./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec3_productSimulator.cil.c --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 03d7b7b3 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_productSimulator.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 1a14cd82fb4a7a8631dbac962b884aa1ac25841cd2c28c7e6e05438cc00132d3 --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 18:09:52,704 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 18:09:52,710 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 18:09:52,743 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 18:09:52,748 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 18:09:52,749 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 18:09:52,751 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 18:09:52,754 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 18:09:52,756 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 18:09:52,758 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 18:09:52,758 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 18:09:52,759 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 18:09:52,761 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 18:09:52,763 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 18:09:52,765 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 18:09:52,767 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 18:09:52,769 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 18:09:52,774 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 18:09:52,775 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 18:09:52,777 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 18:09:52,778 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 18:09:52,784 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 18:09:52,785 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 18:09:52,785 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 18:09:52,788 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 18:09:52,788 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 18:09:52,788 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 18:09:52,789 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 18:09:52,789 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 18:09:52,790 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 18:09:52,790 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 18:09:52,791 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 18:09:52,792 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 18:09:52,792 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 18:09:52,793 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 18:09:52,793 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 18:09:52,794 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 18:09:52,794 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 18:09:52,794 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 18:09:52,795 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 18:09:52,796 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 18:09:52,796 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-02-20 18:09:52,813 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 18:09:52,814 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 18:09:52,814 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 18:09:52,814 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 18:09:52,815 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 18:09:52,815 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 18:09:52,816 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 18:09:52,816 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 18:09:52,816 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 18:09:52,816 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 18:09:52,816 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 18:09:52,817 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 18:09:52,817 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 18:09:52,817 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 18:09:52,817 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-02-20 18:09:52,817 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 18:09:52,818 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-02-20 18:09:52,818 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 18:09:52,818 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-02-20 18:09:52,818 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 18:09:52,818 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-02-20 18:09:52,818 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 18:09:52,819 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 18:09:52,819 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 18:09:52,819 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:09:52,819 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 18:09:52,820 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 18:09:52,820 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-02-20 18:09:52,820 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-02-20 18:09:52,820 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-02-20 18:09:52,820 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2022-02-20 18:09:52,820 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-02-20 18:09:52,821 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-02-20 18:09:52,821 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 1a14cd82fb4a7a8631dbac962b884aa1ac25841cd2c28c7e6e05438cc00132d3 [2022-02-20 18:09:53,038 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 18:09:53,059 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 18:09:53,061 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 18:09:53,062 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 18:09:53,063 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 18:09:53,064 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_productSimulator.cil.c [2022-02-20 18:09:53,128 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/e943cacfb/4570f7b7f56e402b8db15ccaafbd06a7/FLAG42030ba17 [2022-02-20 18:09:53,544 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 18:09:53,545 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_productSimulator.cil.c [2022-02-20 18:09:53,568 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/e943cacfb/4570f7b7f56e402b8db15ccaafbd06a7/FLAG42030ba17 [2022-02-20 18:09:53,579 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/e943cacfb/4570f7b7f56e402b8db15ccaafbd06a7 [2022-02-20 18:09:53,582 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 18:09:53,584 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 18:09:53,587 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 18:09:53,587 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 18:09:53,590 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 18:09:53,591 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:09:53" (1/1) ... [2022-02-20 18:09:53,592 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@74860310 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:53, skipping insertion in model container [2022-02-20 18:09:53,592 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:09:53" (1/1) ... [2022-02-20 18:09:53,598 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 18:09:53,640 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:09:53,973 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_productSimulator.cil.c[20029,20042] [2022-02-20 18:09:53,987 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:09:53,995 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 18:09:54,108 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_productSimulator.cil.c[20029,20042] [2022-02-20 18:09:54,120 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:09:54,139 INFO L208 MainTranslator]: Completed translation [2022-02-20 18:09:54,139 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:54 WrapperNode [2022-02-20 18:09:54,139 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 18:09:54,140 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 18:09:54,140 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 18:09:54,141 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 18:09:54,146 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:54" (1/1) ... [2022-02-20 18:09:54,168 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:54" (1/1) ... [2022-02-20 18:09:54,208 INFO L137 Inliner]: procedures = 63, calls = 178, calls flagged for inlining = 28, calls inlined = 25, statements flattened = 342 [2022-02-20 18:09:54,208 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 18:09:54,209 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 18:09:54,209 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 18:09:54,209 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 18:09:54,218 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:54" (1/1) ... [2022-02-20 18:09:54,218 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:54" (1/1) ... [2022-02-20 18:09:54,229 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:54" (1/1) ... [2022-02-20 18:09:54,232 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:54" (1/1) ... [2022-02-20 18:09:54,239 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:54" (1/1) ... [2022-02-20 18:09:54,259 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:54" (1/1) ... [2022-02-20 18:09:54,262 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:54" (1/1) ... [2022-02-20 18:09:54,267 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 18:09:54,269 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 18:09:54,270 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 18:09:54,270 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 18:09:54,272 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:54" (1/1) ... [2022-02-20 18:09:54,277 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:09:54,286 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 18:09:54,298 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 18:09:54,312 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 18:09:54,339 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 18:09:54,339 INFO L130 BoogieDeclarations]: Found specification of procedure activatePump__before__methaneQuery [2022-02-20 18:09:54,339 INFO L138 BoogieDeclarations]: Found implementation of procedure activatePump__before__methaneQuery [2022-02-20 18:09:54,339 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-02-20 18:09:54,340 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-02-20 18:09:54,340 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-02-20 18:09:54,340 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-02-20 18:09:54,340 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-02-20 18:09:54,340 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-02-20 18:09:54,341 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__highWaterSensor [2022-02-20 18:09:54,341 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__highWaterSensor [2022-02-20 18:09:54,342 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-02-20 18:09:54,342 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-02-20 18:09:54,342 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__methaneAlarm [2022-02-20 18:09:54,342 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__methaneAlarm [2022-02-20 18:09:54,342 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__lowWaterSensor [2022-02-20 18:09:54,343 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__lowWaterSensor [2022-02-20 18:09:54,343 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2022-02-20 18:09:54,343 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2022-02-20 18:09:54,343 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-02-20 18:09:54,343 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-02-20 18:09:54,343 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-02-20 18:09:54,344 INFO L130 BoogieDeclarations]: Found specification of procedure select_one [2022-02-20 18:09:54,344 INFO L138 BoogieDeclarations]: Found implementation of procedure select_one [2022-02-20 18:09:54,344 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-02-20 18:09:54,344 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-02-20 18:09:54,344 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 18:09:54,344 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 18:09:54,461 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 18:09:54,462 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 18:09:54,885 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 18:09:54,893 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 18:09:54,893 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-02-20 18:09:54,895 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:09:54 BoogieIcfgContainer [2022-02-20 18:09:54,895 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 18:09:54,897 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 18:09:54,897 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 18:09:54,900 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 18:09:54,901 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 06:09:53" (1/3) ... [2022-02-20 18:09:54,901 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@57a4b432 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:09:54, skipping insertion in model container [2022-02-20 18:09:54,901 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:09:54" (2/3) ... [2022-02-20 18:09:54,902 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@57a4b432 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:09:54, skipping insertion in model container [2022-02-20 18:09:54,902 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:09:54" (3/3) ... [2022-02-20 18:09:54,903 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec3_productSimulator.cil.c [2022-02-20 18:09:54,908 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 18:09:54,908 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-02-20 18:09:54,950 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 18:09:54,958 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 18:09:54,959 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-02-20 18:09:54,993 INFO L276 IsEmpty]: Start isEmpty. Operand has 145 states, 101 states have (on average 1.3663366336633664) internal successors, (138), 117 states have internal predecessors, (138), 30 states have call successors, (30), 12 states have call predecessors, (30), 12 states have return successors, (30), 25 states have call predecessors, (30), 30 states have call successors, (30) [2022-02-20 18:09:55,002 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2022-02-20 18:09:55,003 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:55,004 INFO L514 BasicCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:55,004 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:55,012 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:55,013 INFO L85 PathProgramCache]: Analyzing trace with hash 1161516863, now seen corresponding path program 1 times [2022-02-20 18:09:55,021 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:55,022 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1724760336] [2022-02-20 18:09:55,022 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:55,023 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:55,247 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:55,349 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2022-02-20 18:09:55,358 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:55,377 INFO L290 TraceCheckUtils]: 0: Hoare triple {148#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {148#true} is VALID [2022-02-20 18:09:55,377 INFO L290 TraceCheckUtils]: 1: Hoare triple {148#true} assume true; {148#true} is VALID [2022-02-20 18:09:55,378 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {148#true} {148#true} #362#return; {148#true} is VALID [2022-02-20 18:09:55,379 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-02-20 18:09:55,385 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:55,394 INFO L290 TraceCheckUtils]: 0: Hoare triple {148#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {148#true} is VALID [2022-02-20 18:09:55,394 INFO L290 TraceCheckUtils]: 1: Hoare triple {148#true} assume true; {148#true} is VALID [2022-02-20 18:09:55,395 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {148#true} {148#true} #364#return; {148#true} is VALID [2022-02-20 18:09:55,395 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-02-20 18:09:55,402 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:55,407 INFO L290 TraceCheckUtils]: 0: Hoare triple {148#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {148#true} is VALID [2022-02-20 18:09:55,407 INFO L290 TraceCheckUtils]: 1: Hoare triple {148#true} assume true; {148#true} is VALID [2022-02-20 18:09:55,407 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {148#true} {148#true} #366#return; {148#true} is VALID [2022-02-20 18:09:55,408 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-02-20 18:09:55,419 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:55,424 INFO L290 TraceCheckUtils]: 0: Hoare triple {148#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {148#true} is VALID [2022-02-20 18:09:55,425 INFO L290 TraceCheckUtils]: 1: Hoare triple {148#true} assume true; {148#true} is VALID [2022-02-20 18:09:55,425 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {148#true} {148#true} #368#return; {148#true} is VALID [2022-02-20 18:09:55,426 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-02-20 18:09:55,429 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:55,434 INFO L290 TraceCheckUtils]: 0: Hoare triple {148#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {148#true} is VALID [2022-02-20 18:09:55,434 INFO L290 TraceCheckUtils]: 1: Hoare triple {148#true} assume true; {148#true} is VALID [2022-02-20 18:09:55,435 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {148#true} {148#true} #370#return; {148#true} is VALID [2022-02-20 18:09:55,435 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-02-20 18:09:55,442 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:55,446 INFO L290 TraceCheckUtils]: 0: Hoare triple {148#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {148#true} is VALID [2022-02-20 18:09:55,446 INFO L290 TraceCheckUtils]: 1: Hoare triple {148#true} assume true; {148#true} is VALID [2022-02-20 18:09:55,447 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {148#true} {148#true} #372#return; {148#true} is VALID [2022-02-20 18:09:55,447 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2022-02-20 18:09:55,449 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:55,456 INFO L290 TraceCheckUtils]: 0: Hoare triple {148#true} havoc ~retValue_acc~10;~retValue_acc~10 := ~methaneLevelCritical~0;#res := ~retValue_acc~10; {148#true} is VALID [2022-02-20 18:09:55,457 INFO L290 TraceCheckUtils]: 1: Hoare triple {148#true} assume true; {148#true} is VALID [2022-02-20 18:09:55,458 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {148#true} {149#false} #356#return; {149#false} is VALID [2022-02-20 18:09:55,458 INFO L290 TraceCheckUtils]: 0: Hoare triple {148#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(38, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(30, 4);call #Ultimate.allocInit(9, 5);call #Ultimate.allocInit(21, 6);call #Ultimate.allocInit(30, 7);call #Ultimate.allocInit(9, 8);call #Ultimate.allocInit(21, 9);call #Ultimate.allocInit(30, 10);call #Ultimate.allocInit(9, 11);call #Ultimate.allocInit(25, 12);call #Ultimate.allocInit(30, 13);call #Ultimate.allocInit(9, 14);call #Ultimate.allocInit(25, 15);call #Ultimate.allocInit(13, 16);call #Ultimate.allocInit(3, 17);call write~init~int(79, 17, 0, 1);call write~init~int(110, 17, 1, 1);call write~init~int(0, 17, 2, 1);call #Ultimate.allocInit(4, 18);call write~init~int(79, 18, 0, 1);call write~init~int(102, 18, 1, 1);call write~init~int(102, 18, 2, 1);call write~init~int(0, 18, 3, 1);call #Ultimate.allocInit(7, 19);call write~init~int(44, 19, 0, 1);call write~init~int(80, 19, 1, 1);call write~init~int(117, 19, 2, 1);call write~init~int(109, 19, 3, 1);call write~init~int(112, 19, 4, 1);call write~init~int(58, 19, 5, 1);call write~init~int(0, 19, 6, 1);call #Ultimate.allocInit(3, 20);call write~init~int(79, 20, 0, 1);call write~init~int(110, 20, 1, 1);call write~init~int(0, 20, 2, 1);call #Ultimate.allocInit(4, 21);call write~init~int(79, 21, 0, 1);call write~init~int(102, 21, 1, 1);call write~init~int(102, 21, 2, 1);call write~init~int(0, 21, 3, 1);call #Ultimate.allocInit(3, 22);call write~init~int(41, 22, 0, 1);call write~init~int(32, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(2, 23);call write~init~int(10, 23, 0, 1);call write~init~int(0, 23, 1, 1);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~head~0.base, ~head~0.offset := 0, 0;~cleanupTimeShifts~0 := 4;~__SELECTED_FEATURE_base~0 := 0;~__SELECTED_FEATURE_highWaterSensor~0 := 0;~__SELECTED_FEATURE_lowWaterSensor~0 := 0;~__SELECTED_FEATURE_methaneQuery~0 := 0;~__SELECTED_FEATURE_methaneAlarm~0 := 0;~__SELECTED_FEATURE_stopCommand~0 := 0;~__SELECTED_FEATURE_startCommand~0 := 0;~__GUIDSL_ROOT_PRODUCTION~0 := 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0; {148#true} is VALID [2022-02-20 18:09:55,459 INFO L290 TraceCheckUtils]: 1: Hoare triple {148#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret27#1, main_~retValue_acc~3#1, main_~tmp~3#1;havoc main_~retValue_acc~3#1;havoc main_~tmp~3#1;assume { :begin_inline_select_helpers } true;~__GUIDSL_ROOT_PRODUCTION~0 := 1; {148#true} is VALID [2022-02-20 18:09:55,459 INFO L290 TraceCheckUtils]: 2: Hoare triple {148#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true;havoc select_features_#t~ret48#1, select_features_#t~ret49#1, select_features_#t~ret50#1, select_features_#t~ret51#1, select_features_#t~ret52#1, select_features_#t~ret53#1;~__SELECTED_FEATURE_base~0 := 1; {148#true} is VALID [2022-02-20 18:09:55,459 INFO L272 TraceCheckUtils]: 3: Hoare triple {148#true} call select_features_#t~ret48#1 := select_one(); {148#true} is VALID [2022-02-20 18:09:55,460 INFO L290 TraceCheckUtils]: 4: Hoare triple {148#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {148#true} is VALID [2022-02-20 18:09:55,460 INFO L290 TraceCheckUtils]: 5: Hoare triple {148#true} assume true; {148#true} is VALID [2022-02-20 18:09:55,460 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {148#true} {148#true} #362#return; {148#true} is VALID [2022-02-20 18:09:55,460 INFO L290 TraceCheckUtils]: 7: Hoare triple {148#true} assume -2147483648 <= select_features_#t~ret48#1 && select_features_#t~ret48#1 <= 2147483647;~__SELECTED_FEATURE_highWaterSensor~0 := select_features_#t~ret48#1;havoc select_features_#t~ret48#1; {148#true} is VALID [2022-02-20 18:09:55,461 INFO L272 TraceCheckUtils]: 8: Hoare triple {148#true} call select_features_#t~ret49#1 := select_one(); {148#true} is VALID [2022-02-20 18:09:55,461 INFO L290 TraceCheckUtils]: 9: Hoare triple {148#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {148#true} is VALID [2022-02-20 18:09:55,461 INFO L290 TraceCheckUtils]: 10: Hoare triple {148#true} assume true; {148#true} is VALID [2022-02-20 18:09:55,461 INFO L284 TraceCheckUtils]: 11: Hoare quadruple {148#true} {148#true} #364#return; {148#true} is VALID [2022-02-20 18:09:55,462 INFO L290 TraceCheckUtils]: 12: Hoare triple {148#true} assume -2147483648 <= select_features_#t~ret49#1 && select_features_#t~ret49#1 <= 2147483647;~__SELECTED_FEATURE_lowWaterSensor~0 := select_features_#t~ret49#1;havoc select_features_#t~ret49#1; {148#true} is VALID [2022-02-20 18:09:55,462 INFO L272 TraceCheckUtils]: 13: Hoare triple {148#true} call select_features_#t~ret50#1 := select_one(); {148#true} is VALID [2022-02-20 18:09:55,462 INFO L290 TraceCheckUtils]: 14: Hoare triple {148#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {148#true} is VALID [2022-02-20 18:09:55,462 INFO L290 TraceCheckUtils]: 15: Hoare triple {148#true} assume true; {148#true} is VALID [2022-02-20 18:09:55,463 INFO L284 TraceCheckUtils]: 16: Hoare quadruple {148#true} {148#true} #366#return; {148#true} is VALID [2022-02-20 18:09:55,463 INFO L290 TraceCheckUtils]: 17: Hoare triple {148#true} assume -2147483648 <= select_features_#t~ret50#1 && select_features_#t~ret50#1 <= 2147483647;~__SELECTED_FEATURE_methaneQuery~0 := select_features_#t~ret50#1;havoc select_features_#t~ret50#1; {148#true} is VALID [2022-02-20 18:09:55,463 INFO L272 TraceCheckUtils]: 18: Hoare triple {148#true} call select_features_#t~ret51#1 := select_one(); {148#true} is VALID [2022-02-20 18:09:55,463 INFO L290 TraceCheckUtils]: 19: Hoare triple {148#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {148#true} is VALID [2022-02-20 18:09:55,464 INFO L290 TraceCheckUtils]: 20: Hoare triple {148#true} assume true; {148#true} is VALID [2022-02-20 18:09:55,464 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {148#true} {148#true} #368#return; {148#true} is VALID [2022-02-20 18:09:55,464 INFO L290 TraceCheckUtils]: 22: Hoare triple {148#true} assume -2147483648 <= select_features_#t~ret51#1 && select_features_#t~ret51#1 <= 2147483647;~__SELECTED_FEATURE_methaneAlarm~0 := select_features_#t~ret51#1;havoc select_features_#t~ret51#1; {148#true} is VALID [2022-02-20 18:09:55,464 INFO L272 TraceCheckUtils]: 23: Hoare triple {148#true} call select_features_#t~ret52#1 := select_one(); {148#true} is VALID [2022-02-20 18:09:55,465 INFO L290 TraceCheckUtils]: 24: Hoare triple {148#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {148#true} is VALID [2022-02-20 18:09:55,465 INFO L290 TraceCheckUtils]: 25: Hoare triple {148#true} assume true; {148#true} is VALID [2022-02-20 18:09:55,465 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {148#true} {148#true} #370#return; {148#true} is VALID [2022-02-20 18:09:55,465 INFO L290 TraceCheckUtils]: 27: Hoare triple {148#true} assume -2147483648 <= select_features_#t~ret52#1 && select_features_#t~ret52#1 <= 2147483647;~__SELECTED_FEATURE_stopCommand~0 := select_features_#t~ret52#1;havoc select_features_#t~ret52#1; {148#true} is VALID [2022-02-20 18:09:55,466 INFO L272 TraceCheckUtils]: 28: Hoare triple {148#true} call select_features_#t~ret53#1 := select_one(); {148#true} is VALID [2022-02-20 18:09:55,466 INFO L290 TraceCheckUtils]: 29: Hoare triple {148#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {148#true} is VALID [2022-02-20 18:09:55,466 INFO L290 TraceCheckUtils]: 30: Hoare triple {148#true} assume true; {148#true} is VALID [2022-02-20 18:09:55,466 INFO L284 TraceCheckUtils]: 31: Hoare quadruple {148#true} {148#true} #372#return; {148#true} is VALID [2022-02-20 18:09:55,467 INFO L290 TraceCheckUtils]: 32: Hoare triple {148#true} assume -2147483648 <= select_features_#t~ret53#1 && select_features_#t~ret53#1 <= 2147483647;~__SELECTED_FEATURE_startCommand~0 := select_features_#t~ret53#1;havoc select_features_#t~ret53#1; {148#true} is VALID [2022-02-20 18:09:55,467 INFO L290 TraceCheckUtils]: 33: Hoare triple {148#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~9#1;havoc valid_product_~retValue_acc~9#1;valid_product_~retValue_acc~9#1 := ~__SELECTED_FEATURE_base~0;valid_product_#res#1 := valid_product_~retValue_acc~9#1; {148#true} is VALID [2022-02-20 18:09:55,467 INFO L290 TraceCheckUtils]: 34: Hoare triple {148#true} main_#t~ret27#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret27#1 && main_#t~ret27#1 <= 2147483647;main_~tmp~3#1 := main_#t~ret27#1;havoc main_#t~ret27#1; {148#true} is VALID [2022-02-20 18:09:55,468 INFO L290 TraceCheckUtils]: 35: Hoare triple {148#true} assume 0 != main_~tmp~3#1;assume { :begin_inline_setup } true; {148#true} is VALID [2022-02-20 18:09:55,468 INFO L290 TraceCheckUtils]: 36: Hoare triple {148#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet28#1, test_#t~nondet29#1, test_#t~nondet30#1, test_#t~nondet31#1, test_~splverifierCounter~0#1, test_~tmp~4#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~4#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {148#true} is VALID [2022-02-20 18:09:55,469 INFO L290 TraceCheckUtils]: 37: Hoare triple {148#true} assume !true; {149#false} is VALID [2022-02-20 18:09:55,469 INFO L272 TraceCheckUtils]: 38: Hoare triple {149#false} call cleanup(); {149#false} is VALID [2022-02-20 18:09:55,469 INFO L290 TraceCheckUtils]: 39: Hoare triple {149#false} havoc ~i~0;havoc ~__cil_tmp2~0; {149#false} is VALID [2022-02-20 18:09:55,470 INFO L272 TraceCheckUtils]: 40: Hoare triple {149#false} call timeShift(); {149#false} is VALID [2022-02-20 18:09:55,470 INFO L290 TraceCheckUtils]: 41: Hoare triple {149#false} assume !(0 != ~pumpRunning~0); {149#false} is VALID [2022-02-20 18:09:55,470 INFO L290 TraceCheckUtils]: 42: Hoare triple {149#false} assume !(0 != ~systemActive~0); {149#false} is VALID [2022-02-20 18:09:55,470 INFO L290 TraceCheckUtils]: 43: Hoare triple {149#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret54#1, __utac_acc__Specification3_spec__1_#t~ret55#1, __utac_acc__Specification3_spec__1_#t~ret56#1, __utac_acc__Specification3_spec__1_~tmp~11#1, __utac_acc__Specification3_spec__1_~tmp___0~3#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~11#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {149#false} is VALID [2022-02-20 18:09:55,471 INFO L272 TraceCheckUtils]: 44: Hoare triple {149#false} call __utac_acc__Specification3_spec__1_#t~ret54#1 := isMethaneLevelCritical(); {148#true} is VALID [2022-02-20 18:09:55,471 INFO L290 TraceCheckUtils]: 45: Hoare triple {148#true} havoc ~retValue_acc~10;~retValue_acc~10 := ~methaneLevelCritical~0;#res := ~retValue_acc~10; {148#true} is VALID [2022-02-20 18:09:55,471 INFO L290 TraceCheckUtils]: 46: Hoare triple {148#true} assume true; {148#true} is VALID [2022-02-20 18:09:55,472 INFO L284 TraceCheckUtils]: 47: Hoare quadruple {148#true} {149#false} #356#return; {149#false} is VALID [2022-02-20 18:09:55,472 INFO L290 TraceCheckUtils]: 48: Hoare triple {149#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret54#1 && __utac_acc__Specification3_spec__1_#t~ret54#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~11#1 := __utac_acc__Specification3_spec__1_#t~ret54#1;havoc __utac_acc__Specification3_spec__1_#t~ret54#1; {149#false} is VALID [2022-02-20 18:09:55,472 INFO L290 TraceCheckUtils]: 49: Hoare triple {149#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~11#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~11#1;havoc getWaterLevel_~retValue_acc~11#1;getWaterLevel_~retValue_acc~11#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~11#1; {149#false} is VALID [2022-02-20 18:09:55,472 INFO L290 TraceCheckUtils]: 50: Hoare triple {149#false} __utac_acc__Specification3_spec__1_#t~ret55#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret55#1 && __utac_acc__Specification3_spec__1_#t~ret55#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~3#1 := __utac_acc__Specification3_spec__1_#t~ret55#1;havoc __utac_acc__Specification3_spec__1_#t~ret55#1; {149#false} is VALID [2022-02-20 18:09:55,473 INFO L290 TraceCheckUtils]: 51: Hoare triple {149#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~3#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~5#1;havoc isPumpRunning_~retValue_acc~5#1;isPumpRunning_~retValue_acc~5#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~5#1; {149#false} is VALID [2022-02-20 18:09:55,473 INFO L290 TraceCheckUtils]: 52: Hoare triple {149#false} __utac_acc__Specification3_spec__1_#t~ret56#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret56#1 && __utac_acc__Specification3_spec__1_#t~ret56#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret56#1;havoc __utac_acc__Specification3_spec__1_#t~ret56#1; {149#false} is VALID [2022-02-20 18:09:55,473 INFO L290 TraceCheckUtils]: 53: Hoare triple {149#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {149#false} is VALID [2022-02-20 18:09:55,474 INFO L290 TraceCheckUtils]: 54: Hoare triple {149#false} assume !false; {149#false} is VALID [2022-02-20 18:09:55,474 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2022-02-20 18:09:55,475 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:55,475 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1724760336] [2022-02-20 18:09:55,476 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1724760336] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:55,476 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:55,476 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:09:55,478 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [741488174] [2022-02-20 18:09:55,479 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:55,484 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 14.5) internal successors, (29), 2 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 55 [2022-02-20 18:09:55,486 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:55,489 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 2 states, 2 states have (on average 14.5) internal successors, (29), 2 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:09:55,535 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 45 edges. 45 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:55,535 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-02-20 18:09:55,536 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:55,558 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-02-20 18:09:55,559 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:09:55,565 INFO L87 Difference]: Start difference. First operand has 145 states, 101 states have (on average 1.3663366336633664) internal successors, (138), 117 states have internal predecessors, (138), 30 states have call successors, (30), 12 states have call predecessors, (30), 12 states have return successors, (30), 25 states have call predecessors, (30), 30 states have call successors, (30) Second operand has 2 states, 2 states have (on average 14.5) internal successors, (29), 2 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:09:55,745 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:55,746 INFO L93 Difference]: Finished difference Result 267 states and 371 transitions. [2022-02-20 18:09:55,746 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-02-20 18:09:55,747 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 14.5) internal successors, (29), 2 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 55 [2022-02-20 18:09:55,748 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:55,750 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 14.5) internal successors, (29), 2 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:09:55,776 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 371 transitions. [2022-02-20 18:09:55,776 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 14.5) internal successors, (29), 2 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:09:55,811 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 371 transitions. [2022-02-20 18:09:55,811 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 371 transitions. [2022-02-20 18:09:56,203 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 371 edges. 371 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:56,217 INFO L225 Difference]: With dead ends: 267 [2022-02-20 18:09:56,217 INFO L226 Difference]: Without dead ends: 136 [2022-02-20 18:09:56,221 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 16 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:09:56,224 INFO L933 BasicCegarLoop]: 192 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 192 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:56,225 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 192 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:56,241 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 136 states. [2022-02-20 18:09:56,260 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 136 to 136. [2022-02-20 18:09:56,261 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:56,262 INFO L82 GeneralOperation]: Start isEquivalent. First operand 136 states. Second operand has 136 states, 94 states have (on average 1.3191489361702127) internal successors, (124), 109 states have internal predecessors, (124), 30 states have call successors, (30), 12 states have call predecessors, (30), 11 states have return successors, (29), 24 states have call predecessors, (29), 29 states have call successors, (29) [2022-02-20 18:09:56,264 INFO L74 IsIncluded]: Start isIncluded. First operand 136 states. Second operand has 136 states, 94 states have (on average 1.3191489361702127) internal successors, (124), 109 states have internal predecessors, (124), 30 states have call successors, (30), 12 states have call predecessors, (30), 11 states have return successors, (29), 24 states have call predecessors, (29), 29 states have call successors, (29) [2022-02-20 18:09:56,265 INFO L87 Difference]: Start difference. First operand 136 states. Second operand has 136 states, 94 states have (on average 1.3191489361702127) internal successors, (124), 109 states have internal predecessors, (124), 30 states have call successors, (30), 12 states have call predecessors, (30), 11 states have return successors, (29), 24 states have call predecessors, (29), 29 states have call successors, (29) [2022-02-20 18:09:56,274 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:56,274 INFO L93 Difference]: Finished difference Result 136 states and 183 transitions. [2022-02-20 18:09:56,274 INFO L276 IsEmpty]: Start isEmpty. Operand 136 states and 183 transitions. [2022-02-20 18:09:56,276 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:56,277 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:56,278 INFO L74 IsIncluded]: Start isIncluded. First operand has 136 states, 94 states have (on average 1.3191489361702127) internal successors, (124), 109 states have internal predecessors, (124), 30 states have call successors, (30), 12 states have call predecessors, (30), 11 states have return successors, (29), 24 states have call predecessors, (29), 29 states have call successors, (29) Second operand 136 states. [2022-02-20 18:09:56,278 INFO L87 Difference]: Start difference. First operand has 136 states, 94 states have (on average 1.3191489361702127) internal successors, (124), 109 states have internal predecessors, (124), 30 states have call successors, (30), 12 states have call predecessors, (30), 11 states have return successors, (29), 24 states have call predecessors, (29), 29 states have call successors, (29) Second operand 136 states. [2022-02-20 18:09:56,285 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:56,286 INFO L93 Difference]: Finished difference Result 136 states and 183 transitions. [2022-02-20 18:09:56,286 INFO L276 IsEmpty]: Start isEmpty. Operand 136 states and 183 transitions. [2022-02-20 18:09:56,288 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:56,288 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:56,288 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:56,288 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:56,289 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 136 states, 94 states have (on average 1.3191489361702127) internal successors, (124), 109 states have internal predecessors, (124), 30 states have call successors, (30), 12 states have call predecessors, (30), 11 states have return successors, (29), 24 states have call predecessors, (29), 29 states have call successors, (29) [2022-02-20 18:09:56,296 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 136 states to 136 states and 183 transitions. [2022-02-20 18:09:56,297 INFO L78 Accepts]: Start accepts. Automaton has 136 states and 183 transitions. Word has length 55 [2022-02-20 18:09:56,298 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:56,298 INFO L470 AbstractCegarLoop]: Abstraction has 136 states and 183 transitions. [2022-02-20 18:09:56,298 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 14.5) internal successors, (29), 2 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:09:56,298 INFO L276 IsEmpty]: Start isEmpty. Operand 136 states and 183 transitions. [2022-02-20 18:09:56,300 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2022-02-20 18:09:56,300 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:56,300 INFO L514 BasicCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:56,301 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-02-20 18:09:56,301 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:56,302 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:56,302 INFO L85 PathProgramCache]: Analyzing trace with hash 765638641, now seen corresponding path program 1 times [2022-02-20 18:09:56,302 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:56,302 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1844088430] [2022-02-20 18:09:56,303 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:56,303 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:56,340 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:56,372 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2022-02-20 18:09:56,375 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:56,378 INFO L290 TraceCheckUtils]: 0: Hoare triple {1038#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1038#true} is VALID [2022-02-20 18:09:56,379 INFO L290 TraceCheckUtils]: 1: Hoare triple {1038#true} assume true; {1038#true} is VALID [2022-02-20 18:09:56,379 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1038#true} {1038#true} #362#return; {1038#true} is VALID [2022-02-20 18:09:56,379 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-02-20 18:09:56,381 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:56,384 INFO L290 TraceCheckUtils]: 0: Hoare triple {1038#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1038#true} is VALID [2022-02-20 18:09:56,385 INFO L290 TraceCheckUtils]: 1: Hoare triple {1038#true} assume true; {1038#true} is VALID [2022-02-20 18:09:56,385 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1038#true} {1038#true} #364#return; {1038#true} is VALID [2022-02-20 18:09:56,385 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-02-20 18:09:56,387 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:56,390 INFO L290 TraceCheckUtils]: 0: Hoare triple {1038#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1038#true} is VALID [2022-02-20 18:09:56,391 INFO L290 TraceCheckUtils]: 1: Hoare triple {1038#true} assume true; {1038#true} is VALID [2022-02-20 18:09:56,391 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1038#true} {1038#true} #366#return; {1038#true} is VALID [2022-02-20 18:09:56,391 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-02-20 18:09:56,393 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:56,396 INFO L290 TraceCheckUtils]: 0: Hoare triple {1038#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1038#true} is VALID [2022-02-20 18:09:56,397 INFO L290 TraceCheckUtils]: 1: Hoare triple {1038#true} assume true; {1038#true} is VALID [2022-02-20 18:09:56,397 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1038#true} {1038#true} #368#return; {1038#true} is VALID [2022-02-20 18:09:56,397 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-02-20 18:09:56,399 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:56,403 INFO L290 TraceCheckUtils]: 0: Hoare triple {1038#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1038#true} is VALID [2022-02-20 18:09:56,403 INFO L290 TraceCheckUtils]: 1: Hoare triple {1038#true} assume true; {1038#true} is VALID [2022-02-20 18:09:56,403 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1038#true} {1038#true} #370#return; {1038#true} is VALID [2022-02-20 18:09:56,403 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-02-20 18:09:56,405 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:56,409 INFO L290 TraceCheckUtils]: 0: Hoare triple {1038#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1038#true} is VALID [2022-02-20 18:09:56,409 INFO L290 TraceCheckUtils]: 1: Hoare triple {1038#true} assume true; {1038#true} is VALID [2022-02-20 18:09:56,409 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1038#true} {1038#true} #372#return; {1038#true} is VALID [2022-02-20 18:09:56,409 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 45 [2022-02-20 18:09:56,410 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:56,413 INFO L290 TraceCheckUtils]: 0: Hoare triple {1038#true} havoc ~retValue_acc~10;~retValue_acc~10 := ~methaneLevelCritical~0;#res := ~retValue_acc~10; {1038#true} is VALID [2022-02-20 18:09:56,413 INFO L290 TraceCheckUtils]: 1: Hoare triple {1038#true} assume true; {1038#true} is VALID [2022-02-20 18:09:56,414 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1038#true} {1039#false} #356#return; {1039#false} is VALID [2022-02-20 18:09:56,414 INFO L290 TraceCheckUtils]: 0: Hoare triple {1038#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(38, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(30, 4);call #Ultimate.allocInit(9, 5);call #Ultimate.allocInit(21, 6);call #Ultimate.allocInit(30, 7);call #Ultimate.allocInit(9, 8);call #Ultimate.allocInit(21, 9);call #Ultimate.allocInit(30, 10);call #Ultimate.allocInit(9, 11);call #Ultimate.allocInit(25, 12);call #Ultimate.allocInit(30, 13);call #Ultimate.allocInit(9, 14);call #Ultimate.allocInit(25, 15);call #Ultimate.allocInit(13, 16);call #Ultimate.allocInit(3, 17);call write~init~int(79, 17, 0, 1);call write~init~int(110, 17, 1, 1);call write~init~int(0, 17, 2, 1);call #Ultimate.allocInit(4, 18);call write~init~int(79, 18, 0, 1);call write~init~int(102, 18, 1, 1);call write~init~int(102, 18, 2, 1);call write~init~int(0, 18, 3, 1);call #Ultimate.allocInit(7, 19);call write~init~int(44, 19, 0, 1);call write~init~int(80, 19, 1, 1);call write~init~int(117, 19, 2, 1);call write~init~int(109, 19, 3, 1);call write~init~int(112, 19, 4, 1);call write~init~int(58, 19, 5, 1);call write~init~int(0, 19, 6, 1);call #Ultimate.allocInit(3, 20);call write~init~int(79, 20, 0, 1);call write~init~int(110, 20, 1, 1);call write~init~int(0, 20, 2, 1);call #Ultimate.allocInit(4, 21);call write~init~int(79, 21, 0, 1);call write~init~int(102, 21, 1, 1);call write~init~int(102, 21, 2, 1);call write~init~int(0, 21, 3, 1);call #Ultimate.allocInit(3, 22);call write~init~int(41, 22, 0, 1);call write~init~int(32, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(2, 23);call write~init~int(10, 23, 0, 1);call write~init~int(0, 23, 1, 1);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~head~0.base, ~head~0.offset := 0, 0;~cleanupTimeShifts~0 := 4;~__SELECTED_FEATURE_base~0 := 0;~__SELECTED_FEATURE_highWaterSensor~0 := 0;~__SELECTED_FEATURE_lowWaterSensor~0 := 0;~__SELECTED_FEATURE_methaneQuery~0 := 0;~__SELECTED_FEATURE_methaneAlarm~0 := 0;~__SELECTED_FEATURE_stopCommand~0 := 0;~__SELECTED_FEATURE_startCommand~0 := 0;~__GUIDSL_ROOT_PRODUCTION~0 := 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0; {1038#true} is VALID [2022-02-20 18:09:56,414 INFO L290 TraceCheckUtils]: 1: Hoare triple {1038#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret27#1, main_~retValue_acc~3#1, main_~tmp~3#1;havoc main_~retValue_acc~3#1;havoc main_~tmp~3#1;assume { :begin_inline_select_helpers } true;~__GUIDSL_ROOT_PRODUCTION~0 := 1; {1038#true} is VALID [2022-02-20 18:09:56,414 INFO L290 TraceCheckUtils]: 2: Hoare triple {1038#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true;havoc select_features_#t~ret48#1, select_features_#t~ret49#1, select_features_#t~ret50#1, select_features_#t~ret51#1, select_features_#t~ret52#1, select_features_#t~ret53#1;~__SELECTED_FEATURE_base~0 := 1; {1038#true} is VALID [2022-02-20 18:09:56,415 INFO L272 TraceCheckUtils]: 3: Hoare triple {1038#true} call select_features_#t~ret48#1 := select_one(); {1038#true} is VALID [2022-02-20 18:09:56,415 INFO L290 TraceCheckUtils]: 4: Hoare triple {1038#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1038#true} is VALID [2022-02-20 18:09:56,415 INFO L290 TraceCheckUtils]: 5: Hoare triple {1038#true} assume true; {1038#true} is VALID [2022-02-20 18:09:56,415 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {1038#true} {1038#true} #362#return; {1038#true} is VALID [2022-02-20 18:09:56,416 INFO L290 TraceCheckUtils]: 7: Hoare triple {1038#true} assume -2147483648 <= select_features_#t~ret48#1 && select_features_#t~ret48#1 <= 2147483647;~__SELECTED_FEATURE_highWaterSensor~0 := select_features_#t~ret48#1;havoc select_features_#t~ret48#1; {1038#true} is VALID [2022-02-20 18:09:56,416 INFO L272 TraceCheckUtils]: 8: Hoare triple {1038#true} call select_features_#t~ret49#1 := select_one(); {1038#true} is VALID [2022-02-20 18:09:56,416 INFO L290 TraceCheckUtils]: 9: Hoare triple {1038#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1038#true} is VALID [2022-02-20 18:09:56,416 INFO L290 TraceCheckUtils]: 10: Hoare triple {1038#true} assume true; {1038#true} is VALID [2022-02-20 18:09:56,416 INFO L284 TraceCheckUtils]: 11: Hoare quadruple {1038#true} {1038#true} #364#return; {1038#true} is VALID [2022-02-20 18:09:56,417 INFO L290 TraceCheckUtils]: 12: Hoare triple {1038#true} assume -2147483648 <= select_features_#t~ret49#1 && select_features_#t~ret49#1 <= 2147483647;~__SELECTED_FEATURE_lowWaterSensor~0 := select_features_#t~ret49#1;havoc select_features_#t~ret49#1; {1038#true} is VALID [2022-02-20 18:09:56,417 INFO L272 TraceCheckUtils]: 13: Hoare triple {1038#true} call select_features_#t~ret50#1 := select_one(); {1038#true} is VALID [2022-02-20 18:09:56,417 INFO L290 TraceCheckUtils]: 14: Hoare triple {1038#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1038#true} is VALID [2022-02-20 18:09:56,417 INFO L290 TraceCheckUtils]: 15: Hoare triple {1038#true} assume true; {1038#true} is VALID [2022-02-20 18:09:56,418 INFO L284 TraceCheckUtils]: 16: Hoare quadruple {1038#true} {1038#true} #366#return; {1038#true} is VALID [2022-02-20 18:09:56,418 INFO L290 TraceCheckUtils]: 17: Hoare triple {1038#true} assume -2147483648 <= select_features_#t~ret50#1 && select_features_#t~ret50#1 <= 2147483647;~__SELECTED_FEATURE_methaneQuery~0 := select_features_#t~ret50#1;havoc select_features_#t~ret50#1; {1038#true} is VALID [2022-02-20 18:09:56,418 INFO L272 TraceCheckUtils]: 18: Hoare triple {1038#true} call select_features_#t~ret51#1 := select_one(); {1038#true} is VALID [2022-02-20 18:09:56,418 INFO L290 TraceCheckUtils]: 19: Hoare triple {1038#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1038#true} is VALID [2022-02-20 18:09:56,418 INFO L290 TraceCheckUtils]: 20: Hoare triple {1038#true} assume true; {1038#true} is VALID [2022-02-20 18:09:56,419 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {1038#true} {1038#true} #368#return; {1038#true} is VALID [2022-02-20 18:09:56,419 INFO L290 TraceCheckUtils]: 22: Hoare triple {1038#true} assume -2147483648 <= select_features_#t~ret51#1 && select_features_#t~ret51#1 <= 2147483647;~__SELECTED_FEATURE_methaneAlarm~0 := select_features_#t~ret51#1;havoc select_features_#t~ret51#1; {1038#true} is VALID [2022-02-20 18:09:56,419 INFO L272 TraceCheckUtils]: 23: Hoare triple {1038#true} call select_features_#t~ret52#1 := select_one(); {1038#true} is VALID [2022-02-20 18:09:56,419 INFO L290 TraceCheckUtils]: 24: Hoare triple {1038#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1038#true} is VALID [2022-02-20 18:09:56,420 INFO L290 TraceCheckUtils]: 25: Hoare triple {1038#true} assume true; {1038#true} is VALID [2022-02-20 18:09:56,420 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {1038#true} {1038#true} #370#return; {1038#true} is VALID [2022-02-20 18:09:56,420 INFO L290 TraceCheckUtils]: 27: Hoare triple {1038#true} assume -2147483648 <= select_features_#t~ret52#1 && select_features_#t~ret52#1 <= 2147483647;~__SELECTED_FEATURE_stopCommand~0 := select_features_#t~ret52#1;havoc select_features_#t~ret52#1; {1038#true} is VALID [2022-02-20 18:09:56,420 INFO L272 TraceCheckUtils]: 28: Hoare triple {1038#true} call select_features_#t~ret53#1 := select_one(); {1038#true} is VALID [2022-02-20 18:09:56,420 INFO L290 TraceCheckUtils]: 29: Hoare triple {1038#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1038#true} is VALID [2022-02-20 18:09:56,421 INFO L290 TraceCheckUtils]: 30: Hoare triple {1038#true} assume true; {1038#true} is VALID [2022-02-20 18:09:56,421 INFO L284 TraceCheckUtils]: 31: Hoare quadruple {1038#true} {1038#true} #372#return; {1038#true} is VALID [2022-02-20 18:09:56,421 INFO L290 TraceCheckUtils]: 32: Hoare triple {1038#true} assume -2147483648 <= select_features_#t~ret53#1 && select_features_#t~ret53#1 <= 2147483647;~__SELECTED_FEATURE_startCommand~0 := select_features_#t~ret53#1;havoc select_features_#t~ret53#1; {1038#true} is VALID [2022-02-20 18:09:56,421 INFO L290 TraceCheckUtils]: 33: Hoare triple {1038#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~9#1;havoc valid_product_~retValue_acc~9#1;valid_product_~retValue_acc~9#1 := ~__SELECTED_FEATURE_base~0;valid_product_#res#1 := valid_product_~retValue_acc~9#1; {1038#true} is VALID [2022-02-20 18:09:56,421 INFO L290 TraceCheckUtils]: 34: Hoare triple {1038#true} main_#t~ret27#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret27#1 && main_#t~ret27#1 <= 2147483647;main_~tmp~3#1 := main_#t~ret27#1;havoc main_#t~ret27#1; {1038#true} is VALID [2022-02-20 18:09:56,422 INFO L290 TraceCheckUtils]: 35: Hoare triple {1038#true} assume 0 != main_~tmp~3#1;assume { :begin_inline_setup } true; {1038#true} is VALID [2022-02-20 18:09:56,422 INFO L290 TraceCheckUtils]: 36: Hoare triple {1038#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet28#1, test_#t~nondet29#1, test_#t~nondet30#1, test_#t~nondet31#1, test_~splverifierCounter~0#1, test_~tmp~4#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~4#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {1058#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:09:56,423 INFO L290 TraceCheckUtils]: 37: Hoare triple {1058#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !false; {1058#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:09:56,423 INFO L290 TraceCheckUtils]: 38: Hoare triple {1058#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !(test_~splverifierCounter~0#1 < 4); {1039#false} is VALID [2022-02-20 18:09:56,424 INFO L272 TraceCheckUtils]: 39: Hoare triple {1039#false} call cleanup(); {1039#false} is VALID [2022-02-20 18:09:56,424 INFO L290 TraceCheckUtils]: 40: Hoare triple {1039#false} havoc ~i~0;havoc ~__cil_tmp2~0; {1039#false} is VALID [2022-02-20 18:09:56,424 INFO L272 TraceCheckUtils]: 41: Hoare triple {1039#false} call timeShift(); {1039#false} is VALID [2022-02-20 18:09:56,424 INFO L290 TraceCheckUtils]: 42: Hoare triple {1039#false} assume !(0 != ~pumpRunning~0); {1039#false} is VALID [2022-02-20 18:09:56,424 INFO L290 TraceCheckUtils]: 43: Hoare triple {1039#false} assume !(0 != ~systemActive~0); {1039#false} is VALID [2022-02-20 18:09:56,425 INFO L290 TraceCheckUtils]: 44: Hoare triple {1039#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret54#1, __utac_acc__Specification3_spec__1_#t~ret55#1, __utac_acc__Specification3_spec__1_#t~ret56#1, __utac_acc__Specification3_spec__1_~tmp~11#1, __utac_acc__Specification3_spec__1_~tmp___0~3#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~11#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {1039#false} is VALID [2022-02-20 18:09:56,425 INFO L272 TraceCheckUtils]: 45: Hoare triple {1039#false} call __utac_acc__Specification3_spec__1_#t~ret54#1 := isMethaneLevelCritical(); {1038#true} is VALID [2022-02-20 18:09:56,425 INFO L290 TraceCheckUtils]: 46: Hoare triple {1038#true} havoc ~retValue_acc~10;~retValue_acc~10 := ~methaneLevelCritical~0;#res := ~retValue_acc~10; {1038#true} is VALID [2022-02-20 18:09:56,425 INFO L290 TraceCheckUtils]: 47: Hoare triple {1038#true} assume true; {1038#true} is VALID [2022-02-20 18:09:56,426 INFO L284 TraceCheckUtils]: 48: Hoare quadruple {1038#true} {1039#false} #356#return; {1039#false} is VALID [2022-02-20 18:09:56,426 INFO L290 TraceCheckUtils]: 49: Hoare triple {1039#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret54#1 && __utac_acc__Specification3_spec__1_#t~ret54#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~11#1 := __utac_acc__Specification3_spec__1_#t~ret54#1;havoc __utac_acc__Specification3_spec__1_#t~ret54#1; {1039#false} is VALID [2022-02-20 18:09:56,426 INFO L290 TraceCheckUtils]: 50: Hoare triple {1039#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~11#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~11#1;havoc getWaterLevel_~retValue_acc~11#1;getWaterLevel_~retValue_acc~11#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~11#1; {1039#false} is VALID [2022-02-20 18:09:56,426 INFO L290 TraceCheckUtils]: 51: Hoare triple {1039#false} __utac_acc__Specification3_spec__1_#t~ret55#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret55#1 && __utac_acc__Specification3_spec__1_#t~ret55#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~3#1 := __utac_acc__Specification3_spec__1_#t~ret55#1;havoc __utac_acc__Specification3_spec__1_#t~ret55#1; {1039#false} is VALID [2022-02-20 18:09:56,426 INFO L290 TraceCheckUtils]: 52: Hoare triple {1039#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~3#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~5#1;havoc isPumpRunning_~retValue_acc~5#1;isPumpRunning_~retValue_acc~5#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~5#1; {1039#false} is VALID [2022-02-20 18:09:56,427 INFO L290 TraceCheckUtils]: 53: Hoare triple {1039#false} __utac_acc__Specification3_spec__1_#t~ret56#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret56#1 && __utac_acc__Specification3_spec__1_#t~ret56#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret56#1;havoc __utac_acc__Specification3_spec__1_#t~ret56#1; {1039#false} is VALID [2022-02-20 18:09:56,427 INFO L290 TraceCheckUtils]: 54: Hoare triple {1039#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {1039#false} is VALID [2022-02-20 18:09:56,427 INFO L290 TraceCheckUtils]: 55: Hoare triple {1039#false} assume !false; {1039#false} is VALID [2022-02-20 18:09:56,428 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2022-02-20 18:09:56,428 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:56,428 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1844088430] [2022-02-20 18:09:56,428 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1844088430] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:56,428 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:56,429 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:09:56,429 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1215262164] [2022-02-20 18:09:56,429 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:56,430 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 56 [2022-02-20 18:09:56,431 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:56,431 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:09:56,467 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 46 edges. 46 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:56,467 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:56,467 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:56,468 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:56,468 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:56,468 INFO L87 Difference]: Start difference. First operand 136 states and 183 transitions. Second operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:09:56,680 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:56,681 INFO L93 Difference]: Finished difference Result 216 states and 291 transitions. [2022-02-20 18:09:56,681 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:56,682 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 56 [2022-02-20 18:09:56,682 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:56,682 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:09:56,688 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 291 transitions. [2022-02-20 18:09:56,688 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:09:56,695 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 291 transitions. [2022-02-20 18:09:56,696 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 291 transitions. [2022-02-20 18:09:56,952 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 291 edges. 291 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:56,959 INFO L225 Difference]: With dead ends: 216 [2022-02-20 18:09:56,959 INFO L226 Difference]: Without dead ends: 127 [2022-02-20 18:09:56,966 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 16 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:56,969 INFO L933 BasicCegarLoop]: 170 mSDtfsCounter, 21 mSDsluCounter, 144 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 25 SdHoareTripleChecker+Valid, 314 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:56,969 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [25 Valid, 314 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:56,971 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 127 states. [2022-02-20 18:09:56,981 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 127 to 127. [2022-02-20 18:09:56,981 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:56,982 INFO L82 GeneralOperation]: Start isEquivalent. First operand 127 states. Second operand has 127 states, 88 states have (on average 1.3295454545454546) internal successors, (117), 103 states have internal predecessors, (117), 27 states have call successors, (27), 11 states have call predecessors, (27), 11 states have return successors, (27), 22 states have call predecessors, (27), 27 states have call successors, (27) [2022-02-20 18:09:56,983 INFO L74 IsIncluded]: Start isIncluded. First operand 127 states. Second operand has 127 states, 88 states have (on average 1.3295454545454546) internal successors, (117), 103 states have internal predecessors, (117), 27 states have call successors, (27), 11 states have call predecessors, (27), 11 states have return successors, (27), 22 states have call predecessors, (27), 27 states have call successors, (27) [2022-02-20 18:09:56,983 INFO L87 Difference]: Start difference. First operand 127 states. Second operand has 127 states, 88 states have (on average 1.3295454545454546) internal successors, (117), 103 states have internal predecessors, (117), 27 states have call successors, (27), 11 states have call predecessors, (27), 11 states have return successors, (27), 22 states have call predecessors, (27), 27 states have call successors, (27) [2022-02-20 18:09:56,988 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:56,988 INFO L93 Difference]: Finished difference Result 127 states and 171 transitions. [2022-02-20 18:09:56,988 INFO L276 IsEmpty]: Start isEmpty. Operand 127 states and 171 transitions. [2022-02-20 18:09:56,990 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:56,990 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:56,990 INFO L74 IsIncluded]: Start isIncluded. First operand has 127 states, 88 states have (on average 1.3295454545454546) internal successors, (117), 103 states have internal predecessors, (117), 27 states have call successors, (27), 11 states have call predecessors, (27), 11 states have return successors, (27), 22 states have call predecessors, (27), 27 states have call successors, (27) Second operand 127 states. [2022-02-20 18:09:56,991 INFO L87 Difference]: Start difference. First operand has 127 states, 88 states have (on average 1.3295454545454546) internal successors, (117), 103 states have internal predecessors, (117), 27 states have call successors, (27), 11 states have call predecessors, (27), 11 states have return successors, (27), 22 states have call predecessors, (27), 27 states have call successors, (27) Second operand 127 states. [2022-02-20 18:09:56,996 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:56,996 INFO L93 Difference]: Finished difference Result 127 states and 171 transitions. [2022-02-20 18:09:56,996 INFO L276 IsEmpty]: Start isEmpty. Operand 127 states and 171 transitions. [2022-02-20 18:09:56,997 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:56,997 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:56,997 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:56,997 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:56,998 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 127 states, 88 states have (on average 1.3295454545454546) internal successors, (117), 103 states have internal predecessors, (117), 27 states have call successors, (27), 11 states have call predecessors, (27), 11 states have return successors, (27), 22 states have call predecessors, (27), 27 states have call successors, (27) [2022-02-20 18:09:57,004 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 127 states to 127 states and 171 transitions. [2022-02-20 18:09:57,005 INFO L78 Accepts]: Start accepts. Automaton has 127 states and 171 transitions. Word has length 56 [2022-02-20 18:09:57,005 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:57,005 INFO L470 AbstractCegarLoop]: Abstraction has 127 states and 171 transitions. [2022-02-20 18:09:57,006 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:09:57,006 INFO L276 IsEmpty]: Start isEmpty. Operand 127 states and 171 transitions. [2022-02-20 18:09:57,007 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 62 [2022-02-20 18:09:57,007 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:57,007 INFO L514 BasicCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:57,007 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-02-20 18:09:57,008 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:57,008 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:57,008 INFO L85 PathProgramCache]: Analyzing trace with hash -645766224, now seen corresponding path program 1 times [2022-02-20 18:09:57,008 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:57,009 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [686660011] [2022-02-20 18:09:57,009 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:57,009 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:57,043 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:57,091 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2022-02-20 18:09:57,094 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:57,097 INFO L290 TraceCheckUtils]: 0: Hoare triple {1823#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1823#true} is VALID [2022-02-20 18:09:57,098 INFO L290 TraceCheckUtils]: 1: Hoare triple {1823#true} assume true; {1823#true} is VALID [2022-02-20 18:09:57,098 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1823#true} {1825#(= 1 ~systemActive~0)} #362#return; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,099 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-02-20 18:09:57,101 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:57,105 INFO L290 TraceCheckUtils]: 0: Hoare triple {1823#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1823#true} is VALID [2022-02-20 18:09:57,105 INFO L290 TraceCheckUtils]: 1: Hoare triple {1823#true} assume true; {1823#true} is VALID [2022-02-20 18:09:57,106 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1823#true} {1825#(= 1 ~systemActive~0)} #364#return; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,106 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-02-20 18:09:57,108 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:57,112 INFO L290 TraceCheckUtils]: 0: Hoare triple {1823#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1823#true} is VALID [2022-02-20 18:09:57,112 INFO L290 TraceCheckUtils]: 1: Hoare triple {1823#true} assume true; {1823#true} is VALID [2022-02-20 18:09:57,113 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1823#true} {1825#(= 1 ~systemActive~0)} #366#return; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,113 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-02-20 18:09:57,115 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:57,124 INFO L290 TraceCheckUtils]: 0: Hoare triple {1823#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1823#true} is VALID [2022-02-20 18:09:57,124 INFO L290 TraceCheckUtils]: 1: Hoare triple {1823#true} assume true; {1823#true} is VALID [2022-02-20 18:09:57,125 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1823#true} {1825#(= 1 ~systemActive~0)} #368#return; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,125 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-02-20 18:09:57,128 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:57,132 INFO L290 TraceCheckUtils]: 0: Hoare triple {1823#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1823#true} is VALID [2022-02-20 18:09:57,132 INFO L290 TraceCheckUtils]: 1: Hoare triple {1823#true} assume true; {1823#true} is VALID [2022-02-20 18:09:57,133 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1823#true} {1825#(= 1 ~systemActive~0)} #370#return; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,133 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-02-20 18:09:57,135 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:57,139 INFO L290 TraceCheckUtils]: 0: Hoare triple {1823#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1823#true} is VALID [2022-02-20 18:09:57,139 INFO L290 TraceCheckUtils]: 1: Hoare triple {1823#true} assume true; {1823#true} is VALID [2022-02-20 18:09:57,140 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1823#true} {1825#(= 1 ~systemActive~0)} #372#return; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,140 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 50 [2022-02-20 18:09:57,141 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:57,143 INFO L290 TraceCheckUtils]: 0: Hoare triple {1823#true} havoc ~retValue_acc~10;~retValue_acc~10 := ~methaneLevelCritical~0;#res := ~retValue_acc~10; {1823#true} is VALID [2022-02-20 18:09:57,143 INFO L290 TraceCheckUtils]: 1: Hoare triple {1823#true} assume true; {1823#true} is VALID [2022-02-20 18:09:57,144 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1823#true} {1824#false} #356#return; {1824#false} is VALID [2022-02-20 18:09:57,146 INFO L290 TraceCheckUtils]: 0: Hoare triple {1823#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(38, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(30, 4);call #Ultimate.allocInit(9, 5);call #Ultimate.allocInit(21, 6);call #Ultimate.allocInit(30, 7);call #Ultimate.allocInit(9, 8);call #Ultimate.allocInit(21, 9);call #Ultimate.allocInit(30, 10);call #Ultimate.allocInit(9, 11);call #Ultimate.allocInit(25, 12);call #Ultimate.allocInit(30, 13);call #Ultimate.allocInit(9, 14);call #Ultimate.allocInit(25, 15);call #Ultimate.allocInit(13, 16);call #Ultimate.allocInit(3, 17);call write~init~int(79, 17, 0, 1);call write~init~int(110, 17, 1, 1);call write~init~int(0, 17, 2, 1);call #Ultimate.allocInit(4, 18);call write~init~int(79, 18, 0, 1);call write~init~int(102, 18, 1, 1);call write~init~int(102, 18, 2, 1);call write~init~int(0, 18, 3, 1);call #Ultimate.allocInit(7, 19);call write~init~int(44, 19, 0, 1);call write~init~int(80, 19, 1, 1);call write~init~int(117, 19, 2, 1);call write~init~int(109, 19, 3, 1);call write~init~int(112, 19, 4, 1);call write~init~int(58, 19, 5, 1);call write~init~int(0, 19, 6, 1);call #Ultimate.allocInit(3, 20);call write~init~int(79, 20, 0, 1);call write~init~int(110, 20, 1, 1);call write~init~int(0, 20, 2, 1);call #Ultimate.allocInit(4, 21);call write~init~int(79, 21, 0, 1);call write~init~int(102, 21, 1, 1);call write~init~int(102, 21, 2, 1);call write~init~int(0, 21, 3, 1);call #Ultimate.allocInit(3, 22);call write~init~int(41, 22, 0, 1);call write~init~int(32, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(2, 23);call write~init~int(10, 23, 0, 1);call write~init~int(0, 23, 1, 1);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~head~0.base, ~head~0.offset := 0, 0;~cleanupTimeShifts~0 := 4;~__SELECTED_FEATURE_base~0 := 0;~__SELECTED_FEATURE_highWaterSensor~0 := 0;~__SELECTED_FEATURE_lowWaterSensor~0 := 0;~__SELECTED_FEATURE_methaneQuery~0 := 0;~__SELECTED_FEATURE_methaneAlarm~0 := 0;~__SELECTED_FEATURE_stopCommand~0 := 0;~__SELECTED_FEATURE_startCommand~0 := 0;~__GUIDSL_ROOT_PRODUCTION~0 := 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,146 INFO L290 TraceCheckUtils]: 1: Hoare triple {1825#(= 1 ~systemActive~0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret27#1, main_~retValue_acc~3#1, main_~tmp~3#1;havoc main_~retValue_acc~3#1;havoc main_~tmp~3#1;assume { :begin_inline_select_helpers } true;~__GUIDSL_ROOT_PRODUCTION~0 := 1; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,147 INFO L290 TraceCheckUtils]: 2: Hoare triple {1825#(= 1 ~systemActive~0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true;havoc select_features_#t~ret48#1, select_features_#t~ret49#1, select_features_#t~ret50#1, select_features_#t~ret51#1, select_features_#t~ret52#1, select_features_#t~ret53#1;~__SELECTED_FEATURE_base~0 := 1; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,147 INFO L272 TraceCheckUtils]: 3: Hoare triple {1825#(= 1 ~systemActive~0)} call select_features_#t~ret48#1 := select_one(); {1823#true} is VALID [2022-02-20 18:09:57,147 INFO L290 TraceCheckUtils]: 4: Hoare triple {1823#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1823#true} is VALID [2022-02-20 18:09:57,148 INFO L290 TraceCheckUtils]: 5: Hoare triple {1823#true} assume true; {1823#true} is VALID [2022-02-20 18:09:57,148 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {1823#true} {1825#(= 1 ~systemActive~0)} #362#return; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,149 INFO L290 TraceCheckUtils]: 7: Hoare triple {1825#(= 1 ~systemActive~0)} assume -2147483648 <= select_features_#t~ret48#1 && select_features_#t~ret48#1 <= 2147483647;~__SELECTED_FEATURE_highWaterSensor~0 := select_features_#t~ret48#1;havoc select_features_#t~ret48#1; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,149 INFO L272 TraceCheckUtils]: 8: Hoare triple {1825#(= 1 ~systemActive~0)} call select_features_#t~ret49#1 := select_one(); {1823#true} is VALID [2022-02-20 18:09:57,149 INFO L290 TraceCheckUtils]: 9: Hoare triple {1823#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1823#true} is VALID [2022-02-20 18:09:57,149 INFO L290 TraceCheckUtils]: 10: Hoare triple {1823#true} assume true; {1823#true} is VALID [2022-02-20 18:09:57,150 INFO L284 TraceCheckUtils]: 11: Hoare quadruple {1823#true} {1825#(= 1 ~systemActive~0)} #364#return; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,150 INFO L290 TraceCheckUtils]: 12: Hoare triple {1825#(= 1 ~systemActive~0)} assume -2147483648 <= select_features_#t~ret49#1 && select_features_#t~ret49#1 <= 2147483647;~__SELECTED_FEATURE_lowWaterSensor~0 := select_features_#t~ret49#1;havoc select_features_#t~ret49#1; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,150 INFO L272 TraceCheckUtils]: 13: Hoare triple {1825#(= 1 ~systemActive~0)} call select_features_#t~ret50#1 := select_one(); {1823#true} is VALID [2022-02-20 18:09:57,151 INFO L290 TraceCheckUtils]: 14: Hoare triple {1823#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1823#true} is VALID [2022-02-20 18:09:57,151 INFO L290 TraceCheckUtils]: 15: Hoare triple {1823#true} assume true; {1823#true} is VALID [2022-02-20 18:09:57,151 INFO L284 TraceCheckUtils]: 16: Hoare quadruple {1823#true} {1825#(= 1 ~systemActive~0)} #366#return; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,152 INFO L290 TraceCheckUtils]: 17: Hoare triple {1825#(= 1 ~systemActive~0)} assume -2147483648 <= select_features_#t~ret50#1 && select_features_#t~ret50#1 <= 2147483647;~__SELECTED_FEATURE_methaneQuery~0 := select_features_#t~ret50#1;havoc select_features_#t~ret50#1; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,152 INFO L272 TraceCheckUtils]: 18: Hoare triple {1825#(= 1 ~systemActive~0)} call select_features_#t~ret51#1 := select_one(); {1823#true} is VALID [2022-02-20 18:09:57,152 INFO L290 TraceCheckUtils]: 19: Hoare triple {1823#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1823#true} is VALID [2022-02-20 18:09:57,152 INFO L290 TraceCheckUtils]: 20: Hoare triple {1823#true} assume true; {1823#true} is VALID [2022-02-20 18:09:57,153 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {1823#true} {1825#(= 1 ~systemActive~0)} #368#return; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,153 INFO L290 TraceCheckUtils]: 22: Hoare triple {1825#(= 1 ~systemActive~0)} assume -2147483648 <= select_features_#t~ret51#1 && select_features_#t~ret51#1 <= 2147483647;~__SELECTED_FEATURE_methaneAlarm~0 := select_features_#t~ret51#1;havoc select_features_#t~ret51#1; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,154 INFO L272 TraceCheckUtils]: 23: Hoare triple {1825#(= 1 ~systemActive~0)} call select_features_#t~ret52#1 := select_one(); {1823#true} is VALID [2022-02-20 18:09:57,154 INFO L290 TraceCheckUtils]: 24: Hoare triple {1823#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1823#true} is VALID [2022-02-20 18:09:57,154 INFO L290 TraceCheckUtils]: 25: Hoare triple {1823#true} assume true; {1823#true} is VALID [2022-02-20 18:09:57,155 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {1823#true} {1825#(= 1 ~systemActive~0)} #370#return; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,155 INFO L290 TraceCheckUtils]: 27: Hoare triple {1825#(= 1 ~systemActive~0)} assume -2147483648 <= select_features_#t~ret52#1 && select_features_#t~ret52#1 <= 2147483647;~__SELECTED_FEATURE_stopCommand~0 := select_features_#t~ret52#1;havoc select_features_#t~ret52#1; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,155 INFO L272 TraceCheckUtils]: 28: Hoare triple {1825#(= 1 ~systemActive~0)} call select_features_#t~ret53#1 := select_one(); {1823#true} is VALID [2022-02-20 18:09:57,156 INFO L290 TraceCheckUtils]: 29: Hoare triple {1823#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1823#true} is VALID [2022-02-20 18:09:57,156 INFO L290 TraceCheckUtils]: 30: Hoare triple {1823#true} assume true; {1823#true} is VALID [2022-02-20 18:09:57,156 INFO L284 TraceCheckUtils]: 31: Hoare quadruple {1823#true} {1825#(= 1 ~systemActive~0)} #372#return; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,157 INFO L290 TraceCheckUtils]: 32: Hoare triple {1825#(= 1 ~systemActive~0)} assume -2147483648 <= select_features_#t~ret53#1 && select_features_#t~ret53#1 <= 2147483647;~__SELECTED_FEATURE_startCommand~0 := select_features_#t~ret53#1;havoc select_features_#t~ret53#1; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,157 INFO L290 TraceCheckUtils]: 33: Hoare triple {1825#(= 1 ~systemActive~0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~9#1;havoc valid_product_~retValue_acc~9#1;valid_product_~retValue_acc~9#1 := ~__SELECTED_FEATURE_base~0;valid_product_#res#1 := valid_product_~retValue_acc~9#1; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,158 INFO L290 TraceCheckUtils]: 34: Hoare triple {1825#(= 1 ~systemActive~0)} main_#t~ret27#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret27#1 && main_#t~ret27#1 <= 2147483647;main_~tmp~3#1 := main_#t~ret27#1;havoc main_#t~ret27#1; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,158 INFO L290 TraceCheckUtils]: 35: Hoare triple {1825#(= 1 ~systemActive~0)} assume 0 != main_~tmp~3#1;assume { :begin_inline_setup } true; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,158 INFO L290 TraceCheckUtils]: 36: Hoare triple {1825#(= 1 ~systemActive~0)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet28#1, test_#t~nondet29#1, test_#t~nondet30#1, test_#t~nondet31#1, test_~splverifierCounter~0#1, test_~tmp~4#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~4#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,159 INFO L290 TraceCheckUtils]: 37: Hoare triple {1825#(= 1 ~systemActive~0)} assume !false; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,159 INFO L290 TraceCheckUtils]: 38: Hoare triple {1825#(= 1 ~systemActive~0)} assume test_~splverifierCounter~0#1 < 4; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,160 INFO L290 TraceCheckUtils]: 39: Hoare triple {1825#(= 1 ~systemActive~0)} assume -2147483648 <= test_#t~nondet28#1 && test_#t~nondet28#1 <= 2147483647;test_~tmp~4#1 := test_#t~nondet28#1;havoc test_#t~nondet28#1; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,160 INFO L290 TraceCheckUtils]: 40: Hoare triple {1825#(= 1 ~systemActive~0)} assume !(0 != test_~tmp~4#1); {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,161 INFO L290 TraceCheckUtils]: 41: Hoare triple {1825#(= 1 ~systemActive~0)} assume -2147483648 <= test_#t~nondet29#1 && test_#t~nondet29#1 <= 2147483647;test_~tmp___0~0#1 := test_#t~nondet29#1;havoc test_#t~nondet29#1; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,161 INFO L290 TraceCheckUtils]: 42: Hoare triple {1825#(= 1 ~systemActive~0)} assume !(0 != test_~tmp___0~0#1); {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,162 INFO L290 TraceCheckUtils]: 43: Hoare triple {1825#(= 1 ~systemActive~0)} assume -2147483648 <= test_#t~nondet30#1 && test_#t~nondet30#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet30#1;havoc test_#t~nondet30#1; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,162 INFO L290 TraceCheckUtils]: 44: Hoare triple {1825#(= 1 ~systemActive~0)} assume !(0 != test_~tmp___2~0#1);assume -2147483648 <= test_#t~nondet31#1 && test_#t~nondet31#1 <= 2147483647;test_~tmp___1~0#1 := test_#t~nondet31#1;havoc test_#t~nondet31#1; {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,163 INFO L290 TraceCheckUtils]: 45: Hoare triple {1825#(= 1 ~systemActive~0)} assume !(0 != test_~tmp___1~0#1); {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,163 INFO L272 TraceCheckUtils]: 46: Hoare triple {1825#(= 1 ~systemActive~0)} call timeShift(); {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,164 INFO L290 TraceCheckUtils]: 47: Hoare triple {1825#(= 1 ~systemActive~0)} assume !(0 != ~pumpRunning~0); {1825#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:09:57,164 INFO L290 TraceCheckUtils]: 48: Hoare triple {1825#(= 1 ~systemActive~0)} assume !(0 != ~systemActive~0); {1824#false} is VALID [2022-02-20 18:09:57,164 INFO L290 TraceCheckUtils]: 49: Hoare triple {1824#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret54#1, __utac_acc__Specification3_spec__1_#t~ret55#1, __utac_acc__Specification3_spec__1_#t~ret56#1, __utac_acc__Specification3_spec__1_~tmp~11#1, __utac_acc__Specification3_spec__1_~tmp___0~3#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~11#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {1824#false} is VALID [2022-02-20 18:09:57,164 INFO L272 TraceCheckUtils]: 50: Hoare triple {1824#false} call __utac_acc__Specification3_spec__1_#t~ret54#1 := isMethaneLevelCritical(); {1823#true} is VALID [2022-02-20 18:09:57,165 INFO L290 TraceCheckUtils]: 51: Hoare triple {1823#true} havoc ~retValue_acc~10;~retValue_acc~10 := ~methaneLevelCritical~0;#res := ~retValue_acc~10; {1823#true} is VALID [2022-02-20 18:09:57,165 INFO L290 TraceCheckUtils]: 52: Hoare triple {1823#true} assume true; {1823#true} is VALID [2022-02-20 18:09:57,165 INFO L284 TraceCheckUtils]: 53: Hoare quadruple {1823#true} {1824#false} #356#return; {1824#false} is VALID [2022-02-20 18:09:57,165 INFO L290 TraceCheckUtils]: 54: Hoare triple {1824#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret54#1 && __utac_acc__Specification3_spec__1_#t~ret54#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~11#1 := __utac_acc__Specification3_spec__1_#t~ret54#1;havoc __utac_acc__Specification3_spec__1_#t~ret54#1; {1824#false} is VALID [2022-02-20 18:09:57,165 INFO L290 TraceCheckUtils]: 55: Hoare triple {1824#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~11#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~11#1;havoc getWaterLevel_~retValue_acc~11#1;getWaterLevel_~retValue_acc~11#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~11#1; {1824#false} is VALID [2022-02-20 18:09:57,166 INFO L290 TraceCheckUtils]: 56: Hoare triple {1824#false} __utac_acc__Specification3_spec__1_#t~ret55#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret55#1 && __utac_acc__Specification3_spec__1_#t~ret55#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~3#1 := __utac_acc__Specification3_spec__1_#t~ret55#1;havoc __utac_acc__Specification3_spec__1_#t~ret55#1; {1824#false} is VALID [2022-02-20 18:09:57,166 INFO L290 TraceCheckUtils]: 57: Hoare triple {1824#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~3#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~5#1;havoc isPumpRunning_~retValue_acc~5#1;isPumpRunning_~retValue_acc~5#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~5#1; {1824#false} is VALID [2022-02-20 18:09:57,166 INFO L290 TraceCheckUtils]: 58: Hoare triple {1824#false} __utac_acc__Specification3_spec__1_#t~ret56#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret56#1 && __utac_acc__Specification3_spec__1_#t~ret56#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret56#1;havoc __utac_acc__Specification3_spec__1_#t~ret56#1; {1824#false} is VALID [2022-02-20 18:09:57,166 INFO L290 TraceCheckUtils]: 59: Hoare triple {1824#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {1824#false} is VALID [2022-02-20 18:09:57,166 INFO L290 TraceCheckUtils]: 60: Hoare triple {1824#false} assume !false; {1824#false} is VALID [2022-02-20 18:09:57,167 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2022-02-20 18:09:57,167 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:57,167 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [686660011] [2022-02-20 18:09:57,167 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [686660011] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:57,168 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:57,168 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:09:57,168 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [173736662] [2022-02-20 18:09:57,168 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:57,169 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 12.0) internal successors, (36), 3 states have internal predecessors, (36), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 61 [2022-02-20 18:09:57,169 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:57,169 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 12.0) internal successors, (36), 3 states have internal predecessors, (36), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:09:57,206 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 51 edges. 51 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:57,207 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:57,207 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:57,208 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:57,208 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:57,209 INFO L87 Difference]: Start difference. First operand 127 states and 171 transitions. Second operand has 3 states, 3 states have (on average 12.0) internal successors, (36), 3 states have internal predecessors, (36), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:09:57,460 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:57,461 INFO L93 Difference]: Finished difference Result 335 states and 458 transitions. [2022-02-20 18:09:57,465 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:57,466 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 12.0) internal successors, (36), 3 states have internal predecessors, (36), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 61 [2022-02-20 18:09:57,468 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:57,468 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 12.0) internal successors, (36), 3 states have internal predecessors, (36), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:09:57,478 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 458 transitions. [2022-02-20 18:09:57,478 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 12.0) internal successors, (36), 3 states have internal predecessors, (36), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:09:57,488 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 458 transitions. [2022-02-20 18:09:57,488 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 458 transitions. [2022-02-20 18:09:57,829 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 458 edges. 458 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:57,835 INFO L225 Difference]: With dead ends: 335 [2022-02-20 18:09:57,836 INFO L226 Difference]: Without dead ends: 230 [2022-02-20 18:09:57,837 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 15 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:57,838 INFO L933 BasicCegarLoop]: 211 mSDtfsCounter, 137 mSDsluCounter, 139 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 137 SdHoareTripleChecker+Valid, 350 SdHoareTripleChecker+Invalid, 6 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:57,838 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [137 Valid, 350 Invalid, 6 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:57,839 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 230 states. [2022-02-20 18:09:57,855 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 230 to 227. [2022-02-20 18:09:57,856 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:57,857 INFO L82 GeneralOperation]: Start isEquivalent. First operand 230 states. Second operand has 227 states, 157 states have (on average 1.3630573248407643) internal successors, (214), 186 states have internal predecessors, (214), 48 states have call successors, (48), 21 states have call predecessors, (48), 21 states have return successors, (48), 37 states have call predecessors, (48), 48 states have call successors, (48) [2022-02-20 18:09:57,858 INFO L74 IsIncluded]: Start isIncluded. First operand 230 states. Second operand has 227 states, 157 states have (on average 1.3630573248407643) internal successors, (214), 186 states have internal predecessors, (214), 48 states have call successors, (48), 21 states have call predecessors, (48), 21 states have return successors, (48), 37 states have call predecessors, (48), 48 states have call successors, (48) [2022-02-20 18:09:57,859 INFO L87 Difference]: Start difference. First operand 230 states. Second operand has 227 states, 157 states have (on average 1.3630573248407643) internal successors, (214), 186 states have internal predecessors, (214), 48 states have call successors, (48), 21 states have call predecessors, (48), 21 states have return successors, (48), 37 states have call predecessors, (48), 48 states have call successors, (48) [2022-02-20 18:09:57,868 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:57,868 INFO L93 Difference]: Finished difference Result 230 states and 312 transitions. [2022-02-20 18:09:57,869 INFO L276 IsEmpty]: Start isEmpty. Operand 230 states and 312 transitions. [2022-02-20 18:09:57,870 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:57,870 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:57,871 INFO L74 IsIncluded]: Start isIncluded. First operand has 227 states, 157 states have (on average 1.3630573248407643) internal successors, (214), 186 states have internal predecessors, (214), 48 states have call successors, (48), 21 states have call predecessors, (48), 21 states have return successors, (48), 37 states have call predecessors, (48), 48 states have call successors, (48) Second operand 230 states. [2022-02-20 18:09:57,872 INFO L87 Difference]: Start difference. First operand has 227 states, 157 states have (on average 1.3630573248407643) internal successors, (214), 186 states have internal predecessors, (214), 48 states have call successors, (48), 21 states have call predecessors, (48), 21 states have return successors, (48), 37 states have call predecessors, (48), 48 states have call successors, (48) Second operand 230 states. [2022-02-20 18:09:57,881 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:57,882 INFO L93 Difference]: Finished difference Result 230 states and 312 transitions. [2022-02-20 18:09:57,882 INFO L276 IsEmpty]: Start isEmpty. Operand 230 states and 312 transitions. [2022-02-20 18:09:57,883 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:57,883 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:57,883 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:57,883 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:57,885 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 227 states, 157 states have (on average 1.3630573248407643) internal successors, (214), 186 states have internal predecessors, (214), 48 states have call successors, (48), 21 states have call predecessors, (48), 21 states have return successors, (48), 37 states have call predecessors, (48), 48 states have call successors, (48) [2022-02-20 18:09:57,899 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 227 states to 227 states and 310 transitions. [2022-02-20 18:09:57,899 INFO L78 Accepts]: Start accepts. Automaton has 227 states and 310 transitions. Word has length 61 [2022-02-20 18:09:57,900 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:57,900 INFO L470 AbstractCegarLoop]: Abstraction has 227 states and 310 transitions. [2022-02-20 18:09:57,900 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 12.0) internal successors, (36), 3 states have internal predecessors, (36), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:09:57,901 INFO L276 IsEmpty]: Start isEmpty. Operand 227 states and 310 transitions. [2022-02-20 18:09:57,905 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 66 [2022-02-20 18:09:57,906 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:57,906 INFO L514 BasicCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:57,906 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-02-20 18:09:57,907 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:57,907 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:57,907 INFO L85 PathProgramCache]: Analyzing trace with hash 1376588474, now seen corresponding path program 1 times [2022-02-20 18:09:57,907 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:57,908 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [526785785] [2022-02-20 18:09:57,908 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:57,908 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:57,970 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:58,043 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2022-02-20 18:09:58,046 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:58,050 INFO L290 TraceCheckUtils]: 0: Hoare triple {3129#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {3129#true} is VALID [2022-02-20 18:09:58,050 INFO L290 TraceCheckUtils]: 1: Hoare triple {3129#true} assume true; {3129#true} is VALID [2022-02-20 18:09:58,051 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {3129#true} {3131#(= ~waterLevel~0 1)} #362#return; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,051 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-02-20 18:09:58,054 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:58,057 INFO L290 TraceCheckUtils]: 0: Hoare triple {3129#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {3129#true} is VALID [2022-02-20 18:09:58,062 INFO L290 TraceCheckUtils]: 1: Hoare triple {3129#true} assume true; {3129#true} is VALID [2022-02-20 18:09:58,063 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {3129#true} {3131#(= ~waterLevel~0 1)} #364#return; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,064 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-02-20 18:09:58,066 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:58,072 INFO L290 TraceCheckUtils]: 0: Hoare triple {3129#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {3129#true} is VALID [2022-02-20 18:09:58,074 INFO L290 TraceCheckUtils]: 1: Hoare triple {3129#true} assume true; {3129#true} is VALID [2022-02-20 18:09:58,077 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {3129#true} {3131#(= ~waterLevel~0 1)} #366#return; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,077 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-02-20 18:09:58,083 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:58,089 INFO L290 TraceCheckUtils]: 0: Hoare triple {3129#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {3129#true} is VALID [2022-02-20 18:09:58,089 INFO L290 TraceCheckUtils]: 1: Hoare triple {3129#true} assume true; {3129#true} is VALID [2022-02-20 18:09:58,090 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {3129#true} {3131#(= ~waterLevel~0 1)} #368#return; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,090 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-02-20 18:09:58,092 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:58,095 INFO L290 TraceCheckUtils]: 0: Hoare triple {3129#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {3129#true} is VALID [2022-02-20 18:09:58,099 INFO L290 TraceCheckUtils]: 1: Hoare triple {3129#true} assume true; {3129#true} is VALID [2022-02-20 18:09:58,100 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {3129#true} {3131#(= ~waterLevel~0 1)} #370#return; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,101 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-02-20 18:09:58,104 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:58,107 INFO L290 TraceCheckUtils]: 0: Hoare triple {3129#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {3129#true} is VALID [2022-02-20 18:09:58,107 INFO L290 TraceCheckUtils]: 1: Hoare triple {3129#true} assume true; {3129#true} is VALID [2022-02-20 18:09:58,108 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {3129#true} {3131#(= ~waterLevel~0 1)} #372#return; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,108 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 54 [2022-02-20 18:09:58,110 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:58,112 INFO L290 TraceCheckUtils]: 0: Hoare triple {3129#true} havoc ~retValue_acc~10;~retValue_acc~10 := ~methaneLevelCritical~0;#res := ~retValue_acc~10; {3129#true} is VALID [2022-02-20 18:09:58,112 INFO L290 TraceCheckUtils]: 1: Hoare triple {3129#true} assume true; {3129#true} is VALID [2022-02-20 18:09:58,113 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {3129#true} {3131#(= ~waterLevel~0 1)} #356#return; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,114 INFO L290 TraceCheckUtils]: 0: Hoare triple {3129#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(38, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(30, 4);call #Ultimate.allocInit(9, 5);call #Ultimate.allocInit(21, 6);call #Ultimate.allocInit(30, 7);call #Ultimate.allocInit(9, 8);call #Ultimate.allocInit(21, 9);call #Ultimate.allocInit(30, 10);call #Ultimate.allocInit(9, 11);call #Ultimate.allocInit(25, 12);call #Ultimate.allocInit(30, 13);call #Ultimate.allocInit(9, 14);call #Ultimate.allocInit(25, 15);call #Ultimate.allocInit(13, 16);call #Ultimate.allocInit(3, 17);call write~init~int(79, 17, 0, 1);call write~init~int(110, 17, 1, 1);call write~init~int(0, 17, 2, 1);call #Ultimate.allocInit(4, 18);call write~init~int(79, 18, 0, 1);call write~init~int(102, 18, 1, 1);call write~init~int(102, 18, 2, 1);call write~init~int(0, 18, 3, 1);call #Ultimate.allocInit(7, 19);call write~init~int(44, 19, 0, 1);call write~init~int(80, 19, 1, 1);call write~init~int(117, 19, 2, 1);call write~init~int(109, 19, 3, 1);call write~init~int(112, 19, 4, 1);call write~init~int(58, 19, 5, 1);call write~init~int(0, 19, 6, 1);call #Ultimate.allocInit(3, 20);call write~init~int(79, 20, 0, 1);call write~init~int(110, 20, 1, 1);call write~init~int(0, 20, 2, 1);call #Ultimate.allocInit(4, 21);call write~init~int(79, 21, 0, 1);call write~init~int(102, 21, 1, 1);call write~init~int(102, 21, 2, 1);call write~init~int(0, 21, 3, 1);call #Ultimate.allocInit(3, 22);call write~init~int(41, 22, 0, 1);call write~init~int(32, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(2, 23);call write~init~int(10, 23, 0, 1);call write~init~int(0, 23, 1, 1);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~head~0.base, ~head~0.offset := 0, 0;~cleanupTimeShifts~0 := 4;~__SELECTED_FEATURE_base~0 := 0;~__SELECTED_FEATURE_highWaterSensor~0 := 0;~__SELECTED_FEATURE_lowWaterSensor~0 := 0;~__SELECTED_FEATURE_methaneQuery~0 := 0;~__SELECTED_FEATURE_methaneAlarm~0 := 0;~__SELECTED_FEATURE_stopCommand~0 := 0;~__SELECTED_FEATURE_startCommand~0 := 0;~__GUIDSL_ROOT_PRODUCTION~0 := 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,114 INFO L290 TraceCheckUtils]: 1: Hoare triple {3131#(= ~waterLevel~0 1)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret27#1, main_~retValue_acc~3#1, main_~tmp~3#1;havoc main_~retValue_acc~3#1;havoc main_~tmp~3#1;assume { :begin_inline_select_helpers } true;~__GUIDSL_ROOT_PRODUCTION~0 := 1; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,114 INFO L290 TraceCheckUtils]: 2: Hoare triple {3131#(= ~waterLevel~0 1)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true;havoc select_features_#t~ret48#1, select_features_#t~ret49#1, select_features_#t~ret50#1, select_features_#t~ret51#1, select_features_#t~ret52#1, select_features_#t~ret53#1;~__SELECTED_FEATURE_base~0 := 1; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,115 INFO L272 TraceCheckUtils]: 3: Hoare triple {3131#(= ~waterLevel~0 1)} call select_features_#t~ret48#1 := select_one(); {3129#true} is VALID [2022-02-20 18:09:58,115 INFO L290 TraceCheckUtils]: 4: Hoare triple {3129#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {3129#true} is VALID [2022-02-20 18:09:58,115 INFO L290 TraceCheckUtils]: 5: Hoare triple {3129#true} assume true; {3129#true} is VALID [2022-02-20 18:09:58,115 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {3129#true} {3131#(= ~waterLevel~0 1)} #362#return; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,116 INFO L290 TraceCheckUtils]: 7: Hoare triple {3131#(= ~waterLevel~0 1)} assume -2147483648 <= select_features_#t~ret48#1 && select_features_#t~ret48#1 <= 2147483647;~__SELECTED_FEATURE_highWaterSensor~0 := select_features_#t~ret48#1;havoc select_features_#t~ret48#1; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,116 INFO L272 TraceCheckUtils]: 8: Hoare triple {3131#(= ~waterLevel~0 1)} call select_features_#t~ret49#1 := select_one(); {3129#true} is VALID [2022-02-20 18:09:58,116 INFO L290 TraceCheckUtils]: 9: Hoare triple {3129#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {3129#true} is VALID [2022-02-20 18:09:58,116 INFO L290 TraceCheckUtils]: 10: Hoare triple {3129#true} assume true; {3129#true} is VALID [2022-02-20 18:09:58,117 INFO L284 TraceCheckUtils]: 11: Hoare quadruple {3129#true} {3131#(= ~waterLevel~0 1)} #364#return; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,117 INFO L290 TraceCheckUtils]: 12: Hoare triple {3131#(= ~waterLevel~0 1)} assume -2147483648 <= select_features_#t~ret49#1 && select_features_#t~ret49#1 <= 2147483647;~__SELECTED_FEATURE_lowWaterSensor~0 := select_features_#t~ret49#1;havoc select_features_#t~ret49#1; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,117 INFO L272 TraceCheckUtils]: 13: Hoare triple {3131#(= ~waterLevel~0 1)} call select_features_#t~ret50#1 := select_one(); {3129#true} is VALID [2022-02-20 18:09:58,117 INFO L290 TraceCheckUtils]: 14: Hoare triple {3129#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {3129#true} is VALID [2022-02-20 18:09:58,118 INFO L290 TraceCheckUtils]: 15: Hoare triple {3129#true} assume true; {3129#true} is VALID [2022-02-20 18:09:58,118 INFO L284 TraceCheckUtils]: 16: Hoare quadruple {3129#true} {3131#(= ~waterLevel~0 1)} #366#return; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,119 INFO L290 TraceCheckUtils]: 17: Hoare triple {3131#(= ~waterLevel~0 1)} assume -2147483648 <= select_features_#t~ret50#1 && select_features_#t~ret50#1 <= 2147483647;~__SELECTED_FEATURE_methaneQuery~0 := select_features_#t~ret50#1;havoc select_features_#t~ret50#1; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,119 INFO L272 TraceCheckUtils]: 18: Hoare triple {3131#(= ~waterLevel~0 1)} call select_features_#t~ret51#1 := select_one(); {3129#true} is VALID [2022-02-20 18:09:58,119 INFO L290 TraceCheckUtils]: 19: Hoare triple {3129#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {3129#true} is VALID [2022-02-20 18:09:58,119 INFO L290 TraceCheckUtils]: 20: Hoare triple {3129#true} assume true; {3129#true} is VALID [2022-02-20 18:09:58,120 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {3129#true} {3131#(= ~waterLevel~0 1)} #368#return; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,120 INFO L290 TraceCheckUtils]: 22: Hoare triple {3131#(= ~waterLevel~0 1)} assume -2147483648 <= select_features_#t~ret51#1 && select_features_#t~ret51#1 <= 2147483647;~__SELECTED_FEATURE_methaneAlarm~0 := select_features_#t~ret51#1;havoc select_features_#t~ret51#1; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,120 INFO L272 TraceCheckUtils]: 23: Hoare triple {3131#(= ~waterLevel~0 1)} call select_features_#t~ret52#1 := select_one(); {3129#true} is VALID [2022-02-20 18:09:58,120 INFO L290 TraceCheckUtils]: 24: Hoare triple {3129#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {3129#true} is VALID [2022-02-20 18:09:58,120 INFO L290 TraceCheckUtils]: 25: Hoare triple {3129#true} assume true; {3129#true} is VALID [2022-02-20 18:09:58,121 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {3129#true} {3131#(= ~waterLevel~0 1)} #370#return; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,121 INFO L290 TraceCheckUtils]: 27: Hoare triple {3131#(= ~waterLevel~0 1)} assume -2147483648 <= select_features_#t~ret52#1 && select_features_#t~ret52#1 <= 2147483647;~__SELECTED_FEATURE_stopCommand~0 := select_features_#t~ret52#1;havoc select_features_#t~ret52#1; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,121 INFO L272 TraceCheckUtils]: 28: Hoare triple {3131#(= ~waterLevel~0 1)} call select_features_#t~ret53#1 := select_one(); {3129#true} is VALID [2022-02-20 18:09:58,122 INFO L290 TraceCheckUtils]: 29: Hoare triple {3129#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {3129#true} is VALID [2022-02-20 18:09:58,122 INFO L290 TraceCheckUtils]: 30: Hoare triple {3129#true} assume true; {3129#true} is VALID [2022-02-20 18:09:58,122 INFO L284 TraceCheckUtils]: 31: Hoare quadruple {3129#true} {3131#(= ~waterLevel~0 1)} #372#return; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,127 INFO L290 TraceCheckUtils]: 32: Hoare triple {3131#(= ~waterLevel~0 1)} assume -2147483648 <= select_features_#t~ret53#1 && select_features_#t~ret53#1 <= 2147483647;~__SELECTED_FEATURE_startCommand~0 := select_features_#t~ret53#1;havoc select_features_#t~ret53#1; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,129 INFO L290 TraceCheckUtils]: 33: Hoare triple {3131#(= ~waterLevel~0 1)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~9#1;havoc valid_product_~retValue_acc~9#1;valid_product_~retValue_acc~9#1 := ~__SELECTED_FEATURE_base~0;valid_product_#res#1 := valid_product_~retValue_acc~9#1; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,129 INFO L290 TraceCheckUtils]: 34: Hoare triple {3131#(= ~waterLevel~0 1)} main_#t~ret27#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret27#1 && main_#t~ret27#1 <= 2147483647;main_~tmp~3#1 := main_#t~ret27#1;havoc main_#t~ret27#1; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,130 INFO L290 TraceCheckUtils]: 35: Hoare triple {3131#(= ~waterLevel~0 1)} assume 0 != main_~tmp~3#1;assume { :begin_inline_setup } true; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,130 INFO L290 TraceCheckUtils]: 36: Hoare triple {3131#(= ~waterLevel~0 1)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet28#1, test_#t~nondet29#1, test_#t~nondet30#1, test_#t~nondet31#1, test_~splverifierCounter~0#1, test_~tmp~4#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~4#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,130 INFO L290 TraceCheckUtils]: 37: Hoare triple {3131#(= ~waterLevel~0 1)} assume !false; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,131 INFO L290 TraceCheckUtils]: 38: Hoare triple {3131#(= ~waterLevel~0 1)} assume test_~splverifierCounter~0#1 < 4; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,131 INFO L290 TraceCheckUtils]: 39: Hoare triple {3131#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet28#1 && test_#t~nondet28#1 <= 2147483647;test_~tmp~4#1 := test_#t~nondet28#1;havoc test_#t~nondet28#1; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,131 INFO L290 TraceCheckUtils]: 40: Hoare triple {3131#(= ~waterLevel~0 1)} assume !(0 != test_~tmp~4#1); {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,132 INFO L290 TraceCheckUtils]: 41: Hoare triple {3131#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet29#1 && test_#t~nondet29#1 <= 2147483647;test_~tmp___0~0#1 := test_#t~nondet29#1;havoc test_#t~nondet29#1; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,132 INFO L290 TraceCheckUtils]: 42: Hoare triple {3131#(= ~waterLevel~0 1)} assume !(0 != test_~tmp___0~0#1); {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,133 INFO L290 TraceCheckUtils]: 43: Hoare triple {3131#(= ~waterLevel~0 1)} assume -2147483648 <= test_#t~nondet30#1 && test_#t~nondet30#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet30#1;havoc test_#t~nondet30#1; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,133 INFO L290 TraceCheckUtils]: 44: Hoare triple {3131#(= ~waterLevel~0 1)} assume !(0 != test_~tmp___2~0#1);assume -2147483648 <= test_#t~nondet31#1 && test_#t~nondet31#1 <= 2147483647;test_~tmp___1~0#1 := test_#t~nondet31#1;havoc test_#t~nondet31#1; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,133 INFO L290 TraceCheckUtils]: 45: Hoare triple {3131#(= ~waterLevel~0 1)} assume 0 != test_~tmp___1~0#1; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,134 INFO L290 TraceCheckUtils]: 46: Hoare triple {3131#(= ~waterLevel~0 1)} assume 0 != ~__SELECTED_FEATURE_stopCommand~0;assume { :begin_inline_stopSystem } true; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,134 INFO L290 TraceCheckUtils]: 47: Hoare triple {3131#(= ~waterLevel~0 1)} assume !(0 != ~pumpRunning~0); {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,134 INFO L290 TraceCheckUtils]: 48: Hoare triple {3131#(= ~waterLevel~0 1)} ~systemActive~0 := 0; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,135 INFO L290 TraceCheckUtils]: 49: Hoare triple {3131#(= ~waterLevel~0 1)} assume { :end_inline_stopSystem } true; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,135 INFO L272 TraceCheckUtils]: 50: Hoare triple {3131#(= ~waterLevel~0 1)} call timeShift(); {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,136 INFO L290 TraceCheckUtils]: 51: Hoare triple {3131#(= ~waterLevel~0 1)} assume !(0 != ~pumpRunning~0); {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,136 INFO L290 TraceCheckUtils]: 52: Hoare triple {3131#(= ~waterLevel~0 1)} assume !(0 != ~systemActive~0); {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,136 INFO L290 TraceCheckUtils]: 53: Hoare triple {3131#(= ~waterLevel~0 1)} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret54#1, __utac_acc__Specification3_spec__1_#t~ret55#1, __utac_acc__Specification3_spec__1_#t~ret56#1, __utac_acc__Specification3_spec__1_~tmp~11#1, __utac_acc__Specification3_spec__1_~tmp___0~3#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~11#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,136 INFO L272 TraceCheckUtils]: 54: Hoare triple {3131#(= ~waterLevel~0 1)} call __utac_acc__Specification3_spec__1_#t~ret54#1 := isMethaneLevelCritical(); {3129#true} is VALID [2022-02-20 18:09:58,136 INFO L290 TraceCheckUtils]: 55: Hoare triple {3129#true} havoc ~retValue_acc~10;~retValue_acc~10 := ~methaneLevelCritical~0;#res := ~retValue_acc~10; {3129#true} is VALID [2022-02-20 18:09:58,136 INFO L290 TraceCheckUtils]: 56: Hoare triple {3129#true} assume true; {3129#true} is VALID [2022-02-20 18:09:58,137 INFO L284 TraceCheckUtils]: 57: Hoare quadruple {3129#true} {3131#(= ~waterLevel~0 1)} #356#return; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,137 INFO L290 TraceCheckUtils]: 58: Hoare triple {3131#(= ~waterLevel~0 1)} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret54#1 && __utac_acc__Specification3_spec__1_#t~ret54#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~11#1 := __utac_acc__Specification3_spec__1_#t~ret54#1;havoc __utac_acc__Specification3_spec__1_#t~ret54#1; {3131#(= ~waterLevel~0 1)} is VALID [2022-02-20 18:09:58,137 INFO L290 TraceCheckUtils]: 59: Hoare triple {3131#(= ~waterLevel~0 1)} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~11#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~11#1;havoc getWaterLevel_~retValue_acc~11#1;getWaterLevel_~retValue_acc~11#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~11#1; {3153#(= |timeShift_getWaterLevel_#res#1| 1)} is VALID [2022-02-20 18:09:58,138 INFO L290 TraceCheckUtils]: 60: Hoare triple {3153#(= |timeShift_getWaterLevel_#res#1| 1)} __utac_acc__Specification3_spec__1_#t~ret55#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret55#1 && __utac_acc__Specification3_spec__1_#t~ret55#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~3#1 := __utac_acc__Specification3_spec__1_#t~ret55#1;havoc __utac_acc__Specification3_spec__1_#t~ret55#1; {3154#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~3#1| 1)} is VALID [2022-02-20 18:09:58,138 INFO L290 TraceCheckUtils]: 61: Hoare triple {3154#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~3#1| 1)} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~3#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~5#1;havoc isPumpRunning_~retValue_acc~5#1;isPumpRunning_~retValue_acc~5#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~5#1; {3130#false} is VALID [2022-02-20 18:09:58,138 INFO L290 TraceCheckUtils]: 62: Hoare triple {3130#false} __utac_acc__Specification3_spec__1_#t~ret56#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret56#1 && __utac_acc__Specification3_spec__1_#t~ret56#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret56#1;havoc __utac_acc__Specification3_spec__1_#t~ret56#1; {3130#false} is VALID [2022-02-20 18:09:58,138 INFO L290 TraceCheckUtils]: 63: Hoare triple {3130#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {3130#false} is VALID [2022-02-20 18:09:58,138 INFO L290 TraceCheckUtils]: 64: Hoare triple {3130#false} assume !false; {3130#false} is VALID [2022-02-20 18:09:58,139 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2022-02-20 18:09:58,139 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:58,139 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [526785785] [2022-02-20 18:09:58,139 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [526785785] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:58,140 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:58,140 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 18:09:58,140 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2063495058] [2022-02-20 18:09:58,140 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:58,141 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 1 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 1 states have call predecessors, (7), 1 states have call successors, (7) Word has length 65 [2022-02-20 18:09:58,141 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:58,141 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 1 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 1 states have call predecessors, (7), 1 states have call successors, (7) [2022-02-20 18:09:58,193 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 55 edges. 55 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:58,193 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 18:09:58,193 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:58,195 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 18:09:58,195 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 18:09:58,195 INFO L87 Difference]: Start difference. First operand 227 states and 310 transitions. Second operand has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 1 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 1 states have call predecessors, (7), 1 states have call successors, (7) [2022-02-20 18:09:58,626 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:58,627 INFO L93 Difference]: Finished difference Result 631 states and 889 transitions. [2022-02-20 18:09:58,627 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 18:09:58,627 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 1 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 1 states have call predecessors, (7), 1 states have call successors, (7) Word has length 65 [2022-02-20 18:09:58,628 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:58,628 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 1 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 1 states have call predecessors, (7), 1 states have call successors, (7) [2022-02-20 18:09:58,635 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 465 transitions. [2022-02-20 18:09:58,636 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 1 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 1 states have call predecessors, (7), 1 states have call successors, (7) [2022-02-20 18:09:58,643 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 465 transitions. [2022-02-20 18:09:58,643 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 465 transitions. [2022-02-20 18:09:58,994 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 465 edges. 465 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:59,013 INFO L225 Difference]: With dead ends: 631 [2022-02-20 18:09:59,013 INFO L226 Difference]: Without dead ends: 426 [2022-02-20 18:09:59,014 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 21 GetRequests, 16 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-02-20 18:09:59,015 INFO L933 BasicCegarLoop]: 188 mSDtfsCounter, 127 mSDsluCounter, 509 mSDsCounter, 0 mSdLazyCounter, 30 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 127 SdHoareTripleChecker+Valid, 697 SdHoareTripleChecker+Invalid, 33 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 30 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:59,016 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [127 Valid, 697 Invalid, 33 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 30 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:59,017 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 426 states. [2022-02-20 18:09:59,040 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 426 to 420. [2022-02-20 18:09:59,040 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:09:59,042 INFO L82 GeneralOperation]: Start isEquivalent. First operand 426 states. Second operand has 420 states, 290 states have (on average 1.3586206896551725) internal successors, (394), 345 states have internal predecessors, (394), 90 states have call successors, (90), 41 states have call predecessors, (90), 39 states have return successors, (92), 66 states have call predecessors, (92), 90 states have call successors, (92) [2022-02-20 18:09:59,043 INFO L74 IsIncluded]: Start isIncluded. First operand 426 states. Second operand has 420 states, 290 states have (on average 1.3586206896551725) internal successors, (394), 345 states have internal predecessors, (394), 90 states have call successors, (90), 41 states have call predecessors, (90), 39 states have return successors, (92), 66 states have call predecessors, (92), 90 states have call successors, (92) [2022-02-20 18:09:59,044 INFO L87 Difference]: Start difference. First operand 426 states. Second operand has 420 states, 290 states have (on average 1.3586206896551725) internal successors, (394), 345 states have internal predecessors, (394), 90 states have call successors, (90), 41 states have call predecessors, (90), 39 states have return successors, (92), 66 states have call predecessors, (92), 90 states have call successors, (92) [2022-02-20 18:09:59,063 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:59,063 INFO L93 Difference]: Finished difference Result 426 states and 582 transitions. [2022-02-20 18:09:59,064 INFO L276 IsEmpty]: Start isEmpty. Operand 426 states and 582 transitions. [2022-02-20 18:09:59,074 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:59,074 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:59,075 INFO L74 IsIncluded]: Start isIncluded. First operand has 420 states, 290 states have (on average 1.3586206896551725) internal successors, (394), 345 states have internal predecessors, (394), 90 states have call successors, (90), 41 states have call predecessors, (90), 39 states have return successors, (92), 66 states have call predecessors, (92), 90 states have call successors, (92) Second operand 426 states. [2022-02-20 18:09:59,077 INFO L87 Difference]: Start difference. First operand has 420 states, 290 states have (on average 1.3586206896551725) internal successors, (394), 345 states have internal predecessors, (394), 90 states have call successors, (90), 41 states have call predecessors, (90), 39 states have return successors, (92), 66 states have call predecessors, (92), 90 states have call successors, (92) Second operand 426 states. [2022-02-20 18:09:59,097 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:59,097 INFO L93 Difference]: Finished difference Result 426 states and 582 transitions. [2022-02-20 18:09:59,097 INFO L276 IsEmpty]: Start isEmpty. Operand 426 states and 582 transitions. [2022-02-20 18:09:59,099 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:09:59,099 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:09:59,100 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:09:59,100 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:09:59,101 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 420 states, 290 states have (on average 1.3586206896551725) internal successors, (394), 345 states have internal predecessors, (394), 90 states have call successors, (90), 41 states have call predecessors, (90), 39 states have return successors, (92), 66 states have call predecessors, (92), 90 states have call successors, (92) [2022-02-20 18:09:59,122 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 420 states to 420 states and 576 transitions. [2022-02-20 18:09:59,122 INFO L78 Accepts]: Start accepts. Automaton has 420 states and 576 transitions. Word has length 65 [2022-02-20 18:09:59,123 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:09:59,123 INFO L470 AbstractCegarLoop]: Abstraction has 420 states and 576 transitions. [2022-02-20 18:09:59,123 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 1 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 1 states have call predecessors, (7), 1 states have call successors, (7) [2022-02-20 18:09:59,123 INFO L276 IsEmpty]: Start isEmpty. Operand 420 states and 576 transitions. [2022-02-20 18:09:59,125 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 68 [2022-02-20 18:09:59,125 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:09:59,126 INFO L514 BasicCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:09:59,126 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-02-20 18:09:59,126 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:09:59,127 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:09:59,127 INFO L85 PathProgramCache]: Analyzing trace with hash 1723303743, now seen corresponding path program 1 times [2022-02-20 18:09:59,127 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:09:59,127 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [452598993] [2022-02-20 18:09:59,127 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:09:59,127 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:09:59,176 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:59,213 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2022-02-20 18:09:59,216 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:59,220 INFO L290 TraceCheckUtils]: 0: Hoare triple {5550#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {5550#true} is VALID [2022-02-20 18:09:59,220 INFO L290 TraceCheckUtils]: 1: Hoare triple {5550#true} assume true; {5550#true} is VALID [2022-02-20 18:09:59,221 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {5550#true} {5552#(= ~pumpRunning~0 0)} #362#return; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,221 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-02-20 18:09:59,224 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:59,228 INFO L290 TraceCheckUtils]: 0: Hoare triple {5550#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {5550#true} is VALID [2022-02-20 18:09:59,228 INFO L290 TraceCheckUtils]: 1: Hoare triple {5550#true} assume true; {5550#true} is VALID [2022-02-20 18:09:59,229 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {5550#true} {5552#(= ~pumpRunning~0 0)} #364#return; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,229 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-02-20 18:09:59,231 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:59,234 INFO L290 TraceCheckUtils]: 0: Hoare triple {5550#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {5550#true} is VALID [2022-02-20 18:09:59,234 INFO L290 TraceCheckUtils]: 1: Hoare triple {5550#true} assume true; {5550#true} is VALID [2022-02-20 18:09:59,235 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {5550#true} {5552#(= ~pumpRunning~0 0)} #366#return; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,235 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-02-20 18:09:59,237 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:59,240 INFO L290 TraceCheckUtils]: 0: Hoare triple {5550#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {5550#true} is VALID [2022-02-20 18:09:59,240 INFO L290 TraceCheckUtils]: 1: Hoare triple {5550#true} assume true; {5550#true} is VALID [2022-02-20 18:09:59,241 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {5550#true} {5552#(= ~pumpRunning~0 0)} #368#return; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,241 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-02-20 18:09:59,243 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:59,248 INFO L290 TraceCheckUtils]: 0: Hoare triple {5550#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {5550#true} is VALID [2022-02-20 18:09:59,248 INFO L290 TraceCheckUtils]: 1: Hoare triple {5550#true} assume true; {5550#true} is VALID [2022-02-20 18:09:59,249 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {5550#true} {5552#(= ~pumpRunning~0 0)} #370#return; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,249 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-02-20 18:09:59,252 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:59,257 INFO L290 TraceCheckUtils]: 0: Hoare triple {5550#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {5550#true} is VALID [2022-02-20 18:09:59,257 INFO L290 TraceCheckUtils]: 1: Hoare triple {5550#true} assume true; {5550#true} is VALID [2022-02-20 18:09:59,258 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {5550#true} {5552#(= ~pumpRunning~0 0)} #372#return; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,258 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 56 [2022-02-20 18:09:59,259 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:09:59,261 INFO L290 TraceCheckUtils]: 0: Hoare triple {5550#true} havoc ~retValue_acc~10;~retValue_acc~10 := ~methaneLevelCritical~0;#res := ~retValue_acc~10; {5550#true} is VALID [2022-02-20 18:09:59,262 INFO L290 TraceCheckUtils]: 1: Hoare triple {5550#true} assume true; {5550#true} is VALID [2022-02-20 18:09:59,262 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {5550#true} {5551#false} #356#return; {5551#false} is VALID [2022-02-20 18:09:59,262 INFO L290 TraceCheckUtils]: 0: Hoare triple {5550#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(38, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(30, 4);call #Ultimate.allocInit(9, 5);call #Ultimate.allocInit(21, 6);call #Ultimate.allocInit(30, 7);call #Ultimate.allocInit(9, 8);call #Ultimate.allocInit(21, 9);call #Ultimate.allocInit(30, 10);call #Ultimate.allocInit(9, 11);call #Ultimate.allocInit(25, 12);call #Ultimate.allocInit(30, 13);call #Ultimate.allocInit(9, 14);call #Ultimate.allocInit(25, 15);call #Ultimate.allocInit(13, 16);call #Ultimate.allocInit(3, 17);call write~init~int(79, 17, 0, 1);call write~init~int(110, 17, 1, 1);call write~init~int(0, 17, 2, 1);call #Ultimate.allocInit(4, 18);call write~init~int(79, 18, 0, 1);call write~init~int(102, 18, 1, 1);call write~init~int(102, 18, 2, 1);call write~init~int(0, 18, 3, 1);call #Ultimate.allocInit(7, 19);call write~init~int(44, 19, 0, 1);call write~init~int(80, 19, 1, 1);call write~init~int(117, 19, 2, 1);call write~init~int(109, 19, 3, 1);call write~init~int(112, 19, 4, 1);call write~init~int(58, 19, 5, 1);call write~init~int(0, 19, 6, 1);call #Ultimate.allocInit(3, 20);call write~init~int(79, 20, 0, 1);call write~init~int(110, 20, 1, 1);call write~init~int(0, 20, 2, 1);call #Ultimate.allocInit(4, 21);call write~init~int(79, 21, 0, 1);call write~init~int(102, 21, 1, 1);call write~init~int(102, 21, 2, 1);call write~init~int(0, 21, 3, 1);call #Ultimate.allocInit(3, 22);call write~init~int(41, 22, 0, 1);call write~init~int(32, 22, 1, 1);call write~init~int(0, 22, 2, 1);call #Ultimate.allocInit(2, 23);call write~init~int(10, 23, 0, 1);call write~init~int(0, 23, 1, 1);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~head~0.base, ~head~0.offset := 0, 0;~cleanupTimeShifts~0 := 4;~__SELECTED_FEATURE_base~0 := 0;~__SELECTED_FEATURE_highWaterSensor~0 := 0;~__SELECTED_FEATURE_lowWaterSensor~0 := 0;~__SELECTED_FEATURE_methaneQuery~0 := 0;~__SELECTED_FEATURE_methaneAlarm~0 := 0;~__SELECTED_FEATURE_stopCommand~0 := 0;~__SELECTED_FEATURE_startCommand~0 := 0;~__GUIDSL_ROOT_PRODUCTION~0 := 0;~pumpRunning~0 := 0;~systemActive~0 := 1;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,263 INFO L290 TraceCheckUtils]: 1: Hoare triple {5552#(= ~pumpRunning~0 0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret27#1, main_~retValue_acc~3#1, main_~tmp~3#1;havoc main_~retValue_acc~3#1;havoc main_~tmp~3#1;assume { :begin_inline_select_helpers } true;~__GUIDSL_ROOT_PRODUCTION~0 := 1; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,263 INFO L290 TraceCheckUtils]: 2: Hoare triple {5552#(= ~pumpRunning~0 0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true;havoc select_features_#t~ret48#1, select_features_#t~ret49#1, select_features_#t~ret50#1, select_features_#t~ret51#1, select_features_#t~ret52#1, select_features_#t~ret53#1;~__SELECTED_FEATURE_base~0 := 1; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,263 INFO L272 TraceCheckUtils]: 3: Hoare triple {5552#(= ~pumpRunning~0 0)} call select_features_#t~ret48#1 := select_one(); {5550#true} is VALID [2022-02-20 18:09:59,263 INFO L290 TraceCheckUtils]: 4: Hoare triple {5550#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {5550#true} is VALID [2022-02-20 18:09:59,263 INFO L290 TraceCheckUtils]: 5: Hoare triple {5550#true} assume true; {5550#true} is VALID [2022-02-20 18:09:59,264 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {5550#true} {5552#(= ~pumpRunning~0 0)} #362#return; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,264 INFO L290 TraceCheckUtils]: 7: Hoare triple {5552#(= ~pumpRunning~0 0)} assume -2147483648 <= select_features_#t~ret48#1 && select_features_#t~ret48#1 <= 2147483647;~__SELECTED_FEATURE_highWaterSensor~0 := select_features_#t~ret48#1;havoc select_features_#t~ret48#1; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,264 INFO L272 TraceCheckUtils]: 8: Hoare triple {5552#(= ~pumpRunning~0 0)} call select_features_#t~ret49#1 := select_one(); {5550#true} is VALID [2022-02-20 18:09:59,265 INFO L290 TraceCheckUtils]: 9: Hoare triple {5550#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {5550#true} is VALID [2022-02-20 18:09:59,265 INFO L290 TraceCheckUtils]: 10: Hoare triple {5550#true} assume true; {5550#true} is VALID [2022-02-20 18:09:59,265 INFO L284 TraceCheckUtils]: 11: Hoare quadruple {5550#true} {5552#(= ~pumpRunning~0 0)} #364#return; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,266 INFO L290 TraceCheckUtils]: 12: Hoare triple {5552#(= ~pumpRunning~0 0)} assume -2147483648 <= select_features_#t~ret49#1 && select_features_#t~ret49#1 <= 2147483647;~__SELECTED_FEATURE_lowWaterSensor~0 := select_features_#t~ret49#1;havoc select_features_#t~ret49#1; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,266 INFO L272 TraceCheckUtils]: 13: Hoare triple {5552#(= ~pumpRunning~0 0)} call select_features_#t~ret50#1 := select_one(); {5550#true} is VALID [2022-02-20 18:09:59,266 INFO L290 TraceCheckUtils]: 14: Hoare triple {5550#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {5550#true} is VALID [2022-02-20 18:09:59,266 INFO L290 TraceCheckUtils]: 15: Hoare triple {5550#true} assume true; {5550#true} is VALID [2022-02-20 18:09:59,267 INFO L284 TraceCheckUtils]: 16: Hoare quadruple {5550#true} {5552#(= ~pumpRunning~0 0)} #366#return; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,268 INFO L290 TraceCheckUtils]: 17: Hoare triple {5552#(= ~pumpRunning~0 0)} assume -2147483648 <= select_features_#t~ret50#1 && select_features_#t~ret50#1 <= 2147483647;~__SELECTED_FEATURE_methaneQuery~0 := select_features_#t~ret50#1;havoc select_features_#t~ret50#1; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,268 INFO L272 TraceCheckUtils]: 18: Hoare triple {5552#(= ~pumpRunning~0 0)} call select_features_#t~ret51#1 := select_one(); {5550#true} is VALID [2022-02-20 18:09:59,269 INFO L290 TraceCheckUtils]: 19: Hoare triple {5550#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {5550#true} is VALID [2022-02-20 18:09:59,269 INFO L290 TraceCheckUtils]: 20: Hoare triple {5550#true} assume true; {5550#true} is VALID [2022-02-20 18:09:59,269 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {5550#true} {5552#(= ~pumpRunning~0 0)} #368#return; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,270 INFO L290 TraceCheckUtils]: 22: Hoare triple {5552#(= ~pumpRunning~0 0)} assume -2147483648 <= select_features_#t~ret51#1 && select_features_#t~ret51#1 <= 2147483647;~__SELECTED_FEATURE_methaneAlarm~0 := select_features_#t~ret51#1;havoc select_features_#t~ret51#1; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,270 INFO L272 TraceCheckUtils]: 23: Hoare triple {5552#(= ~pumpRunning~0 0)} call select_features_#t~ret52#1 := select_one(); {5550#true} is VALID [2022-02-20 18:09:59,270 INFO L290 TraceCheckUtils]: 24: Hoare triple {5550#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {5550#true} is VALID [2022-02-20 18:09:59,271 INFO L290 TraceCheckUtils]: 25: Hoare triple {5550#true} assume true; {5550#true} is VALID [2022-02-20 18:09:59,272 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {5550#true} {5552#(= ~pumpRunning~0 0)} #370#return; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,273 INFO L290 TraceCheckUtils]: 27: Hoare triple {5552#(= ~pumpRunning~0 0)} assume -2147483648 <= select_features_#t~ret52#1 && select_features_#t~ret52#1 <= 2147483647;~__SELECTED_FEATURE_stopCommand~0 := select_features_#t~ret52#1;havoc select_features_#t~ret52#1; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,275 INFO L272 TraceCheckUtils]: 28: Hoare triple {5552#(= ~pumpRunning~0 0)} call select_features_#t~ret53#1 := select_one(); {5550#true} is VALID [2022-02-20 18:09:59,275 INFO L290 TraceCheckUtils]: 29: Hoare triple {5550#true} havoc ~retValue_acc~8;assume -2147483648 <= #t~nondet47 && #t~nondet47 <= 2147483647;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {5550#true} is VALID [2022-02-20 18:09:59,276 INFO L290 TraceCheckUtils]: 30: Hoare triple {5550#true} assume true; {5550#true} is VALID [2022-02-20 18:09:59,276 INFO L284 TraceCheckUtils]: 31: Hoare quadruple {5550#true} {5552#(= ~pumpRunning~0 0)} #372#return; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,277 INFO L290 TraceCheckUtils]: 32: Hoare triple {5552#(= ~pumpRunning~0 0)} assume -2147483648 <= select_features_#t~ret53#1 && select_features_#t~ret53#1 <= 2147483647;~__SELECTED_FEATURE_startCommand~0 := select_features_#t~ret53#1;havoc select_features_#t~ret53#1; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,277 INFO L290 TraceCheckUtils]: 33: Hoare triple {5552#(= ~pumpRunning~0 0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~9#1;havoc valid_product_~retValue_acc~9#1;valid_product_~retValue_acc~9#1 := ~__SELECTED_FEATURE_base~0;valid_product_#res#1 := valid_product_~retValue_acc~9#1; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,278 INFO L290 TraceCheckUtils]: 34: Hoare triple {5552#(= ~pumpRunning~0 0)} main_#t~ret27#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret27#1 && main_#t~ret27#1 <= 2147483647;main_~tmp~3#1 := main_#t~ret27#1;havoc main_#t~ret27#1; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,278 INFO L290 TraceCheckUtils]: 35: Hoare triple {5552#(= ~pumpRunning~0 0)} assume 0 != main_~tmp~3#1;assume { :begin_inline_setup } true; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,279 INFO L290 TraceCheckUtils]: 36: Hoare triple {5552#(= ~pumpRunning~0 0)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet28#1, test_#t~nondet29#1, test_#t~nondet30#1, test_#t~nondet31#1, test_~splverifierCounter~0#1, test_~tmp~4#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~4#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,279 INFO L290 TraceCheckUtils]: 37: Hoare triple {5552#(= ~pumpRunning~0 0)} assume !false; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,279 INFO L290 TraceCheckUtils]: 38: Hoare triple {5552#(= ~pumpRunning~0 0)} assume test_~splverifierCounter~0#1 < 4; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,280 INFO L290 TraceCheckUtils]: 39: Hoare triple {5552#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet28#1 && test_#t~nondet28#1 <= 2147483647;test_~tmp~4#1 := test_#t~nondet28#1;havoc test_#t~nondet28#1; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,280 INFO L290 TraceCheckUtils]: 40: Hoare triple {5552#(= ~pumpRunning~0 0)} assume !(0 != test_~tmp~4#1); {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,280 INFO L290 TraceCheckUtils]: 41: Hoare triple {5552#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet29#1 && test_#t~nondet29#1 <= 2147483647;test_~tmp___0~0#1 := test_#t~nondet29#1;havoc test_#t~nondet29#1; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,281 INFO L290 TraceCheckUtils]: 42: Hoare triple {5552#(= ~pumpRunning~0 0)} assume !(0 != test_~tmp___0~0#1); {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,281 INFO L290 TraceCheckUtils]: 43: Hoare triple {5552#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet30#1 && test_#t~nondet30#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet30#1;havoc test_#t~nondet30#1; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,282 INFO L290 TraceCheckUtils]: 44: Hoare triple {5552#(= ~pumpRunning~0 0)} assume !(0 != test_~tmp___2~0#1);assume -2147483648 <= test_#t~nondet31#1 && test_#t~nondet31#1 <= 2147483647;test_~tmp___1~0#1 := test_#t~nondet31#1;havoc test_#t~nondet31#1; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,282 INFO L290 TraceCheckUtils]: 45: Hoare triple {5552#(= ~pumpRunning~0 0)} assume 0 != test_~tmp___1~0#1; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,282 INFO L290 TraceCheckUtils]: 46: Hoare triple {5552#(= ~pumpRunning~0 0)} assume 0 != ~__SELECTED_FEATURE_stopCommand~0;assume { :begin_inline_stopSystem } true; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,283 INFO L290 TraceCheckUtils]: 47: Hoare triple {5552#(= ~pumpRunning~0 0)} assume !(0 != ~pumpRunning~0); {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,283 INFO L290 TraceCheckUtils]: 48: Hoare triple {5552#(= ~pumpRunning~0 0)} ~systemActive~0 := 0; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,283 INFO L290 TraceCheckUtils]: 49: Hoare triple {5552#(= ~pumpRunning~0 0)} assume { :end_inline_stopSystem } true; {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,284 INFO L272 TraceCheckUtils]: 50: Hoare triple {5552#(= ~pumpRunning~0 0)} call timeShift(); {5552#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:09:59,284 INFO L290 TraceCheckUtils]: 51: Hoare triple {5552#(= ~pumpRunning~0 0)} assume 0 != ~pumpRunning~0;assume { :begin_inline_lowerWaterLevel } true; {5551#false} is VALID [2022-02-20 18:09:59,284 INFO L290 TraceCheckUtils]: 52: Hoare triple {5551#false} assume ~waterLevel~0 > 0;~waterLevel~0 := ~waterLevel~0 - 1; {5551#false} is VALID [2022-02-20 18:09:59,285 INFO L290 TraceCheckUtils]: 53: Hoare triple {5551#false} assume { :end_inline_lowerWaterLevel } true; {5551#false} is VALID [2022-02-20 18:09:59,285 INFO L290 TraceCheckUtils]: 54: Hoare triple {5551#false} assume !(0 != ~systemActive~0); {5551#false} is VALID [2022-02-20 18:09:59,285 INFO L290 TraceCheckUtils]: 55: Hoare triple {5551#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret54#1, __utac_acc__Specification3_spec__1_#t~ret55#1, __utac_acc__Specification3_spec__1_#t~ret56#1, __utac_acc__Specification3_spec__1_~tmp~11#1, __utac_acc__Specification3_spec__1_~tmp___0~3#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~11#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {5551#false} is VALID [2022-02-20 18:09:59,285 INFO L272 TraceCheckUtils]: 56: Hoare triple {5551#false} call __utac_acc__Specification3_spec__1_#t~ret54#1 := isMethaneLevelCritical(); {5550#true} is VALID [2022-02-20 18:09:59,285 INFO L290 TraceCheckUtils]: 57: Hoare triple {5550#true} havoc ~retValue_acc~10;~retValue_acc~10 := ~methaneLevelCritical~0;#res := ~retValue_acc~10; {5550#true} is VALID [2022-02-20 18:09:59,285 INFO L290 TraceCheckUtils]: 58: Hoare triple {5550#true} assume true; {5550#true} is VALID [2022-02-20 18:09:59,285 INFO L284 TraceCheckUtils]: 59: Hoare quadruple {5550#true} {5551#false} #356#return; {5551#false} is VALID [2022-02-20 18:09:59,286 INFO L290 TraceCheckUtils]: 60: Hoare triple {5551#false} assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret54#1 && __utac_acc__Specification3_spec__1_#t~ret54#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp~11#1 := __utac_acc__Specification3_spec__1_#t~ret54#1;havoc __utac_acc__Specification3_spec__1_#t~ret54#1; {5551#false} is VALID [2022-02-20 18:09:59,286 INFO L290 TraceCheckUtils]: 61: Hoare triple {5551#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp~11#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~11#1;havoc getWaterLevel_~retValue_acc~11#1;getWaterLevel_~retValue_acc~11#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~11#1; {5551#false} is VALID [2022-02-20 18:09:59,286 INFO L290 TraceCheckUtils]: 62: Hoare triple {5551#false} __utac_acc__Specification3_spec__1_#t~ret55#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret55#1 && __utac_acc__Specification3_spec__1_#t~ret55#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___0~3#1 := __utac_acc__Specification3_spec__1_#t~ret55#1;havoc __utac_acc__Specification3_spec__1_#t~ret55#1; {5551#false} is VALID [2022-02-20 18:09:59,286 INFO L290 TraceCheckUtils]: 63: Hoare triple {5551#false} assume 2 == __utac_acc__Specification3_spec__1_~tmp___0~3#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~5#1;havoc isPumpRunning_~retValue_acc~5#1;isPumpRunning_~retValue_acc~5#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~5#1; {5551#false} is VALID [2022-02-20 18:09:59,286 INFO L290 TraceCheckUtils]: 64: Hoare triple {5551#false} __utac_acc__Specification3_spec__1_#t~ret56#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;assume -2147483648 <= __utac_acc__Specification3_spec__1_#t~ret56#1 && __utac_acc__Specification3_spec__1_#t~ret56#1 <= 2147483647;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret56#1;havoc __utac_acc__Specification3_spec__1_#t~ret56#1; {5551#false} is VALID [2022-02-20 18:09:59,286 INFO L290 TraceCheckUtils]: 65: Hoare triple {5551#false} assume !(0 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {5551#false} is VALID [2022-02-20 18:09:59,286 INFO L290 TraceCheckUtils]: 66: Hoare triple {5551#false} assume !false; {5551#false} is VALID [2022-02-20 18:09:59,287 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2022-02-20 18:09:59,287 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:09:59,287 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [452598993] [2022-02-20 18:09:59,287 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [452598993] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:09:59,287 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:09:59,287 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:09:59,287 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1358489083] [2022-02-20 18:09:59,287 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:09:59,288 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 14.0) internal successors, (42), 3 states have internal predecessors, (42), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 67 [2022-02-20 18:09:59,288 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:09:59,288 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 14.0) internal successors, (42), 3 states have internal predecessors, (42), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:09:59,335 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 57 edges. 57 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:59,336 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:09:59,336 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:09:59,336 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:09:59,336 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:59,337 INFO L87 Difference]: Start difference. First operand 420 states and 576 transitions. Second operand has 3 states, 3 states have (on average 14.0) internal successors, (42), 3 states have internal predecessors, (42), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:09:59,625 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:09:59,625 INFO L93 Difference]: Finished difference Result 1006 states and 1417 transitions. [2022-02-20 18:09:59,625 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:09:59,625 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 14.0) internal successors, (42), 3 states have internal predecessors, (42), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 67 [2022-02-20 18:09:59,626 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:09:59,626 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 14.0) internal successors, (42), 3 states have internal predecessors, (42), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:09:59,631 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 418 transitions. [2022-02-20 18:09:59,632 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 14.0) internal successors, (42), 3 states have internal predecessors, (42), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:09:59,637 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 418 transitions. [2022-02-20 18:09:59,637 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 418 transitions. [2022-02-20 18:09:59,956 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 418 edges. 418 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:09:59,985 INFO L225 Difference]: With dead ends: 1006 [2022-02-20 18:09:59,985 INFO L226 Difference]: Without dead ends: 608 [2022-02-20 18:09:59,987 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 16 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:09:59,988 INFO L933 BasicCegarLoop]: 182 mSDtfsCounter, 109 mSDsluCounter, 106 mSDsCounter, 0 mSdLazyCounter, 13 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 109 SdHoareTripleChecker+Valid, 288 SdHoareTripleChecker+Invalid, 23 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 13 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:09:59,988 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [109 Valid, 288 Invalid, 23 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 13 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:09:59,989 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 608 states. [2022-02-20 18:10:00,013 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 608 to 599. [2022-02-20 18:10:00,013 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:10:00,015 INFO L82 GeneralOperation]: Start isEquivalent. First operand 608 states. Second operand has 599 states, 433 states have (on average 1.3140877598152425) internal successors, (569), 481 states have internal predecessors, (569), 101 states have call successors, (101), 64 states have call predecessors, (101), 64 states have return successors, (137), 100 states have call predecessors, (137), 101 states have call successors, (137) [2022-02-20 18:10:00,016 INFO L74 IsIncluded]: Start isIncluded. First operand 608 states. Second operand has 599 states, 433 states have (on average 1.3140877598152425) internal successors, (569), 481 states have internal predecessors, (569), 101 states have call successors, (101), 64 states have call predecessors, (101), 64 states have return successors, (137), 100 states have call predecessors, (137), 101 states have call successors, (137) [2022-02-20 18:10:00,018 INFO L87 Difference]: Start difference. First operand 608 states. Second operand has 599 states, 433 states have (on average 1.3140877598152425) internal successors, (569), 481 states have internal predecessors, (569), 101 states have call successors, (101), 64 states have call predecessors, (101), 64 states have return successors, (137), 100 states have call predecessors, (137), 101 states have call successors, (137) [2022-02-20 18:10:00,043 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:10:00,043 INFO L93 Difference]: Finished difference Result 608 states and 816 transitions. [2022-02-20 18:10:00,043 INFO L276 IsEmpty]: Start isEmpty. Operand 608 states and 816 transitions. [2022-02-20 18:10:00,046 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:10:00,046 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:10:00,048 INFO L74 IsIncluded]: Start isIncluded. First operand has 599 states, 433 states have (on average 1.3140877598152425) internal successors, (569), 481 states have internal predecessors, (569), 101 states have call successors, (101), 64 states have call predecessors, (101), 64 states have return successors, (137), 100 states have call predecessors, (137), 101 states have call successors, (137) Second operand 608 states. [2022-02-20 18:10:00,049 INFO L87 Difference]: Start difference. First operand has 599 states, 433 states have (on average 1.3140877598152425) internal successors, (569), 481 states have internal predecessors, (569), 101 states have call successors, (101), 64 states have call predecessors, (101), 64 states have return successors, (137), 100 states have call predecessors, (137), 101 states have call successors, (137) Second operand 608 states. [2022-02-20 18:10:00,076 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:10:00,076 INFO L93 Difference]: Finished difference Result 608 states and 816 transitions. [2022-02-20 18:10:00,076 INFO L276 IsEmpty]: Start isEmpty. Operand 608 states and 816 transitions. [2022-02-20 18:10:00,078 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:10:00,079 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:10:00,079 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:10:00,079 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:10:00,081 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 599 states, 433 states have (on average 1.3140877598152425) internal successors, (569), 481 states have internal predecessors, (569), 101 states have call successors, (101), 64 states have call predecessors, (101), 64 states have return successors, (137), 100 states have call predecessors, (137), 101 states have call successors, (137) [2022-02-20 18:10:00,112 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 599 states to 599 states and 807 transitions. [2022-02-20 18:10:00,113 INFO L78 Accepts]: Start accepts. Automaton has 599 states and 807 transitions. Word has length 67 [2022-02-20 18:10:00,113 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:10:00,113 INFO L470 AbstractCegarLoop]: Abstraction has 599 states and 807 transitions. [2022-02-20 18:10:00,113 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 14.0) internal successors, (42), 3 states have internal predecessors, (42), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:10:00,114 INFO L276 IsEmpty]: Start isEmpty. Operand 599 states and 807 transitions. [2022-02-20 18:10:00,115 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 70 [2022-02-20 18:10:00,115 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:10:00,115 INFO L514 BasicCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:10:00,115 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-02-20 18:10:00,116 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:10:00,116 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:10:00,116 INFO L85 PathProgramCache]: Analyzing trace with hash 2143180500, now seen corresponding path program 1 times [2022-02-20 18:10:00,116 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:10:00,116 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [234527722] [2022-02-20 18:10:00,117 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:10:00,117 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:10:00,148 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:10:00,148 INFO L352 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2022-02-20 18:10:00,164 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:10:00,194 INFO L138 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2022-02-20 18:10:00,194 INFO L628 BasicCegarLoop]: Counterexample is feasible [2022-02-20 18:10:00,195 INFO L764 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-02-20 18:10:00,197 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-02-20 18:10:00,200 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1] [2022-02-20 18:10:00,202 INFO L180 ceAbstractionStarter]: Computing trace abstraction results [2022-02-20 18:10:00,238 FATAL L489 DefaultTranslator]: Callstack has procedure call flag but succeeding procedure is empty at [CALL] call #t~ret48 := select_one(); [2022-02-20 18:10:00,238 FATAL L? ?]: The Plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction has thrown an exception: java.lang.AssertionError: callstack broken after backtranslation by InlinerBacktranslator at de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:216) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:206) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getProgramExecutionAsString(CounterExampleResult.java:155) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getLongDescription(CounterExampleResult.java:134) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ResultService.reportResult(ResultService.java:86) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.CegarLoopResultReporter.reportResult(CegarLoopResultReporter.java:141) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.reportLocationResults(TraceAbstractionStarter.java:607) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.runCegarLoops(TraceAbstractionStarter.java:182) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.(TraceAbstractionStarter.java:156) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver.finish(TraceAbstractionObserver.java:123) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runObserver(PluginConnector.java:168) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runTool(PluginConnector.java:151) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.run(PluginConnector.java:128) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.executePluginConnector(ToolchainWalker.java:232) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.processPlugin(ToolchainWalker.java:226) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walkUnprotected(ToolchainWalker.java:142) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walk(ToolchainWalker.java:104) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainManager$Toolchain.processToolchain(ToolchainManager.java:320) at de.uni_freiburg.informatik.ultimate.core.coreplugin.toolchain.DefaultToolchainJob.run(DefaultToolchainJob.java:145) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:63) [2022-02-20 18:10:00,245 INFO L158 Benchmark]: Toolchain (without parser) took 6660.36ms. Allocated memory was 104.9MB in the beginning and 157.3MB in the end (delta: 52.4MB). Free memory was 63.3MB in the beginning and 51.6MB in the end (delta: 11.7MB). Peak memory consumption was 62.5MB. Max. memory is 16.1GB. [2022-02-20 18:10:00,245 INFO L158 Benchmark]: CDTParser took 0.24ms. Allocated memory is still 104.9MB. Free memory is still 80.8MB. There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:10:00,247 INFO L158 Benchmark]: CACSL2BoogieTranslator took 552.95ms. Allocated memory is still 104.9MB. Free memory was 63.1MB in the beginning and 65.0MB in the end (delta: -1.9MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-02-20 18:10:00,249 INFO L158 Benchmark]: Boogie Procedure Inliner took 68.28ms. Allocated memory is still 104.9MB. Free memory was 65.0MB in the beginning and 62.1MB in the end (delta: 2.9MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:10:00,250 INFO L158 Benchmark]: Boogie Preprocessor took 59.08ms. Allocated memory is still 104.9MB. Free memory was 62.1MB in the beginning and 60.0MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:10:00,250 INFO L158 Benchmark]: RCFGBuilder took 626.18ms. Allocated memory was 104.9MB in the beginning and 125.8MB in the end (delta: 21.0MB). Free memory was 60.0MB in the beginning and 96.9MB in the end (delta: -36.9MB). Peak memory consumption was 29.0MB. Max. memory is 16.1GB. [2022-02-20 18:10:00,250 INFO L158 Benchmark]: TraceAbstraction took 5346.02ms. Allocated memory was 125.8MB in the beginning and 157.3MB in the end (delta: 31.5MB). Free memory was 96.0MB in the beginning and 51.6MB in the end (delta: 44.4MB). Peak memory consumption was 75.4MB. Max. memory is 16.1GB. [2022-02-20 18:10:00,252 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.24ms. Allocated memory is still 104.9MB. Free memory is still 80.8MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 552.95ms. Allocated memory is still 104.9MB. Free memory was 63.1MB in the beginning and 65.0MB in the end (delta: -1.9MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 68.28ms. Allocated memory is still 104.9MB. Free memory was 65.0MB in the beginning and 62.1MB in the end (delta: 2.9MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 59.08ms. Allocated memory is still 104.9MB. Free memory was 62.1MB in the beginning and 60.0MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 626.18ms. Allocated memory was 104.9MB in the beginning and 125.8MB in the end (delta: 21.0MB). Free memory was 60.0MB in the beginning and 96.9MB in the end (delta: -36.9MB). Peak memory consumption was 29.0MB. Max. memory is 16.1GB. * TraceAbstraction took 5346.02ms. Allocated memory was 125.8MB in the beginning and 157.3MB in the end (delta: 31.5MB). Free memory was 96.0MB in the beginning and 51.6MB in the end (delta: 44.4MB). Peak memory consumption was 75.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: AssertionError: callstack broken after backtranslation by InlinerBacktranslator: de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) RESULT: Ultimate could not prove your program: Toolchain returned no result. [2022-02-20 18:10:00,292 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Using bit-precise analysis Retrying with bit-precise analysis ### Bit-precise run ### Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_productSimulator.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Bitvector.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 1a14cd82fb4a7a8631dbac962b884aa1ac25841cd2c28c7e6e05438cc00132d3 --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 18:10:02,265 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 18:10:02,267 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 18:10:02,297 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 18:10:02,297 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 18:10:02,300 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 18:10:02,301 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 18:10:02,307 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 18:10:02,310 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 18:10:02,316 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 18:10:02,317 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 18:10:02,318 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 18:10:02,319 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 18:10:02,333 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 18:10:02,335 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 18:10:02,336 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 18:10:02,337 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 18:10:02,338 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 18:10:02,341 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 18:10:02,344 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 18:10:02,347 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 18:10:02,348 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 18:10:02,349 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 18:10:02,351 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 18:10:02,356 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 18:10:02,357 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 18:10:02,357 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 18:10:02,359 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 18:10:02,360 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 18:10:02,360 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 18:10:02,361 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 18:10:02,361 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 18:10:02,363 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 18:10:02,365 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 18:10:02,366 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 18:10:02,367 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 18:10:02,367 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 18:10:02,368 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 18:10:02,368 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 18:10:02,369 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 18:10:02,370 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 18:10:02,371 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Bitvector.epf [2022-02-20 18:10:02,405 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 18:10:02,409 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 18:10:02,410 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 18:10:02,410 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 18:10:02,411 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 18:10:02,411 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 18:10:02,412 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 18:10:02,412 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 18:10:02,413 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 18:10:02,413 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 18:10:02,414 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 18:10:02,414 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 18:10:02,414 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 18:10:02,414 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-02-20 18:10:02,414 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 18:10:02,415 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-02-20 18:10:02,415 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-02-20 18:10:02,415 INFO L138 SettingsManager]: * Use bitvectors instead of ints=true [2022-02-20 18:10:02,415 INFO L138 SettingsManager]: * Memory model=HoenickeLindenmann_4ByteResolution [2022-02-20 18:10:02,415 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 18:10:02,416 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-02-20 18:10:02,416 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 18:10:02,416 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-02-20 18:10:02,416 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 18:10:02,416 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 18:10:02,417 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 18:10:02,417 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:10:02,417 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 18:10:02,417 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 18:10:02,418 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-02-20 18:10:02,418 INFO L138 SettingsManager]: * Trace refinement strategy=WOLF [2022-02-20 18:10:02,418 INFO L138 SettingsManager]: * Command for external solver=cvc4 --incremental --print-success --lang smt [2022-02-20 18:10:02,418 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2022-02-20 18:10:02,419 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-02-20 18:10:02,419 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-02-20 18:10:02,419 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2022-02-20 18:10:02,419 INFO L138 SettingsManager]: * Logic for external solver=AUFBV WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 1a14cd82fb4a7a8631dbac962b884aa1ac25841cd2c28c7e6e05438cc00132d3 [2022-02-20 18:10:02,708 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 18:10:02,724 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 18:10:02,727 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 18:10:02,728 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 18:10:02,731 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 18:10:02,733 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_productSimulator.cil.c [2022-02-20 18:10:02,795 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/50a1fb3b6/a6c6fb6225e4423683d5d2e2925a359a/FLAGc44980f08 [2022-02-20 18:10:03,309 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 18:10:03,312 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_productSimulator.cil.c [2022-02-20 18:10:03,327 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/50a1fb3b6/a6c6fb6225e4423683d5d2e2925a359a/FLAGc44980f08 [2022-02-20 18:10:03,631 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/50a1fb3b6/a6c6fb6225e4423683d5d2e2925a359a [2022-02-20 18:10:03,633 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 18:10:03,635 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 18:10:03,636 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 18:10:03,637 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 18:10:03,640 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 18:10:03,641 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:10:03" (1/1) ... [2022-02-20 18:10:03,643 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@3b14152e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:10:03, skipping insertion in model container [2022-02-20 18:10:03,643 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:10:03" (1/1) ... [2022-02-20 18:10:03,650 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 18:10:03,696 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:10:03,989 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_productSimulator.cil.c[20029,20042] [2022-02-20 18:10:04,000 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:10:04,016 INFO L200 MainTranslator]: Restarting translation with changed settings: SettingsChange [mNewPreferredMemoryModel=HoenickeLindenmann_1ByteResolution] [2022-02-20 18:10:04,027 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:10:04,103 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_productSimulator.cil.c[20029,20042] [2022-02-20 18:10:04,110 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:10:04,126 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 18:10:04,220 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_productSimulator.cil.c[20029,20042] [2022-02-20 18:10:04,239 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:10:04,259 INFO L208 MainTranslator]: Completed translation [2022-02-20 18:10:04,259 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:10:04 WrapperNode [2022-02-20 18:10:04,260 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 18:10:04,261 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 18:10:04,261 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 18:10:04,261 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 18:10:04,267 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:10:04" (1/1) ... [2022-02-20 18:10:04,296 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:10:04" (1/1) ... [2022-02-20 18:10:04,336 INFO L137 Inliner]: procedures = 65, calls = 178, calls flagged for inlining = 28, calls inlined = 25, statements flattened = 322 [2022-02-20 18:10:04,336 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 18:10:04,337 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 18:10:04,337 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 18:10:04,337 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 18:10:04,344 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:10:04" (1/1) ... [2022-02-20 18:10:04,345 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:10:04" (1/1) ... [2022-02-20 18:10:04,348 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:10:04" (1/1) ... [2022-02-20 18:10:04,348 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:10:04" (1/1) ... [2022-02-20 18:10:04,355 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:10:04" (1/1) ... [2022-02-20 18:10:04,360 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:10:04" (1/1) ... [2022-02-20 18:10:04,362 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:10:04" (1/1) ... [2022-02-20 18:10:04,365 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 18:10:04,366 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 18:10:04,366 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 18:10:04,366 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 18:10:04,367 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:10:04" (1/1) ... [2022-02-20 18:10:04,380 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:10:04,390 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 18:10:04,401 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 18:10:04,413 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 18:10:04,439 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 18:10:04,440 INFO L130 BoogieDeclarations]: Found specification of procedure activatePump__before__methaneQuery [2022-02-20 18:10:04,440 INFO L138 BoogieDeclarations]: Found implementation of procedure activatePump__before__methaneQuery [2022-02-20 18:10:04,440 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-02-20 18:10:04,441 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-02-20 18:10:04,441 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-02-20 18:10:04,441 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-02-20 18:10:04,441 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-02-20 18:10:04,441 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-02-20 18:10:04,441 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__highWaterSensor [2022-02-20 18:10:04,441 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__highWaterSensor [2022-02-20 18:10:04,442 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-02-20 18:10:04,442 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-02-20 18:10:04,442 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__methaneAlarm [2022-02-20 18:10:04,442 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__methaneAlarm [2022-02-20 18:10:04,442 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~intINTTYPE1 [2022-02-20 18:10:04,442 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__lowWaterSensor [2022-02-20 18:10:04,442 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__lowWaterSensor [2022-02-20 18:10:04,443 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2022-02-20 18:10:04,443 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2022-02-20 18:10:04,443 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-02-20 18:10:04,443 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-02-20 18:10:04,443 INFO L130 BoogieDeclarations]: Found specification of procedure select_one [2022-02-20 18:10:04,443 INFO L138 BoogieDeclarations]: Found implementation of procedure select_one [2022-02-20 18:10:04,444 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-02-20 18:10:04,444 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-02-20 18:10:04,444 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 18:10:04,444 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 18:10:04,578 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 18:10:04,580 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 18:10:05,043 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 18:10:05,054 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 18:10:05,054 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-02-20 18:10:05,056 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:10:05 BoogieIcfgContainer [2022-02-20 18:10:05,056 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 18:10:05,057 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 18:10:05,058 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 18:10:05,065 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 18:10:05,065 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 06:10:03" (1/3) ... [2022-02-20 18:10:05,066 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@45627923 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:10:05, skipping insertion in model container [2022-02-20 18:10:05,066 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:10:04" (2/3) ... [2022-02-20 18:10:05,066 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@45627923 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:10:05, skipping insertion in model container [2022-02-20 18:10:05,066 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:10:05" (3/3) ... [2022-02-20 18:10:05,068 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec3_productSimulator.cil.c [2022-02-20 18:10:05,072 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 18:10:05,074 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-02-20 18:10:05,128 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 18:10:05,133 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 18:10:05,134 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-02-20 18:10:05,162 INFO L276 IsEmpty]: Start isEmpty. Operand has 145 states, 101 states have (on average 1.3663366336633664) internal successors, (138), 117 states have internal predecessors, (138), 30 states have call successors, (30), 12 states have call predecessors, (30), 12 states have return successors, (30), 25 states have call predecessors, (30), 30 states have call successors, (30) [2022-02-20 18:10:05,172 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2022-02-20 18:10:05,172 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:10:05,173 INFO L514 BasicCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:10:05,174 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:10:05,178 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:10:05,179 INFO L85 PathProgramCache]: Analyzing trace with hash 1161516863, now seen corresponding path program 1 times [2022-02-20 18:10:05,192 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:10:05,192 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [2028572125] [2022-02-20 18:10:05,192 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:10:05,193 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:10:05,193 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:10:05,196 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:10:05,197 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Waiting until timeout for monitored process [2022-02-20 18:10:05,361 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:10:05,367 INFO L263 TraceCheckSpWp]: Trace formula consists of 216 conjuncts, 1 conjunts are in the unsatisfiable core [2022-02-20 18:10:05,404 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:10:05,410 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:10:05,579 INFO L290 TraceCheckUtils]: 0: Hoare triple {148#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(38bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(30bv32, 4bv32);call #Ultimate.allocInit(9bv32, 5bv32);call #Ultimate.allocInit(21bv32, 6bv32);call #Ultimate.allocInit(30bv32, 7bv32);call #Ultimate.allocInit(9bv32, 8bv32);call #Ultimate.allocInit(21bv32, 9bv32);call #Ultimate.allocInit(30bv32, 10bv32);call #Ultimate.allocInit(9bv32, 11bv32);call #Ultimate.allocInit(25bv32, 12bv32);call #Ultimate.allocInit(30bv32, 13bv32);call #Ultimate.allocInit(9bv32, 14bv32);call #Ultimate.allocInit(25bv32, 15bv32);call #Ultimate.allocInit(13bv32, 16bv32);call #Ultimate.allocInit(3bv32, 17bv32);call write~init~intINTTYPE1(79bv8, 17bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 17bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 17bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 18bv32);call write~init~intINTTYPE1(79bv8, 18bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 18bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 19bv32);call write~init~intINTTYPE1(44bv8, 19bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 19bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 19bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 19bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 19bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 19bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 19bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 20bv32);call write~init~intINTTYPE1(79bv8, 20bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 20bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 20bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 21bv32);call write~init~intINTTYPE1(79bv8, 21bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 21bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(41bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 23bv32);call write~init~intINTTYPE1(10bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 24bv32);call #Ultimate.allocInit(7bv32, 25bv32);call write~init~intINTTYPE1(44bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 25bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 25bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 25bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 25bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 26bv32);call write~init~intINTTYPE1(67bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 26bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(79bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(41bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~head~0.base, ~head~0.offset := 0bv32, 0bv32;~cleanupTimeShifts~0 := 4bv32;~__SELECTED_FEATURE_base~0 := 0bv32;~__SELECTED_FEATURE_highWaterSensor~0 := 0bv32;~__SELECTED_FEATURE_lowWaterSensor~0 := 0bv32;~__SELECTED_FEATURE_methaneQuery~0 := 0bv32;~__SELECTED_FEATURE_methaneAlarm~0 := 0bv32;~__SELECTED_FEATURE_stopCommand~0 := 0bv32;~__SELECTED_FEATURE_startCommand~0 := 0bv32;~__GUIDSL_ROOT_PRODUCTION~0 := 0bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32; {148#true} is VALID [2022-02-20 18:10:05,587 INFO L290 TraceCheckUtils]: 1: Hoare triple {148#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret27#1, main_~retValue_acc~3#1, main_~tmp~3#1;havoc main_~retValue_acc~3#1;havoc main_~tmp~3#1;assume { :begin_inline_select_helpers } true;~__GUIDSL_ROOT_PRODUCTION~0 := 1bv32; {148#true} is VALID [2022-02-20 18:10:05,588 INFO L290 TraceCheckUtils]: 2: Hoare triple {148#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true;havoc select_features_#t~ret48#1, select_features_#t~ret49#1, select_features_#t~ret50#1, select_features_#t~ret51#1, select_features_#t~ret52#1, select_features_#t~ret53#1;~__SELECTED_FEATURE_base~0 := 1bv32; {148#true} is VALID [2022-02-20 18:10:05,588 INFO L272 TraceCheckUtils]: 3: Hoare triple {148#true} call select_features_#t~ret48#1 := select_one(); {148#true} is VALID [2022-02-20 18:10:05,589 INFO L290 TraceCheckUtils]: 4: Hoare triple {148#true} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {148#true} is VALID [2022-02-20 18:10:05,589 INFO L290 TraceCheckUtils]: 5: Hoare triple {148#true} assume true; {148#true} is VALID [2022-02-20 18:10:05,589 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {148#true} {148#true} #362#return; {148#true} is VALID [2022-02-20 18:10:05,589 INFO L290 TraceCheckUtils]: 7: Hoare triple {148#true} ~__SELECTED_FEATURE_highWaterSensor~0 := select_features_#t~ret48#1;havoc select_features_#t~ret48#1; {148#true} is VALID [2022-02-20 18:10:05,590 INFO L272 TraceCheckUtils]: 8: Hoare triple {148#true} call select_features_#t~ret49#1 := select_one(); {148#true} is VALID [2022-02-20 18:10:05,590 INFO L290 TraceCheckUtils]: 9: Hoare triple {148#true} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {148#true} is VALID [2022-02-20 18:10:05,590 INFO L290 TraceCheckUtils]: 10: Hoare triple {148#true} assume true; {148#true} is VALID [2022-02-20 18:10:05,591 INFO L284 TraceCheckUtils]: 11: Hoare quadruple {148#true} {148#true} #364#return; {148#true} is VALID [2022-02-20 18:10:05,591 INFO L290 TraceCheckUtils]: 12: Hoare triple {148#true} ~__SELECTED_FEATURE_lowWaterSensor~0 := select_features_#t~ret49#1;havoc select_features_#t~ret49#1; {148#true} is VALID [2022-02-20 18:10:05,591 INFO L272 TraceCheckUtils]: 13: Hoare triple {148#true} call select_features_#t~ret50#1 := select_one(); {148#true} is VALID [2022-02-20 18:10:05,591 INFO L290 TraceCheckUtils]: 14: Hoare triple {148#true} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {148#true} is VALID [2022-02-20 18:10:05,592 INFO L290 TraceCheckUtils]: 15: Hoare triple {148#true} assume true; {148#true} is VALID [2022-02-20 18:10:05,592 INFO L284 TraceCheckUtils]: 16: Hoare quadruple {148#true} {148#true} #366#return; {148#true} is VALID [2022-02-20 18:10:05,593 INFO L290 TraceCheckUtils]: 17: Hoare triple {148#true} ~__SELECTED_FEATURE_methaneQuery~0 := select_features_#t~ret50#1;havoc select_features_#t~ret50#1; {148#true} is VALID [2022-02-20 18:10:05,593 INFO L272 TraceCheckUtils]: 18: Hoare triple {148#true} call select_features_#t~ret51#1 := select_one(); {148#true} is VALID [2022-02-20 18:10:05,593 INFO L290 TraceCheckUtils]: 19: Hoare triple {148#true} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {148#true} is VALID [2022-02-20 18:10:05,593 INFO L290 TraceCheckUtils]: 20: Hoare triple {148#true} assume true; {148#true} is VALID [2022-02-20 18:10:05,594 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {148#true} {148#true} #368#return; {148#true} is VALID [2022-02-20 18:10:05,594 INFO L290 TraceCheckUtils]: 22: Hoare triple {148#true} ~__SELECTED_FEATURE_methaneAlarm~0 := select_features_#t~ret51#1;havoc select_features_#t~ret51#1; {148#true} is VALID [2022-02-20 18:10:05,594 INFO L272 TraceCheckUtils]: 23: Hoare triple {148#true} call select_features_#t~ret52#1 := select_one(); {148#true} is VALID [2022-02-20 18:10:05,595 INFO L290 TraceCheckUtils]: 24: Hoare triple {148#true} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {148#true} is VALID [2022-02-20 18:10:05,595 INFO L290 TraceCheckUtils]: 25: Hoare triple {148#true} assume true; {148#true} is VALID [2022-02-20 18:10:05,596 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {148#true} {148#true} #370#return; {148#true} is VALID [2022-02-20 18:10:05,596 INFO L290 TraceCheckUtils]: 27: Hoare triple {148#true} ~__SELECTED_FEATURE_stopCommand~0 := select_features_#t~ret52#1;havoc select_features_#t~ret52#1; {148#true} is VALID [2022-02-20 18:10:05,596 INFO L272 TraceCheckUtils]: 28: Hoare triple {148#true} call select_features_#t~ret53#1 := select_one(); {148#true} is VALID [2022-02-20 18:10:05,597 INFO L290 TraceCheckUtils]: 29: Hoare triple {148#true} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {148#true} is VALID [2022-02-20 18:10:05,598 INFO L290 TraceCheckUtils]: 30: Hoare triple {148#true} assume true; {148#true} is VALID [2022-02-20 18:10:05,598 INFO L284 TraceCheckUtils]: 31: Hoare quadruple {148#true} {148#true} #372#return; {148#true} is VALID [2022-02-20 18:10:05,598 INFO L290 TraceCheckUtils]: 32: Hoare triple {148#true} ~__SELECTED_FEATURE_startCommand~0 := select_features_#t~ret53#1;havoc select_features_#t~ret53#1; {148#true} is VALID [2022-02-20 18:10:05,598 INFO L290 TraceCheckUtils]: 33: Hoare triple {148#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~9#1;havoc valid_product_~retValue_acc~9#1;valid_product_~retValue_acc~9#1 := ~__SELECTED_FEATURE_base~0;valid_product_#res#1 := valid_product_~retValue_acc~9#1; {148#true} is VALID [2022-02-20 18:10:05,599 INFO L290 TraceCheckUtils]: 34: Hoare triple {148#true} main_#t~ret27#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~3#1 := main_#t~ret27#1;havoc main_#t~ret27#1; {148#true} is VALID [2022-02-20 18:10:05,599 INFO L290 TraceCheckUtils]: 35: Hoare triple {148#true} assume 0bv32 != main_~tmp~3#1;assume { :begin_inline_setup } true; {148#true} is VALID [2022-02-20 18:10:05,599 INFO L290 TraceCheckUtils]: 36: Hoare triple {148#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet28#1, test_#t~nondet29#1, test_#t~nondet30#1, test_#t~nondet31#1, test_~splverifierCounter~0#1, test_~tmp~4#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~4#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {148#true} is VALID [2022-02-20 18:10:05,600 INFO L290 TraceCheckUtils]: 37: Hoare triple {148#true} assume !true; {149#false} is VALID [2022-02-20 18:10:05,600 INFO L272 TraceCheckUtils]: 38: Hoare triple {149#false} call cleanup(); {149#false} is VALID [2022-02-20 18:10:05,601 INFO L290 TraceCheckUtils]: 39: Hoare triple {149#false} havoc ~i~0;havoc ~__cil_tmp2~0; {149#false} is VALID [2022-02-20 18:10:05,605 INFO L272 TraceCheckUtils]: 40: Hoare triple {149#false} call timeShift(); {149#false} is VALID [2022-02-20 18:10:05,606 INFO L290 TraceCheckUtils]: 41: Hoare triple {149#false} assume !(0bv32 != ~pumpRunning~0); {149#false} is VALID [2022-02-20 18:10:05,606 INFO L290 TraceCheckUtils]: 42: Hoare triple {149#false} assume !(0bv32 != ~systemActive~0); {149#false} is VALID [2022-02-20 18:10:05,609 INFO L290 TraceCheckUtils]: 43: Hoare triple {149#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret54#1, __utac_acc__Specification3_spec__1_#t~ret55#1, __utac_acc__Specification3_spec__1_#t~ret56#1, __utac_acc__Specification3_spec__1_~tmp~11#1, __utac_acc__Specification3_spec__1_~tmp___0~3#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~11#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {149#false} is VALID [2022-02-20 18:10:05,610 INFO L272 TraceCheckUtils]: 44: Hoare triple {149#false} call __utac_acc__Specification3_spec__1_#t~ret54#1 := isMethaneLevelCritical(); {149#false} is VALID [2022-02-20 18:10:05,610 INFO L290 TraceCheckUtils]: 45: Hoare triple {149#false} havoc ~retValue_acc~10;~retValue_acc~10 := ~methaneLevelCritical~0;#res := ~retValue_acc~10; {149#false} is VALID [2022-02-20 18:10:05,610 INFO L290 TraceCheckUtils]: 46: Hoare triple {149#false} assume true; {149#false} is VALID [2022-02-20 18:10:05,610 INFO L284 TraceCheckUtils]: 47: Hoare quadruple {149#false} {149#false} #356#return; {149#false} is VALID [2022-02-20 18:10:05,610 INFO L290 TraceCheckUtils]: 48: Hoare triple {149#false} __utac_acc__Specification3_spec__1_~tmp~11#1 := __utac_acc__Specification3_spec__1_#t~ret54#1;havoc __utac_acc__Specification3_spec__1_#t~ret54#1; {149#false} is VALID [2022-02-20 18:10:05,614 INFO L290 TraceCheckUtils]: 49: Hoare triple {149#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~11#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~11#1;havoc getWaterLevel_~retValue_acc~11#1;getWaterLevel_~retValue_acc~11#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~11#1; {149#false} is VALID [2022-02-20 18:10:05,615 INFO L290 TraceCheckUtils]: 50: Hoare triple {149#false} __utac_acc__Specification3_spec__1_#t~ret55#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~3#1 := __utac_acc__Specification3_spec__1_#t~ret55#1;havoc __utac_acc__Specification3_spec__1_#t~ret55#1; {149#false} is VALID [2022-02-20 18:10:05,615 INFO L290 TraceCheckUtils]: 51: Hoare triple {149#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~3#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~5#1;havoc isPumpRunning_~retValue_acc~5#1;isPumpRunning_~retValue_acc~5#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~5#1; {149#false} is VALID [2022-02-20 18:10:05,615 INFO L290 TraceCheckUtils]: 52: Hoare triple {149#false} __utac_acc__Specification3_spec__1_#t~ret56#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret56#1;havoc __utac_acc__Specification3_spec__1_#t~ret56#1; {149#false} is VALID [2022-02-20 18:10:05,615 INFO L290 TraceCheckUtils]: 53: Hoare triple {149#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {149#false} is VALID [2022-02-20 18:10:05,616 INFO L290 TraceCheckUtils]: 54: Hoare triple {149#false} assume !false; {149#false} is VALID [2022-02-20 18:10:05,617 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2022-02-20 18:10:05,617 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:10:05,619 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:10:05,619 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [2028572125] [2022-02-20 18:10:05,620 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [2028572125] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:10:05,621 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:10:05,621 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:10:05,623 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [27468830] [2022-02-20 18:10:05,625 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:10:05,631 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 14.5) internal successors, (29), 2 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 55 [2022-02-20 18:10:05,633 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:10:05,637 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 2 states, 2 states have (on average 14.5) internal successors, (29), 2 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:10:05,711 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 45 edges. 45 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:10:05,712 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-02-20 18:10:05,713 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:10:05,744 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-02-20 18:10:05,745 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:10:05,751 INFO L87 Difference]: Start difference. First operand has 145 states, 101 states have (on average 1.3663366336633664) internal successors, (138), 117 states have internal predecessors, (138), 30 states have call successors, (30), 12 states have call predecessors, (30), 12 states have return successors, (30), 25 states have call predecessors, (30), 30 states have call successors, (30) Second operand has 2 states, 2 states have (on average 14.5) internal successors, (29), 2 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:10:05,971 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:10:05,971 INFO L93 Difference]: Finished difference Result 267 states and 371 transitions. [2022-02-20 18:10:05,971 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-02-20 18:10:05,973 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 14.5) internal successors, (29), 2 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 55 [2022-02-20 18:10:05,973 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:10:05,974 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 14.5) internal successors, (29), 2 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:10:06,012 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 371 transitions. [2022-02-20 18:10:06,013 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 14.5) internal successors, (29), 2 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:10:06,028 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 371 transitions. [2022-02-20 18:10:06,028 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 371 transitions. [2022-02-20 18:10:06,373 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 371 edges. 371 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:10:06,386 INFO L225 Difference]: With dead ends: 267 [2022-02-20 18:10:06,386 INFO L226 Difference]: Without dead ends: 136 [2022-02-20 18:10:06,390 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 54 GetRequests, 54 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:10:06,393 INFO L933 BasicCegarLoop]: 192 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 192 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:10:06,394 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 192 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:10:06,408 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 136 states. [2022-02-20 18:10:06,428 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 136 to 136. [2022-02-20 18:10:06,428 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:10:06,429 INFO L82 GeneralOperation]: Start isEquivalent. First operand 136 states. Second operand has 136 states, 94 states have (on average 1.3191489361702127) internal successors, (124), 109 states have internal predecessors, (124), 30 states have call successors, (30), 12 states have call predecessors, (30), 11 states have return successors, (29), 24 states have call predecessors, (29), 29 states have call successors, (29) [2022-02-20 18:10:06,431 INFO L74 IsIncluded]: Start isIncluded. First operand 136 states. Second operand has 136 states, 94 states have (on average 1.3191489361702127) internal successors, (124), 109 states have internal predecessors, (124), 30 states have call successors, (30), 12 states have call predecessors, (30), 11 states have return successors, (29), 24 states have call predecessors, (29), 29 states have call successors, (29) [2022-02-20 18:10:06,432 INFO L87 Difference]: Start difference. First operand 136 states. Second operand has 136 states, 94 states have (on average 1.3191489361702127) internal successors, (124), 109 states have internal predecessors, (124), 30 states have call successors, (30), 12 states have call predecessors, (30), 11 states have return successors, (29), 24 states have call predecessors, (29), 29 states have call successors, (29) [2022-02-20 18:10:06,442 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:10:06,442 INFO L93 Difference]: Finished difference Result 136 states and 183 transitions. [2022-02-20 18:10:06,442 INFO L276 IsEmpty]: Start isEmpty. Operand 136 states and 183 transitions. [2022-02-20 18:10:06,445 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:10:06,445 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:10:06,446 INFO L74 IsIncluded]: Start isIncluded. First operand has 136 states, 94 states have (on average 1.3191489361702127) internal successors, (124), 109 states have internal predecessors, (124), 30 states have call successors, (30), 12 states have call predecessors, (30), 11 states have return successors, (29), 24 states have call predecessors, (29), 29 states have call successors, (29) Second operand 136 states. [2022-02-20 18:10:06,447 INFO L87 Difference]: Start difference. First operand has 136 states, 94 states have (on average 1.3191489361702127) internal successors, (124), 109 states have internal predecessors, (124), 30 states have call successors, (30), 12 states have call predecessors, (30), 11 states have return successors, (29), 24 states have call predecessors, (29), 29 states have call successors, (29) Second operand 136 states. [2022-02-20 18:10:06,455 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:10:06,455 INFO L93 Difference]: Finished difference Result 136 states and 183 transitions. [2022-02-20 18:10:06,455 INFO L276 IsEmpty]: Start isEmpty. Operand 136 states and 183 transitions. [2022-02-20 18:10:06,457 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:10:06,457 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:10:06,457 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:10:06,458 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:10:06,458 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 136 states, 94 states have (on average 1.3191489361702127) internal successors, (124), 109 states have internal predecessors, (124), 30 states have call successors, (30), 12 states have call predecessors, (30), 11 states have return successors, (29), 24 states have call predecessors, (29), 29 states have call successors, (29) [2022-02-20 18:10:06,465 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 136 states to 136 states and 183 transitions. [2022-02-20 18:10:06,467 INFO L78 Accepts]: Start accepts. Automaton has 136 states and 183 transitions. Word has length 55 [2022-02-20 18:10:06,467 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:10:06,467 INFO L470 AbstractCegarLoop]: Abstraction has 136 states and 183 transitions. [2022-02-20 18:10:06,468 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 14.5) internal successors, (29), 2 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:10:06,468 INFO L276 IsEmpty]: Start isEmpty. Operand 136 states and 183 transitions. [2022-02-20 18:10:06,470 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2022-02-20 18:10:06,470 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:10:06,470 INFO L514 BasicCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:10:06,483 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Forceful destruction successful, exit code 0 [2022-02-20 18:10:06,680 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:10:06,680 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:10:06,681 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:10:06,681 INFO L85 PathProgramCache]: Analyzing trace with hash 765638641, now seen corresponding path program 1 times [2022-02-20 18:10:06,682 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:10:06,682 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1996812072] [2022-02-20 18:10:06,682 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:10:06,682 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:10:06,682 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:10:06,683 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:10:06,685 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Waiting until timeout for monitored process [2022-02-20 18:10:06,764 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:10:06,768 INFO L263 TraceCheckSpWp]: Trace formula consists of 217 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-20 18:10:06,813 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:10:06,814 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:10:07,029 INFO L290 TraceCheckUtils]: 0: Hoare triple {1179#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(38bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(30bv32, 4bv32);call #Ultimate.allocInit(9bv32, 5bv32);call #Ultimate.allocInit(21bv32, 6bv32);call #Ultimate.allocInit(30bv32, 7bv32);call #Ultimate.allocInit(9bv32, 8bv32);call #Ultimate.allocInit(21bv32, 9bv32);call #Ultimate.allocInit(30bv32, 10bv32);call #Ultimate.allocInit(9bv32, 11bv32);call #Ultimate.allocInit(25bv32, 12bv32);call #Ultimate.allocInit(30bv32, 13bv32);call #Ultimate.allocInit(9bv32, 14bv32);call #Ultimate.allocInit(25bv32, 15bv32);call #Ultimate.allocInit(13bv32, 16bv32);call #Ultimate.allocInit(3bv32, 17bv32);call write~init~intINTTYPE1(79bv8, 17bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 17bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 17bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 18bv32);call write~init~intINTTYPE1(79bv8, 18bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 18bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 19bv32);call write~init~intINTTYPE1(44bv8, 19bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 19bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 19bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 19bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 19bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 19bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 19bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 20bv32);call write~init~intINTTYPE1(79bv8, 20bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 20bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 20bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 21bv32);call write~init~intINTTYPE1(79bv8, 21bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 21bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(41bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 23bv32);call write~init~intINTTYPE1(10bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 24bv32);call #Ultimate.allocInit(7bv32, 25bv32);call write~init~intINTTYPE1(44bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 25bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 25bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 25bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 25bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 26bv32);call write~init~intINTTYPE1(67bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 26bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(79bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(41bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~head~0.base, ~head~0.offset := 0bv32, 0bv32;~cleanupTimeShifts~0 := 4bv32;~__SELECTED_FEATURE_base~0 := 0bv32;~__SELECTED_FEATURE_highWaterSensor~0 := 0bv32;~__SELECTED_FEATURE_lowWaterSensor~0 := 0bv32;~__SELECTED_FEATURE_methaneQuery~0 := 0bv32;~__SELECTED_FEATURE_methaneAlarm~0 := 0bv32;~__SELECTED_FEATURE_stopCommand~0 := 0bv32;~__SELECTED_FEATURE_startCommand~0 := 0bv32;~__GUIDSL_ROOT_PRODUCTION~0 := 0bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32; {1179#true} is VALID [2022-02-20 18:10:07,029 INFO L290 TraceCheckUtils]: 1: Hoare triple {1179#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret27#1, main_~retValue_acc~3#1, main_~tmp~3#1;havoc main_~retValue_acc~3#1;havoc main_~tmp~3#1;assume { :begin_inline_select_helpers } true;~__GUIDSL_ROOT_PRODUCTION~0 := 1bv32; {1179#true} is VALID [2022-02-20 18:10:07,030 INFO L290 TraceCheckUtils]: 2: Hoare triple {1179#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true;havoc select_features_#t~ret48#1, select_features_#t~ret49#1, select_features_#t~ret50#1, select_features_#t~ret51#1, select_features_#t~ret52#1, select_features_#t~ret53#1;~__SELECTED_FEATURE_base~0 := 1bv32; {1179#true} is VALID [2022-02-20 18:10:07,030 INFO L272 TraceCheckUtils]: 3: Hoare triple {1179#true} call select_features_#t~ret48#1 := select_one(); {1179#true} is VALID [2022-02-20 18:10:07,030 INFO L290 TraceCheckUtils]: 4: Hoare triple {1179#true} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1179#true} is VALID [2022-02-20 18:10:07,030 INFO L290 TraceCheckUtils]: 5: Hoare triple {1179#true} assume true; {1179#true} is VALID [2022-02-20 18:10:07,031 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {1179#true} {1179#true} #362#return; {1179#true} is VALID [2022-02-20 18:10:07,031 INFO L290 TraceCheckUtils]: 7: Hoare triple {1179#true} ~__SELECTED_FEATURE_highWaterSensor~0 := select_features_#t~ret48#1;havoc select_features_#t~ret48#1; {1179#true} is VALID [2022-02-20 18:10:07,031 INFO L272 TraceCheckUtils]: 8: Hoare triple {1179#true} call select_features_#t~ret49#1 := select_one(); {1179#true} is VALID [2022-02-20 18:10:07,031 INFO L290 TraceCheckUtils]: 9: Hoare triple {1179#true} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1179#true} is VALID [2022-02-20 18:10:07,031 INFO L290 TraceCheckUtils]: 10: Hoare triple {1179#true} assume true; {1179#true} is VALID [2022-02-20 18:10:07,032 INFO L284 TraceCheckUtils]: 11: Hoare quadruple {1179#true} {1179#true} #364#return; {1179#true} is VALID [2022-02-20 18:10:07,032 INFO L290 TraceCheckUtils]: 12: Hoare triple {1179#true} ~__SELECTED_FEATURE_lowWaterSensor~0 := select_features_#t~ret49#1;havoc select_features_#t~ret49#1; {1179#true} is VALID [2022-02-20 18:10:07,032 INFO L272 TraceCheckUtils]: 13: Hoare triple {1179#true} call select_features_#t~ret50#1 := select_one(); {1179#true} is VALID [2022-02-20 18:10:07,032 INFO L290 TraceCheckUtils]: 14: Hoare triple {1179#true} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1179#true} is VALID [2022-02-20 18:10:07,032 INFO L290 TraceCheckUtils]: 15: Hoare triple {1179#true} assume true; {1179#true} is VALID [2022-02-20 18:10:07,033 INFO L284 TraceCheckUtils]: 16: Hoare quadruple {1179#true} {1179#true} #366#return; {1179#true} is VALID [2022-02-20 18:10:07,033 INFO L290 TraceCheckUtils]: 17: Hoare triple {1179#true} ~__SELECTED_FEATURE_methaneQuery~0 := select_features_#t~ret50#1;havoc select_features_#t~ret50#1; {1179#true} is VALID [2022-02-20 18:10:07,033 INFO L272 TraceCheckUtils]: 18: Hoare triple {1179#true} call select_features_#t~ret51#1 := select_one(); {1179#true} is VALID [2022-02-20 18:10:07,033 INFO L290 TraceCheckUtils]: 19: Hoare triple {1179#true} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1179#true} is VALID [2022-02-20 18:10:07,033 INFO L290 TraceCheckUtils]: 20: Hoare triple {1179#true} assume true; {1179#true} is VALID [2022-02-20 18:10:07,034 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {1179#true} {1179#true} #368#return; {1179#true} is VALID [2022-02-20 18:10:07,034 INFO L290 TraceCheckUtils]: 22: Hoare triple {1179#true} ~__SELECTED_FEATURE_methaneAlarm~0 := select_features_#t~ret51#1;havoc select_features_#t~ret51#1; {1179#true} is VALID [2022-02-20 18:10:07,034 INFO L272 TraceCheckUtils]: 23: Hoare triple {1179#true} call select_features_#t~ret52#1 := select_one(); {1179#true} is VALID [2022-02-20 18:10:07,034 INFO L290 TraceCheckUtils]: 24: Hoare triple {1179#true} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1179#true} is VALID [2022-02-20 18:10:07,034 INFO L290 TraceCheckUtils]: 25: Hoare triple {1179#true} assume true; {1179#true} is VALID [2022-02-20 18:10:07,035 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {1179#true} {1179#true} #370#return; {1179#true} is VALID [2022-02-20 18:10:07,035 INFO L290 TraceCheckUtils]: 27: Hoare triple {1179#true} ~__SELECTED_FEATURE_stopCommand~0 := select_features_#t~ret52#1;havoc select_features_#t~ret52#1; {1179#true} is VALID [2022-02-20 18:10:07,035 INFO L272 TraceCheckUtils]: 28: Hoare triple {1179#true} call select_features_#t~ret53#1 := select_one(); {1179#true} is VALID [2022-02-20 18:10:07,035 INFO L290 TraceCheckUtils]: 29: Hoare triple {1179#true} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {1179#true} is VALID [2022-02-20 18:10:07,035 INFO L290 TraceCheckUtils]: 30: Hoare triple {1179#true} assume true; {1179#true} is VALID [2022-02-20 18:10:07,036 INFO L284 TraceCheckUtils]: 31: Hoare quadruple {1179#true} {1179#true} #372#return; {1179#true} is VALID [2022-02-20 18:10:07,036 INFO L290 TraceCheckUtils]: 32: Hoare triple {1179#true} ~__SELECTED_FEATURE_startCommand~0 := select_features_#t~ret53#1;havoc select_features_#t~ret53#1; {1179#true} is VALID [2022-02-20 18:10:07,036 INFO L290 TraceCheckUtils]: 33: Hoare triple {1179#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~9#1;havoc valid_product_~retValue_acc~9#1;valid_product_~retValue_acc~9#1 := ~__SELECTED_FEATURE_base~0;valid_product_#res#1 := valid_product_~retValue_acc~9#1; {1179#true} is VALID [2022-02-20 18:10:07,036 INFO L290 TraceCheckUtils]: 34: Hoare triple {1179#true} main_#t~ret27#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~3#1 := main_#t~ret27#1;havoc main_#t~ret27#1; {1179#true} is VALID [2022-02-20 18:10:07,036 INFO L290 TraceCheckUtils]: 35: Hoare triple {1179#true} assume 0bv32 != main_~tmp~3#1;assume { :begin_inline_setup } true; {1179#true} is VALID [2022-02-20 18:10:07,037 INFO L290 TraceCheckUtils]: 36: Hoare triple {1179#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet28#1, test_#t~nondet29#1, test_#t~nondet30#1, test_#t~nondet31#1, test_~splverifierCounter~0#1, test_~tmp~4#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~4#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {1292#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} is VALID [2022-02-20 18:10:07,038 INFO L290 TraceCheckUtils]: 37: Hoare triple {1292#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} assume !false; {1292#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} is VALID [2022-02-20 18:10:07,038 INFO L290 TraceCheckUtils]: 38: Hoare triple {1292#(= |ULTIMATE.start_test_~splverifierCounter~0#1| (_ bv0 32))} assume !~bvslt32(test_~splverifierCounter~0#1, 4bv32); {1180#false} is VALID [2022-02-20 18:10:07,038 INFO L272 TraceCheckUtils]: 39: Hoare triple {1180#false} call cleanup(); {1180#false} is VALID [2022-02-20 18:10:07,039 INFO L290 TraceCheckUtils]: 40: Hoare triple {1180#false} havoc ~i~0;havoc ~__cil_tmp2~0; {1180#false} is VALID [2022-02-20 18:10:07,039 INFO L272 TraceCheckUtils]: 41: Hoare triple {1180#false} call timeShift(); {1180#false} is VALID [2022-02-20 18:10:07,039 INFO L290 TraceCheckUtils]: 42: Hoare triple {1180#false} assume !(0bv32 != ~pumpRunning~0); {1180#false} is VALID [2022-02-20 18:10:07,039 INFO L290 TraceCheckUtils]: 43: Hoare triple {1180#false} assume !(0bv32 != ~systemActive~0); {1180#false} is VALID [2022-02-20 18:10:07,039 INFO L290 TraceCheckUtils]: 44: Hoare triple {1180#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret54#1, __utac_acc__Specification3_spec__1_#t~ret55#1, __utac_acc__Specification3_spec__1_#t~ret56#1, __utac_acc__Specification3_spec__1_~tmp~11#1, __utac_acc__Specification3_spec__1_~tmp___0~3#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~11#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {1180#false} is VALID [2022-02-20 18:10:07,040 INFO L272 TraceCheckUtils]: 45: Hoare triple {1180#false} call __utac_acc__Specification3_spec__1_#t~ret54#1 := isMethaneLevelCritical(); {1180#false} is VALID [2022-02-20 18:10:07,040 INFO L290 TraceCheckUtils]: 46: Hoare triple {1180#false} havoc ~retValue_acc~10;~retValue_acc~10 := ~methaneLevelCritical~0;#res := ~retValue_acc~10; {1180#false} is VALID [2022-02-20 18:10:07,040 INFO L290 TraceCheckUtils]: 47: Hoare triple {1180#false} assume true; {1180#false} is VALID [2022-02-20 18:10:07,040 INFO L284 TraceCheckUtils]: 48: Hoare quadruple {1180#false} {1180#false} #356#return; {1180#false} is VALID [2022-02-20 18:10:07,040 INFO L290 TraceCheckUtils]: 49: Hoare triple {1180#false} __utac_acc__Specification3_spec__1_~tmp~11#1 := __utac_acc__Specification3_spec__1_#t~ret54#1;havoc __utac_acc__Specification3_spec__1_#t~ret54#1; {1180#false} is VALID [2022-02-20 18:10:07,041 INFO L290 TraceCheckUtils]: 50: Hoare triple {1180#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~11#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~11#1;havoc getWaterLevel_~retValue_acc~11#1;getWaterLevel_~retValue_acc~11#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~11#1; {1180#false} is VALID [2022-02-20 18:10:07,041 INFO L290 TraceCheckUtils]: 51: Hoare triple {1180#false} __utac_acc__Specification3_spec__1_#t~ret55#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~3#1 := __utac_acc__Specification3_spec__1_#t~ret55#1;havoc __utac_acc__Specification3_spec__1_#t~ret55#1; {1180#false} is VALID [2022-02-20 18:10:07,041 INFO L290 TraceCheckUtils]: 52: Hoare triple {1180#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~3#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~5#1;havoc isPumpRunning_~retValue_acc~5#1;isPumpRunning_~retValue_acc~5#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~5#1; {1180#false} is VALID [2022-02-20 18:10:07,041 INFO L290 TraceCheckUtils]: 53: Hoare triple {1180#false} __utac_acc__Specification3_spec__1_#t~ret56#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret56#1;havoc __utac_acc__Specification3_spec__1_#t~ret56#1; {1180#false} is VALID [2022-02-20 18:10:07,041 INFO L290 TraceCheckUtils]: 54: Hoare triple {1180#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {1180#false} is VALID [2022-02-20 18:10:07,042 INFO L290 TraceCheckUtils]: 55: Hoare triple {1180#false} assume !false; {1180#false} is VALID [2022-02-20 18:10:07,042 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2022-02-20 18:10:07,042 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:10:07,042 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:10:07,043 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1996812072] [2022-02-20 18:10:07,043 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1996812072] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:10:07,043 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:10:07,043 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:10:07,043 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1222823574] [2022-02-20 18:10:07,044 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:10:07,045 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 56 [2022-02-20 18:10:07,045 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:10:07,046 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:10:07,088 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 46 edges. 46 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:10:07,089 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:10:07,089 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:10:07,090 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:10:07,090 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:10:07,090 INFO L87 Difference]: Start difference. First operand 136 states and 183 transitions. Second operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:10:07,316 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:10:07,316 INFO L93 Difference]: Finished difference Result 216 states and 291 transitions. [2022-02-20 18:10:07,317 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:10:07,317 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 56 [2022-02-20 18:10:07,317 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:10:07,317 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:10:07,333 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 291 transitions. [2022-02-20 18:10:07,334 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:10:07,340 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 291 transitions. [2022-02-20 18:10:07,340 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 291 transitions. [2022-02-20 18:10:07,626 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 291 edges. 291 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:10:07,630 INFO L225 Difference]: With dead ends: 216 [2022-02-20 18:10:07,631 INFO L226 Difference]: Without dead ends: 127 [2022-02-20 18:10:07,632 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 55 GetRequests, 54 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:10:07,633 INFO L933 BasicCegarLoop]: 170 mSDtfsCounter, 21 mSDsluCounter, 144 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 25 SdHoareTripleChecker+Valid, 314 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:10:07,633 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [25 Valid, 314 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:10:07,634 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 127 states. [2022-02-20 18:10:07,641 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 127 to 127. [2022-02-20 18:10:07,641 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:10:07,642 INFO L82 GeneralOperation]: Start isEquivalent. First operand 127 states. Second operand has 127 states, 88 states have (on average 1.3295454545454546) internal successors, (117), 103 states have internal predecessors, (117), 27 states have call successors, (27), 11 states have call predecessors, (27), 11 states have return successors, (27), 22 states have call predecessors, (27), 27 states have call successors, (27) [2022-02-20 18:10:07,643 INFO L74 IsIncluded]: Start isIncluded. First operand 127 states. Second operand has 127 states, 88 states have (on average 1.3295454545454546) internal successors, (117), 103 states have internal predecessors, (117), 27 states have call successors, (27), 11 states have call predecessors, (27), 11 states have return successors, (27), 22 states have call predecessors, (27), 27 states have call successors, (27) [2022-02-20 18:10:07,645 INFO L87 Difference]: Start difference. First operand 127 states. Second operand has 127 states, 88 states have (on average 1.3295454545454546) internal successors, (117), 103 states have internal predecessors, (117), 27 states have call successors, (27), 11 states have call predecessors, (27), 11 states have return successors, (27), 22 states have call predecessors, (27), 27 states have call successors, (27) [2022-02-20 18:10:07,651 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:10:07,653 INFO L93 Difference]: Finished difference Result 127 states and 171 transitions. [2022-02-20 18:10:07,653 INFO L276 IsEmpty]: Start isEmpty. Operand 127 states and 171 transitions. [2022-02-20 18:10:07,654 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:10:07,654 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:10:07,655 INFO L74 IsIncluded]: Start isIncluded. First operand has 127 states, 88 states have (on average 1.3295454545454546) internal successors, (117), 103 states have internal predecessors, (117), 27 states have call successors, (27), 11 states have call predecessors, (27), 11 states have return successors, (27), 22 states have call predecessors, (27), 27 states have call successors, (27) Second operand 127 states. [2022-02-20 18:10:07,656 INFO L87 Difference]: Start difference. First operand has 127 states, 88 states have (on average 1.3295454545454546) internal successors, (117), 103 states have internal predecessors, (117), 27 states have call successors, (27), 11 states have call predecessors, (27), 11 states have return successors, (27), 22 states have call predecessors, (27), 27 states have call successors, (27) Second operand 127 states. [2022-02-20 18:10:07,662 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:10:07,662 INFO L93 Difference]: Finished difference Result 127 states and 171 transitions. [2022-02-20 18:10:07,663 INFO L276 IsEmpty]: Start isEmpty. Operand 127 states and 171 transitions. [2022-02-20 18:10:07,664 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:10:07,664 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:10:07,664 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:10:07,666 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:10:07,667 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 127 states, 88 states have (on average 1.3295454545454546) internal successors, (117), 103 states have internal predecessors, (117), 27 states have call successors, (27), 11 states have call predecessors, (27), 11 states have return successors, (27), 22 states have call predecessors, (27), 27 states have call successors, (27) [2022-02-20 18:10:07,673 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 127 states to 127 states and 171 transitions. [2022-02-20 18:10:07,673 INFO L78 Accepts]: Start accepts. Automaton has 127 states and 171 transitions. Word has length 56 [2022-02-20 18:10:07,675 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:10:07,675 INFO L470 AbstractCegarLoop]: Abstraction has 127 states and 171 transitions. [2022-02-20 18:10:07,675 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:10:07,676 INFO L276 IsEmpty]: Start isEmpty. Operand 127 states and 171 transitions. [2022-02-20 18:10:07,678 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 62 [2022-02-20 18:10:07,678 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:10:07,679 INFO L514 BasicCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:10:07,695 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Forceful destruction successful, exit code 0 [2022-02-20 18:10:07,889 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:10:07,889 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:10:07,889 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:10:07,889 INFO L85 PathProgramCache]: Analyzing trace with hash -645766224, now seen corresponding path program 1 times [2022-02-20 18:10:07,890 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:10:07,890 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [401398599] [2022-02-20 18:10:07,890 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:10:07,890 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:10:07,890 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:10:07,892 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:10:07,894 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Waiting until timeout for monitored process [2022-02-20 18:10:07,974 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:10:07,978 INFO L263 TraceCheckSpWp]: Trace formula consists of 219 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-20 18:10:08,003 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:10:08,005 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:10:08,204 INFO L290 TraceCheckUtils]: 0: Hoare triple {2108#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(38bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(30bv32, 4bv32);call #Ultimate.allocInit(9bv32, 5bv32);call #Ultimate.allocInit(21bv32, 6bv32);call #Ultimate.allocInit(30bv32, 7bv32);call #Ultimate.allocInit(9bv32, 8bv32);call #Ultimate.allocInit(21bv32, 9bv32);call #Ultimate.allocInit(30bv32, 10bv32);call #Ultimate.allocInit(9bv32, 11bv32);call #Ultimate.allocInit(25bv32, 12bv32);call #Ultimate.allocInit(30bv32, 13bv32);call #Ultimate.allocInit(9bv32, 14bv32);call #Ultimate.allocInit(25bv32, 15bv32);call #Ultimate.allocInit(13bv32, 16bv32);call #Ultimate.allocInit(3bv32, 17bv32);call write~init~intINTTYPE1(79bv8, 17bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 17bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 17bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 18bv32);call write~init~intINTTYPE1(79bv8, 18bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 18bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 19bv32);call write~init~intINTTYPE1(44bv8, 19bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 19bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 19bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 19bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 19bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 19bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 19bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 20bv32);call write~init~intINTTYPE1(79bv8, 20bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 20bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 20bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 21bv32);call write~init~intINTTYPE1(79bv8, 21bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 21bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(41bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 23bv32);call write~init~intINTTYPE1(10bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 24bv32);call #Ultimate.allocInit(7bv32, 25bv32);call write~init~intINTTYPE1(44bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 25bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 25bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 25bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 25bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 26bv32);call write~init~intINTTYPE1(67bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 26bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(79bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(41bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~head~0.base, ~head~0.offset := 0bv32, 0bv32;~cleanupTimeShifts~0 := 4bv32;~__SELECTED_FEATURE_base~0 := 0bv32;~__SELECTED_FEATURE_highWaterSensor~0 := 0bv32;~__SELECTED_FEATURE_lowWaterSensor~0 := 0bv32;~__SELECTED_FEATURE_methaneQuery~0 := 0bv32;~__SELECTED_FEATURE_methaneAlarm~0 := 0bv32;~__SELECTED_FEATURE_stopCommand~0 := 0bv32;~__SELECTED_FEATURE_startCommand~0 := 0bv32;~__GUIDSL_ROOT_PRODUCTION~0 := 0bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,205 INFO L290 TraceCheckUtils]: 1: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret27#1, main_~retValue_acc~3#1, main_~tmp~3#1;havoc main_~retValue_acc~3#1;havoc main_~tmp~3#1;assume { :begin_inline_select_helpers } true;~__GUIDSL_ROOT_PRODUCTION~0 := 1bv32; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,205 INFO L290 TraceCheckUtils]: 2: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true;havoc select_features_#t~ret48#1, select_features_#t~ret49#1, select_features_#t~ret50#1, select_features_#t~ret51#1, select_features_#t~ret52#1, select_features_#t~ret53#1;~__SELECTED_FEATURE_base~0 := 1bv32; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,206 INFO L272 TraceCheckUtils]: 3: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} call select_features_#t~ret48#1 := select_one(); {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,207 INFO L290 TraceCheckUtils]: 4: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,207 INFO L290 TraceCheckUtils]: 5: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} assume true; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,208 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {2113#(= ~systemActive~0 (_ bv1 32))} {2113#(= ~systemActive~0 (_ bv1 32))} #362#return; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,208 INFO L290 TraceCheckUtils]: 7: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} ~__SELECTED_FEATURE_highWaterSensor~0 := select_features_#t~ret48#1;havoc select_features_#t~ret48#1; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,214 INFO L272 TraceCheckUtils]: 8: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} call select_features_#t~ret49#1 := select_one(); {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,214 INFO L290 TraceCheckUtils]: 9: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,215 INFO L290 TraceCheckUtils]: 10: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} assume true; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,219 INFO L284 TraceCheckUtils]: 11: Hoare quadruple {2113#(= ~systemActive~0 (_ bv1 32))} {2113#(= ~systemActive~0 (_ bv1 32))} #364#return; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,220 INFO L290 TraceCheckUtils]: 12: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} ~__SELECTED_FEATURE_lowWaterSensor~0 := select_features_#t~ret49#1;havoc select_features_#t~ret49#1; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,220 INFO L272 TraceCheckUtils]: 13: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} call select_features_#t~ret50#1 := select_one(); {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,221 INFO L290 TraceCheckUtils]: 14: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,221 INFO L290 TraceCheckUtils]: 15: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} assume true; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,222 INFO L284 TraceCheckUtils]: 16: Hoare quadruple {2113#(= ~systemActive~0 (_ bv1 32))} {2113#(= ~systemActive~0 (_ bv1 32))} #366#return; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,222 INFO L290 TraceCheckUtils]: 17: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} ~__SELECTED_FEATURE_methaneQuery~0 := select_features_#t~ret50#1;havoc select_features_#t~ret50#1; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,222 INFO L272 TraceCheckUtils]: 18: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} call select_features_#t~ret51#1 := select_one(); {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,223 INFO L290 TraceCheckUtils]: 19: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,223 INFO L290 TraceCheckUtils]: 20: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} assume true; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,224 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {2113#(= ~systemActive~0 (_ bv1 32))} {2113#(= ~systemActive~0 (_ bv1 32))} #368#return; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,224 INFO L290 TraceCheckUtils]: 22: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} ~__SELECTED_FEATURE_methaneAlarm~0 := select_features_#t~ret51#1;havoc select_features_#t~ret51#1; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,225 INFO L272 TraceCheckUtils]: 23: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} call select_features_#t~ret52#1 := select_one(); {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,225 INFO L290 TraceCheckUtils]: 24: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,225 INFO L290 TraceCheckUtils]: 25: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} assume true; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,226 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {2113#(= ~systemActive~0 (_ bv1 32))} {2113#(= ~systemActive~0 (_ bv1 32))} #370#return; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,226 INFO L290 TraceCheckUtils]: 27: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} ~__SELECTED_FEATURE_stopCommand~0 := select_features_#t~ret52#1;havoc select_features_#t~ret52#1; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,232 INFO L272 TraceCheckUtils]: 28: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} call select_features_#t~ret53#1 := select_one(); {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,233 INFO L290 TraceCheckUtils]: 29: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,233 INFO L290 TraceCheckUtils]: 30: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} assume true; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,234 INFO L284 TraceCheckUtils]: 31: Hoare quadruple {2113#(= ~systemActive~0 (_ bv1 32))} {2113#(= ~systemActive~0 (_ bv1 32))} #372#return; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,234 INFO L290 TraceCheckUtils]: 32: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} ~__SELECTED_FEATURE_startCommand~0 := select_features_#t~ret53#1;havoc select_features_#t~ret53#1; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,234 INFO L290 TraceCheckUtils]: 33: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~9#1;havoc valid_product_~retValue_acc~9#1;valid_product_~retValue_acc~9#1 := ~__SELECTED_FEATURE_base~0;valid_product_#res#1 := valid_product_~retValue_acc~9#1; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,235 INFO L290 TraceCheckUtils]: 34: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} main_#t~ret27#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~3#1 := main_#t~ret27#1;havoc main_#t~ret27#1; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,235 INFO L290 TraceCheckUtils]: 35: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} assume 0bv32 != main_~tmp~3#1;assume { :begin_inline_setup } true; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,236 INFO L290 TraceCheckUtils]: 36: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet28#1, test_#t~nondet29#1, test_#t~nondet30#1, test_#t~nondet31#1, test_~splverifierCounter~0#1, test_~tmp~4#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~4#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,236 INFO L290 TraceCheckUtils]: 37: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} assume !false; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,236 INFO L290 TraceCheckUtils]: 38: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} assume ~bvslt32(test_~splverifierCounter~0#1, 4bv32); {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,237 INFO L290 TraceCheckUtils]: 39: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} test_~tmp~4#1 := test_#t~nondet28#1;havoc test_#t~nondet28#1; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,237 INFO L290 TraceCheckUtils]: 40: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != test_~tmp~4#1); {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,238 INFO L290 TraceCheckUtils]: 41: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} test_~tmp___0~0#1 := test_#t~nondet29#1;havoc test_#t~nondet29#1; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,238 INFO L290 TraceCheckUtils]: 42: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___0~0#1); {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,238 INFO L290 TraceCheckUtils]: 43: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} test_~tmp___2~0#1 := test_#t~nondet30#1;havoc test_#t~nondet30#1; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,239 INFO L290 TraceCheckUtils]: 44: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___2~0#1);test_~tmp___1~0#1 := test_#t~nondet31#1;havoc test_#t~nondet31#1; {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,239 INFO L290 TraceCheckUtils]: 45: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___1~0#1); {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,240 INFO L272 TraceCheckUtils]: 46: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} call timeShift(); {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,240 INFO L290 TraceCheckUtils]: 47: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {2113#(= ~systemActive~0 (_ bv1 32))} is VALID [2022-02-20 18:10:08,241 INFO L290 TraceCheckUtils]: 48: Hoare triple {2113#(= ~systemActive~0 (_ bv1 32))} assume !(0bv32 != ~systemActive~0); {2109#false} is VALID [2022-02-20 18:10:08,241 INFO L290 TraceCheckUtils]: 49: Hoare triple {2109#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret54#1, __utac_acc__Specification3_spec__1_#t~ret55#1, __utac_acc__Specification3_spec__1_#t~ret56#1, __utac_acc__Specification3_spec__1_~tmp~11#1, __utac_acc__Specification3_spec__1_~tmp___0~3#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~11#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {2109#false} is VALID [2022-02-20 18:10:08,241 INFO L272 TraceCheckUtils]: 50: Hoare triple {2109#false} call __utac_acc__Specification3_spec__1_#t~ret54#1 := isMethaneLevelCritical(); {2109#false} is VALID [2022-02-20 18:10:08,241 INFO L290 TraceCheckUtils]: 51: Hoare triple {2109#false} havoc ~retValue_acc~10;~retValue_acc~10 := ~methaneLevelCritical~0;#res := ~retValue_acc~10; {2109#false} is VALID [2022-02-20 18:10:08,241 INFO L290 TraceCheckUtils]: 52: Hoare triple {2109#false} assume true; {2109#false} is VALID [2022-02-20 18:10:08,242 INFO L284 TraceCheckUtils]: 53: Hoare quadruple {2109#false} {2109#false} #356#return; {2109#false} is VALID [2022-02-20 18:10:08,242 INFO L290 TraceCheckUtils]: 54: Hoare triple {2109#false} __utac_acc__Specification3_spec__1_~tmp~11#1 := __utac_acc__Specification3_spec__1_#t~ret54#1;havoc __utac_acc__Specification3_spec__1_#t~ret54#1; {2109#false} is VALID [2022-02-20 18:10:08,242 INFO L290 TraceCheckUtils]: 55: Hoare triple {2109#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~11#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~11#1;havoc getWaterLevel_~retValue_acc~11#1;getWaterLevel_~retValue_acc~11#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~11#1; {2109#false} is VALID [2022-02-20 18:10:08,242 INFO L290 TraceCheckUtils]: 56: Hoare triple {2109#false} __utac_acc__Specification3_spec__1_#t~ret55#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~3#1 := __utac_acc__Specification3_spec__1_#t~ret55#1;havoc __utac_acc__Specification3_spec__1_#t~ret55#1; {2109#false} is VALID [2022-02-20 18:10:08,242 INFO L290 TraceCheckUtils]: 57: Hoare triple {2109#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~3#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~5#1;havoc isPumpRunning_~retValue_acc~5#1;isPumpRunning_~retValue_acc~5#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~5#1; {2109#false} is VALID [2022-02-20 18:10:08,242 INFO L290 TraceCheckUtils]: 58: Hoare triple {2109#false} __utac_acc__Specification3_spec__1_#t~ret56#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret56#1;havoc __utac_acc__Specification3_spec__1_#t~ret56#1; {2109#false} is VALID [2022-02-20 18:10:08,243 INFO L290 TraceCheckUtils]: 59: Hoare triple {2109#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {2109#false} is VALID [2022-02-20 18:10:08,243 INFO L290 TraceCheckUtils]: 60: Hoare triple {2109#false} assume !false; {2109#false} is VALID [2022-02-20 18:10:08,243 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2022-02-20 18:10:08,243 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:10:08,244 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:10:08,244 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [401398599] [2022-02-20 18:10:08,244 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [401398599] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:10:08,244 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:10:08,244 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:10:08,245 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [114383327] [2022-02-20 18:10:08,245 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:10:08,245 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 12.0) internal successors, (36), 2 states have internal predecessors, (36), 2 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 61 [2022-02-20 18:10:08,246 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:10:08,246 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 12.0) internal successors, (36), 2 states have internal predecessors, (36), 2 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:10:08,287 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 51 edges. 51 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:10:08,287 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:10:08,287 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:10:08,288 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:10:08,288 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:10:08,289 INFO L87 Difference]: Start difference. First operand 127 states and 171 transitions. Second operand has 3 states, 3 states have (on average 12.0) internal successors, (36), 2 states have internal predecessors, (36), 2 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:10:08,546 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:10:08,546 INFO L93 Difference]: Finished difference Result 335 states and 458 transitions. [2022-02-20 18:10:08,547 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:10:08,547 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 12.0) internal successors, (36), 2 states have internal predecessors, (36), 2 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 61 [2022-02-20 18:10:08,547 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:10:08,547 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 12.0) internal successors, (36), 2 states have internal predecessors, (36), 2 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:10:08,554 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 458 transitions. [2022-02-20 18:10:08,555 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 12.0) internal successors, (36), 2 states have internal predecessors, (36), 2 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:10:08,562 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 458 transitions. [2022-02-20 18:10:08,562 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 458 transitions. [2022-02-20 18:10:08,946 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 458 edges. 458 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:10:08,956 INFO L225 Difference]: With dead ends: 335 [2022-02-20 18:10:08,957 INFO L226 Difference]: Without dead ends: 230 [2022-02-20 18:10:08,958 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 60 GetRequests, 59 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:10:08,959 INFO L933 BasicCegarLoop]: 211 mSDtfsCounter, 129 mSDsluCounter, 139 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 129 SdHoareTripleChecker+Valid, 350 SdHoareTripleChecker+Invalid, 6 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:10:08,960 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [129 Valid, 350 Invalid, 6 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:10:08,961 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 230 states. [2022-02-20 18:10:08,976 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 230 to 227. [2022-02-20 18:10:08,977 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:10:08,978 INFO L82 GeneralOperation]: Start isEquivalent. First operand 230 states. Second operand has 227 states, 157 states have (on average 1.3630573248407643) internal successors, (214), 186 states have internal predecessors, (214), 48 states have call successors, (48), 21 states have call predecessors, (48), 21 states have return successors, (48), 37 states have call predecessors, (48), 48 states have call successors, (48) [2022-02-20 18:10:08,978 INFO L74 IsIncluded]: Start isIncluded. First operand 230 states. Second operand has 227 states, 157 states have (on average 1.3630573248407643) internal successors, (214), 186 states have internal predecessors, (214), 48 states have call successors, (48), 21 states have call predecessors, (48), 21 states have return successors, (48), 37 states have call predecessors, (48), 48 states have call successors, (48) [2022-02-20 18:10:08,979 INFO L87 Difference]: Start difference. First operand 230 states. Second operand has 227 states, 157 states have (on average 1.3630573248407643) internal successors, (214), 186 states have internal predecessors, (214), 48 states have call successors, (48), 21 states have call predecessors, (48), 21 states have return successors, (48), 37 states have call predecessors, (48), 48 states have call successors, (48) [2022-02-20 18:10:08,997 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:10:08,997 INFO L93 Difference]: Finished difference Result 230 states and 312 transitions. [2022-02-20 18:10:08,997 INFO L276 IsEmpty]: Start isEmpty. Operand 230 states and 312 transitions. [2022-02-20 18:10:08,998 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:10:08,998 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:10:08,999 INFO L74 IsIncluded]: Start isIncluded. First operand has 227 states, 157 states have (on average 1.3630573248407643) internal successors, (214), 186 states have internal predecessors, (214), 48 states have call successors, (48), 21 states have call predecessors, (48), 21 states have return successors, (48), 37 states have call predecessors, (48), 48 states have call successors, (48) Second operand 230 states. [2022-02-20 18:10:09,000 INFO L87 Difference]: Start difference. First operand has 227 states, 157 states have (on average 1.3630573248407643) internal successors, (214), 186 states have internal predecessors, (214), 48 states have call successors, (48), 21 states have call predecessors, (48), 21 states have return successors, (48), 37 states have call predecessors, (48), 48 states have call successors, (48) Second operand 230 states. [2022-02-20 18:10:09,009 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:10:09,010 INFO L93 Difference]: Finished difference Result 230 states and 312 transitions. [2022-02-20 18:10:09,010 INFO L276 IsEmpty]: Start isEmpty. Operand 230 states and 312 transitions. [2022-02-20 18:10:09,011 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:10:09,011 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:10:09,011 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:10:09,011 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:10:09,012 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 227 states, 157 states have (on average 1.3630573248407643) internal successors, (214), 186 states have internal predecessors, (214), 48 states have call successors, (48), 21 states have call predecessors, (48), 21 states have return successors, (48), 37 states have call predecessors, (48), 48 states have call successors, (48) [2022-02-20 18:10:09,022 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 227 states to 227 states and 310 transitions. [2022-02-20 18:10:09,022 INFO L78 Accepts]: Start accepts. Automaton has 227 states and 310 transitions. Word has length 61 [2022-02-20 18:10:09,022 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:10:09,023 INFO L470 AbstractCegarLoop]: Abstraction has 227 states and 310 transitions. [2022-02-20 18:10:09,023 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 12.0) internal successors, (36), 2 states have internal predecessors, (36), 2 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:10:09,023 INFO L276 IsEmpty]: Start isEmpty. Operand 227 states and 310 transitions. [2022-02-20 18:10:09,024 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 66 [2022-02-20 18:10:09,024 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:10:09,024 INFO L514 BasicCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:10:09,037 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Forceful destruction successful, exit code 0 [2022-02-20 18:10:09,234 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:10:09,234 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:10:09,235 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:10:09,235 INFO L85 PathProgramCache]: Analyzing trace with hash 1376588474, now seen corresponding path program 1 times [2022-02-20 18:10:09,235 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:10:09,235 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [99982175] [2022-02-20 18:10:09,235 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:10:09,235 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:10:09,236 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:10:09,237 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:10:09,240 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Waiting until timeout for monitored process [2022-02-20 18:10:09,308 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:10:09,312 INFO L263 TraceCheckSpWp]: Trace formula consists of 223 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 18:10:09,329 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:10:09,331 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:10:09,546 INFO L290 TraceCheckUtils]: 0: Hoare triple {3573#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(38bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(30bv32, 4bv32);call #Ultimate.allocInit(9bv32, 5bv32);call #Ultimate.allocInit(21bv32, 6bv32);call #Ultimate.allocInit(30bv32, 7bv32);call #Ultimate.allocInit(9bv32, 8bv32);call #Ultimate.allocInit(21bv32, 9bv32);call #Ultimate.allocInit(30bv32, 10bv32);call #Ultimate.allocInit(9bv32, 11bv32);call #Ultimate.allocInit(25bv32, 12bv32);call #Ultimate.allocInit(30bv32, 13bv32);call #Ultimate.allocInit(9bv32, 14bv32);call #Ultimate.allocInit(25bv32, 15bv32);call #Ultimate.allocInit(13bv32, 16bv32);call #Ultimate.allocInit(3bv32, 17bv32);call write~init~intINTTYPE1(79bv8, 17bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 17bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 17bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 18bv32);call write~init~intINTTYPE1(79bv8, 18bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 18bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 19bv32);call write~init~intINTTYPE1(44bv8, 19bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 19bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 19bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 19bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 19bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 19bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 19bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 20bv32);call write~init~intINTTYPE1(79bv8, 20bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 20bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 20bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 21bv32);call write~init~intINTTYPE1(79bv8, 21bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 21bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(41bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 23bv32);call write~init~intINTTYPE1(10bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 24bv32);call #Ultimate.allocInit(7bv32, 25bv32);call write~init~intINTTYPE1(44bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 25bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 25bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 25bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 25bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 26bv32);call write~init~intINTTYPE1(67bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 26bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(79bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(41bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~head~0.base, ~head~0.offset := 0bv32, 0bv32;~cleanupTimeShifts~0 := 4bv32;~__SELECTED_FEATURE_base~0 := 0bv32;~__SELECTED_FEATURE_highWaterSensor~0 := 0bv32;~__SELECTED_FEATURE_lowWaterSensor~0 := 0bv32;~__SELECTED_FEATURE_methaneQuery~0 := 0bv32;~__SELECTED_FEATURE_methaneAlarm~0 := 0bv32;~__SELECTED_FEATURE_stopCommand~0 := 0bv32;~__SELECTED_FEATURE_startCommand~0 := 0bv32;~__GUIDSL_ROOT_PRODUCTION~0 := 0bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,556 INFO L290 TraceCheckUtils]: 1: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret27#1, main_~retValue_acc~3#1, main_~tmp~3#1;havoc main_~retValue_acc~3#1;havoc main_~tmp~3#1;assume { :begin_inline_select_helpers } true;~__GUIDSL_ROOT_PRODUCTION~0 := 1bv32; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,556 INFO L290 TraceCheckUtils]: 2: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true;havoc select_features_#t~ret48#1, select_features_#t~ret49#1, select_features_#t~ret50#1, select_features_#t~ret51#1, select_features_#t~ret52#1, select_features_#t~ret53#1;~__SELECTED_FEATURE_base~0 := 1bv32; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,556 INFO L272 TraceCheckUtils]: 3: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} call select_features_#t~ret48#1 := select_one(); {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,557 INFO L290 TraceCheckUtils]: 4: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,557 INFO L290 TraceCheckUtils]: 5: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} assume true; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,558 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {3578#(= ~waterLevel~0 (_ bv1 32))} {3578#(= ~waterLevel~0 (_ bv1 32))} #362#return; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,558 INFO L290 TraceCheckUtils]: 7: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} ~__SELECTED_FEATURE_highWaterSensor~0 := select_features_#t~ret48#1;havoc select_features_#t~ret48#1; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,558 INFO L272 TraceCheckUtils]: 8: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} call select_features_#t~ret49#1 := select_one(); {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,559 INFO L290 TraceCheckUtils]: 9: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,559 INFO L290 TraceCheckUtils]: 10: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} assume true; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,560 INFO L284 TraceCheckUtils]: 11: Hoare quadruple {3578#(= ~waterLevel~0 (_ bv1 32))} {3578#(= ~waterLevel~0 (_ bv1 32))} #364#return; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,560 INFO L290 TraceCheckUtils]: 12: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} ~__SELECTED_FEATURE_lowWaterSensor~0 := select_features_#t~ret49#1;havoc select_features_#t~ret49#1; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,560 INFO L272 TraceCheckUtils]: 13: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} call select_features_#t~ret50#1 := select_one(); {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,561 INFO L290 TraceCheckUtils]: 14: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,561 INFO L290 TraceCheckUtils]: 15: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} assume true; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,563 INFO L284 TraceCheckUtils]: 16: Hoare quadruple {3578#(= ~waterLevel~0 (_ bv1 32))} {3578#(= ~waterLevel~0 (_ bv1 32))} #366#return; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,564 INFO L290 TraceCheckUtils]: 17: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} ~__SELECTED_FEATURE_methaneQuery~0 := select_features_#t~ret50#1;havoc select_features_#t~ret50#1; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,564 INFO L272 TraceCheckUtils]: 18: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} call select_features_#t~ret51#1 := select_one(); {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,565 INFO L290 TraceCheckUtils]: 19: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,565 INFO L290 TraceCheckUtils]: 20: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} assume true; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,566 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {3578#(= ~waterLevel~0 (_ bv1 32))} {3578#(= ~waterLevel~0 (_ bv1 32))} #368#return; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,566 INFO L290 TraceCheckUtils]: 22: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} ~__SELECTED_FEATURE_methaneAlarm~0 := select_features_#t~ret51#1;havoc select_features_#t~ret51#1; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,566 INFO L272 TraceCheckUtils]: 23: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} call select_features_#t~ret52#1 := select_one(); {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,567 INFO L290 TraceCheckUtils]: 24: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,567 INFO L290 TraceCheckUtils]: 25: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} assume true; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,568 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {3578#(= ~waterLevel~0 (_ bv1 32))} {3578#(= ~waterLevel~0 (_ bv1 32))} #370#return; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,568 INFO L290 TraceCheckUtils]: 27: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} ~__SELECTED_FEATURE_stopCommand~0 := select_features_#t~ret52#1;havoc select_features_#t~ret52#1; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,569 INFO L272 TraceCheckUtils]: 28: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} call select_features_#t~ret53#1 := select_one(); {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,569 INFO L290 TraceCheckUtils]: 29: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,569 INFO L290 TraceCheckUtils]: 30: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} assume true; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,570 INFO L284 TraceCheckUtils]: 31: Hoare quadruple {3578#(= ~waterLevel~0 (_ bv1 32))} {3578#(= ~waterLevel~0 (_ bv1 32))} #372#return; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,570 INFO L290 TraceCheckUtils]: 32: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} ~__SELECTED_FEATURE_startCommand~0 := select_features_#t~ret53#1;havoc select_features_#t~ret53#1; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,571 INFO L290 TraceCheckUtils]: 33: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~9#1;havoc valid_product_~retValue_acc~9#1;valid_product_~retValue_acc~9#1 := ~__SELECTED_FEATURE_base~0;valid_product_#res#1 := valid_product_~retValue_acc~9#1; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,571 INFO L290 TraceCheckUtils]: 34: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} main_#t~ret27#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~3#1 := main_#t~ret27#1;havoc main_#t~ret27#1; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,572 INFO L290 TraceCheckUtils]: 35: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} assume 0bv32 != main_~tmp~3#1;assume { :begin_inline_setup } true; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,572 INFO L290 TraceCheckUtils]: 36: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet28#1, test_#t~nondet29#1, test_#t~nondet30#1, test_#t~nondet31#1, test_~splverifierCounter~0#1, test_~tmp~4#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~4#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,573 INFO L290 TraceCheckUtils]: 37: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} assume !false; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,577 INFO L290 TraceCheckUtils]: 38: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} assume ~bvslt32(test_~splverifierCounter~0#1, 4bv32); {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,577 INFO L290 TraceCheckUtils]: 39: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} test_~tmp~4#1 := test_#t~nondet28#1;havoc test_#t~nondet28#1; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,578 INFO L290 TraceCheckUtils]: 40: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != test_~tmp~4#1); {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,578 INFO L290 TraceCheckUtils]: 41: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} test_~tmp___0~0#1 := test_#t~nondet29#1;havoc test_#t~nondet29#1; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,578 INFO L290 TraceCheckUtils]: 42: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___0~0#1); {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,579 INFO L290 TraceCheckUtils]: 43: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} test_~tmp___2~0#1 := test_#t~nondet30#1;havoc test_#t~nondet30#1; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,579 INFO L290 TraceCheckUtils]: 44: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != test_~tmp___2~0#1);test_~tmp___1~0#1 := test_#t~nondet31#1;havoc test_#t~nondet31#1; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,580 INFO L290 TraceCheckUtils]: 45: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} assume 0bv32 != test_~tmp___1~0#1; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,580 INFO L290 TraceCheckUtils]: 46: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} assume 0bv32 != ~__SELECTED_FEATURE_stopCommand~0;assume { :begin_inline_stopSystem } true; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,580 INFO L290 TraceCheckUtils]: 47: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,581 INFO L290 TraceCheckUtils]: 48: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} ~systemActive~0 := 0bv32; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,581 INFO L290 TraceCheckUtils]: 49: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} assume { :end_inline_stopSystem } true; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,582 INFO L272 TraceCheckUtils]: 50: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} call timeShift(); {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,582 INFO L290 TraceCheckUtils]: 51: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != ~pumpRunning~0); {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,582 INFO L290 TraceCheckUtils]: 52: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != ~systemActive~0); {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,583 INFO L290 TraceCheckUtils]: 53: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret54#1, __utac_acc__Specification3_spec__1_#t~ret55#1, __utac_acc__Specification3_spec__1_#t~ret56#1, __utac_acc__Specification3_spec__1_~tmp~11#1, __utac_acc__Specification3_spec__1_~tmp___0~3#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~11#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,583 INFO L272 TraceCheckUtils]: 54: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} call __utac_acc__Specification3_spec__1_#t~ret54#1 := isMethaneLevelCritical(); {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,584 INFO L290 TraceCheckUtils]: 55: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} havoc ~retValue_acc~10;~retValue_acc~10 := ~methaneLevelCritical~0;#res := ~retValue_acc~10; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,584 INFO L290 TraceCheckUtils]: 56: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} assume true; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,584 INFO L284 TraceCheckUtils]: 57: Hoare quadruple {3578#(= ~waterLevel~0 (_ bv1 32))} {3578#(= ~waterLevel~0 (_ bv1 32))} #356#return; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,585 INFO L290 TraceCheckUtils]: 58: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} __utac_acc__Specification3_spec__1_~tmp~11#1 := __utac_acc__Specification3_spec__1_#t~ret54#1;havoc __utac_acc__Specification3_spec__1_#t~ret54#1; {3578#(= ~waterLevel~0 (_ bv1 32))} is VALID [2022-02-20 18:10:09,585 INFO L290 TraceCheckUtils]: 59: Hoare triple {3578#(= ~waterLevel~0 (_ bv1 32))} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~11#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~11#1;havoc getWaterLevel_~retValue_acc~11#1;getWaterLevel_~retValue_acc~11#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~11#1; {3756#(= |timeShift_getWaterLevel_#res#1| (_ bv1 32))} is VALID [2022-02-20 18:10:09,586 INFO L290 TraceCheckUtils]: 60: Hoare triple {3756#(= |timeShift_getWaterLevel_#res#1| (_ bv1 32))} __utac_acc__Specification3_spec__1_#t~ret55#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~3#1 := __utac_acc__Specification3_spec__1_#t~ret55#1;havoc __utac_acc__Specification3_spec__1_#t~ret55#1; {3760#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~3#1| (_ bv1 32))} is VALID [2022-02-20 18:10:09,587 INFO L290 TraceCheckUtils]: 61: Hoare triple {3760#(= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~3#1| (_ bv1 32))} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~3#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~5#1;havoc isPumpRunning_~retValue_acc~5#1;isPumpRunning_~retValue_acc~5#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~5#1; {3574#false} is VALID [2022-02-20 18:10:09,587 INFO L290 TraceCheckUtils]: 62: Hoare triple {3574#false} __utac_acc__Specification3_spec__1_#t~ret56#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret56#1;havoc __utac_acc__Specification3_spec__1_#t~ret56#1; {3574#false} is VALID [2022-02-20 18:10:09,587 INFO L290 TraceCheckUtils]: 63: Hoare triple {3574#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {3574#false} is VALID [2022-02-20 18:10:09,587 INFO L290 TraceCheckUtils]: 64: Hoare triple {3574#false} assume !false; {3574#false} is VALID [2022-02-20 18:10:09,587 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2022-02-20 18:10:09,588 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:10:09,588 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:10:09,589 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [99982175] [2022-02-20 18:10:09,589 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [99982175] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:10:09,589 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:10:09,590 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 18:10:09,590 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2105868841] [2022-02-20 18:10:09,590 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:10:09,591 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 4 states have internal predecessors, (40), 1 states have call successors, (8), 1 states have call predecessors, (8), 1 states have return successors, (7), 1 states have call predecessors, (7), 1 states have call successors, (7) Word has length 65 [2022-02-20 18:10:09,591 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:10:09,591 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 8.0) internal successors, (40), 4 states have internal predecessors, (40), 1 states have call successors, (8), 1 states have call predecessors, (8), 1 states have return successors, (7), 1 states have call predecessors, (7), 1 states have call successors, (7) [2022-02-20 18:10:09,653 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 55 edges. 55 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:10:09,653 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 18:10:09,654 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:10:09,654 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 18:10:09,654 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 18:10:09,655 INFO L87 Difference]: Start difference. First operand 227 states and 310 transitions. Second operand has 5 states, 5 states have (on average 8.0) internal successors, (40), 4 states have internal predecessors, (40), 1 states have call successors, (8), 1 states have call predecessors, (8), 1 states have return successors, (7), 1 states have call predecessors, (7), 1 states have call successors, (7) [2022-02-20 18:10:10,216 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:10:10,216 INFO L93 Difference]: Finished difference Result 631 states and 889 transitions. [2022-02-20 18:10:10,216 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 18:10:10,217 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 4 states have internal predecessors, (40), 1 states have call successors, (8), 1 states have call predecessors, (8), 1 states have return successors, (7), 1 states have call predecessors, (7), 1 states have call successors, (7) Word has length 65 [2022-02-20 18:10:10,217 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:10:10,217 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 8.0) internal successors, (40), 4 states have internal predecessors, (40), 1 states have call successors, (8), 1 states have call predecessors, (8), 1 states have return successors, (7), 1 states have call predecessors, (7), 1 states have call successors, (7) [2022-02-20 18:10:10,224 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 465 transitions. [2022-02-20 18:10:10,225 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 8.0) internal successors, (40), 4 states have internal predecessors, (40), 1 states have call successors, (8), 1 states have call predecessors, (8), 1 states have return successors, (7), 1 states have call predecessors, (7), 1 states have call successors, (7) [2022-02-20 18:10:10,232 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 465 transitions. [2022-02-20 18:10:10,232 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 465 transitions. [2022-02-20 18:10:10,609 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 465 edges. 465 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:10:10,625 INFO L225 Difference]: With dead ends: 631 [2022-02-20 18:10:10,625 INFO L226 Difference]: Without dead ends: 426 [2022-02-20 18:10:10,626 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 66 GetRequests, 61 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-02-20 18:10:10,627 INFO L933 BasicCegarLoop]: 188 mSDtfsCounter, 116 mSDsluCounter, 509 mSDsCounter, 0 mSdLazyCounter, 30 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 116 SdHoareTripleChecker+Valid, 697 SdHoareTripleChecker+Invalid, 33 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 30 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:10:10,627 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [116 Valid, 697 Invalid, 33 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 30 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:10:10,633 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 426 states. [2022-02-20 18:10:10,670 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 426 to 420. [2022-02-20 18:10:10,671 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:10:10,672 INFO L82 GeneralOperation]: Start isEquivalent. First operand 426 states. Second operand has 420 states, 290 states have (on average 1.3586206896551725) internal successors, (394), 345 states have internal predecessors, (394), 90 states have call successors, (90), 41 states have call predecessors, (90), 39 states have return successors, (92), 66 states have call predecessors, (92), 90 states have call successors, (92) [2022-02-20 18:10:10,674 INFO L74 IsIncluded]: Start isIncluded. First operand 426 states. Second operand has 420 states, 290 states have (on average 1.3586206896551725) internal successors, (394), 345 states have internal predecessors, (394), 90 states have call successors, (90), 41 states have call predecessors, (90), 39 states have return successors, (92), 66 states have call predecessors, (92), 90 states have call successors, (92) [2022-02-20 18:10:10,675 INFO L87 Difference]: Start difference. First operand 426 states. Second operand has 420 states, 290 states have (on average 1.3586206896551725) internal successors, (394), 345 states have internal predecessors, (394), 90 states have call successors, (90), 41 states have call predecessors, (90), 39 states have return successors, (92), 66 states have call predecessors, (92), 90 states have call successors, (92) [2022-02-20 18:10:10,704 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:10:10,704 INFO L93 Difference]: Finished difference Result 426 states and 582 transitions. [2022-02-20 18:10:10,704 INFO L276 IsEmpty]: Start isEmpty. Operand 426 states and 582 transitions. [2022-02-20 18:10:10,706 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:10:10,706 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:10:10,707 INFO L74 IsIncluded]: Start isIncluded. First operand has 420 states, 290 states have (on average 1.3586206896551725) internal successors, (394), 345 states have internal predecessors, (394), 90 states have call successors, (90), 41 states have call predecessors, (90), 39 states have return successors, (92), 66 states have call predecessors, (92), 90 states have call successors, (92) Second operand 426 states. [2022-02-20 18:10:10,708 INFO L87 Difference]: Start difference. First operand has 420 states, 290 states have (on average 1.3586206896551725) internal successors, (394), 345 states have internal predecessors, (394), 90 states have call successors, (90), 41 states have call predecessors, (90), 39 states have return successors, (92), 66 states have call predecessors, (92), 90 states have call successors, (92) Second operand 426 states. [2022-02-20 18:10:10,726 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:10:10,727 INFO L93 Difference]: Finished difference Result 426 states and 582 transitions. [2022-02-20 18:10:10,727 INFO L276 IsEmpty]: Start isEmpty. Operand 426 states and 582 transitions. [2022-02-20 18:10:10,728 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:10:10,728 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:10:10,728 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:10:10,729 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:10:10,730 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 420 states, 290 states have (on average 1.3586206896551725) internal successors, (394), 345 states have internal predecessors, (394), 90 states have call successors, (90), 41 states have call predecessors, (90), 39 states have return successors, (92), 66 states have call predecessors, (92), 90 states have call successors, (92) [2022-02-20 18:10:10,747 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 420 states to 420 states and 576 transitions. [2022-02-20 18:10:10,748 INFO L78 Accepts]: Start accepts. Automaton has 420 states and 576 transitions. Word has length 65 [2022-02-20 18:10:10,748 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:10:10,748 INFO L470 AbstractCegarLoop]: Abstraction has 420 states and 576 transitions. [2022-02-20 18:10:10,748 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 4 states have internal predecessors, (40), 1 states have call successors, (8), 1 states have call predecessors, (8), 1 states have return successors, (7), 1 states have call predecessors, (7), 1 states have call successors, (7) [2022-02-20 18:10:10,749 INFO L276 IsEmpty]: Start isEmpty. Operand 420 states and 576 transitions. [2022-02-20 18:10:10,751 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 68 [2022-02-20 18:10:10,751 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:10:10,752 INFO L514 BasicCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:10:10,765 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Forceful destruction successful, exit code 0 [2022-02-20 18:10:10,961 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:10:10,963 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:10:10,964 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:10:10,965 INFO L85 PathProgramCache]: Analyzing trace with hash 1723303743, now seen corresponding path program 1 times [2022-02-20 18:10:10,965 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:10:10,966 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1027200669] [2022-02-20 18:10:10,966 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:10:10,966 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:10:10,966 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:10:10,967 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:10:10,994 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Waiting until timeout for monitored process [2022-02-20 18:10:11,055 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:10:11,060 INFO L263 TraceCheckSpWp]: Trace formula consists of 226 conjuncts, 4 conjunts are in the unsatisfiable core [2022-02-20 18:10:11,077 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:10:11,079 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 18:10:11,240 INFO L290 TraceCheckUtils]: 0: Hoare triple {6165#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(38bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);call #Ultimate.allocInit(30bv32, 4bv32);call #Ultimate.allocInit(9bv32, 5bv32);call #Ultimate.allocInit(21bv32, 6bv32);call #Ultimate.allocInit(30bv32, 7bv32);call #Ultimate.allocInit(9bv32, 8bv32);call #Ultimate.allocInit(21bv32, 9bv32);call #Ultimate.allocInit(30bv32, 10bv32);call #Ultimate.allocInit(9bv32, 11bv32);call #Ultimate.allocInit(25bv32, 12bv32);call #Ultimate.allocInit(30bv32, 13bv32);call #Ultimate.allocInit(9bv32, 14bv32);call #Ultimate.allocInit(25bv32, 15bv32);call #Ultimate.allocInit(13bv32, 16bv32);call #Ultimate.allocInit(3bv32, 17bv32);call write~init~intINTTYPE1(79bv8, 17bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 17bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 17bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 18bv32);call write~init~intINTTYPE1(79bv8, 18bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 18bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 18bv32, 3bv32, 1bv32);call #Ultimate.allocInit(7bv32, 19bv32);call write~init~intINTTYPE1(44bv8, 19bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(80bv8, 19bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(117bv8, 19bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(109bv8, 19bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(112bv8, 19bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 19bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 19bv32, 6bv32, 1bv32);call #Ultimate.allocInit(3bv32, 20bv32);call write~init~intINTTYPE1(79bv8, 20bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(110bv8, 20bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 20bv32, 2bv32, 1bv32);call #Ultimate.allocInit(4bv32, 21bv32);call write~init~intINTTYPE1(79bv8, 21bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(102bv8, 21bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 21bv32, 3bv32, 1bv32);call #Ultimate.allocInit(3bv32, 22bv32);call write~init~intINTTYPE1(41bv8, 22bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(32bv8, 22bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 22bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 23bv32);call write~init~intINTTYPE1(10bv8, 23bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 23bv32, 1bv32, 1bv32);call #Ultimate.allocInit(13bv32, 24bv32);call #Ultimate.allocInit(7bv32, 25bv32);call write~init~intINTTYPE1(44bv8, 25bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(77bv8, 25bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(101bv8, 25bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(116bv8, 25bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(104bv8, 25bv32, 4bv32, 1bv32);call write~init~intINTTYPE1(58bv8, 25bv32, 5bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 25bv32, 6bv32, 1bv32);call #Ultimate.allocInit(5bv32, 26bv32);call write~init~intINTTYPE1(67bv8, 26bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(82bv8, 26bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(73bv8, 26bv32, 2bv32, 1bv32);call write~init~intINTTYPE1(84bv8, 26bv32, 3bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 26bv32, 4bv32, 1bv32);call #Ultimate.allocInit(3bv32, 27bv32);call write~init~intINTTYPE1(79bv8, 27bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(75bv8, 27bv32, 1bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 27bv32, 2bv32, 1bv32);call #Ultimate.allocInit(2bv32, 28bv32);call write~init~intINTTYPE1(41bv8, 28bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 28bv32, 1bv32, 1bv32);~head~0.base, ~head~0.offset := 0bv32, 0bv32;~cleanupTimeShifts~0 := 4bv32;~__SELECTED_FEATURE_base~0 := 0bv32;~__SELECTED_FEATURE_highWaterSensor~0 := 0bv32;~__SELECTED_FEATURE_lowWaterSensor~0 := 0bv32;~__SELECTED_FEATURE_methaneQuery~0 := 0bv32;~__SELECTED_FEATURE_methaneAlarm~0 := 0bv32;~__SELECTED_FEATURE_stopCommand~0 := 0bv32;~__SELECTED_FEATURE_startCommand~0 := 0bv32;~__GUIDSL_ROOT_PRODUCTION~0 := 0bv32;~pumpRunning~0 := 0bv32;~systemActive~0 := 1bv32;~waterLevel~0 := 1bv32;~methaneLevelCritical~0 := 0bv32; {6165#true} is VALID [2022-02-20 18:10:11,240 INFO L290 TraceCheckUtils]: 1: Hoare triple {6165#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret27#1, main_~retValue_acc~3#1, main_~tmp~3#1;havoc main_~retValue_acc~3#1;havoc main_~tmp~3#1;assume { :begin_inline_select_helpers } true;~__GUIDSL_ROOT_PRODUCTION~0 := 1bv32; {6165#true} is VALID [2022-02-20 18:10:11,240 INFO L290 TraceCheckUtils]: 2: Hoare triple {6165#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true;havoc select_features_#t~ret48#1, select_features_#t~ret49#1, select_features_#t~ret50#1, select_features_#t~ret51#1, select_features_#t~ret52#1, select_features_#t~ret53#1;~__SELECTED_FEATURE_base~0 := 1bv32; {6165#true} is VALID [2022-02-20 18:10:11,240 INFO L272 TraceCheckUtils]: 3: Hoare triple {6165#true} call select_features_#t~ret48#1 := select_one(); {6165#true} is VALID [2022-02-20 18:10:11,240 INFO L290 TraceCheckUtils]: 4: Hoare triple {6165#true} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {6165#true} is VALID [2022-02-20 18:10:11,241 INFO L290 TraceCheckUtils]: 5: Hoare triple {6165#true} assume true; {6165#true} is VALID [2022-02-20 18:10:11,241 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {6165#true} {6165#true} #362#return; {6165#true} is VALID [2022-02-20 18:10:11,241 INFO L290 TraceCheckUtils]: 7: Hoare triple {6165#true} ~__SELECTED_FEATURE_highWaterSensor~0 := select_features_#t~ret48#1;havoc select_features_#t~ret48#1; {6165#true} is VALID [2022-02-20 18:10:11,241 INFO L272 TraceCheckUtils]: 8: Hoare triple {6165#true} call select_features_#t~ret49#1 := select_one(); {6165#true} is VALID [2022-02-20 18:10:11,241 INFO L290 TraceCheckUtils]: 9: Hoare triple {6165#true} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {6165#true} is VALID [2022-02-20 18:10:11,241 INFO L290 TraceCheckUtils]: 10: Hoare triple {6165#true} assume true; {6165#true} is VALID [2022-02-20 18:10:11,241 INFO L284 TraceCheckUtils]: 11: Hoare quadruple {6165#true} {6165#true} #364#return; {6165#true} is VALID [2022-02-20 18:10:11,241 INFO L290 TraceCheckUtils]: 12: Hoare triple {6165#true} ~__SELECTED_FEATURE_lowWaterSensor~0 := select_features_#t~ret49#1;havoc select_features_#t~ret49#1; {6165#true} is VALID [2022-02-20 18:10:11,241 INFO L272 TraceCheckUtils]: 13: Hoare triple {6165#true} call select_features_#t~ret50#1 := select_one(); {6165#true} is VALID [2022-02-20 18:10:11,242 INFO L290 TraceCheckUtils]: 14: Hoare triple {6165#true} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {6165#true} is VALID [2022-02-20 18:10:11,242 INFO L290 TraceCheckUtils]: 15: Hoare triple {6165#true} assume true; {6165#true} is VALID [2022-02-20 18:10:11,242 INFO L284 TraceCheckUtils]: 16: Hoare quadruple {6165#true} {6165#true} #366#return; {6165#true} is VALID [2022-02-20 18:10:11,242 INFO L290 TraceCheckUtils]: 17: Hoare triple {6165#true} ~__SELECTED_FEATURE_methaneQuery~0 := select_features_#t~ret50#1;havoc select_features_#t~ret50#1; {6165#true} is VALID [2022-02-20 18:10:11,242 INFO L272 TraceCheckUtils]: 18: Hoare triple {6165#true} call select_features_#t~ret51#1 := select_one(); {6165#true} is VALID [2022-02-20 18:10:11,242 INFO L290 TraceCheckUtils]: 19: Hoare triple {6165#true} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {6165#true} is VALID [2022-02-20 18:10:11,243 INFO L290 TraceCheckUtils]: 20: Hoare triple {6165#true} assume true; {6165#true} is VALID [2022-02-20 18:10:11,243 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {6165#true} {6165#true} #368#return; {6165#true} is VALID [2022-02-20 18:10:11,243 INFO L290 TraceCheckUtils]: 22: Hoare triple {6165#true} ~__SELECTED_FEATURE_methaneAlarm~0 := select_features_#t~ret51#1;havoc select_features_#t~ret51#1; {6165#true} is VALID [2022-02-20 18:10:11,243 INFO L272 TraceCheckUtils]: 23: Hoare triple {6165#true} call select_features_#t~ret52#1 := select_one(); {6165#true} is VALID [2022-02-20 18:10:11,243 INFO L290 TraceCheckUtils]: 24: Hoare triple {6165#true} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {6165#true} is VALID [2022-02-20 18:10:11,243 INFO L290 TraceCheckUtils]: 25: Hoare triple {6165#true} assume true; {6165#true} is VALID [2022-02-20 18:10:11,244 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {6165#true} {6165#true} #370#return; {6165#true} is VALID [2022-02-20 18:10:11,244 INFO L290 TraceCheckUtils]: 27: Hoare triple {6165#true} ~__SELECTED_FEATURE_stopCommand~0 := select_features_#t~ret52#1;havoc select_features_#t~ret52#1; {6165#true} is VALID [2022-02-20 18:10:11,244 INFO L272 TraceCheckUtils]: 28: Hoare triple {6165#true} call select_features_#t~ret53#1 := select_one(); {6165#true} is VALID [2022-02-20 18:10:11,244 INFO L290 TraceCheckUtils]: 29: Hoare triple {6165#true} havoc ~retValue_acc~8;~choice~0 := #t~nondet47;havoc #t~nondet47;~retValue_acc~8 := ~choice~0;#res := ~retValue_acc~8; {6165#true} is VALID [2022-02-20 18:10:11,244 INFO L290 TraceCheckUtils]: 30: Hoare triple {6165#true} assume true; {6165#true} is VALID [2022-02-20 18:10:11,244 INFO L284 TraceCheckUtils]: 31: Hoare quadruple {6165#true} {6165#true} #372#return; {6165#true} is VALID [2022-02-20 18:10:11,245 INFO L290 TraceCheckUtils]: 32: Hoare triple {6165#true} ~__SELECTED_FEATURE_startCommand~0 := select_features_#t~ret53#1;havoc select_features_#t~ret53#1; {6165#true} is VALID [2022-02-20 18:10:11,245 INFO L290 TraceCheckUtils]: 33: Hoare triple {6165#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~9#1;havoc valid_product_~retValue_acc~9#1;valid_product_~retValue_acc~9#1 := ~__SELECTED_FEATURE_base~0;valid_product_#res#1 := valid_product_~retValue_acc~9#1; {6165#true} is VALID [2022-02-20 18:10:11,245 INFO L290 TraceCheckUtils]: 34: Hoare triple {6165#true} main_#t~ret27#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;main_~tmp~3#1 := main_#t~ret27#1;havoc main_#t~ret27#1; {6165#true} is VALID [2022-02-20 18:10:11,245 INFO L290 TraceCheckUtils]: 35: Hoare triple {6165#true} assume 0bv32 != main_~tmp~3#1;assume { :begin_inline_setup } true; {6165#true} is VALID [2022-02-20 18:10:11,245 INFO L290 TraceCheckUtils]: 36: Hoare triple {6165#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline_test } true;havoc test_#t~nondet28#1, test_#t~nondet29#1, test_#t~nondet30#1, test_#t~nondet31#1, test_~splverifierCounter~0#1, test_~tmp~4#1, test_~tmp___0~0#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~4#1;havoc test_~tmp___0~0#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0bv32; {6165#true} is VALID [2022-02-20 18:10:11,245 INFO L290 TraceCheckUtils]: 37: Hoare triple {6165#true} assume !false; {6165#true} is VALID [2022-02-20 18:10:11,246 INFO L290 TraceCheckUtils]: 38: Hoare triple {6165#true} assume ~bvslt32(test_~splverifierCounter~0#1, 4bv32); {6165#true} is VALID [2022-02-20 18:10:11,246 INFO L290 TraceCheckUtils]: 39: Hoare triple {6165#true} test_~tmp~4#1 := test_#t~nondet28#1;havoc test_#t~nondet28#1; {6165#true} is VALID [2022-02-20 18:10:11,246 INFO L290 TraceCheckUtils]: 40: Hoare triple {6165#true} assume !(0bv32 != test_~tmp~4#1); {6165#true} is VALID [2022-02-20 18:10:11,246 INFO L290 TraceCheckUtils]: 41: Hoare triple {6165#true} test_~tmp___0~0#1 := test_#t~nondet29#1;havoc test_#t~nondet29#1; {6165#true} is VALID [2022-02-20 18:10:11,246 INFO L290 TraceCheckUtils]: 42: Hoare triple {6165#true} assume !(0bv32 != test_~tmp___0~0#1); {6165#true} is VALID [2022-02-20 18:10:11,246 INFO L290 TraceCheckUtils]: 43: Hoare triple {6165#true} test_~tmp___2~0#1 := test_#t~nondet30#1;havoc test_#t~nondet30#1; {6165#true} is VALID [2022-02-20 18:10:11,247 INFO L290 TraceCheckUtils]: 44: Hoare triple {6165#true} assume !(0bv32 != test_~tmp___2~0#1);test_~tmp___1~0#1 := test_#t~nondet31#1;havoc test_#t~nondet31#1; {6165#true} is VALID [2022-02-20 18:10:11,247 INFO L290 TraceCheckUtils]: 45: Hoare triple {6165#true} assume 0bv32 != test_~tmp___1~0#1; {6165#true} is VALID [2022-02-20 18:10:11,247 INFO L290 TraceCheckUtils]: 46: Hoare triple {6165#true} assume 0bv32 != ~__SELECTED_FEATURE_stopCommand~0;assume { :begin_inline_stopSystem } true; {6165#true} is VALID [2022-02-20 18:10:11,248 INFO L290 TraceCheckUtils]: 47: Hoare triple {6165#true} assume !(0bv32 != ~pumpRunning~0); {6311#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:10:11,248 INFO L290 TraceCheckUtils]: 48: Hoare triple {6311#(= (_ bv0 32) ~pumpRunning~0)} ~systemActive~0 := 0bv32; {6311#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:10:11,248 INFO L290 TraceCheckUtils]: 49: Hoare triple {6311#(= (_ bv0 32) ~pumpRunning~0)} assume { :end_inline_stopSystem } true; {6311#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:10:11,249 INFO L272 TraceCheckUtils]: 50: Hoare triple {6311#(= (_ bv0 32) ~pumpRunning~0)} call timeShift(); {6311#(= (_ bv0 32) ~pumpRunning~0)} is VALID [2022-02-20 18:10:11,249 INFO L290 TraceCheckUtils]: 51: Hoare triple {6311#(= (_ bv0 32) ~pumpRunning~0)} assume 0bv32 != ~pumpRunning~0;assume { :begin_inline_lowerWaterLevel } true; {6166#false} is VALID [2022-02-20 18:10:11,249 INFO L290 TraceCheckUtils]: 52: Hoare triple {6166#false} assume ~bvsgt32(~waterLevel~0, 0bv32);~waterLevel~0 := ~bvsub32(~waterLevel~0, 1bv32); {6166#false} is VALID [2022-02-20 18:10:11,250 INFO L290 TraceCheckUtils]: 53: Hoare triple {6166#false} assume { :end_inline_lowerWaterLevel } true; {6166#false} is VALID [2022-02-20 18:10:11,250 INFO L290 TraceCheckUtils]: 54: Hoare triple {6166#false} assume !(0bv32 != ~systemActive~0); {6166#false} is VALID [2022-02-20 18:10:11,250 INFO L290 TraceCheckUtils]: 55: Hoare triple {6166#false} assume { :begin_inline___utac_acc__Specification3_spec__1 } true;havoc __utac_acc__Specification3_spec__1_#t~ret54#1, __utac_acc__Specification3_spec__1_#t~ret55#1, __utac_acc__Specification3_spec__1_#t~ret56#1, __utac_acc__Specification3_spec__1_~tmp~11#1, __utac_acc__Specification3_spec__1_~tmp___0~3#1, __utac_acc__Specification3_spec__1_~tmp___1~1#1;havoc __utac_acc__Specification3_spec__1_~tmp~11#1;havoc __utac_acc__Specification3_spec__1_~tmp___0~3#1;havoc __utac_acc__Specification3_spec__1_~tmp___1~1#1; {6166#false} is VALID [2022-02-20 18:10:11,250 INFO L272 TraceCheckUtils]: 56: Hoare triple {6166#false} call __utac_acc__Specification3_spec__1_#t~ret54#1 := isMethaneLevelCritical(); {6166#false} is VALID [2022-02-20 18:10:11,250 INFO L290 TraceCheckUtils]: 57: Hoare triple {6166#false} havoc ~retValue_acc~10;~retValue_acc~10 := ~methaneLevelCritical~0;#res := ~retValue_acc~10; {6166#false} is VALID [2022-02-20 18:10:11,250 INFO L290 TraceCheckUtils]: 58: Hoare triple {6166#false} assume true; {6166#false} is VALID [2022-02-20 18:10:11,251 INFO L284 TraceCheckUtils]: 59: Hoare quadruple {6166#false} {6166#false} #356#return; {6166#false} is VALID [2022-02-20 18:10:11,251 INFO L290 TraceCheckUtils]: 60: Hoare triple {6166#false} __utac_acc__Specification3_spec__1_~tmp~11#1 := __utac_acc__Specification3_spec__1_#t~ret54#1;havoc __utac_acc__Specification3_spec__1_#t~ret54#1; {6166#false} is VALID [2022-02-20 18:10:11,251 INFO L290 TraceCheckUtils]: 61: Hoare triple {6166#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp~11#1);assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~11#1;havoc getWaterLevel_~retValue_acc~11#1;getWaterLevel_~retValue_acc~11#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~11#1; {6166#false} is VALID [2022-02-20 18:10:11,251 INFO L290 TraceCheckUtils]: 62: Hoare triple {6166#false} __utac_acc__Specification3_spec__1_#t~ret55#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;__utac_acc__Specification3_spec__1_~tmp___0~3#1 := __utac_acc__Specification3_spec__1_#t~ret55#1;havoc __utac_acc__Specification3_spec__1_#t~ret55#1; {6166#false} is VALID [2022-02-20 18:10:11,251 INFO L290 TraceCheckUtils]: 63: Hoare triple {6166#false} assume 2bv32 == __utac_acc__Specification3_spec__1_~tmp___0~3#1;assume { :begin_inline_isPumpRunning } true;havoc isPumpRunning_#res#1;havoc isPumpRunning_~retValue_acc~5#1;havoc isPumpRunning_~retValue_acc~5#1;isPumpRunning_~retValue_acc~5#1 := ~pumpRunning~0;isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~5#1; {6166#false} is VALID [2022-02-20 18:10:11,251 INFO L290 TraceCheckUtils]: 64: Hoare triple {6166#false} __utac_acc__Specification3_spec__1_#t~ret56#1 := isPumpRunning_#res#1;assume { :end_inline_isPumpRunning } true;__utac_acc__Specification3_spec__1_~tmp___1~1#1 := __utac_acc__Specification3_spec__1_#t~ret56#1;havoc __utac_acc__Specification3_spec__1_#t~ret56#1; {6166#false} is VALID [2022-02-20 18:10:11,252 INFO L290 TraceCheckUtils]: 65: Hoare triple {6166#false} assume !(0bv32 != __utac_acc__Specification3_spec__1_~tmp___1~1#1);assume { :begin_inline___automaton_fail } true; {6166#false} is VALID [2022-02-20 18:10:11,252 INFO L290 TraceCheckUtils]: 66: Hoare triple {6166#false} assume !false; {6166#false} is VALID [2022-02-20 18:10:11,252 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2022-02-20 18:10:11,252 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 18:10:11,253 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 18:10:11,253 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1027200669] [2022-02-20 18:10:11,253 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1027200669] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:10:11,253 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:10:11,253 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:10:11,253 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1669674260] [2022-02-20 18:10:11,253 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:10:11,254 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 14.0) internal successors, (42), 3 states have internal predecessors, (42), 3 states have call successors, (8), 3 states have call predecessors, (8), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 67 [2022-02-20 18:10:11,254 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:10:11,254 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 14.0) internal successors, (42), 3 states have internal predecessors, (42), 3 states have call successors, (8), 3 states have call predecessors, (8), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:10:11,299 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 57 edges. 57 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:10:11,300 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:10:11,300 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 18:10:11,300 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:10:11,300 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:10:11,300 INFO L87 Difference]: Start difference. First operand 420 states and 576 transitions. Second operand has 3 states, 3 states have (on average 14.0) internal successors, (42), 3 states have internal predecessors, (42), 3 states have call successors, (8), 3 states have call predecessors, (8), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:10:11,646 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:10:11,647 INFO L93 Difference]: Finished difference Result 1006 states and 1417 transitions. [2022-02-20 18:10:11,647 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:10:11,647 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 14.0) internal successors, (42), 3 states have internal predecessors, (42), 3 states have call successors, (8), 3 states have call predecessors, (8), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 67 [2022-02-20 18:10:11,648 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:10:11,648 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 14.0) internal successors, (42), 3 states have internal predecessors, (42), 3 states have call successors, (8), 3 states have call predecessors, (8), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:10:11,652 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 418 transitions. [2022-02-20 18:10:11,653 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 14.0) internal successors, (42), 3 states have internal predecessors, (42), 3 states have call successors, (8), 3 states have call predecessors, (8), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:10:11,657 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 418 transitions. [2022-02-20 18:10:11,658 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 418 transitions. [2022-02-20 18:10:11,991 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 418 edges. 418 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:10:12,021 INFO L225 Difference]: With dead ends: 1006 [2022-02-20 18:10:12,021 INFO L226 Difference]: Without dead ends: 608 [2022-02-20 18:10:12,023 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 66 GetRequests, 65 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:10:12,025 INFO L933 BasicCegarLoop]: 182 mSDtfsCounter, 137 mSDsluCounter, 106 mSDsCounter, 0 mSdLazyCounter, 13 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 137 SdHoareTripleChecker+Valid, 288 SdHoareTripleChecker+Invalid, 23 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 13 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:10:12,025 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [137 Valid, 288 Invalid, 23 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 13 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:10:12,027 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 608 states. [2022-02-20 18:10:12,071 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 608 to 599. [2022-02-20 18:10:12,071 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:10:12,073 INFO L82 GeneralOperation]: Start isEquivalent. First operand 608 states. Second operand has 599 states, 433 states have (on average 1.3140877598152425) internal successors, (569), 481 states have internal predecessors, (569), 101 states have call successors, (101), 64 states have call predecessors, (101), 64 states have return successors, (137), 100 states have call predecessors, (137), 101 states have call successors, (137) [2022-02-20 18:10:12,075 INFO L74 IsIncluded]: Start isIncluded. First operand 608 states. Second operand has 599 states, 433 states have (on average 1.3140877598152425) internal successors, (569), 481 states have internal predecessors, (569), 101 states have call successors, (101), 64 states have call predecessors, (101), 64 states have return successors, (137), 100 states have call predecessors, (137), 101 states have call successors, (137) [2022-02-20 18:10:12,076 INFO L87 Difference]: Start difference. First operand 608 states. Second operand has 599 states, 433 states have (on average 1.3140877598152425) internal successors, (569), 481 states have internal predecessors, (569), 101 states have call successors, (101), 64 states have call predecessors, (101), 64 states have return successors, (137), 100 states have call predecessors, (137), 101 states have call successors, (137) [2022-02-20 18:10:12,105 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:10:12,106 INFO L93 Difference]: Finished difference Result 608 states and 816 transitions. [2022-02-20 18:10:12,106 INFO L276 IsEmpty]: Start isEmpty. Operand 608 states and 816 transitions. [2022-02-20 18:10:12,109 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:10:12,109 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:10:12,111 INFO L74 IsIncluded]: Start isIncluded. First operand has 599 states, 433 states have (on average 1.3140877598152425) internal successors, (569), 481 states have internal predecessors, (569), 101 states have call successors, (101), 64 states have call predecessors, (101), 64 states have return successors, (137), 100 states have call predecessors, (137), 101 states have call successors, (137) Second operand 608 states. [2022-02-20 18:10:12,113 INFO L87 Difference]: Start difference. First operand has 599 states, 433 states have (on average 1.3140877598152425) internal successors, (569), 481 states have internal predecessors, (569), 101 states have call successors, (101), 64 states have call predecessors, (101), 64 states have return successors, (137), 100 states have call predecessors, (137), 101 states have call successors, (137) Second operand 608 states. [2022-02-20 18:10:12,140 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:10:12,141 INFO L93 Difference]: Finished difference Result 608 states and 816 transitions. [2022-02-20 18:10:12,141 INFO L276 IsEmpty]: Start isEmpty. Operand 608 states and 816 transitions. [2022-02-20 18:10:12,143 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:10:12,144 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:10:12,144 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:10:12,144 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:10:12,146 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 599 states, 433 states have (on average 1.3140877598152425) internal successors, (569), 481 states have internal predecessors, (569), 101 states have call successors, (101), 64 states have call predecessors, (101), 64 states have return successors, (137), 100 states have call predecessors, (137), 101 states have call successors, (137) [2022-02-20 18:10:12,179 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 599 states to 599 states and 807 transitions. [2022-02-20 18:10:12,179 INFO L78 Accepts]: Start accepts. Automaton has 599 states and 807 transitions. Word has length 67 [2022-02-20 18:10:12,180 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:10:12,180 INFO L470 AbstractCegarLoop]: Abstraction has 599 states and 807 transitions. [2022-02-20 18:10:12,180 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 14.0) internal successors, (42), 3 states have internal predecessors, (42), 3 states have call successors, (8), 3 states have call predecessors, (8), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-02-20 18:10:12,180 INFO L276 IsEmpty]: Start isEmpty. Operand 599 states and 807 transitions. [2022-02-20 18:10:12,181 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 70 [2022-02-20 18:10:12,181 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:10:12,182 INFO L514 BasicCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:10:12,198 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Forceful destruction successful, exit code 0 [2022-02-20 18:10:12,391 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:10:12,392 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:10:12,392 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:10:12,392 INFO L85 PathProgramCache]: Analyzing trace with hash 2143180500, now seen corresponding path program 1 times [2022-02-20 18:10:12,393 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 18:10:12,393 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [937627635] [2022-02-20 18:10:12,393 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:10:12,393 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 18:10:12,393 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 18:10:12,395 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 18:10:12,397 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Waiting until timeout for monitored process [2022-02-20 18:10:12,468 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:10:12,468 INFO L352 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2022-02-20 18:10:12,510 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 18:10:12,619 INFO L138 FreeRefinementEngine]: Strategy WOLF found a feasible trace [2022-02-20 18:10:12,620 INFO L628 BasicCegarLoop]: Counterexample is feasible [2022-02-20 18:10:12,621 INFO L764 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-02-20 18:10:12,647 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Ended with exit code 0 [2022-02-20 18:10:12,822 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 18:10:12,826 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1] [2022-02-20 18:10:12,828 INFO L180 ceAbstractionStarter]: Computing trace abstraction results [2022-02-20 18:10:12,871 FATAL L489 DefaultTranslator]: Callstack has procedure call flag but succeeding procedure is empty at [CALL] call #t~ret48 := select_one(); [2022-02-20 18:10:12,873 FATAL L? ?]: The Plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction has thrown an exception: java.lang.AssertionError: callstack broken after backtranslation by InlinerBacktranslator at de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:216) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:206) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getProgramExecutionAsString(CounterExampleResult.java:155) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getLongDescription(CounterExampleResult.java:134) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ResultService.reportResult(ResultService.java:86) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.CegarLoopResultReporter.reportResult(CegarLoopResultReporter.java:141) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.reportLocationResults(TraceAbstractionStarter.java:607) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.runCegarLoops(TraceAbstractionStarter.java:182) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.(TraceAbstractionStarter.java:156) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver.finish(TraceAbstractionObserver.java:123) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runObserver(PluginConnector.java:168) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runTool(PluginConnector.java:151) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.run(PluginConnector.java:128) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.executePluginConnector(ToolchainWalker.java:232) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.processPlugin(ToolchainWalker.java:226) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walkUnprotected(ToolchainWalker.java:142) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walk(ToolchainWalker.java:104) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainManager$Toolchain.processToolchain(ToolchainManager.java:320) at de.uni_freiburg.informatik.ultimate.core.coreplugin.toolchain.DefaultToolchainJob.run(DefaultToolchainJob.java:145) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:63) [2022-02-20 18:10:12,879 INFO L158 Benchmark]: Toolchain (without parser) took 9244.69ms. Allocated memory was 54.5MB in the beginning and 121.6MB in the end (delta: 67.1MB). Free memory was 31.2MB in the beginning and 47.0MB in the end (delta: -15.8MB). Peak memory consumption was 51.4MB. Max. memory is 16.1GB. [2022-02-20 18:10:12,880 INFO L158 Benchmark]: CDTParser took 0.21ms. Allocated memory is still 54.5MB. Free memory was 36.3MB in the beginning and 36.3MB in the end (delta: 39.1kB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:10:12,880 INFO L158 Benchmark]: CACSL2BoogieTranslator took 623.46ms. Allocated memory was 54.5MB in the beginning and 69.2MB in the end (delta: 14.7MB). Free memory was 31.0MB in the beginning and 46.3MB in the end (delta: -15.4MB). Peak memory consumption was 12.1MB. Max. memory is 16.1GB. [2022-02-20 18:10:12,880 INFO L158 Benchmark]: Boogie Procedure Inliner took 75.72ms. Allocated memory is still 69.2MB. Free memory was 46.3MB in the beginning and 43.3MB in the end (delta: 3.0MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:10:12,880 INFO L158 Benchmark]: Boogie Preprocessor took 28.26ms. Allocated memory is still 69.2MB. Free memory was 43.3MB in the beginning and 41.2MB in the end (delta: 2.1MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-02-20 18:10:12,881 INFO L158 Benchmark]: RCFGBuilder took 690.41ms. Allocated memory is still 69.2MB. Free memory was 40.9MB in the beginning and 38.8MB in the end (delta: 2.1MB). Peak memory consumption was 11.9MB. Max. memory is 16.1GB. [2022-02-20 18:10:12,881 INFO L158 Benchmark]: TraceAbstraction took 7820.93ms. Allocated memory was 69.2MB in the beginning and 121.6MB in the end (delta: 52.4MB). Free memory was 38.1MB in the beginning and 47.0MB in the end (delta: -8.9MB). Peak memory consumption was 44.1MB. Max. memory is 16.1GB. [2022-02-20 18:10:12,882 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.21ms. Allocated memory is still 54.5MB. Free memory was 36.3MB in the beginning and 36.3MB in the end (delta: 39.1kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 623.46ms. Allocated memory was 54.5MB in the beginning and 69.2MB in the end (delta: 14.7MB). Free memory was 31.0MB in the beginning and 46.3MB in the end (delta: -15.4MB). Peak memory consumption was 12.1MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 75.72ms. Allocated memory is still 69.2MB. Free memory was 46.3MB in the beginning and 43.3MB in the end (delta: 3.0MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 28.26ms. Allocated memory is still 69.2MB. Free memory was 43.3MB in the beginning and 41.2MB in the end (delta: 2.1MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * RCFGBuilder took 690.41ms. Allocated memory is still 69.2MB. Free memory was 40.9MB in the beginning and 38.8MB in the end (delta: 2.1MB). Peak memory consumption was 11.9MB. Max. memory is 16.1GB. * TraceAbstraction took 7820.93ms. Allocated memory was 69.2MB in the beginning and 121.6MB in the end (delta: 52.4MB). Free memory was 38.1MB in the beginning and 47.0MB in the end (delta: -8.9MB). Peak memory consumption was 44.1MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: AssertionError: callstack broken after backtranslation by InlinerBacktranslator: de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) RESULT: Ultimate could not prove your program: Toolchain returned no result. [2022-02-20 18:10:12,910 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: ERROR: ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator