43,697 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 18:09:43,697 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:43,698 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:43,698 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:43,703 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:43,703 INFO L85 PathProgramCache]: Analyzing trace with hash -460090863, now seen corresponding path program 1 times [2022-02-20 18:09:43,713 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:43,714 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1652357704] [2022-02-20 18:09:43,714 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:43,715 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:43,715 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:43,717 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:43,741 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Waiting until timeout for monitored process [2022-02-20 18:09:43,820 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:43,822 INFO L263 TraceCheckSpWp]: Trace formula consists of 154 conjuncts, 1 conjunts are in the unsatisfiable core [2022-02-20 18:09:43,836 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:43,839 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:43,928 INFO L290 TraceCheckUtils]: 0: Hoare triple {109#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(13bv32, 4bv32);call #Ultimate.allocInit(7bv32, 5bv32);call write~init~intINTTYPE1(44bv8, 5bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 5bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 5bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 5bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 5bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 5bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 5bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 6bv32);call write~init~intINTTYPE1(67bv8, 6bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 6bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 6bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 6bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 6bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 7bv32);call write~init~intINTTYPE1(79bv8, 7bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 7bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 7bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 8bv32);call write~init~intINTTYPE1(41bv8, 8bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 8bv32, 1bv32, 1bv32);call #Ultimate.allocInit(30bv32, 9bv32);call #Ultimate.allocInit(9bv32, 10bv32);call #Ultimate.allocInit(21bv32, 11bv32);call #Ultimate.allocInit(30bv32, 12bv32);call #Ultimate.allocInit(9bv32, 13bv32);call #Ultimate.allocInit(21bv32, 14bv32);call #Ultimate.allocInit(30bv32, 15bv32);call #Ultimate.allocInit(9bv32, 16bv32);call #Ultimate.allocInit(25bv32, 17bv32);call #Ultimate.allocInit(30bv32, 18bv32);call #Ultimate.allocInit(9bv32, 19bv32);call #Ultimate.allocInit(25bv32, 20bv32);call #Ultimate.allocInit(13bv32, 21bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(79bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 23bv32);call write~init~intINTTYPE1(79bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 23bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 23bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 24bv32);call write~init~intINTTYPE1(44bv8, 24bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 24bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 24bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 24bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 24bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 24bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 24bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 25bv32);call write~init~intINTTYPE1(79bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 26bv32);call write~init~intINTTYPE1(79bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(41bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(10bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32;~cleanupTimeShifts~0 := 4bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32; {109#true} is VALID [2022-02-20 18:09:43,929 INFO L290 TraceCheckUtils]: 1: Hoare triple {109#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret33#1, main_~retValue_acc~9#1, main_~tmp~3#1;havoc main_~retValue_acc~9#1;havoc main_~tmp~3#1;assume { :begin_inline_select_helpers } true; {109#true} is VALID [2022-02-20 18:09:43,929 INFO L290 TraceCheckUtils]: 2: Hoare triple {109#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {109#true} is VALID [2022-02-20 18:09:43,929 INFO L290 TraceCheckUtils]: 3: Hoare triple {109#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {109#true} is VALID [2022-02-20 18:09:43,932 INFO L290 TraceCheckUtils]: 4: Hoare triple {109#true} main_#t~ret33#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~3#1 := main_#t~ret33#1;havoc main_#t~ret33#1; {109#true} is VALID [2022-02-20 18:09:43,933 INFO L290 TraceCheckUtils]: 5: Hoare triple {109#true} assume 0bv32 != main_~tmp~3#1;assume { :begin_inline_setup } true; {109#true} is VALID [2022-02-20 18:09:43,933 INFO L290 TraceCheckUtils]: 6: Hoare triple {109#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet51#1, test_#t~nondet52#1, test_#t~nondet53#1, test_#t~nondet54#1, test_~splverifierCounter~0#1, test_~tmp~10#1, test_~tmp___0~3#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~10#1;havoc test_~tmp___0~3#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {109#true} is VALID [2022-02-20 18:09:43,933 INFO L290 TraceCheckUtils]: 7: Hoare triple {109#true} assume false; {110#false} is VALID [2022-02-20 18:09:43,934 INFO L272 TraceCheckUtils]: 8: Hoare triple {110#false} call cleanup(); {110#false} is VALID [2022-02-20 18:09:43,940 INFO L290 TraceCheckUtils]: 9: Hoare triple {110#false} havoc ~i~0;havoc ~__cil_tmp2~0; {110#false} is VALID [2022-02-20 18:09:43,940 INFO L272 TraceCheckUtils]: 10: Hoare triple {110#false} call timeShift(); {110#false} is VALID [2022-02-20 18:09:43,940 INFO L290 TraceCheckUtils]: 11: Hoare triple {110#false} assume !(0bv32 != ~pumpRunning~0); {110#false} is VALID [2022-02-20 18:09:43,940 INFO L290 TraceCheckUtils]: 12: Hoare triple {110#false} assume !(0bv32 != ~systemActive~0); {110#false} is VALID [2022-02-20 18:09:43,941 INFO L290 TraceCheckUtils]: 13: Hoare triple {110#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret48#1, __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_~tmp~9#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~9#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {110#false} is VALID [2022-02-20 18:09:43,941 INFO L272 TraceCheckUtils]: 14: Hoare triple {110#false} call __utac_acc__Specification3_spec__1_#t~ret48#1 := isMethaneLevelCritical(); {110#false} is VALID [2022-02-20 18:09:43,941 INFO L290 TraceCheckUtils]: 15: Hoare triple {110#false} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {110#false} is VALID [2022-02-20 18:09:43,941 INFO L290 TraceCheckUtils]: 16: Hoare triple {110#false} assume true; {110#false} is VALID [2022-02-20 18:09:43,941 INFO L284 TraceCheckUtils]: 17: Hoare quadruple {110#false} {110#false} #273#return; {110#false} is VALID [2022-02-20 18:09:43,941 INFO L290 TraceCheckUtils]: 18: Hoare triple {110#false} __utac_acc__Specification3_spec__1_~tmp~9#1 := __utac_acc__Specification3_spec__1_#t~ret48#1;havoc __utac_acc__Specification3_spec__1_#t~ret48#1; {110#false} is VALID [2022-02-20 18:09:43,942 INFO L290 TraceCheckUtils]: 19: Hoare triple {110#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~9#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~3#1;havoc getWaterLevel_~retValue_acc~3#1;getWaterLevel_~retValue_acc~3#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~3#1; {110#false} is VALID [2022-02-20 18:09:43,942 INFO L290 TraceCheckUtils]: 20: Hoare triple {110#false} __utac_acc__Specification3_spec__1_#t~ret49#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {110#false} is VALID [2022-02-20 18:09:43,942 INFO L290 TraceCheckUtils]: 21: Hoare triple {110#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~11#1;havoc isPumpRunning_~retValue_acc~11#1;isPumpRunning_~retValue_acc~11#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~11#1; {110#false} is VALID [2022-02-20 18:09:43,943 INFO L290 TraceCheckUtils]: 22: Hoare triple {110#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {110#false} is VALID [2022-02-20 18:09:43,943 INFO L290 TraceCheckUtils]: 23: Hoare triple {110#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {110#false} is VALID [2022-02-20 18:09:43,943 INFO L290 TraceCheckUtils]: 24: Hoare triple {110#false} assume !false; {110#false} is VALID [2022-02-20 18:09:43,944 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:43,944 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:43,945 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:43,945 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1652357704] [2022-02-20 18:09:43,945 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1652357704] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:43,945 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:43,945 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:09:43,946 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1864840691] [2022-02-20 18:09:43,947 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:43,950 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:09:43,951 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:43,953 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:43,979 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:43,979 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-02-20 18:09:43,980 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:43,995 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-02-20 18:09:43,995 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:09:43,999 INFO L87 Difference]: Start difference. First operand has 106 states, 78 states have (on average 1.3846153846153846) internal successors, (108), 89 states have internal predecessors, (108), 17 states have call successors, (17), 9 states have call predecessors, (17), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:44,114 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:44,115 INFO L93 Difference]: Finished difference Result 204 states and 279 transitions. [2022-02-20 18:09:44,115 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-02-20 18:09:44,115 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 18:09:44,115 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:44,116 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:44,128 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 279 transitions. [2022-02-20 18:09:44,128 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:44,136 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 279 transitions. [2022-02-20 18:09:44,143 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 279 transitions. [2022-02-20 18:09:44,394 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 279 edges. 279 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:44,410 INFO L225 Difference]: With dead ends: 204 [2022-02-20 18:09:44,411 INFO L226 Difference]: Without dead ends: 97 [2022-02-20 18:09:44,413 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 24 GetRequests, 24 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:09:44,416 INFO L933 BasicCegarLoop]: 136 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 136 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:44,421 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 136 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:44,432 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 97 states. [2022-02-20 18:09:44,448 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 97 to 97. [2022-02-20 18:09:44,448 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:44,452 INFO L82 GeneralOperation]: Start isEquivalent. First operand 97 states. Second operand has 97 states, 71 states have (on average 1.323943661971831) internal successors, (94), 81 states have internal predecessors, (94), 17 states have call successors, (17), 9 states have call predecessors, (17), 8 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2022-02-20 18:09:44,453 INFO L74 IsIncluded]: Start isIncluded. First operand 97 states. Second operand has 97 states, 71 states have (on average 1.323943661971831) internal successors, (94), 81 states have internal predecessors, (94), 17 states have call successors, (17), 9 states have call predecessors, (17), 8 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2022-02-20 18:09:44,455 INFO L87 Difference]: Start difference. First operand 97 states. Second operand has 97 states, 71 states have (on average 1.323943661971831) internal successors, (94), 81 states have internal predecessors, (94), 17 states have call successors, (17), 9 states have call predecessors, (17), 8 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2022-02-20 18:09:44,472 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:44,472 INFO L93 Difference]: Finished difference Result 97 states and 127 transitions. [2022-02-20 18:09:44,472 INFO L276 IsEmpty]: Start isEmpty. Operand 97 states and 127 transitions. [2022-02-20 18:09:44,473 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:44,473 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:44,474 INFO L74 IsIncluded]: Start isIncluded. First operand has 97 states, 71 states have (on average 1.323943661971831) internal successors, (94), 81 states have internal predecessors, (94), 17 states have call successors, (17), 9 states have call predecessors, (17), 8 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) Second operand 97 states. [2022-02-20 18:09:44,474 INFO L87 Difference]: Start difference. First operand has 97 states, 71 states have (on average 1.323943661971831) internal successors, (94), 81 states have internal predecessors, (94), 17 states have call successors, (17), 9 states have call predecessors, (17), 8 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) Second operand 97 states. [2022-02-20 18:09:44,478 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:44,478 INFO L93 Difference]: Finished difference Result 97 states and 127 transitions. [2022-02-20 18:09:44,478 INFO L276 IsEmpty]: Start isEmpty. Operand 97 states and 127 transitions. [2022-02-20 18:09:44,485 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:44,485 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:44,485 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:44,485 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:44,486 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 97 states, 71 states have (on average 1.323943661971831) internal successors, (94), 81 states have internal predecessors, (94), 17 states have call successors, (17), 9 states have call predecessors, (17), 8 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2022-02-20 18:09:44,494 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 97 states to 97 states and 127 transitions. [2022-02-20 18:09:44,496 INFO L78 Accepts]: Start accepts. Automaton has 97 states and 127 transitions. Word has length 25 [2022-02-20 18:09:44,496 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:44,496 INFO L470 AbstractCegarLoop]: Abstraction has 97 states and 127 transitions. [2022-02-20 18:09:44,496 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:44,497 INFO L276 IsEmpty]: Start isEmpty. Operand 97 states and 127 transitions. [2022-02-20 18:09:44,501 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-02-20 18:09:44,501 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:44,501 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:44,509 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Ended with exit code 0 [2022-02-20 18:09:44,709 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:44,710 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:44,710 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:44,710 INFO L85 PathProgramCache]: Analyzing trace with hash -541866074, now seen corresponding path program 1 times [2022-02-20 18:09:44,711 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:44,711 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [692404803] [2022-02-20 18:09:44,711 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:44,711 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:44,711 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:44,712 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:44,714 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Waiting until timeout for monitored process [2022-02-20 18:09:44,757 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:44,759 INFO L263 TraceCheckSpWp]: Trace formula consists of 155 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-20 18:09:44,767 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:44,768 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:44,840 INFO L290 TraceCheckUtils]: 0: Hoare triple {817#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(13bv32, 4bv32);call #Ultimate.allocInit(7bv32, 5bv32);call write~init~intINTTYPE1(44bv8, 5bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 5bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 5bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 5bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 5bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 5bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 5bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 6bv32);call write~init~intINTTYPE1(67bv8, 6bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 6bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 6bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 6bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 6bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 7bv32);call write~init~intINTTYPE1(79bv8, 7bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 7bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 7bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 8bv32);call write~init~intINTTYPE1(41bv8, 8bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 8bv32, 1bv32, 1bv32);call #Ultimate.allocInit(30bv32, 9bv32);call #Ultimate.allocInit(9bv32, 10bv32);call #Ultimate.allocInit(21bv32, 11bv32);call #Ultimate.allocInit(30bv32, 12bv32);call #Ultimate.allocInit(9bv32, 13bv32);call #Ultimate.allocInit(21bv32, 14bv32);call #Ultimate.allocInit(30bv32, 15bv32);call #Ultimate.allocInit(9bv32, 16bv32);call #Ultimate.allocInit(25bv32, 17bv32);call #Ultimate.allocInit(30bv32, 18bv32);call #Ultimate.allocInit(9bv32, 19bv32);call #Ultimate.allocInit(25bv32, 20bv32);call #Ultimate.allocInit(13bv32, 21bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(79bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 23bv32);call write~init~intINTTYPE1(79bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 23bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 23bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 24bv32);call write~init~intINTTYPE1(44bv8, 24bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 24bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 24bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 24bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 24bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 24bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 24bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 25bv32);call write~init~intINTTYPE1(79bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 26bv32);call write~init~intINTTYPE1(79bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(41bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(10bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32;~cleanupTimeShifts~0 := 4bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32; {817#true} is VALID [2022-02-20 18:09:44,840 INFO L290 TraceCheckUtils]: 1: Hoare triple {817#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret33#1, main_~retValue_acc~9#1, main_~tmp~3#1;havoc main_~retValue_acc~9#1;havoc main_~tmp~3#1;assume { :begin_inline_select_helpers } true; {817#true} is VALID [2022-02-20 18:09:44,840 INFO L290 TraceCheckUtils]: 2: Hoare triple {817#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {817#true} is VALID [2022-02-20 18:09:44,840 INFO L290 TraceCheckUtils]: 3: Hoare triple {817#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {817#true} is VALID [2022-02-20 18:09:44,840 INFO L290 TraceCheckUtils]: 4: Hoare triple {817#true} main_#t~ret33#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~3#1 := main_#t~ret33#1;havoc main_#t~ret33#1; {817#true} is VALID [2022-02-20 18:09:44,841 INFO L290 TraceCheckUtils]: 5: Hoare triple {817#true} assume 0bv32 != main_~tmp~3#1;assume { :begin_inline_setup } true; {817#true} is VALID [2022-02-20 18:09:44,841 INFO L290 TraceCheckUtils]: 6: Hoare triple {817#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet51#1, test_#t~nondet52#1, test_#t~nondet53#1, test_#t~nondet54#1, test_~splverifierCounter~0#1, test_~tmp~10#1, test_~tmp___0~3#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~10#1;havoc test_~tmp___0~3#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {840#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} is VALID [2022-02-20 18:09:44,841 INFO L290 TraceCheckUtils]: 7: Hoare triple {840#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} assume !false; {840#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} is VALID [2022-02-20 18:09:44,842 INFO L290 TraceCheckUtils]: 8: Hoare triple {840#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} assume !~bvslt32(test_~splverifierCounter~0#1, 4bv32); {818#false} is VALID [2022-02-20 18:09:44,842 INFO L272 TraceCheckUtils]: 9: Hoare triple {818#false} call cleanup(); {818#false} is VALID [2022-02-20 18:09:44,842 INFO L290 TraceCheckUtils]: 10: Hoare triple {818#false} havoc ~i~0;havoc ~__cil_tmp2~0; {818#false} is VALID [2022-02-20 18:09:44,842 INFO L272 TraceCheckUtils]: 11: Hoare triple {818#false} call timeShift(); {818#false} is VALID [2022-02-20 18:09:44,842 INFO L290 TraceCheckUtils]: 12: Hoare triple {818#false} assume !(0bv32 != ~pumpRunning~0); {818#false} is VALID [2022-02-20 18:09:44,843 INFO L290 TraceCheckUtils]: 13: Hoare triple {818#false} assume !(0bv32 != ~systemActive~0); {818#false} is VALID [2022-02-20 18:09:44,843 INFO L290 TraceCheckUtils]: 14: Hoare triple {818#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret48#1, __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_~tmp~9#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~9#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {818#false} is VALID [2022-02-20 18:09:44,843 INFO L272 TraceCheckUtils]: 15: Hoare triple {818#false} call __utac_acc__Specification3_spec__1_#t~ret48#1 := isMethaneLevelCritical(); {818#false} is VALID [2022-02-20 18:09:44,843 INFO L290 TraceCheckUtils]: 16: Hoare triple {818#false} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {818#false} is VALID [2022-02-20 18:09:44,843 INFO L290 TraceCheckUtils]: 17: Hoare triple {818#false} assume true; {818#false} is VALID [2022-02-20 18:09:44,843 INFO L284 TraceCheckUtils]: 18: Hoare quadruple {818#false} {818#false} #273#return; {818#false} is VALID [2022-02-20 18:09:44,844 INFO L290 TraceCheckUtils]: 19: Hoare triple {818#false} __utac_acc__Specification3_spec__1_~tmp~9#1 := __utac_acc__Specification3_spec__1_#t~ret48#1;havoc __utac_acc__Specification3_spec__1_#t~ret48#1; {818#false} is VALID [2022-02-20 18:09:44,844 INFO L290 TraceCheckUtils]: 20: Hoare triple {818#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~9#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~3#1;havoc getWaterLevel_~retValue_acc~3#1;getWaterLevel_~retValue_acc~3#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~3#1; {818#false} is VALID [2022-02-20 18:09:44,844 INFO L290 TraceCheckUtils]: 21: Hoare triple {818#false} __utac_acc__Specification3_spec__1_#t~ret49#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {818#false} is VALID [2022-02-20 18:09:44,844 INFO L290 TraceCheckUtils]: 22: Hoare triple {818#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~11#1;havoc isPumpRunning_~retValue_acc~11#1;isPumpRunning_~retValue_acc~11#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~11#1; {818#false} is VALID [2022-02-20 18:09:44,844 INFO L290 TraceCheckUtils]: 23: Hoare triple {818#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {818#false} is VALID [2022-02-20 18:09:44,844 INFO L290 TraceCheckUtils]: 24: Hoare triple {818#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {818#false} is VALID [2022-02-20 18:09:44,845 INFO L290 TraceCheckUtils]: 25: Hoare triple {818#false} assume !false; {818#false} is VALID [2022-02-20 18:09:44,845 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:44,845 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:44,845 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:44,845 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [692404803] [2022-02-20 18:09:44,845 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [692404803] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:44,846 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:44,846 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:09:44,846 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1175307835] [2022-02-20 18:09:44,846 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:44,847 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:09:44,847 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:44,847 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:44,868 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 26 edges. 26 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:44,869 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:44,869 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:44,869 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:44,870 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:44,870 INFO L87 Difference]: Start difference. First operand 97 states and 127 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:44,986 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:44,986 INFO L93 Difference]: Finished difference Result 156 states and 204 transitions. [2022-02-20 18:09:44,986 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:44,986 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 18:09:44,986 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:44,986 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:44,989 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 204 transitions. [2022-02-20 18:09:44,989 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:44,991 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 204 transitions. [2022-02-20 18:09:44,991 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 204 transitions. [2022-02-20 18:09:45,143 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 204 edges. 204 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:45,147 INFO L225 Difference]: With dead ends: 156 [2022-02-20 18:09:45,147 INFO L226 Difference]: Without dead ends: 88 [2022-02-20 18:09:45,150 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 25 GetRequests, 24 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:45,152 INFO L933 BasicCegarLoop]: 114 mSDtfsCounter, 16 mSDsluCounter, 93 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 207 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:45,152 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [20 Valid, 207 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:45,153 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 88 states. [2022-02-20 18:09:45,163 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 88 to 88. [2022-02-20 18:09:45,163 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:45,164 INFO L82 GeneralOperation]: Start isEquivalent. First operand 88 states. Second operand has 88 states, 65 states have (on average 1.3384615384615384) internal successors, (87), 75 states have internal predecessors, (87), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 18:09:45,164 INFO L74 IsIncluded]: Start isIncluded. First operand 88 states. Second operand has 88 states, 65 states have (on average 1.3384615384615384) internal successors, (87), 75 states have internal predecessors, (87), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 18:09:45,165 INFO L87 Difference]: Start difference. First operand 88 states. Second operand has 88 states, 65 states have (on average 1.3384615384615384) internal successors, (87), 75 states have internal predecessors, (87), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 18:09:45,168 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:45,168 INFO L93 Difference]: Finished difference Result 88 states and 115 transitions. [2022-02-20 18:09:45,168 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 115 transitions. [2022-02-20 18:09:45,169 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:45,169 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:45,170 INFO L74 IsIncluded]: Start isIncluded. First operand has 88 states, 65 states have (on average 1.3384615384615384) internal successors, (87), 75 states have internal predecessors, (87), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) Second operand 88 states. [2022-02-20 18:09:45,172 INFO L87 Difference]: Start difference. First operand has 88 states, 65 states have (on average 1.3384615384615384) internal successors, (87), 75 states have internal predecessors, (87), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) Second operand 88 states. [2022-02-20 18:09:45,176 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:45,176 INFO L93 Difference]: Finished difference Result 88 states and 115 transitions. [2022-02-20 18:09:45,177 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 115 transitions. [2022-02-20 18:09:45,177 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:45,177 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:45,177 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:45,177 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:45,179 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 88 states, 65 states have (on average 1.3384615384615384) internal successors, (87), 75 states have internal predecessors, (87), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 18:09:45,188 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 88 states to 88 states and 115 transitions. [2022-02-20 18:09:45,188 INFO L78 Accepts]: Start accepts. Automaton has 88 states and 115 transitions. Word has length 26 [2022-02-20 18:09:45,189 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:45,189 INFO L470 AbstractCegarLoop]: Abstraction has 88 states and 115 transitions. [2022-02-20 18:09:45,189 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:45,189 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 115 transitions. [2022-02-20 18:09:45,190 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-02-20 18:09:45,190 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:45,190 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:45,212 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Forceful destruction successful, exit code 0 [2022-02-20 18:09:45,399 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:45,400 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:45,400 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:45,400 INFO L85 PathProgramCache]: Analyzing trace with hash -470908360, now seen corresponding path program 1 times [2022-02-20 18:09:45,400 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:45,400 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1218860699] [2022-02-20 18:09:45,401 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:45,401 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:45,401 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:45,402 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:45,403 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Waiting until timeout for monitored process [2022-02-20 18:09:45,448 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:45,449 INFO L263 TraceCheckSpWp]: Trace formula consists of 155 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-20 18:09:45,457 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:45,458 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:45,524 INFO L290 TraceCheckUtils]: 0: Hoare triple {1427#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(13bv32, 4bv32);call #Ultimate.allocInit(7bv32, 5bv32);call write~init~intINTTYPE1(44bv8, 5bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 5bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 5bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 5bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 5bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 5bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 5bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 6bv32);call write~init~intINTTYPE1(67bv8, 6bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 6bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 6bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 6bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 6bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 7bv32);call write~init~intINTTYPE1(79bv8, 7bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 7bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 7bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 8bv32);call write~init~intINTTYPE1(41bv8, 8bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 8bv32, 1bv32, 1bv32);call #Ultimate.allocInit(30bv32, 9bv32);call #Ultimate.allocInit(9bv32, 10bv32);call #Ultimate.allocInit(21bv32, 11bv32);call #Ultimate.allocInit(30bv32, 12bv32);call #Ultimate.allocInit(9bv32, 13bv32);call #Ultimate.allocInit(21bv32, 14bv32);call #Ultimate.allocInit(30bv32, 15bv32);call #Ultimate.allocInit(9bv32, 16bv32);call #Ultimate.allocInit(25bv32, 17bv32);call #Ultimate.allocInit(30bv32, 18bv32);call #Ultimate.allocInit(9bv32, 19bv32);call #Ultimate.allocInit(25bv32, 20bv32);call #Ultimate.allocInit(13bv32, 21bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(79bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 23bv32);call write~init~intINTTYPE1(79bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 23bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 23bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 24bv32);call write~init~intINTTYPE1(44bv8, 24bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 24bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 24bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 24bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 24bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 24bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 24bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 25bv32);call write~init~intINTTYPE1(79bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 26bv32);call write~init~intINTTYPE1(79bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(41bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(10bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32;~cleanupTimeShifts~0 := 4bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32; {1432#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:45,525 INFO L290 TraceCheckUtils]: 1: Hoare triple {1432#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret33#1, main_~retValue_acc~9#1, main_~tmp~3#1;havoc main_~retValue_acc~9#1;havoc main_~tmp~3#1;assume { :begin_inline_select_helpers } true; {1432#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:45,525 INFO L290 TraceCheckUtils]: 2: Hoare triple {1432#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1432#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:45,526 INFO L290 TraceCheckUtils]: 3: Hoare triple {1432#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {1432#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:45,527 INFO L290 TraceCheckUtils]: 4: Hoare triple {1432#(= ~systemActive~0 (_ bv1 32))} main_#t~ret33#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~3#1 := main_#t~ret33#1;havoc main_#t~ret33#1; {1432#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:45,527 INFO L290 TraceCheckUtils]: 5: Hoare triple {1432#(= ~systemActive~0 (_ bv1 32))} assume 0bv32 != main_~tmp~3#1;assume { :begin_inline_setup } true; {1432#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:45,527 INFO L290 TraceCheckUtils]: 6: Hoare triple {1432#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet51#1, test_#t~nondet52#1, test_#t~nondet53#1, test_#t~nondet54#1, test_~splverifierCounter~0#1, test_~tmp~10#1, test_~tmp___0~3#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~10#1;havoc test_~tmp___0~3#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {1432#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:45,528 INFO L290 TraceCheckUtils]: 7: Hoare triple {1432#(= ~systemActive~0 (_ bv1 32))} assume !false; {1432#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:45,528 INFO L290 TraceCheckUtils]: 8: Hoare triple {1432#(= ~systemActive~0 (_ bv1 32))} assume ~bvslt32(test_~splverifierCounter~0#1, 4bv32); {1432#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:45,528 INFO L290 TraceCheckUtils]: 9: Hoare triple {1432#(= ~systemActive~0 (_ bv1 32))} test_~tmp~10#1 := test_#t~nondet51#1;havoc test_#t~nondet51#1; {1432#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:45,529 INFO L290 TraceCheckUtils]: 10: Hoare triple {1432#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != test_~tmp~10#1); {1432#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:45,529 INFO L290 TraceCheckUtils]: 11: Hoare triple {1432#(= ~systemActive~0 (_ bv1 32))} test_~tmp___0~3#1 := test_#t~nondet52#1;havoc test_#t~nondet52#1; {1432#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:45,529 INFO L290 TraceCheckUtils]: 12: Hoare triple {1432#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___0~3#1); {1432#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:45,530 INFO L290 TraceCheckUtils]: 13: Hoare triple {1432#(= ~systemActive~0 (_ bv1 32))} test_~tmp___2~0#1 := test_#t~nondet53#1;havoc test_#t~nondet53#1; {1432#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:45,530 INFO L290 TraceCheckUtils]: 14: Hoare triple {1432#(= ~systemActive~0 (_ bv1 32))} assume 0bv32 != test_~tmp___2~0#1; {1432#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:45,530 INFO L272 TraceCheckUtils]: 15: Hoare triple {1432#(= ~systemActive~0 (_ bv1 32))} call timeShift(); {1432#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:45,531 INFO L290 TraceCheckUtils]: 16: Hoare triple {1432#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {1432#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:09:45,531 INFO L290 TraceCheckUtils]: 17: Hoare triple {1432#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != ~systemActive~0); {1428#false} is VALID [2022-02-20 18:09:45,531 INFO L290 TraceCheckUtils]: 18: Hoare triple {1428#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret48#1, __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_~tmp~9#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~9#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {1428#false} is VALID [2022-02-20 18:09:45,531 INFO L272 TraceCheckUtils]: 19: Hoare triple {1428#false} call __utac_acc__Specification3_spec__1_#t~ret48#1 := isMethaneLevelCritical(); {1428#false} is VALID [2022-02-20 18:09:45,531 INFO L290 TraceCheckUtils]: 20: Hoare triple {1428#false} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {1428#false} is VALID [2022-02-20 18:09:45,532 INFO L290 TraceCheckUtils]: 21: Hoare triple {1428#false} assume true; {1428#false} is VALID [2022-02-20 18:09:45,532 INFO L284 TraceCheckUtils]: 22: Hoare quadruple {1428#false} {1428#false} #273#return; {1428#false} is VALID [2022-02-20 18:09:45,532 INFO L290 TraceCheckUtils]: 23: Hoare triple {1428#false} __utac_acc__Specification3_spec__1_~tmp~9#1 := __utac_acc__Specification3_spec__1_#t~ret48#1;havoc __utac_acc__Specification3_spec__1_#t~ret48#1; {1428#false} is VALID [2022-02-20 18:09:45,532 INFO L290 TraceCheckUtils]: 24: Hoare triple {1428#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~9#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~3#1;havoc getWaterLevel_~retValue_acc~3#1;getWaterLevel_~retValue_acc~3#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~3#1; {1428#false} is VALID [2022-02-20 18:09:45,533 INFO L290 TraceCheckUtils]: 25: Hoare triple {1428#false} __utac_acc__Specification3_spec__1_#t~ret49#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {1428#false} is VALID [2022-02-20 18:09:45,533 INFO L290 TraceCheckUtils]: 26: Hoare triple {1428#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~11#1;havoc isPumpRunning_~retValue_acc~11#1;isPumpRunning_~retValue_acc~11#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~11#1; {1428#false} is VALID [2022-02-20 18:09:45,533 INFO L290 TraceCheckUtils]: 27: Hoare triple {1428#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {1428#false} is VALID [2022-02-20 18:09:45,533 INFO L290 TraceCheckUtils]: 28: Hoare triple {1428#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {1428#false} is VALID [2022-02-20 18:09:45,533 INFO L290 TraceCheckUtils]: 29: Hoare triple {1428#false} assume !false; {1428#false} is VALID [2022-02-20 18:09:45,533 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:45,533 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:45,533 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:45,533 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1218860699] [2022-02-20 18:09:45,534 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1218860699] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:45,536 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:45,536 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:09:45,536 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [644107698] [2022-02-20 18:09:45,536 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:45,536 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:09:45,536 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:45,536 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:45,556 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 30 edges. 30 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:45,557 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:45,557 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:45,557 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:45,557 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:45,557 INFO L87 Difference]: Start difference. First operand 88 states and 115 transitions. Second operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:45,733 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:45,733 INFO L93 Difference]: Finished difference Result 249 states and 331 transitions. [2022-02-20 18:09:45,733 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:45,734 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 18:09:45,734 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:45,734 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:45,738 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 331 transitions. [2022-02-20 18:09:45,739 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:45,743 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 331 transitions. [2022-02-20 18:09:45,744 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 331 transitions. [2022-02-20 18:09:45,966 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 331 edges. 331 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:45,969 INFO L225 Difference]: With dead ends: 249 [2022-02-20 18:09:45,969 INFO L226 Difference]: Without dead ends: 168 [2022-02-20 18:09:45,970 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 29 GetRequests, 28 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:45,970 INFO L933 BasicCegarLoop]: 142 mSDtfsCounter, 95 mSDsluCounter, 105 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 95 SdHoareTripleChecker+Valid, 247 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:45,971 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [95 Valid, 247 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:45,971 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 168 states. [2022-02-20 18:09:45,979 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 168 to 165. [2022-02-20 18:09:45,979 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:45,980 INFO L82 GeneralOperation]: Start isEquivalent. First operand 168 states. Second operand has 165 states, 120 states have (on average 1.3583333333333334) internal successors, (163), 139 states have internal predecessors, (163), 28 states have call successors, (28), 16 states have call predecessors, (28), 16 states have return successors, (28), 17 states have call predecessors, (28), 28 states have call successors, (28) [2022-02-20 18:09:45,980 INFO L74 IsIncluded]: Start isIncluded. First operand 168 states. Second operand has 165 states, 120 states have (on average 1.3583333333333334) internal successors, (163), 139 states have internal predecessors, (163), 28 states have call successors, (28), 16 states have call predecessors, (28), 16 states have return successors, (28), 17 states have call predecessors, (28), 28 states have call successors, (28) [2022-02-20 18:09:45,981 INFO L87 Difference]: Start difference. First operand 168 states. Second operand has 165 states, 120 states have (on average 1.3583333333333334) internal successors, (163), 139 states have internal predecessors, (163), 28 states have call successors, (28), 16 states have call predecessors, (28), 16 states have return successors, (28), 17 states have call predecessors, (28), 28 states have call successors, (28) [2022-02-20 18:09:45,985 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:45,985 INFO L93 Difference]: Finished difference Result 168 states and 221 transitions. [2022-02-20 18:09:45,985 INFO L276 IsEmpty]: Start isEmpty. Operand 168 states and 221 transitions. [2022-02-20 18:09:45,986 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:45,986 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:45,986 INFO L74 IsIncluded]: Start isIncluded. First operand has 165 states, 120 states have (on average 1.3583333333333334) internal successors, (163), 139 states have internal predecessors, (163), 28 states have call successors, (28), 16 states have call predecessors, (28), 16 states have return successors, (28), 17 states have call predecessors, (28), 28 states have call successors, (28) Second operand 168 states. [2022-02-20 18:09:45,987 INFO L87 Difference]: Start difference. First operand has 165 states, 120 states have (on average 1.3583333333333334) internal successors, (163), 139 states have internal predecessors, (163), 28 states have call successors, (28), 16 states have call predecessors, (28), 16 states have return successors, (28), 17 states have call predecessors, (28), 28 states have call successors, (28) Second operand 168 states. [2022-02-20 18:09:45,991 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:45,991 INFO L93 Difference]: Finished difference Result 168 states and 221 transitions. [2022-02-20 18:09:45,991 INFO L276 IsEmpty]: Start isEmpty. Operand 168 states and 221 transitions. [2022-02-20 18:09:45,992 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:45,992 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:45,992 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:45,992 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:45,992 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 165 states, 120 states have (on average 1.3583333333333334) internal successors, (163), 139 states have internal predecessors, (163), 28 states have call successors, (28), 16 states have call predecessors, (28), 16 states have return successors, (28), 17 states have call predecessors, (28), 28 states have call successors, (28) [2022-02-20 18:09:46,000 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 165 states to 165 states and 219 transitions. [2022-02-20 18:09:46,000 INFO L78 Accepts]: Start accepts. Automaton has 165 states and 219 transitions. Word has length 30 [2022-02-20 18:09:46,000 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:46,000 INFO L470 AbstractCegarLoop]: Abstraction has 165 states and 219 transitions. [2022-02-20 18:09:46,000 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 2 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:46,000 INFO L276 IsEmpty]: Start isEmpty. Operand 165 states and 219 transitions. [2022-02-20 18:09:46,001 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-02-20 18:09:46,001 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:46,001 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:46,010 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Forceful destruction successful, exit code 0 [2022-02-20 18:09:46,214 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:46,214 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:46,214 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:46,214 INFO L85 PathProgramCache]: Analyzing trace with hash -200767314, now seen corresponding path program 1 times [2022-02-20 18:09:46,215 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:46,215 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [2010802848] [2022-02-20 18:09:46,215 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:46,215 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:46,215 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:46,228 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:46,229 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Waiting until timeout for monitored process [2022-02-20 18:09:46,267 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:46,269 INFO L263 TraceCheckSpWp]: Trace formula consists of 160 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 18:09:46,281 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:46,281 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:46,385 INFO L290 TraceCheckUtils]: 0: Hoare triple {2450#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(13bv32, 4bv32);call #Ultimate.allocInit(7bv32, 5bv32);call write~init~intINTTYPE1(44bv8, 5bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 5bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 5bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 5bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 5bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 5bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 5bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 6bv32);call write~init~intINTTYPE1(67bv8, 6bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 6bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 6bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 6bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 6bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 7bv32);call write~init~intINTTYPE1(79bv8, 7bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 7bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 7bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 8bv32);call write~init~intINTTYPE1(41bv8, 8bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 8bv32, 1bv32, 1bv32);call #Ultimate.allocInit(30bv32, 9bv32);call #Ultimate.allocInit(9bv32, 10bv32);call #Ultimate.allocInit(21bv32, 11bv32);call #Ultimate.allocInit(30bv32, 12bv32);call #Ultimate.allocInit(9bv32, 13bv32);call #Ultimate.allocInit(21bv32, 14bv32);call #Ultimate.allocInit(30bv32, 15bv32);call #Ultimate.allocInit(9bv32, 16bv32);call #Ultimate.allocInit(25bv32, 17bv32);call #Ultimate.allocInit(30bv32, 18bv32);call #Ultimate.allocInit(9bv32, 19bv32);call #Ultimate.allocInit(25bv32, 20bv32);call #Ultimate.allocInit(13bv32, 21bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(79bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 23bv32);call write~init~intINTTYPE1(79bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 23bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 23bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 24bv32);call write~init~intINTTYPE1(44bv8, 24bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 24bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 24bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 24bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 24bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 24bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 24bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 25bv32);call write~init~intINTTYPE1(79bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 26bv32);call write~init~intINTTYPE1(79bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(41bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(10bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32;~cleanupTimeShifts~0 := 4bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32; {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,386 INFO L290 TraceCheckUtils]: 1: Hoare triple {2455#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret33#1, main_~retValue_acc~9#1, main_~tmp~3#1;havoc main_~retValue_acc~9#1;havoc main_~tmp~3#1;assume { :begin_inline_select_helpers } true; {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,386 INFO L290 TraceCheckUtils]: 2: Hoare triple {2455#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,387 INFO L290 TraceCheckUtils]: 3: Hoare triple {2455#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,387 INFO L290 TraceCheckUtils]: 4: Hoare triple {2455#(= ~waterLevel~0 (_ bv1 32))} main_#t~ret33#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~3#1 := main_#t~ret33#1;havoc main_#t~ret33#1; {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,387 INFO L290 TraceCheckUtils]: 5: Hoare triple {2455#(= ~waterLevel~0 (_ bv1 32))} assume 0bv32 != main_~tmp~3#1;assume { :begin_inline_setup } true; {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,388 INFO L290 TraceCheckUtils]: 6: Hoare triple {2455#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet51#1, test_#t~nondet52#1, test_#t~nondet53#1, test_#t~nondet54#1, test_~splverifierCounter~0#1, test_~tmp~10#1, test_~tmp___0~3#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~10#1;havoc test_~tmp___0~3#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,388 INFO L290 TraceCheckUtils]: 7: Hoare triple {2455#(= ~waterLevel~0 (_ bv1 32))} assume !false; {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,388 INFO L290 TraceCheckUtils]: 8: Hoare triple {2455#(= ~waterLevel~0 (_ bv1 32))} assume ~bvslt32(test_~splverifierCounter~0#1, 4bv32); {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,389 INFO L290 TraceCheckUtils]: 9: Hoare triple {2455#(= ~waterLevel~0 (_ bv1 32))} test_~tmp~10#1 := test_#t~nondet51#1;havoc test_#t~nondet51#1; {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,389 INFO L290 TraceCheckUtils]: 10: Hoare triple {2455#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != test_~tmp~10#1); {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,389 INFO L290 TraceCheckUtils]: 11: Hoare triple {2455#(= ~waterLevel~0 (_ bv1 32))} test_~tmp___0~3#1 := test_#t~nondet52#1;havoc test_#t~nondet52#1; {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,390 INFO L290 TraceCheckUtils]: 12: Hoare triple {2455#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___0~3#1); {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,390 INFO L290 TraceCheckUtils]: 13: Hoare triple {2455#(= ~waterLevel~0 (_ bv1 32))} test_~tmp___2~0#1 := test_#t~nondet53#1;havoc test_#t~nondet53#1; {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,390 INFO L290 TraceCheckUtils]: 14: Hoare triple {2455#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___2~0#1);test_~tmp___1~1#1 := test_#t~nondet54#1;havoc test_#t~nondet54#1; {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,391 INFO L290 TraceCheckUtils]: 15: Hoare triple {2455#(= ~waterLevel~0 (_ bv1 32))} assume 0bv32 != test_~tmp___1~1#1;assume { :begin_inline_stopSystem } true; {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,391 INFO L290 TraceCheckUtils]: 16: Hoare triple {2455#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,391 INFO L290 TraceCheckUtils]: 17: Hoare triple {2455#(= ~waterLevel~0 (_ bv1 32))} ~systemActive~0 := 0bv32; {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,392 INFO L290 TraceCheckUtils]: 18: Hoare triple {2455#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_stopSystem } true; {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,392 INFO L272 TraceCheckUtils]: 19: Hoare triple {2455#(= ~waterLevel~0 (_ bv1 32))} call timeShift(); {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,393 INFO L290 TraceCheckUtils]: 20: Hoare triple {2455#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,393 INFO L290 TraceCheckUtils]: 21: Hoare triple {2455#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != ~systemActive~0); {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,393 INFO L290 TraceCheckUtils]: 22: Hoare triple {2455#(= ~waterLevel~0 (_ bv1 32))} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret48#1, __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_~tmp~9#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~9#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,394 INFO L272 TraceCheckUtils]: 23: Hoare triple {2455#(= ~waterLevel~0 (_ bv1 32))} call __utac_acc__Specification3_spec__1_#t~ret48#1 := isMethaneLevelCritical(); {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,394 INFO L290 TraceCheckUtils]: 24: Hoare triple {2455#(= ~waterLevel~0 (_ bv1 32))} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,394 INFO L290 TraceCheckUtils]: 25: Hoare triple {2455#(= ~waterLevel~0 (_ bv1 32))} assume true; {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,395 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {2455#(= ~waterLevel~0 (_ bv1 32))} {2455#(= ~waterLevel~0 (_ bv1 32))} #273#return; {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,395 INFO L290 TraceCheckUtils]: 27: Hoare triple {2455#(= ~waterLevel~0 (_ bv1 32))} __utac_acc__Specification3_spec__1_~tmp~9#1 := __utac_acc__Specification3_spec__1_#t~ret48#1;havoc __utac_acc__Specification3_spec__1_#t~ret48#1; {2455#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:09:46,395 INFO L290 TraceCheckUtils]: 28: Hoare triple {2455#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~9#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~3#1;havoc getWaterLevel_~retValue_acc~3#1;getWaterLevel_~retValue_acc~3#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~3#1; {2540#(= |timeShift_getWaterLevel_#res#1| (_ bv1 32))} is VALID [2022-02-20 18:09:46,396 INFO L290 TraceCheckUtils]: 29: Hoare triple {2540#(= |timeShift_getWaterLevel_#res#1| (_ bv1 32))} __utac_acc__Specification3_spec__1_#t~ret49#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {2544#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~2#1| (_ bv1 32))} is VALID [2022-02-20 18:09:46,396 INFO L290 TraceCheckUtils]: 30: Hoare triple {2544#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~2#1| (_ bv1 32))} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~11#1;havoc isPumpRunning_~retValue_acc~11#1;isPumpRunning_~retValue_acc~11#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~11#1; {2451#false} is VALID [2022-02-20 18:09:46,396 INFO L290 TraceCheckUtils]: 31: Hoare triple {2451#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {2451#false} is VALID [2022-02-20 18:09:46,397 INFO L290 TraceCheckUtils]: 32: Hoare triple {2451#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {2451#false} is VALID [2022-02-20 18:09:46,397 INFO L290 TraceCheckUtils]: 33: Hoare triple {2451#false} assume !false; {2451#false} is VALID [2022-02-20 18:09:46,397 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:46,397 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:46,397 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:46,397 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [2010802848] [2022-02-20 18:09:46,397 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [2010802848] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:46,398 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:46,398 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 18:09:46,398 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1454763064] [2022-02-20 18:09:46,398 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:46,398 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-20 18:09:46,398 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:46,399 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:46,423 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 34 edges. 34 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:46,423 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 18:09:46,424 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:46,424 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 18:09:46,424 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 18:09:46,424 INFO L87 Difference]: Start difference. First operand 165 states and 219 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:46,748 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:46,749 INFO L93 Difference]: Finished difference Result 475 states and 652 transitions. [2022-02-20 18:09:46,749 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 18:09:46,749 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-20 18:09:46,749 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:46,750 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:46,753 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 335 transitions. [2022-02-20 18:09:46,753 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:46,756 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 335 transitions. [2022-02-20 18:09:46,756 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 335 transitions. [2022-02-20 18:09:46,978 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 335 edges. 335 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:46,985 INFO L225 Difference]: With dead ends: 475 [2022-02-20 18:09:46,985 INFO L226 Difference]: Without dead ends: 317 [2022-02-20 18:09:46,986 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 35 GetRequests, 30 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-02-20 18:09:46,986 INFO L933 BasicCegarLoop]: 125 mSDtfsCounter, 81 mSDsluCounter, 347 mSDsCounter, 0 mSdLazyCounter, 30 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 81 SdHoareTripleChecker+Valid, 472 SdHoareTripleChecker+Invalid, 33 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 30 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:46,987 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [81 Valid, 472 Invalid, 33 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 30 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:46,989 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 317 states. [2022-02-20 18:09:47,010 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 317 to 311. [2022-02-20 18:09:47,011 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:47,012 INFO L82 GeneralOperation]: Start isEquivalent. First operand 317 states. Second operand has 311 states, 224 states have (on average 1.3392857142857142) internal successors, (300), 259 states have internal predecessors, (300), 56 states have call successors, (56), 32 states have call predecessors, (56), 30 states have return successors, (58), 32 states have call predecessors, (58), 56 states have call successors, (58) [2022-02-20 18:09:47,013 INFO L74 IsIncluded]: Start isIncluded. First operand 317 states. Second operand has 311 states, 224 states have (on average 1.3392857142857142) internal successors, (300), 259 states have internal predecessors, (300), 56 states have call successors, (56), 32 states have call predecessors, (56), 30 states have return successors, (58), 32 states have call predecessors, (58), 56 states have call successors, (58) [2022-02-20 18:09:47,015 INFO L87 Difference]: Start difference. First operand 317 states. Second operand has 311 states, 224 states have (on average 1.3392857142857142) internal successors, (300), 259 states have internal predecessors, (300), 56 states have call successors, (56), 32 states have call predecessors, (56), 30 states have return successors, (58), 32 states have call predecessors, (58), 56 states have call successors, (58) [2022-02-20 18:09:47,024 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:47,024 INFO L93 Difference]: Finished difference Result 317 states and 420 transitions. [2022-02-20 18:09:47,024 INFO L276 IsEmpty]: Start isEmpty. Operand 317 states and 420 transitions. [2022-02-20 18:09:47,026 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:47,026 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:47,027 INFO L74 IsIncluded]: Start isIncluded. First operand has 311 states, 224 states have (on average 1.3392857142857142) internal successors, (300), 259 states have internal predecessors, (300), 56 states have call successors, (56), 32 states have call predecessors, (56), 30 states have return successors, (58), 32 states have call predecessors, (58), 56 states have call successors, (58) Second operand 317 states. [2022-02-20 18:09:47,028 INFO L87 Difference]: Start difference. First operand has 311 states, 224 states have (on average 1.3392857142857142) internal successors, (300), 259 states have internal predecessors, (300), 56 states have call successors, (56), 32 states have call predecessors, (56), 30 states have return successors, (58), 32 states have call predecessors, (58), 56 states have call successors, (58) Second operand 317 states. [2022-02-20 18:09:47,037 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:47,037 INFO L93 Difference]: Finished difference Result 317 states and 420 transitions. [2022-02-20 18:09:47,037 INFO L276 IsEmpty]: Start isEmpty. Operand 317 states and 420 transitions. [2022-02-20 18:09:47,039 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:47,039 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:47,039 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:47,039 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:47,040 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 311 states, 224 states have (on average 1.3392857142857142) internal successors, (300), 259 states have internal predecessors, (300), 56 states have call successors, (56), 32 states have call predecessors, (56), 30 states have return successors, (58), 32 states have call predecessors, (58), 56 states have call successors, (58) [2022-02-20 18:09:47,048 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 311 states to 311 states and 414 transitions. [2022-02-20 18:09:47,048 INFO L78 Accepts]: Start accepts. Automaton has 311 states and 414 transitions. Word has length 34 [2022-02-20 18:09:47,049 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:47,049 INFO L470 AbstractCegarLoop]: Abstraction has 311 states and 414 transitions. [2022-02-20 18:09:47,049 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:47,049 INFO L276 IsEmpty]: Start isEmpty. Operand 311 states and 414 transitions. [2022-02-20 18:09:47,050 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 37 [2022-02-20 18:09:47,050 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:47,050 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:47,058 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Forceful destruction successful, exit code 0 [2022-02-20 18:09:47,256 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:47,257 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:47,257 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:47,257 INFO L85 PathProgramCache]: Analyzing trace with hash -119718157, now seen corresponding path program 1 times [2022-02-20 18:09:47,257 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:47,257 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [392969626] [2022-02-20 18:09:47,258 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:47,258 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:47,258 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:47,259 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:47,260 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Waiting until timeout for monitored process [2022-02-20 18:09:47,296 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:47,298 INFO L263 TraceCheckSpWp]: Trace formula consists of 163 conjuncts, 4 conjunts are in the unsatisfiable core [2022-02-20 18:09:47,305 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:47,306 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:09:47,384 INFO L290 TraceCheckUtils]: 0: Hoare triple {4327#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(31bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(13bv32, 4bv32);call #Ultimate.allocInit(7bv32, 5bv32);call write~init~intINTTYPE1(44bv8, 5bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 5bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 5bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 5bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 5bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 5bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 5bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 6bv32);call write~init~intINTTYPE1(67bv8, 6bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 6bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 6bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 6bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 6bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 7bv32);call write~init~intINTTYPE1(79bv8, 7bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 7bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 7bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 8bv32);call write~init~intINTTYPE1(41bv8, 8bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 8bv32, 1bv32, 1bv32);call #Ultimate.allocInit(30bv32, 9bv32);call #Ultimate.allocInit(9bv32, 10bv32);call #Ultimate.allocInit(21bv32, 11bv32);call #Ultimate.allocInit(30bv32, 12bv32);call #Ultimate.allocInit(9bv32, 13bv32);call #Ultimate.allocInit(21bv32, 14bv32);call #Ultimate.allocInit(30bv32, 15bv32);call #Ultimate.allocInit(9bv32, 16bv32);call #Ultimate.allocInit(25bv32, 17bv32);call #Ultimate.allocInit(30bv32, 18bv32);call #Ultimate.allocInit(9bv32, 19bv32);call #Ultimate.allocInit(25bv32, 20bv32);call #Ultimate.allocInit(13bv32, 21bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(79bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 23bv32);call write~init~intINTTYPE1(79bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 23bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 23bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 24bv32);call write~init~intINTTYPE1(44bv8, 24bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 24bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 24bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 24bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 24bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 24bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 24bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 25bv32);call write~init~intINTTYPE1(79bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 26bv32);call write~init~intINTTYPE1(79bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(41bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(10bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32;~head~0.base, ~head~0.offset := 0bv32, 0bv32;~cleanupTimeShifts~0 := 4bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32; {4327#true} is VALID [2022-02-20 18:09:47,385 INFO L290 TraceCheckUtils]: 1: Hoare triple {4327#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret33#1, main_~retValue_acc~9#1, main_~tmp~3#1;havoc main_~retValue_acc~9#1;havoc main_~tmp~3#1;assume { :begin_inline_select_helpers } true; {4327#true} is VALID [2022-02-20 18:09:47,385 INFO L290 TraceCheckUtils]: 2: Hoare triple {4327#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {4327#true} is VALID [2022-02-20 18:09:47,391 INFO L290 TraceCheckUtils]: 3: Hoare triple {4327#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1bv32;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {4327#true} is VALID [2022-02-20 18:09:47,392 INFO L290 TraceCheckUtils]: 4: Hoare triple {4327#true} main_#t~ret33#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~3#1 := main_#t~ret33#1;havoc main_#t~ret33#1; {4327#true} is VALID [2022-02-20 18:09:47,393 INFO L290 TraceCheckUtils]: 5: Hoare triple {4327#true} assume 0bv32 != main_~tmp~3#1;assume { :begin_inline_setup } true; {4327#true} is VALID [2022-02-20 18:09:47,394 INFO L290 TraceCheckUtils]: 6: Hoare triple {4327#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet51#1, test_#t~nondet52#1, test_#t~nondet53#1, test_#t~nondet54#1, test_~splverifierCounter~0#1, test_~tmp~10#1, test_~tmp___0~3#1, test_~tmp___1~1#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~10#1;havoc test_~tmp___0~3#1;havoc test_~tmp___1~1#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {4327#true} is VALID [2022-02-20 18:09:47,394 INFO L290 TraceCheckUtils]: 7: Hoare triple {4327#true} assume !false; {4327#true} is VALID [2022-02-20 18:09:47,394 INFO L290 TraceCheckUtils]: 8: Hoare triple {4327#true} assume ~bvslt32(test_~splverifierCounter~0#1, 4bv32); {4327#true} is VALID [2022-02-20 18:09:47,394 INFO L290 TraceCheckUtils]: 9: Hoare triple {4327#true} test_~tmp~10#1 := test_#t~nondet51#1;havoc test_#t~nondet51#1; {4327#true} is VALID [2022-02-20 18:09:47,395 INFO L290 TraceCheckUtils]: 10: Hoare triple {4327#true} assume !(0bv32 != test_~tmp~10#1); {4327#true} is VALID [2022-02-20 18:09:47,395 INFO L290 TraceCheckUtils]: 11: Hoare triple {4327#true} test_~tmp___0~3#1 := test_#t~nondet52#1;havoc test_#t~nondet52#1; {4327#true} is VALID [2022-02-20 18:09:47,395 INFO L290 TraceCheckUtils]: 12: Hoare triple {4327#true} assume !(0bv32 != test_~tmp___0~3#1); {4327#true} is VALID [2022-02-20 18:09:47,395 INFO L290 TraceCheckUtils]: 13: Hoare triple {4327#true} test_~tmp___2~0#1 := test_#t~nondet53#1;havoc test_#t~nondet53#1; {4327#true} is VALID [2022-02-20 18:09:47,395 INFO L290 TraceCheckUtils]: 14: Hoare triple {4327#true} assume !(0bv32 != test_~tmp___2~0#1);test_~tmp___1~1#1 := test_#t~nondet54#1;havoc test_#t~nondet54#1; {4327#true} is VALID [2022-02-20 18:09:47,395 INFO L290 TraceCheckUtils]: 15: Hoare triple {4327#true} assume 0bv32 != test_~tmp___1~1#1;assume { :begin_inline_stopSystem } true; {4327#true} is VALID [2022-02-20 18:09:47,396 INFO L290 TraceCheckUtils]: 16: Hoare triple {4327#true} assume !(0bv32 != ~pumpRunning~0); {4380#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:47,396 INFO L290 TraceCheckUtils]: 17: Hoare triple {4380#(= (_ bv0 32) ~pumpRunning~0)} ~systemActive~0 := 0bv32; {4380#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:47,396 INFO L290 TraceCheckUtils]: 18: Hoare triple {4380#(= (_ bv0 32) ~pumpRunning~0)} assume { :end_inline_stopSystem } true; {4380#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:47,397 INFO L272 TraceCheckUtils]: 19: Hoare triple {4380#(= (_ bv0 32) ~pumpRunning~0)} call timeShift(); {4380#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:09:47,397 INFO L290 TraceCheckUtils]: 20: Hoare triple {4380#(= (_ bv0 32) ~pumpRunning~0)} assume 0bv32 != ~pumpRunning~0;assume { :begin_inline_lowerWaterLevel } true; {4328#false} is VALID [2022-02-20 18:09:47,397 INFO L290 TraceCheckUtils]: 21: Hoare triple {4328#false} assume ~bvsgt32(~waterLevel~0, 0bv32);~waterLevel~0 := ~bvsub32(~waterLevel~0, 1bv32); {4328#false} is VALID [2022-02-20 18:09:47,397 INFO L290 TraceCheckUtils]: 22: Hoare triple {4328#false} assume { :end_inline_lowerWaterLevel } true; {4328#false} is VALID [2022-02-20 18:09:47,398 INFO L290 TraceCheckUtils]: 23: Hoare triple {4328#false} assume !(0bv32 != ~systemActive~0); {4328#false} is VALID [2022-02-20 18:09:47,398 INFO L290 TraceCheckUtils]: 24: Hoare triple {4328#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret48#1, __utac_acc__Specification3_spec__1_#t~ret49#1, __utac_acc__Specification3_spec__1_#t~ret50#1, __utac_acc__Specification3_spec__1_~tmp~9#1, __utac_acc__Specification3_spec__1_~tmp___0~2#1, __utac_acc__Specification3_spec__1_~tmp___1~0#1;havoc __utac_acc__Specification3_spec__1_~tmp~9#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~2#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~0#1; {4328#false} is VALID [2022-02-20 18:09:47,398 INFO L272 TraceCheckUtils]: 25: Hoare triple {4328#false} call __utac_acc__Specification3_spec__1_#t~ret48#1 := isMethaneLevelCritical(); {4328#false} is VALID [2022-02-20 18:09:47,398 INFO L290 TraceCheckUtils]: 26: Hoare triple {4328#false} havoc ~retValue_acc~2;~retValue_acc~2 := ~methaneLevelCritical~0;#res := ~retValue_acc~2; {4328#false} is VALID [2022-02-20 18:09:47,398 INFO L290 TraceCheckUtils]: 27: Hoare triple {4328#false} assume true; {4328#false} is VALID [2022-02-20 18:09:47,398 INFO L284 TraceCheckUtils]: 28: Hoare quadruple {4328#false} {4328#false} #273#return; {4328#false} is VALID [2022-02-20 18:09:47,398 INFO L290 TraceCheckUtils]: 29: Hoare triple {4328#false} __utac_acc__Specification3_spec__1_~tmp~9#1 := __utac_acc__Specification3_spec__1_#t~ret48#1;havoc __utac_acc__Specification3_spec__1_#t~ret48#1; {4328#false} is VALID [2022-02-20 18:09:47,399 INFO L290 TraceCheckUtils]: 30: Hoare triple {4328#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~9#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~3#1;havoc getWaterLevel_~retValue_acc~3#1;getWaterLevel_~retValue_acc~3#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~3#1; {4328#false} is VALID [2022-02-20 18:09:47,399 INFO L290 TraceCheckUtils]: 31: Hoare triple {4328#false} __utac_acc__Specification3_spec__1_#t~ret49#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~2#1 := __utac_acc__Specification3_spec__1_#t~ret49#1;havoc __utac_acc__Specification3_spec__1_#t~ret49#1; {4328#false} is VALID [2022-02-20 18:09:47,399 INFO L290 TraceCheckUtils]: 32: Hoare triple {4328#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~2#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~11#1;havoc isPumpRunning_~retValue_acc~11#1;isPumpRunning_~retValue_acc~11#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~11#1; {4328#false} is VALID [2022-02-20 18:09:47,399 INFO L290 TraceCheckUtils]: 33: Hoare triple {4328#false} __utac_acc__Specification3_spec__1_#t~ret50#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~0#1 := __utac_acc__Specification3_spec__1_#t~ret50#1;havoc __utac_acc__Specification3_spec__1_#t~ret50#1; {4328#false} is VALID [2022-02-20 18:09:47,399 INFO L290 TraceCheckUtils]: 34: Hoare triple {4328#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~0#1);assume { :begin_inline___automaton_fail } true; {4328#false} is VALID [2022-02-20 18:09:47,399 INFO L290 TraceCheckUtils]: 35: Hoare triple {4328#false} assume !false; {4328#false} is VALID [2022-02-20 18:09:47,400 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 18:09:47,400 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:09:47,400 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:09:47,400 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [392969626] [2022-02-20 18:09:47,400 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [392969626] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:47,400 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:47,401 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:09:47,401 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1410980088] [2022-02-20 18:09:47,401 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:47,401 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 36 [2022-02-20 18:09:47,402 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:47,402 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:47,423 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 36 edges. 36 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:47,424 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:47,424 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:09:47,424 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:47,424 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:47,424 INFO L87 Difference]: Start difference. First operand 311 states and 414 transitions. Second operand has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:47,609 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:47,609 INFO L93 Difference]: Finished difference Result 753 states and 1021 transitions. [2022-02-20 18:09:47,609 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:47,609 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 36 [2022-02-20 18:09:47,609 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:47,609 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:47,612 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 294 transitions. [2022-02-20 18:09:47,613 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:47,615 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 294 transitions. [2022-02-20 18:09:47,615 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 294 transitions. [2022-02-20 18:09:47,809 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 294 edges. 294 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:47,821 INFO L225 Difference]: With dead ends: 753 [2022-02-20 18:09:47,821 INFO L226 Difference]: Without dead ends: 449 [2022-02-20 18:09:47,822 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 35 GetRequests, 34 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:47,823 INFO L933 BasicCegarLoop]: 121 mSDtfsCounter, 80 mSDsluCounter, 78 mSDsCounter, 0 mSdLazyCounter, 13 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 80 SdHoareTripleChecker+Valid, 199 SdHoareTripleChecker+Invalid, 23 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 13 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:47,824 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [80 Valid, 199 Invalid, 23 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 13 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:47,825 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 449 states. [2022-02-20 18:09:47,849 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 449 to 440. [2022-02-20 18:09:47,849 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:47,851 INFO L82 GeneralOperation]: Start isEquivalent. First operand 449 states. Second operand has 440 states, 327 states have (on average 1.2874617737003058) internal successors, (421), 349 states have internal predecessors, (421), 59 states have call successors, (59), 53 states have call predecessors, (59), 53 states have return successors, (83), 54 states have call predecessors, (83), 59 states have call successors, (83) [2022-02-20 18:09:47,852 INFO L74 IsIncluded]: Start isIncluded. First operand 449 states. Second operand has 440 states, 327 states have (on average 1.2874617737003058) internal successors, (421), 349 states have internal predecessors, (421), 59 states have call successors, (59), 53 states have call predecessors, (59), 53 states have return successors, (83), 54 states have call predecessors, (83), 59 states have call successors, (83) [2022-02-20 18:09:47,852 INFO L87 Difference]: Start difference. First operand 449 states. Second operand has 440 states, 327 states have (on average 1.2874617737003058) internal successors, (421), 349 states have internal predecessors, (421), 59 states have call successors, (59), 53 states have call predecessors, (59), 53 states have return successors, (83), 54 states have call predecessors, (83), 59 states have call successors, (83) [2022-02-20 18:09:47,869 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:47,870 INFO L93 Difference]: Finished difference Result 449 states and 572 transitions. [2022-02-20 18:09:47,870 INFO L276 IsEmpty]: Start isEmpty. Operand 449 states and 572 transitions. [2022-02-20 18:09:47,871 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:47,871 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:47,883 INFO L74 IsIncluded]: Start isIncluded. First operand has 440 states, 327 states have (on average 1.2874617737003058) internal successors, (421), 349 states have internal predecessors, (421), 59 states have call successors, (59), 53 states have call predecessors, (59), 53 states have return successors, (83), 54 states have call predecessors, (83), 59 states have call successors, (83) Second operand 449 states. [2022-02-20 18:09:47,884 INFO L87 Difference]: Start difference. First operand has 440 states, 327 states have (on average 1.2874617737003058) internal successors, (421), 349 states have internal predecessors, (421), 59 states have call successors, (59), 53 states have call predecessors, (59), 53 states have return successors, (83), 54 states have call predecessors, (83), 59 states have call successors, (83) Second operand 449 states. [2022-02-20 18:09:47,895 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:47,895 INFO L93 Difference]: Finished difference Result 449 states and 572 transitions. [2022-02-20 18:09:47,895 INFO L276 IsEmpty]: Start isEmpty. Operand 449 states and 572 transitions. [2022-02-20 18:09:47,896 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:47,896 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:47,896 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:47,896 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:47,897 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 440 states, 327 states have (on average 1.2874617737003058) internal successors, (421), 349 states have internal predecessors, (421), 59 states have call successors, (59), 53 states have call predecessors, (59), 53 states have return successors, (83), 54 states have call predecessors, (83), 59 states have call successors, (83) [2022-02-20 18:09:47,909 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 440 states to 440 states and 563 transitions. [2022-02-20 18:09:47,910 INFO L78 Accepts]: Start accepts. Automaton has 440 states and 563 transitions. Word has length 36 [2022-02-20 18:09:47,910 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:47,910 INFO L470 AbstractCegarLoop]: Abstraction has 440 states and 563 transitions. [2022-02-20 18:09:47,910 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 18:09:47,910 INFO L276 IsEmpty]: Start isEmpty. Operand 440 states and 563 transitions. [2022-02-20 18:09:47,911 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-02-20 18:09:47,911 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:47,911 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:47,919 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Ended with exit code 0 [2022-02-20 18:09:48,117 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:48,117 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:48,118 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:48,118 INFO L85 PathProgramCache]: Analyzing trace with hash 1778845972, now seen corresponding path program 1 times [2022-02-20 18:09:48,118 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:09:48,118 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1640730681] [2022-02-20 18:09:48,118 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:48,118 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:09:48,118 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:09:48,119 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:09:48,120 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Waiting until timeout for monitored process [2022-02-20 18:09:48,169 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:09:48,170 INFO L352 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2022-02-20 18:09:48,188 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:09:48,226 INFO L138 FreeRefinementEngine]: Strategy WOLF found a feasible trace [2022-02-20 18:09:48,226 INFO L628 BasicCegarLoop]: Counterexample is feasible [2022-02-20 18:09:48,227 INFO L764 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-02-20 18:09:48,255 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Forceful destruction successful, exit code 0 [2022-02-20 18:09:48,428 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:09:48,431 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1] [2022-02-20 18:09:48,432 INFO L180 ceAbstractionStarter]: Computing trace abstraction results [2022-02-20 18:09:48,449 FATAL L489 DefaultTranslator]: Callstack has procedure call flag but succeeding procedure is empty at [CALL] call waterRise(); [2022-02-20 18:09:48,450 FATAL L? ?]: The Plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction has thrown an exception: java.lang.AssertionError: callstack broken after backtranslation by InlinerBacktranslator at de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:216) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:206) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getProgramExecutionAsString(CounterExampleResult.java:155) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getLongDescription(CounterExampleResult.java:134) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ResultService.reportResult(ResultService.java:86) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.CegarLoopResultReporter.reportResult(CegarLoopResultReporter.java:141) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.reportLocationResults(TraceAbstractionStarter.java:607) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.runCegarLoops(TraceAbstractionStarter.java:182) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.(TraceAbstractionStarter.java:156) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver.finish(TraceAbstractionObserver.java:123) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runObserver(PluginConnector.java:168) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runTool(PluginConnector.java:151) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.run(PluginConnector.java:128) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.executePluginConnector(ToolchainWalker.java:232) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.processPlugin(ToolchainWalker.java:226) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walkUnprotected(ToolchainWalker.java:142) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walk(ToolchainWalker.java:104) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainManager$Toolchain.processToolchain(ToolchainManager.java:320) at de.uni_freiburg.informatik.ultimate.core.coreplugin.toolchain.DefaultToolchainJob.run(DefaultToolchainJob.java:145) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:63) [2022-02-20 18:09:48,452 INFO L158 Benchmark]: Toolchain (without parser) took 5819.17ms. Allocated memory was 60.8MB in the beginning and 88.1MB in the end (delta: 27.3MB). Free memory was 38.2MB in the beginning and 43.1MB in the end (delta: -4.8MB). Peak memory consumption was 21.8MB. Max. memory is 16.1GB. [2022-02-20 18:09:48,452 INFO L158 Benchmark]: CDTParser took 0.14ms. Allocated memory is still 60.8MB. Free memory was 41.6MB in the beginning and 41.6MB in the end (delta: 28.1kB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:09:48,453 INFO L158 Benchmark]: CACSL2BoogieTranslator took 478.96ms. Allocated memory was 60.8MB in the beginning and 73.4MB in the end (delta: 12.6MB). Free memory was 38.0MB in the beginning and 52.0MB in the end (delta: -13.9MB). Peak memory consumption was 12.9MB. Max. memory is 16.1GB. [2022-02-20 18:09:48,453 INFO L158 Benchmark]: Boogie Procedure Inliner took 40.37ms. Allocated memory is still 73.4MB. Free memory was 52.0MB in the beginning and 49.2MB in the end (delta: 2.8MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-02-20 18:09:48,453 INFO L158 Benchmark]: Boogie Preprocessor took 25.66ms. Allocated memory is still 73.4MB. Free memory was 49.2MB in the beginning and 47.1MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:09:48,453 INFO L158 Benchmark]: RCFGBuilder took 453.54ms. Allocated memory is still 73.4MB. Free memory was 47.1MB in the beginning and 47.8MB in the end (delta: -702.5kB). Peak memory consumption was 13.7MB. Max. memory is 16.1GB. [2022-02-20 18:09:48,454 INFO L158 Benchmark]: TraceAbstraction took 4815.63ms. Allocated memory was 73.4MB in the beginning and 88.1MB in the end (delta: 14.7MB). Free memory was 47.4MB in the beginning and 43.1MB in the end (delta: 4.3MB). Peak memory consumption was 18.2MB. Max. memory is 16.1GB. [2022-02-20 18:09:48,455 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.14ms. Allocated memory is still 60.8MB. Free memory was 41.6MB in the beginning and 41.6MB in the end (delta: 28.1kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 478.96ms. Allocated memory was 60.8MB in the beginning and 73.4MB in the end (delta: 12.6MB). Free memory was 38.0MB in the beginning and 52.0MB in the end (delta: -13.9MB). Peak memory consumption was 12.9MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 40.37ms. Allocated memory is still 73.4MB. Free memory was 52.0MB in the beginning and 49.2MB in the end (delta: 2.8MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 25.66ms. Allocated memory is still 73.4MB. Free memory was 49.2MB in the beginning and 47.1MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 453.54ms. Allocated memory is still 73.4MB. Free memory was 47.1MB in the beginning and 47.8MB in the end (delta: -702.5kB). Peak memory consumption was 13.7MB. Max. memory is 16.1GB. * TraceAbstraction took 4815.63ms. Allocated memory was 73.4MB in the beginning and 88.1MB in the end (delta: 14.7MB). Free memory was 47.4MB in the beginning and 43.1MB in the end (delta: 4.3MB). Peak memory consumption was 18.2MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: AssertionError: callstack broken after backtranslation by InlinerBacktranslator: de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) RESULT: Ultimate could not prove your program: Toolchain returned no result. [2022-02-20 18:09:48,477 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: ERROR: ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator