./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product22.cil.c --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 03d7b7b3 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product22.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 1f2870beb38cc74f17a96c393839e7d6d2f1f4f9c95ce97be38a991d6b510bc3 --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 18:11:46,838 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 18:11:46,841 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 18:11:46,886 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 18:11:46,887 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 18:11:46,890 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 18:11:46,891 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 18:11:46,894 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 18:11:46,896 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 18:11:46,901 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 18:11:46,902 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 18:11:46,904 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 18:11:46,904 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 18:11:46,907 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 18:11:46,908 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 18:11:46,911 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 18:11:46,912 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 18:11:46,913 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 18:11:46,915 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 18:11:46,920 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 18:11:46,921 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 18:11:46,923 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 18:11:46,924 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 18:11:46,925 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 18:11:46,932 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 18:11:46,932 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 18:11:46,933 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 18:11:46,934 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 18:11:46,935 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 18:11:46,935 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 18:11:46,936 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 18:11:46,937 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 18:11:46,938 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 18:11:46,939 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 18:11:46,940 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 18:11:46,940 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 18:11:46,941 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 18:11:46,941 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 18:11:46,941 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 18:11:46,942 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 18:11:46,942 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 18:11:46,945 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-02-20 18:11:46,971 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 18:11:46,971 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 18:11:46,972 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 18:11:46,972 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 18:11:46,973 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 18:11:46,973 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 18:11:46,974 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 18:11:46,974 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 18:11:46,974 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 18:11:46,974 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 18:11:46,975 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 18:11:46,975 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 18:11:46,976 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 18:11:46,976 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 18:11:46,976 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-02-20 18:11:46,976 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 18:11:46,976 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-02-20 18:11:46,977 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 18:11:46,977 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-02-20 18:11:46,977 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 18:11:46,977 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-02-20 18:11:46,977 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 18:11:46,977 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 18:11:46,978 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 18:11:46,978 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:11:46,978 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 18:11:46,978 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 18:11:46,978 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-02-20 18:11:46,979 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-02-20 18:11:46,979 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-02-20 18:11:46,979 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2022-02-20 18:11:46,979 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-02-20 18:11:46,979 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-02-20 18:11:46,980 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 1f2870beb38cc74f17a96c393839e7d6d2f1f4f9c95ce97be38a991d6b510bc3 [2022-02-20 18:11:47,224 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 18:11:47,243 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 18:11:47,245 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 18:11:47,246 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 18:11:47,247 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 18:11:47,248 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product22.cil.c [2022-02-20 18:11:47,314 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/e00fbe9be/525d1fe6a5074ad597fd1ef315527be9/FLAG6e7a83fc3 [2022-02-20 18:11:47,723 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 18:11:47,724 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product22.cil.c [2022-02-20 18:11:47,734 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/e00fbe9be/525d1fe6a5074ad597fd1ef315527be9/FLAG6e7a83fc3 [2022-02-20 18:11:47,747 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/e00fbe9be/525d1fe6a5074ad597fd1ef315527be9 [2022-02-20 18:11:47,749 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 18:11:47,751 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 18:11:47,752 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 18:11:47,752 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 18:11:47,760 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 18:11:47,762 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:11:47" (1/1) ... [2022-02-20 18:11:47,763 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@42dcdc1f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:11:47, skipping insertion in model container [2022-02-20 18:11:47,763 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 06:11:47" (1/1) ... [2022-02-20 18:11:47,769 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 18:11:47,813 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 18:11:48,139 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product22.cil.c[18514,18527] [2022-02-20 18:11:48,142 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:11:48,161 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 18:11:48,276 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product22.cil.c[18514,18527] [2022-02-20 18:11:48,278 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 18:11:48,298 INFO L208 MainTranslator]: Completed translation [2022-02-20 18:11:48,299 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:11:48 WrapperNode [2022-02-20 18:11:48,299 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 18:11:48,301 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 18:11:48,301 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 18:11:48,302 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 18:11:48,310 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:11:48" (1/1) ... [2022-02-20 18:11:48,336 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:11:48" (1/1) ... [2022-02-20 18:11:48,384 INFO L137 Inliner]: procedures = 56, calls = 157, calls flagged for inlining = 23, calls inlined = 20, statements flattened = 251 [2022-02-20 18:11:48,385 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 18:11:48,385 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 18:11:48,386 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 18:11:48,386 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 18:11:48,393 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:11:48" (1/1) ... [2022-02-20 18:11:48,394 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:11:48" (1/1) ... [2022-02-20 18:11:48,404 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:11:48" (1/1) ... [2022-02-20 18:11:48,404 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:11:48" (1/1) ... [2022-02-20 18:11:48,410 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:11:48" (1/1) ... [2022-02-20 18:11:48,418 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:11:48" (1/1) ... [2022-02-20 18:11:48,420 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:11:48" (1/1) ... [2022-02-20 18:11:48,422 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 18:11:48,423 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 18:11:48,424 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 18:11:48,424 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 18:11:48,430 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:11:48" (1/1) ... [2022-02-20 18:11:48,437 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 18:11:48,453 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 18:11:48,466 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 18:11:48,468 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 18:11:48,503 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 18:11:48,503 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-02-20 18:11:48,503 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-02-20 18:11:48,503 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-02-20 18:11:48,503 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-02-20 18:11:48,504 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-02-20 18:11:48,504 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-02-20 18:11:48,504 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-02-20 18:11:48,504 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-02-20 18:11:48,504 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2022-02-20 18:11:48,504 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2022-02-20 18:11:48,504 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-02-20 18:11:48,505 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-02-20 18:11:48,505 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-02-20 18:11:48,505 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-02-20 18:11:48,505 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-02-20 18:11:48,505 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-02-20 18:11:48,505 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-02-20 18:11:48,506 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 18:11:48,506 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 18:11:48,563 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 18:11:48,564 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 18:11:48,950 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 18:11:48,958 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 18:11:48,958 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-02-20 18:11:48,960 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:11:48 BoogieIcfgContainer [2022-02-20 18:11:48,961 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 18:11:48,962 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 18:11:48,962 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 18:11:48,966 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 18:11:48,971 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 06:11:47" (1/3) ... [2022-02-20 18:11:48,972 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2d3ed651 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:11:48, skipping insertion in model container [2022-02-20 18:11:48,972 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 06:11:48" (2/3) ... [2022-02-20 18:11:48,973 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2d3ed651 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 06:11:48, skipping insertion in model container [2022-02-20 18:11:48,973 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:11:48" (3/3) ... [2022-02-20 18:11:48,974 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product22.cil.c [2022-02-20 18:11:48,984 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 18:11:48,984 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-02-20 18:11:49,028 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 18:11:49,034 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 18:11:49,034 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-02-20 18:11:49,071 INFO L276 IsEmpty]: Start isEmpty. Operand has 93 states, 69 states have (on average 1.3623188405797102) internal successors, (94), 77 states have internal predecessors, (94), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 10 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 18:11:49,080 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2022-02-20 18:11:49,081 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:11:49,082 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:11:49,082 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:11:49,087 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:11:49,087 INFO L85 PathProgramCache]: Analyzing trace with hash 1350220420, now seen corresponding path program 1 times [2022-02-20 18:11:49,100 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:11:49,101 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1952242082] [2022-02-20 18:11:49,102 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:11:49,103 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:11:49,279 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:11:49,362 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-02-20 18:11:49,369 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:11:49,389 INFO L290 TraceCheckUtils]: 0: Hoare triple {96#true} havoc ~retValue_acc~3;~retValue_acc~3 := ~pumpRunning~0;#res := ~retValue_acc~3; {96#true} is VALID [2022-02-20 18:11:49,389 INFO L290 TraceCheckUtils]: 1: Hoare triple {96#true} assume true; {96#true} is VALID [2022-02-20 18:11:49,389 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {96#true} {97#false} #233#return; {97#false} is VALID [2022-02-20 18:11:49,391 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-02-20 18:11:49,401 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:11:49,409 INFO L290 TraceCheckUtils]: 0: Hoare triple {96#true} havoc ~retValue_acc~3;~retValue_acc~3 := ~pumpRunning~0;#res := ~retValue_acc~3; {96#true} is VALID [2022-02-20 18:11:49,410 INFO L290 TraceCheckUtils]: 1: Hoare triple {96#true} assume true; {96#true} is VALID [2022-02-20 18:11:49,410 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {96#true} {97#false} #241#return; {97#false} is VALID [2022-02-20 18:11:49,415 INFO L290 TraceCheckUtils]: 0: Hoare triple {96#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(3, 5);call write~init~int(79, 5, 0, 1);call write~init~int(110, 5, 1, 1);call write~init~int(0, 5, 2, 1);call #Ultimate.allocInit(4, 6);call write~init~int(79, 6, 0, 1);call write~init~int(102, 6, 1, 1);call write~init~int(102, 6, 2, 1);call write~init~int(0, 6, 3, 1);call #Ultimate.allocInit(7, 7);call write~init~int(44, 7, 0, 1);call write~init~int(80, 7, 1, 1);call write~init~int(117, 7, 2, 1);call write~init~int(109, 7, 3, 1);call write~init~int(112, 7, 4, 1);call write~init~int(58, 7, 5, 1);call write~init~int(0, 7, 6, 1);call #Ultimate.allocInit(3, 8);call write~init~int(79, 8, 0, 1);call write~init~int(110, 8, 1, 1);call write~init~int(0, 8, 2, 1);call #Ultimate.allocInit(4, 9);call write~init~int(79, 9, 0, 1);call write~init~int(102, 9, 1, 1);call write~init~int(102, 9, 2, 1);call write~init~int(0, 9, 3, 1);call #Ultimate.allocInit(3, 10);call write~init~int(41, 10, 0, 1);call write~init~int(32, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(2, 11);call write~init~int(10, 11, 0, 1);call write~init~int(0, 11, 1, 1);call #Ultimate.allocInit(30, 12);call #Ultimate.allocInit(9, 13);call #Ultimate.allocInit(21, 14);call #Ultimate.allocInit(30, 15);call #Ultimate.allocInit(9, 16);call #Ultimate.allocInit(21, 17);call #Ultimate.allocInit(30, 18);call #Ultimate.allocInit(9, 19);call #Ultimate.allocInit(25, 20);call #Ultimate.allocInit(30, 21);call #Ultimate.allocInit(9, 22);call #Ultimate.allocInit(25, 23);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~pumpRunning~0 := 0;~systemActive~0 := 1;~switchedOnBeforeTS~0 := 0;~cleanupTimeShifts~0 := 4;~head~0.base, ~head~0.offset := 0, 0;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0; {96#true} is VALID [2022-02-20 18:11:49,416 INFO L290 TraceCheckUtils]: 1: Hoare triple {96#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret24#1, main_~retValue_acc~5#1, main_~tmp~5#1;havoc main_~retValue_acc~5#1;havoc main_~tmp~5#1;assume { :begin_inline_select_helpers } true; {96#true} is VALID [2022-02-20 18:11:49,416 INFO L290 TraceCheckUtils]: 2: Hoare triple {96#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {96#true} is VALID [2022-02-20 18:11:49,417 INFO L290 TraceCheckUtils]: 3: Hoare triple {96#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {96#true} is VALID [2022-02-20 18:11:49,417 INFO L290 TraceCheckUtils]: 4: Hoare triple {96#true} main_#t~ret24#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret24#1 && main_#t~ret24#1 <= 2147483647;main_~tmp~5#1 := main_#t~ret24#1;havoc main_#t~ret24#1; {96#true} is VALID [2022-02-20 18:11:49,417 INFO L290 TraceCheckUtils]: 5: Hoare triple {96#true} assume 0 != main_~tmp~5#1;assume { :begin_inline_setup } true; {96#true} is VALID [2022-02-20 18:11:49,418 INFO L290 TraceCheckUtils]: 6: Hoare triple {96#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline___utac_acc__Specification5_spec__1 } true;~switchedOnBeforeTS~0 := 0; {96#true} is VALID [2022-02-20 18:11:49,418 INFO L290 TraceCheckUtils]: 7: Hoare triple {96#true} assume { :end_inline___utac_acc__Specification5_spec__1 } true;assume { :begin_inline_test } true;havoc test_#t~nondet20#1, test_#t~nondet21#1, test_#t~nondet22#1, test_#t~nondet23#1, test_~splverifierCounter~0#1, test_~tmp~4#1, test_~tmp___0~2#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~4#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {96#true} is VALID [2022-02-20 18:11:49,419 INFO L290 TraceCheckUtils]: 8: Hoare triple {96#true} assume !true; {97#false} is VALID [2022-02-20 18:11:49,419 INFO L272 TraceCheckUtils]: 9: Hoare triple {97#false} call cleanup(); {97#false} is VALID [2022-02-20 18:11:49,420 INFO L290 TraceCheckUtils]: 10: Hoare triple {97#false} havoc ~i~0;havoc ~__cil_tmp2~0; {97#false} is VALID [2022-02-20 18:11:49,420 INFO L272 TraceCheckUtils]: 11: Hoare triple {97#false} call timeShift(); {97#false} is VALID [2022-02-20 18:11:49,420 INFO L290 TraceCheckUtils]: 12: Hoare triple {97#false} assume { :begin_inline___utac_acc__Specification5_spec__2 } true;havoc __utac_acc__Specification5_spec__2_#t~ret17#1; {97#false} is VALID [2022-02-20 18:11:49,420 INFO L272 TraceCheckUtils]: 13: Hoare triple {97#false} call __utac_acc__Specification5_spec__2_#t~ret17#1 := isPumpRunning(); {96#true} is VALID [2022-02-20 18:11:49,421 INFO L290 TraceCheckUtils]: 14: Hoare triple {96#true} havoc ~retValue_acc~3;~retValue_acc~3 := ~pumpRunning~0;#res := ~retValue_acc~3; {96#true} is VALID [2022-02-20 18:11:49,422 INFO L290 TraceCheckUtils]: 15: Hoare triple {96#true} assume true; {96#true} is VALID [2022-02-20 18:11:49,422 INFO L284 TraceCheckUtils]: 16: Hoare quadruple {96#true} {97#false} #233#return; {97#false} is VALID [2022-02-20 18:11:49,422 INFO L290 TraceCheckUtils]: 17: Hoare triple {97#false} assume -2147483648 <= __utac_acc__Specification5_spec__2_#t~ret17#1 && __utac_acc__Specification5_spec__2_#t~ret17#1 <= 2147483647;~switchedOnBeforeTS~0 := __utac_acc__Specification5_spec__2_#t~ret17#1;havoc __utac_acc__Specification5_spec__2_#t~ret17#1; {97#false} is VALID [2022-02-20 18:11:49,423 INFO L290 TraceCheckUtils]: 18: Hoare triple {97#false} assume { :end_inline___utac_acc__Specification5_spec__2 } true; {97#false} is VALID [2022-02-20 18:11:49,423 INFO L290 TraceCheckUtils]: 19: Hoare triple {97#false} assume !(0 != ~pumpRunning~0); {97#false} is VALID [2022-02-20 18:11:49,423 INFO L290 TraceCheckUtils]: 20: Hoare triple {97#false} assume !(0 != ~systemActive~0); {97#false} is VALID [2022-02-20 18:11:49,424 INFO L290 TraceCheckUtils]: 21: Hoare triple {97#false} assume { :begin_inline___utac_acc__Specification5_spec__3 } true;havoc __utac_acc__Specification5_spec__3_#t~ret18#1, __utac_acc__Specification5_spec__3_#t~ret19#1, __utac_acc__Specification5_spec__3_~tmp~3#1, __utac_acc__Specification5_spec__3_~tmp___0~1#1;havoc __utac_acc__Specification5_spec__3_~tmp~3#1;havoc __utac_acc__Specification5_spec__3_~tmp___0~1#1;assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~10#1;havoc getWaterLevel_~retValue_acc~10#1;getWaterLevel_~retValue_acc~10#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~10#1; {97#false} is VALID [2022-02-20 18:11:49,424 INFO L290 TraceCheckUtils]: 22: Hoare triple {97#false} __utac_acc__Specification5_spec__3_#t~ret18#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification5_spec__3_#t~ret18#1 && __utac_acc__Specification5_spec__3_#t~ret18#1 <= 2147483647;__utac_acc__Specification5_spec__3_~tmp~3#1 := __utac_acc__Specification5_spec__3_#t~ret18#1;havoc __utac_acc__Specification5_spec__3_#t~ret18#1; {97#false} is VALID [2022-02-20 18:11:49,424 INFO L290 TraceCheckUtils]: 23: Hoare triple {97#false} assume 2 != __utac_acc__Specification5_spec__3_~tmp~3#1; {97#false} is VALID [2022-02-20 18:11:49,424 INFO L272 TraceCheckUtils]: 24: Hoare triple {97#false} call __utac_acc__Specification5_spec__3_#t~ret19#1 := isPumpRunning(); {96#true} is VALID [2022-02-20 18:11:49,425 INFO L290 TraceCheckUtils]: 25: Hoare triple {96#true} havoc ~retValue_acc~3;~retValue_acc~3 := ~pumpRunning~0;#res := ~retValue_acc~3; {96#true} is VALID [2022-02-20 18:11:49,425 INFO L290 TraceCheckUtils]: 26: Hoare triple {96#true} assume true; {96#true} is VALID [2022-02-20 18:11:49,425 INFO L284 TraceCheckUtils]: 27: Hoare quadruple {96#true} {97#false} #241#return; {97#false} is VALID [2022-02-20 18:11:49,426 INFO L290 TraceCheckUtils]: 28: Hoare triple {97#false} assume -2147483648 <= __utac_acc__Specification5_spec__3_#t~ret19#1 && __utac_acc__Specification5_spec__3_#t~ret19#1 <= 2147483647;__utac_acc__Specification5_spec__3_~tmp___0~1#1 := __utac_acc__Specification5_spec__3_#t~ret19#1;havoc __utac_acc__Specification5_spec__3_#t~ret19#1; {97#false} is VALID [2022-02-20 18:11:49,426 INFO L290 TraceCheckUtils]: 29: Hoare triple {97#false} assume 0 != __utac_acc__Specification5_spec__3_~tmp___0~1#1; {97#false} is VALID [2022-02-20 18:11:49,427 INFO L290 TraceCheckUtils]: 30: Hoare triple {97#false} assume 0 == ~switchedOnBeforeTS~0;assume { :begin_inline___automaton_fail } true; {97#false} is VALID [2022-02-20 18:11:49,427 INFO L290 TraceCheckUtils]: 31: Hoare triple {97#false} assume !false; {97#false} is VALID [2022-02-20 18:11:49,428 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-02-20 18:11:49,428 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:11:49,429 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1952242082] [2022-02-20 18:11:49,429 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1952242082] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:11:49,430 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:11:49,430 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 18:11:49,433 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1492514677] [2022-02-20 18:11:49,434 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:11:49,439 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2022-02-20 18:11:49,442 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:11:49,445 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:11:49,489 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 30 edges. 30 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:11:49,490 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-02-20 18:11:49,490 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:11:49,515 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-02-20 18:11:49,516 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:11:49,521 INFO L87 Difference]: Start difference. First operand has 93 states, 69 states have (on average 1.3623188405797102) internal successors, (94), 77 states have internal predecessors, (94), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 10 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:11:49,673 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:11:49,673 INFO L93 Difference]: Finished difference Result 177 states and 238 transitions. [2022-02-20 18:11:49,674 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-02-20 18:11:49,674 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2022-02-20 18:11:49,675 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:11:49,679 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:11:49,701 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 238 transitions. [2022-02-20 18:11:49,701 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:11:49,712 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 238 transitions. [2022-02-20 18:11:49,713 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 238 transitions. [2022-02-20 18:11:49,957 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 238 edges. 238 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:11:49,969 INFO L225 Difference]: With dead ends: 177 [2022-02-20 18:11:49,969 INFO L226 Difference]: Without dead ends: 84 [2022-02-20 18:11:49,973 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 18:11:49,976 INFO L933 BasicCegarLoop]: 116 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 116 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:11:49,977 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 116 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:11:49,992 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 84 states. [2022-02-20 18:11:50,006 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 84 to 84. [2022-02-20 18:11:50,007 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:11:50,008 INFO L82 GeneralOperation]: Start isEquivalent. First operand 84 states. Second operand has 84 states, 62 states have (on average 1.2903225806451613) internal successors, (80), 69 states have internal predecessors, (80), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) [2022-02-20 18:11:50,009 INFO L74 IsIncluded]: Start isIncluded. First operand 84 states. Second operand has 84 states, 62 states have (on average 1.2903225806451613) internal successors, (80), 69 states have internal predecessors, (80), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) [2022-02-20 18:11:50,010 INFO L87 Difference]: Start difference. First operand 84 states. Second operand has 84 states, 62 states have (on average 1.2903225806451613) internal successors, (80), 69 states have internal predecessors, (80), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) [2022-02-20 18:11:50,016 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:11:50,016 INFO L93 Difference]: Finished difference Result 84 states and 107 transitions. [2022-02-20 18:11:50,017 INFO L276 IsEmpty]: Start isEmpty. Operand 84 states and 107 transitions. [2022-02-20 18:11:50,018 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:11:50,018 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:11:50,019 INFO L74 IsIncluded]: Start isIncluded. First operand has 84 states, 62 states have (on average 1.2903225806451613) internal successors, (80), 69 states have internal predecessors, (80), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) Second operand 84 states. [2022-02-20 18:11:50,019 INFO L87 Difference]: Start difference. First operand has 84 states, 62 states have (on average 1.2903225806451613) internal successors, (80), 69 states have internal predecessors, (80), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) Second operand 84 states. [2022-02-20 18:11:50,040 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:11:50,041 INFO L93 Difference]: Finished difference Result 84 states and 107 transitions. [2022-02-20 18:11:50,041 INFO L276 IsEmpty]: Start isEmpty. Operand 84 states and 107 transitions. [2022-02-20 18:11:50,042 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:11:50,042 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:11:50,042 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:11:50,043 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:11:50,043 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 84 states, 62 states have (on average 1.2903225806451613) internal successors, (80), 69 states have internal predecessors, (80), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) [2022-02-20 18:11:50,047 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 84 states to 84 states and 107 transitions. [2022-02-20 18:11:50,049 INFO L78 Accepts]: Start accepts. Automaton has 84 states and 107 transitions. Word has length 32 [2022-02-20 18:11:50,049 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:11:50,049 INFO L470 AbstractCegarLoop]: Abstraction has 84 states and 107 transitions. [2022-02-20 18:11:50,050 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:11:50,050 INFO L276 IsEmpty]: Start isEmpty. Operand 84 states and 107 transitions. [2022-02-20 18:11:50,058 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-02-20 18:11:50,062 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:11:50,062 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:11:50,062 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-02-20 18:11:50,063 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:11:50,063 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:11:50,064 INFO L85 PathProgramCache]: Analyzing trace with hash -1603434277, now seen corresponding path program 1 times [2022-02-20 18:11:50,064 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:11:50,064 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1484590358] [2022-02-20 18:11:50,064 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:11:50,065 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:11:50,096 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:11:50,139 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-02-20 18:11:50,141 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:11:50,144 INFO L290 TraceCheckUtils]: 0: Hoare triple {656#true} havoc ~retValue_acc~3;~retValue_acc~3 := ~pumpRunning~0;#res := ~retValue_acc~3; {656#true} is VALID [2022-02-20 18:11:50,144 INFO L290 TraceCheckUtils]: 1: Hoare triple {656#true} assume true; {656#true} is VALID [2022-02-20 18:11:50,145 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {656#true} {657#false} #233#return; {657#false} is VALID [2022-02-20 18:11:50,145 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2022-02-20 18:11:50,146 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:11:50,149 INFO L290 TraceCheckUtils]: 0: Hoare triple {656#true} havoc ~retValue_acc~3;~retValue_acc~3 := ~pumpRunning~0;#res := ~retValue_acc~3; {656#true} is VALID [2022-02-20 18:11:50,150 INFO L290 TraceCheckUtils]: 1: Hoare triple {656#true} assume true; {656#true} is VALID [2022-02-20 18:11:50,150 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {656#true} {657#false} #241#return; {657#false} is VALID [2022-02-20 18:11:50,150 INFO L290 TraceCheckUtils]: 0: Hoare triple {656#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(3, 5);call write~init~int(79, 5, 0, 1);call write~init~int(110, 5, 1, 1);call write~init~int(0, 5, 2, 1);call #Ultimate.allocInit(4, 6);call write~init~int(79, 6, 0, 1);call write~init~int(102, 6, 1, 1);call write~init~int(102, 6, 2, 1);call write~init~int(0, 6, 3, 1);call #Ultimate.allocInit(7, 7);call write~init~int(44, 7, 0, 1);call write~init~int(80, 7, 1, 1);call write~init~int(117, 7, 2, 1);call write~init~int(109, 7, 3, 1);call write~init~int(112, 7, 4, 1);call write~init~int(58, 7, 5, 1);call write~init~int(0, 7, 6, 1);call #Ultimate.allocInit(3, 8);call write~init~int(79, 8, 0, 1);call write~init~int(110, 8, 1, 1);call write~init~int(0, 8, 2, 1);call #Ultimate.allocInit(4, 9);call write~init~int(79, 9, 0, 1);call write~init~int(102, 9, 1, 1);call write~init~int(102, 9, 2, 1);call write~init~int(0, 9, 3, 1);call #Ultimate.allocInit(3, 10);call write~init~int(41, 10, 0, 1);call write~init~int(32, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(2, 11);call write~init~int(10, 11, 0, 1);call write~init~int(0, 11, 1, 1);call #Ultimate.allocInit(30, 12);call #Ultimate.allocInit(9, 13);call #Ultimate.allocInit(21, 14);call #Ultimate.allocInit(30, 15);call #Ultimate.allocInit(9, 16);call #Ultimate.allocInit(21, 17);call #Ultimate.allocInit(30, 18);call #Ultimate.allocInit(9, 19);call #Ultimate.allocInit(25, 20);call #Ultimate.allocInit(30, 21);call #Ultimate.allocInit(9, 22);call #Ultimate.allocInit(25, 23);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~pumpRunning~0 := 0;~systemActive~0 := 1;~switchedOnBeforeTS~0 := 0;~cleanupTimeShifts~0 := 4;~head~0.base, ~head~0.offset := 0, 0;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0; {656#true} is VALID [2022-02-20 18:11:50,150 INFO L290 TraceCheckUtils]: 1: Hoare triple {656#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret24#1, main_~retValue_acc~5#1, main_~tmp~5#1;havoc main_~retValue_acc~5#1;havoc main_~tmp~5#1;assume { :begin_inline_select_helpers } true; {656#true} is VALID [2022-02-20 18:11:50,151 INFO L290 TraceCheckUtils]: 2: Hoare triple {656#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {656#true} is VALID [2022-02-20 18:11:50,151 INFO L290 TraceCheckUtils]: 3: Hoare triple {656#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {656#true} is VALID [2022-02-20 18:11:50,151 INFO L290 TraceCheckUtils]: 4: Hoare triple {656#true} main_#t~ret24#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret24#1 && main_#t~ret24#1 <= 2147483647;main_~tmp~5#1 := main_#t~ret24#1;havoc main_#t~ret24#1; {656#true} is VALID [2022-02-20 18:11:50,151 INFO L290 TraceCheckUtils]: 5: Hoare triple {656#true} assume 0 != main_~tmp~5#1;assume { :begin_inline_setup } true; {656#true} is VALID [2022-02-20 18:11:50,151 INFO L290 TraceCheckUtils]: 6: Hoare triple {656#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline___utac_acc__Specification5_spec__1 } true;~switchedOnBeforeTS~0 := 0; {656#true} is VALID [2022-02-20 18:11:50,152 INFO L290 TraceCheckUtils]: 7: Hoare triple {656#true} assume { :end_inline___utac_acc__Specification5_spec__1 } true;assume { :begin_inline_test } true;havoc test_#t~nondet20#1, test_#t~nondet21#1, test_#t~nondet22#1, test_#t~nondet23#1, test_~splverifierCounter~0#1, test_~tmp~4#1, test_~tmp___0~2#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~4#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {658#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:11:50,153 INFO L290 TraceCheckUtils]: 8: Hoare triple {658#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !false; {658#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} is VALID [2022-02-20 18:11:50,153 INFO L290 TraceCheckUtils]: 9: Hoare triple {658#(= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)} assume !(test_~splverifierCounter~0#1 < 4); {657#false} is VALID [2022-02-20 18:11:50,153 INFO L272 TraceCheckUtils]: 10: Hoare triple {657#false} call cleanup(); {657#false} is VALID [2022-02-20 18:11:50,153 INFO L290 TraceCheckUtils]: 11: Hoare triple {657#false} havoc ~i~0;havoc ~__cil_tmp2~0; {657#false} is VALID [2022-02-20 18:11:50,154 INFO L272 TraceCheckUtils]: 12: Hoare triple {657#false} call timeShift(); {657#false} is VALID [2022-02-20 18:11:50,154 INFO L290 TraceCheckUtils]: 13: Hoare triple {657#false} assume { :begin_inline___utac_acc__Specification5_spec__2 } true;havoc __utac_acc__Specification5_spec__2_#t~ret17#1; {657#false} is VALID [2022-02-20 18:11:50,154 INFO L272 TraceCheckUtils]: 14: Hoare triple {657#false} call __utac_acc__Specification5_spec__2_#t~ret17#1 := isPumpRunning(); {656#true} is VALID [2022-02-20 18:11:50,154 INFO L290 TraceCheckUtils]: 15: Hoare triple {656#true} havoc ~retValue_acc~3;~retValue_acc~3 := ~pumpRunning~0;#res := ~retValue_acc~3; {656#true} is VALID [2022-02-20 18:11:50,154 INFO L290 TraceCheckUtils]: 16: Hoare triple {656#true} assume true; {656#true} is VALID [2022-02-20 18:11:50,155 INFO L284 TraceCheckUtils]: 17: Hoare quadruple {656#true} {657#false} #233#return; {657#false} is VALID [2022-02-20 18:11:50,155 INFO L290 TraceCheckUtils]: 18: Hoare triple {657#false} assume -2147483648 <= __utac_acc__Specification5_spec__2_#t~ret17#1 && __utac_acc__Specification5_spec__2_#t~ret17#1 <= 2147483647;~switchedOnBeforeTS~0 := __utac_acc__Specification5_spec__2_#t~ret17#1;havoc __utac_acc__Specification5_spec__2_#t~ret17#1; {657#false} is VALID [2022-02-20 18:11:50,155 INFO L290 TraceCheckUtils]: 19: Hoare triple {657#false} assume { :end_inline___utac_acc__Specification5_spec__2 } true; {657#false} is VALID [2022-02-20 18:11:50,155 INFO L290 TraceCheckUtils]: 20: Hoare triple {657#false} assume !(0 != ~pumpRunning~0); {657#false} is VALID [2022-02-20 18:11:50,155 INFO L290 TraceCheckUtils]: 21: Hoare triple {657#false} assume !(0 != ~systemActive~0); {657#false} is VALID [2022-02-20 18:11:50,156 INFO L290 TraceCheckUtils]: 22: Hoare triple {657#false} assume { :begin_inline___utac_acc__Specification5_spec__3 } true;havoc __utac_acc__Specification5_spec__3_#t~ret18#1, __utac_acc__Specification5_spec__3_#t~ret19#1, __utac_acc__Specification5_spec__3_~tmp~3#1, __utac_acc__Specification5_spec__3_~tmp___0~1#1;havoc __utac_acc__Specification5_spec__3_~tmp~3#1;havoc __utac_acc__Specification5_spec__3_~tmp___0~1#1;assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~10#1;havoc getWaterLevel_~retValue_acc~10#1;getWaterLevel_~retValue_acc~10#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~10#1; {657#false} is VALID [2022-02-20 18:11:50,156 INFO L290 TraceCheckUtils]: 23: Hoare triple {657#false} __utac_acc__Specification5_spec__3_#t~ret18#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification5_spec__3_#t~ret18#1 && __utac_acc__Specification5_spec__3_#t~ret18#1 <= 2147483647;__utac_acc__Specification5_spec__3_~tmp~3#1 := __utac_acc__Specification5_spec__3_#t~ret18#1;havoc __utac_acc__Specification5_spec__3_#t~ret18#1; {657#false} is VALID [2022-02-20 18:11:50,156 INFO L290 TraceCheckUtils]: 24: Hoare triple {657#false} assume 2 != __utac_acc__Specification5_spec__3_~tmp~3#1; {657#false} is VALID [2022-02-20 18:11:50,156 INFO L272 TraceCheckUtils]: 25: Hoare triple {657#false} call __utac_acc__Specification5_spec__3_#t~ret19#1 := isPumpRunning(); {656#true} is VALID [2022-02-20 18:11:50,156 INFO L290 TraceCheckUtils]: 26: Hoare triple {656#true} havoc ~retValue_acc~3;~retValue_acc~3 := ~pumpRunning~0;#res := ~retValue_acc~3; {656#true} is VALID [2022-02-20 18:11:50,157 INFO L290 TraceCheckUtils]: 27: Hoare triple {656#true} assume true; {656#true} is VALID [2022-02-20 18:11:50,157 INFO L284 TraceCheckUtils]: 28: Hoare quadruple {656#true} {657#false} #241#return; {657#false} is VALID [2022-02-20 18:11:50,157 INFO L290 TraceCheckUtils]: 29: Hoare triple {657#false} assume -2147483648 <= __utac_acc__Specification5_spec__3_#t~ret19#1 && __utac_acc__Specification5_spec__3_#t~ret19#1 <= 2147483647;__utac_acc__Specification5_spec__3_~tmp___0~1#1 := __utac_acc__Specification5_spec__3_#t~ret19#1;havoc __utac_acc__Specification5_spec__3_#t~ret19#1; {657#false} is VALID [2022-02-20 18:11:50,157 INFO L290 TraceCheckUtils]: 30: Hoare triple {657#false} assume 0 != __utac_acc__Specification5_spec__3_~tmp___0~1#1; {657#false} is VALID [2022-02-20 18:11:50,157 INFO L290 TraceCheckUtils]: 31: Hoare triple {657#false} assume 0 == ~switchedOnBeforeTS~0;assume { :begin_inline___automaton_fail } true; {657#false} is VALID [2022-02-20 18:11:50,157 INFO L290 TraceCheckUtils]: 32: Hoare triple {657#false} assume !false; {657#false} is VALID [2022-02-20 18:11:50,158 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-02-20 18:11:50,158 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:11:50,158 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1484590358] [2022-02-20 18:11:50,158 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1484590358] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:11:50,159 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:11:50,159 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:11:50,159 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1116218792] [2022-02-20 18:11:50,159 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:11:50,160 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2022-02-20 18:11:50,161 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:11:50,161 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:11:50,186 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 31 edges. 31 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:11:50,187 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:11:50,187 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:11:50,188 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:11:50,188 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:11:50,188 INFO L87 Difference]: Start difference. First operand 84 states and 107 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:11:50,309 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:11:50,310 INFO L93 Difference]: Finished difference Result 132 states and 168 transitions. [2022-02-20 18:11:50,310 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:11:50,311 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2022-02-20 18:11:50,311 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:11:50,311 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:11:50,314 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 168 transitions. [2022-02-20 18:11:50,315 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:11:50,318 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 168 transitions. [2022-02-20 18:11:50,318 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 168 transitions. [2022-02-20 18:11:50,459 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 168 edges. 168 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:11:50,463 INFO L225 Difference]: With dead ends: 132 [2022-02-20 18:11:50,463 INFO L226 Difference]: Without dead ends: 75 [2022-02-20 18:11:50,469 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:11:50,472 INFO L933 BasicCegarLoop]: 94 mSDtfsCounter, 13 mSDsluCounter, 77 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 171 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:11:50,473 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [16 Valid, 171 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:11:50,475 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 75 states. [2022-02-20 18:11:50,488 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 75 to 75. [2022-02-20 18:11:50,490 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:11:50,491 INFO L82 GeneralOperation]: Start isEquivalent. First operand 75 states. Second operand has 75 states, 56 states have (on average 1.3035714285714286) internal successors, (73), 63 states have internal predecessors, (73), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:11:50,491 INFO L74 IsIncluded]: Start isIncluded. First operand 75 states. Second operand has 75 states, 56 states have (on average 1.3035714285714286) internal successors, (73), 63 states have internal predecessors, (73), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:11:50,492 INFO L87 Difference]: Start difference. First operand 75 states. Second operand has 75 states, 56 states have (on average 1.3035714285714286) internal successors, (73), 63 states have internal predecessors, (73), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:11:50,497 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:11:50,497 INFO L93 Difference]: Finished difference Result 75 states and 95 transitions. [2022-02-20 18:11:50,498 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 95 transitions. [2022-02-20 18:11:50,498 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:11:50,499 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:11:50,503 INFO L74 IsIncluded]: Start isIncluded. First operand has 75 states, 56 states have (on average 1.3035714285714286) internal successors, (73), 63 states have internal predecessors, (73), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) Second operand 75 states. [2022-02-20 18:11:50,504 INFO L87 Difference]: Start difference. First operand has 75 states, 56 states have (on average 1.3035714285714286) internal successors, (73), 63 states have internal predecessors, (73), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) Second operand 75 states. [2022-02-20 18:11:50,507 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:11:50,508 INFO L93 Difference]: Finished difference Result 75 states and 95 transitions. [2022-02-20 18:11:50,508 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 95 transitions. [2022-02-20 18:11:50,508 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:11:50,508 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:11:50,508 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:11:50,509 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:11:50,509 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 75 states, 56 states have (on average 1.3035714285714286) internal successors, (73), 63 states have internal predecessors, (73), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:11:50,512 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 75 states to 75 states and 95 transitions. [2022-02-20 18:11:50,512 INFO L78 Accepts]: Start accepts. Automaton has 75 states and 95 transitions. Word has length 33 [2022-02-20 18:11:50,512 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:11:50,513 INFO L470 AbstractCegarLoop]: Abstraction has 75 states and 95 transitions. [2022-02-20 18:11:50,513 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 18:11:50,513 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 95 transitions. [2022-02-20 18:11:50,514 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-02-20 18:11:50,514 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:11:50,515 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:11:50,515 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-02-20 18:11:50,515 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:11:50,516 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:11:50,516 INFO L85 PathProgramCache]: Analyzing trace with hash 1494387366, now seen corresponding path program 1 times [2022-02-20 18:11:50,516 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:11:50,516 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [990288319] [2022-02-20 18:11:50,516 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:11:50,517 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:11:50,552 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:11:50,586 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-02-20 18:11:50,589 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:11:50,593 INFO L290 TraceCheckUtils]: 0: Hoare triple {1119#true} havoc ~retValue_acc~3;~retValue_acc~3 := ~pumpRunning~0;#res := ~retValue_acc~3; {1119#true} is VALID [2022-02-20 18:11:50,593 INFO L290 TraceCheckUtils]: 1: Hoare triple {1119#true} assume true; {1119#true} is VALID [2022-02-20 18:11:50,594 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1119#true} {1121#(= 1 ~systemActive~0)} #233#return; {1121#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:11:50,603 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2022-02-20 18:11:50,605 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:11:50,611 INFO L290 TraceCheckUtils]: 0: Hoare triple {1119#true} havoc ~retValue_acc~3;~retValue_acc~3 := ~pumpRunning~0;#res := ~retValue_acc~3; {1119#true} is VALID [2022-02-20 18:11:50,612 INFO L290 TraceCheckUtils]: 1: Hoare triple {1119#true} assume true; {1119#true} is VALID [2022-02-20 18:11:50,612 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1119#true} {1120#false} #241#return; {1120#false} is VALID [2022-02-20 18:11:50,612 INFO L290 TraceCheckUtils]: 0: Hoare triple {1119#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(3, 5);call write~init~int(79, 5, 0, 1);call write~init~int(110, 5, 1, 1);call write~init~int(0, 5, 2, 1);call #Ultimate.allocInit(4, 6);call write~init~int(79, 6, 0, 1);call write~init~int(102, 6, 1, 1);call write~init~int(102, 6, 2, 1);call write~init~int(0, 6, 3, 1);call #Ultimate.allocInit(7, 7);call write~init~int(44, 7, 0, 1);call write~init~int(80, 7, 1, 1);call write~init~int(117, 7, 2, 1);call write~init~int(109, 7, 3, 1);call write~init~int(112, 7, 4, 1);call write~init~int(58, 7, 5, 1);call write~init~int(0, 7, 6, 1);call #Ultimate.allocInit(3, 8);call write~init~int(79, 8, 0, 1);call write~init~int(110, 8, 1, 1);call write~init~int(0, 8, 2, 1);call #Ultimate.allocInit(4, 9);call write~init~int(79, 9, 0, 1);call write~init~int(102, 9, 1, 1);call write~init~int(102, 9, 2, 1);call write~init~int(0, 9, 3, 1);call #Ultimate.allocInit(3, 10);call write~init~int(41, 10, 0, 1);call write~init~int(32, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(2, 11);call write~init~int(10, 11, 0, 1);call write~init~int(0, 11, 1, 1);call #Ultimate.allocInit(30, 12);call #Ultimate.allocInit(9, 13);call #Ultimate.allocInit(21, 14);call #Ultimate.allocInit(30, 15);call #Ultimate.allocInit(9, 16);call #Ultimate.allocInit(21, 17);call #Ultimate.allocInit(30, 18);call #Ultimate.allocInit(9, 19);call #Ultimate.allocInit(25, 20);call #Ultimate.allocInit(30, 21);call #Ultimate.allocInit(9, 22);call #Ultimate.allocInit(25, 23);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~pumpRunning~0 := 0;~systemActive~0 := 1;~switchedOnBeforeTS~0 := 0;~cleanupTimeShifts~0 := 4;~head~0.base, ~head~0.offset := 0, 0;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0; {1119#true} is VALID [2022-02-20 18:11:50,613 INFO L290 TraceCheckUtils]: 1: Hoare triple {1119#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret24#1, main_~retValue_acc~5#1, main_~tmp~5#1;havoc main_~retValue_acc~5#1;havoc main_~tmp~5#1;assume { :begin_inline_select_helpers } true; {1119#true} is VALID [2022-02-20 18:11:50,615 INFO L290 TraceCheckUtils]: 2: Hoare triple {1119#true} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1119#true} is VALID [2022-02-20 18:11:50,615 INFO L290 TraceCheckUtils]: 3: Hoare triple {1119#true} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {1119#true} is VALID [2022-02-20 18:11:50,615 INFO L290 TraceCheckUtils]: 4: Hoare triple {1119#true} main_#t~ret24#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret24#1 && main_#t~ret24#1 <= 2147483647;main_~tmp~5#1 := main_#t~ret24#1;havoc main_#t~ret24#1; {1119#true} is VALID [2022-02-20 18:11:50,616 INFO L290 TraceCheckUtils]: 5: Hoare triple {1119#true} assume 0 != main_~tmp~5#1;assume { :begin_inline_setup } true; {1119#true} is VALID [2022-02-20 18:11:50,616 INFO L290 TraceCheckUtils]: 6: Hoare triple {1119#true} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline___utac_acc__Specification5_spec__1 } true;~switchedOnBeforeTS~0 := 0; {1119#true} is VALID [2022-02-20 18:11:50,616 INFO L290 TraceCheckUtils]: 7: Hoare triple {1119#true} assume { :end_inline___utac_acc__Specification5_spec__1 } true;assume { :begin_inline_test } true;havoc test_#t~nondet20#1, test_#t~nondet21#1, test_#t~nondet22#1, test_#t~nondet23#1, test_~splverifierCounter~0#1, test_~tmp~4#1, test_~tmp___0~2#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~4#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {1119#true} is VALID [2022-02-20 18:11:50,617 INFO L290 TraceCheckUtils]: 8: Hoare triple {1119#true} assume !false; {1119#true} is VALID [2022-02-20 18:11:50,617 INFO L290 TraceCheckUtils]: 9: Hoare triple {1119#true} assume test_~splverifierCounter~0#1 < 4; {1119#true} is VALID [2022-02-20 18:11:50,617 INFO L290 TraceCheckUtils]: 10: Hoare triple {1119#true} assume -2147483648 <= test_#t~nondet20#1 && test_#t~nondet20#1 <= 2147483647;test_~tmp~4#1 := test_#t~nondet20#1;havoc test_#t~nondet20#1; {1119#true} is VALID [2022-02-20 18:11:50,617 INFO L290 TraceCheckUtils]: 11: Hoare triple {1119#true} assume !(0 != test_~tmp~4#1); {1119#true} is VALID [2022-02-20 18:11:50,618 INFO L290 TraceCheckUtils]: 12: Hoare triple {1119#true} assume -2147483648 <= test_#t~nondet21#1 && test_#t~nondet21#1 <= 2147483647;test_~tmp___0~2#1 := test_#t~nondet21#1;havoc test_#t~nondet21#1; {1119#true} is VALID [2022-02-20 18:11:50,618 INFO L290 TraceCheckUtils]: 13: Hoare triple {1119#true} assume !(0 != test_~tmp___0~2#1); {1119#true} is VALID [2022-02-20 18:11:50,618 INFO L290 TraceCheckUtils]: 14: Hoare triple {1119#true} assume -2147483648 <= test_#t~nondet22#1 && test_#t~nondet22#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet22#1;havoc test_#t~nondet22#1; {1119#true} is VALID [2022-02-20 18:11:50,619 INFO L290 TraceCheckUtils]: 15: Hoare triple {1119#true} assume 0 != test_~tmp___2~0#1;assume { :begin_inline_startSystem } true;~systemActive~0 := 1; {1121#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:11:50,620 INFO L290 TraceCheckUtils]: 16: Hoare triple {1121#(= 1 ~systemActive~0)} assume { :end_inline_startSystem } true; {1121#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:11:50,624 INFO L272 TraceCheckUtils]: 17: Hoare triple {1121#(= 1 ~systemActive~0)} call timeShift(); {1121#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:11:50,624 INFO L290 TraceCheckUtils]: 18: Hoare triple {1121#(= 1 ~systemActive~0)} assume { :begin_inline___utac_acc__Specification5_spec__2 } true;havoc __utac_acc__Specification5_spec__2_#t~ret17#1; {1121#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:11:50,625 INFO L272 TraceCheckUtils]: 19: Hoare triple {1121#(= 1 ~systemActive~0)} call __utac_acc__Specification5_spec__2_#t~ret17#1 := isPumpRunning(); {1119#true} is VALID [2022-02-20 18:11:50,627 INFO L290 TraceCheckUtils]: 20: Hoare triple {1119#true} havoc ~retValue_acc~3;~retValue_acc~3 := ~pumpRunning~0;#res := ~retValue_acc~3; {1119#true} is VALID [2022-02-20 18:11:50,628 INFO L290 TraceCheckUtils]: 21: Hoare triple {1119#true} assume true; {1119#true} is VALID [2022-02-20 18:11:50,630 INFO L284 TraceCheckUtils]: 22: Hoare quadruple {1119#true} {1121#(= 1 ~systemActive~0)} #233#return; {1121#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:11:50,631 INFO L290 TraceCheckUtils]: 23: Hoare triple {1121#(= 1 ~systemActive~0)} assume -2147483648 <= __utac_acc__Specification5_spec__2_#t~ret17#1 && __utac_acc__Specification5_spec__2_#t~ret17#1 <= 2147483647;~switchedOnBeforeTS~0 := __utac_acc__Specification5_spec__2_#t~ret17#1;havoc __utac_acc__Specification5_spec__2_#t~ret17#1; {1121#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:11:50,631 INFO L290 TraceCheckUtils]: 24: Hoare triple {1121#(= 1 ~systemActive~0)} assume { :end_inline___utac_acc__Specification5_spec__2 } true; {1121#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:11:50,632 INFO L290 TraceCheckUtils]: 25: Hoare triple {1121#(= 1 ~systemActive~0)} assume !(0 != ~pumpRunning~0); {1121#(= 1 ~systemActive~0)} is VALID [2022-02-20 18:11:50,634 INFO L290 TraceCheckUtils]: 26: Hoare triple {1121#(= 1 ~systemActive~0)} assume !(0 != ~systemActive~0); {1120#false} is VALID [2022-02-20 18:11:50,634 INFO L290 TraceCheckUtils]: 27: Hoare triple {1120#false} assume { :begin_inline___utac_acc__Specification5_spec__3 } true;havoc __utac_acc__Specification5_spec__3_#t~ret18#1, __utac_acc__Specification5_spec__3_#t~ret19#1, __utac_acc__Specification5_spec__3_~tmp~3#1, __utac_acc__Specification5_spec__3_~tmp___0~1#1;havoc __utac_acc__Specification5_spec__3_~tmp~3#1;havoc __utac_acc__Specification5_spec__3_~tmp___0~1#1;assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~10#1;havoc getWaterLevel_~retValue_acc~10#1;getWaterLevel_~retValue_acc~10#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~10#1; {1120#false} is VALID [2022-02-20 18:11:50,634 INFO L290 TraceCheckUtils]: 28: Hoare triple {1120#false} __utac_acc__Specification5_spec__3_#t~ret18#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification5_spec__3_#t~ret18#1 && __utac_acc__Specification5_spec__3_#t~ret18#1 <= 2147483647;__utac_acc__Specification5_spec__3_~tmp~3#1 := __utac_acc__Specification5_spec__3_#t~ret18#1;havoc __utac_acc__Specification5_spec__3_#t~ret18#1; {1120#false} is VALID [2022-02-20 18:11:50,635 INFO L290 TraceCheckUtils]: 29: Hoare triple {1120#false} assume 2 != __utac_acc__Specification5_spec__3_~tmp~3#1; {1120#false} is VALID [2022-02-20 18:11:50,635 INFO L272 TraceCheckUtils]: 30: Hoare triple {1120#false} call __utac_acc__Specification5_spec__3_#t~ret19#1 := isPumpRunning(); {1119#true} is VALID [2022-02-20 18:11:50,636 INFO L290 TraceCheckUtils]: 31: Hoare triple {1119#true} havoc ~retValue_acc~3;~retValue_acc~3 := ~pumpRunning~0;#res := ~retValue_acc~3; {1119#true} is VALID [2022-02-20 18:11:50,637 INFO L290 TraceCheckUtils]: 32: Hoare triple {1119#true} assume true; {1119#true} is VALID [2022-02-20 18:11:50,637 INFO L284 TraceCheckUtils]: 33: Hoare quadruple {1119#true} {1120#false} #241#return; {1120#false} is VALID [2022-02-20 18:11:50,638 INFO L290 TraceCheckUtils]: 34: Hoare triple {1120#false} assume -2147483648 <= __utac_acc__Specification5_spec__3_#t~ret19#1 && __utac_acc__Specification5_spec__3_#t~ret19#1 <= 2147483647;__utac_acc__Specification5_spec__3_~tmp___0~1#1 := __utac_acc__Specification5_spec__3_#t~ret19#1;havoc __utac_acc__Specification5_spec__3_#t~ret19#1; {1120#false} is VALID [2022-02-20 18:11:50,647 INFO L290 TraceCheckUtils]: 35: Hoare triple {1120#false} assume 0 != __utac_acc__Specification5_spec__3_~tmp___0~1#1; {1120#false} is VALID [2022-02-20 18:11:50,648 INFO L290 TraceCheckUtils]: 36: Hoare triple {1120#false} assume 0 == ~switchedOnBeforeTS~0;assume { :begin_inline___automaton_fail } true; {1120#false} is VALID [2022-02-20 18:11:50,648 INFO L290 TraceCheckUtils]: 37: Hoare triple {1120#false} assume !false; {1120#false} is VALID [2022-02-20 18:11:50,648 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-02-20 18:11:50,649 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:11:50,649 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [990288319] [2022-02-20 18:11:50,649 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [990288319] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:11:50,649 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:11:50,649 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 18:11:50,650 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [923843196] [2022-02-20 18:11:50,650 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:11:50,651 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2022-02-20 18:11:50,651 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:11:50,651 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 18:11:50,680 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 36 edges. 36 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:11:50,680 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 18:11:50,681 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:11:50,681 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 18:11:50,682 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:11:50,682 INFO L87 Difference]: Start difference. First operand 75 states and 95 transitions. Second operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 18:11:50,803 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:11:50,803 INFO L93 Difference]: Finished difference Result 142 states and 183 transitions. [2022-02-20 18:11:50,803 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 18:11:50,804 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2022-02-20 18:11:50,804 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:11:50,804 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 18:11:50,809 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 183 transitions. [2022-02-20 18:11:50,809 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 18:11:50,814 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 183 transitions. [2022-02-20 18:11:50,814 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 183 transitions. [2022-02-20 18:11:50,975 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 183 edges. 183 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:11:50,978 INFO L225 Difference]: With dead ends: 142 [2022-02-20 18:11:50,979 INFO L226 Difference]: Without dead ends: 75 [2022-02-20 18:11:50,980 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 18:11:50,986 INFO L933 BasicCegarLoop]: 93 mSDtfsCounter, 85 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 85 SdHoareTripleChecker+Valid, 93 SdHoareTripleChecker+Invalid, 2 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 18:11:50,987 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [85 Valid, 93 Invalid, 2 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 18:11:50,989 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 75 states. [2022-02-20 18:11:50,999 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 75 to 75. [2022-02-20 18:11:50,999 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:11:51,000 INFO L82 GeneralOperation]: Start isEquivalent. First operand 75 states. Second operand has 75 states, 56 states have (on average 1.2857142857142858) internal successors, (72), 63 states have internal predecessors, (72), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:11:51,001 INFO L74 IsIncluded]: Start isIncluded. First operand 75 states. Second operand has 75 states, 56 states have (on average 1.2857142857142858) internal successors, (72), 63 states have internal predecessors, (72), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:11:51,001 INFO L87 Difference]: Start difference. First operand 75 states. Second operand has 75 states, 56 states have (on average 1.2857142857142858) internal successors, (72), 63 states have internal predecessors, (72), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:11:51,005 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:11:51,005 INFO L93 Difference]: Finished difference Result 75 states and 94 transitions. [2022-02-20 18:11:51,006 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 94 transitions. [2022-02-20 18:11:51,006 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:11:51,006 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:11:51,008 INFO L74 IsIncluded]: Start isIncluded. First operand has 75 states, 56 states have (on average 1.2857142857142858) internal successors, (72), 63 states have internal predecessors, (72), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) Second operand 75 states. [2022-02-20 18:11:51,008 INFO L87 Difference]: Start difference. First operand has 75 states, 56 states have (on average 1.2857142857142858) internal successors, (72), 63 states have internal predecessors, (72), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) Second operand 75 states. [2022-02-20 18:11:51,012 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:11:51,012 INFO L93 Difference]: Finished difference Result 75 states and 94 transitions. [2022-02-20 18:11:51,012 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 94 transitions. [2022-02-20 18:11:51,012 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:11:51,013 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:11:51,014 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:11:51,014 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:11:51,014 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 75 states, 56 states have (on average 1.2857142857142858) internal successors, (72), 63 states have internal predecessors, (72), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) [2022-02-20 18:11:51,017 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 75 states to 75 states and 94 transitions. [2022-02-20 18:11:51,017 INFO L78 Accepts]: Start accepts. Automaton has 75 states and 94 transitions. Word has length 38 [2022-02-20 18:11:51,018 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:11:51,018 INFO L470 AbstractCegarLoop]: Abstraction has 75 states and 94 transitions. [2022-02-20 18:11:51,018 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 18:11:51,019 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 94 transitions. [2022-02-20 18:11:51,020 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 49 [2022-02-20 18:11:51,021 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 18:11:51,021 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 18:11:51,021 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-02-20 18:11:51,021 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 18:11:51,022 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 18:11:51,022 INFO L85 PathProgramCache]: Analyzing trace with hash 455390908, now seen corresponding path program 1 times [2022-02-20 18:11:51,023 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 18:11:51,023 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1397227791] [2022-02-20 18:11:51,023 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 18:11:51,023 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 18:11:51,061 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:11:51,114 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-02-20 18:11:51,119 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:11:51,130 INFO L290 TraceCheckUtils]: 0: Hoare triple {1594#true} havoc ~retValue_acc~3;~retValue_acc~3 := ~pumpRunning~0;#res := ~retValue_acc~3; {1594#true} is VALID [2022-02-20 18:11:51,130 INFO L290 TraceCheckUtils]: 1: Hoare triple {1594#true} assume true; {1594#true} is VALID [2022-02-20 18:11:51,131 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1594#true} {1596#(= ~pumpRunning~0 0)} #233#return; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,135 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-02-20 18:11:51,140 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:11:51,151 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-02-20 18:11:51,153 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:11:51,157 INFO L290 TraceCheckUtils]: 0: Hoare triple {1594#true} assume true; {1594#true} is VALID [2022-02-20 18:11:51,157 INFO L284 TraceCheckUtils]: 1: Hoare quadruple {1594#true} {1596#(= ~pumpRunning~0 0)} #255#return; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,158 INFO L290 TraceCheckUtils]: 0: Hoare triple {1612#(= ~pumpRunning~0 |old(~pumpRunning~0)|)} havoc ~tmp~0#1; {1594#true} is VALID [2022-02-20 18:11:51,158 INFO L290 TraceCheckUtils]: 1: Hoare triple {1594#true} assume !(0 != ~pumpRunning~0); {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,158 INFO L272 TraceCheckUtils]: 2: Hoare triple {1596#(= ~pumpRunning~0 0)} call processEnvironment__wrappee__base(); {1594#true} is VALID [2022-02-20 18:11:51,158 INFO L290 TraceCheckUtils]: 3: Hoare triple {1594#true} assume true; {1594#true} is VALID [2022-02-20 18:11:51,159 INFO L284 TraceCheckUtils]: 4: Hoare quadruple {1594#true} {1596#(= ~pumpRunning~0 0)} #255#return; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,161 INFO L290 TraceCheckUtils]: 5: Hoare triple {1596#(= ~pumpRunning~0 0)} assume true; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,162 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {1596#(= ~pumpRunning~0 0)} {1596#(= ~pumpRunning~0 0)} #239#return; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,162 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 40 [2022-02-20 18:11:51,165 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 18:11:51,177 INFO L290 TraceCheckUtils]: 0: Hoare triple {1594#true} havoc ~retValue_acc~3;~retValue_acc~3 := ~pumpRunning~0;#res := ~retValue_acc~3; {1615#(= ~pumpRunning~0 |isPumpRunning_#res|)} is VALID [2022-02-20 18:11:51,177 INFO L290 TraceCheckUtils]: 1: Hoare triple {1615#(= ~pumpRunning~0 |isPumpRunning_#res|)} assume true; {1615#(= ~pumpRunning~0 |isPumpRunning_#res|)} is VALID [2022-02-20 18:11:51,178 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {1615#(= ~pumpRunning~0 |isPumpRunning_#res|)} {1596#(= ~pumpRunning~0 0)} #241#return; {1610#(= 0 |timeShift___utac_acc__Specification5_spec__3_#t~ret19#1|)} is VALID [2022-02-20 18:11:51,179 INFO L290 TraceCheckUtils]: 0: Hoare triple {1594#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(31, 2);call #Ultimate.allocInit(12, 3);call #Ultimate.allocInit(13, 4);call #Ultimate.allocInit(3, 5);call write~init~int(79, 5, 0, 1);call write~init~int(110, 5, 1, 1);call write~init~int(0, 5, 2, 1);call #Ultimate.allocInit(4, 6);call write~init~int(79, 6, 0, 1);call write~init~int(102, 6, 1, 1);call write~init~int(102, 6, 2, 1);call write~init~int(0, 6, 3, 1);call #Ultimate.allocInit(7, 7);call write~init~int(44, 7, 0, 1);call write~init~int(80, 7, 1, 1);call write~init~int(117, 7, 2, 1);call write~init~int(109, 7, 3, 1);call write~init~int(112, 7, 4, 1);call write~init~int(58, 7, 5, 1);call write~init~int(0, 7, 6, 1);call #Ultimate.allocInit(3, 8);call write~init~int(79, 8, 0, 1);call write~init~int(110, 8, 1, 1);call write~init~int(0, 8, 2, 1);call #Ultimate.allocInit(4, 9);call write~init~int(79, 9, 0, 1);call write~init~int(102, 9, 1, 1);call write~init~int(102, 9, 2, 1);call write~init~int(0, 9, 3, 1);call #Ultimate.allocInit(3, 10);call write~init~int(41, 10, 0, 1);call write~init~int(32, 10, 1, 1);call write~init~int(0, 10, 2, 1);call #Ultimate.allocInit(2, 11);call write~init~int(10, 11, 0, 1);call write~init~int(0, 11, 1, 1);call #Ultimate.allocInit(30, 12);call #Ultimate.allocInit(9, 13);call #Ultimate.allocInit(21, 14);call #Ultimate.allocInit(30, 15);call #Ultimate.allocInit(9, 16);call #Ultimate.allocInit(21, 17);call #Ultimate.allocInit(30, 18);call #Ultimate.allocInit(9, 19);call #Ultimate.allocInit(25, 20);call #Ultimate.allocInit(30, 21);call #Ultimate.allocInit(9, 22);call #Ultimate.allocInit(25, 23);call #Ultimate.allocInit(13, 24);call #Ultimate.allocInit(7, 25);call write~init~int(44, 25, 0, 1);call write~init~int(77, 25, 1, 1);call write~init~int(101, 25, 2, 1);call write~init~int(116, 25, 3, 1);call write~init~int(104, 25, 4, 1);call write~init~int(58, 25, 5, 1);call write~init~int(0, 25, 6, 1);call #Ultimate.allocInit(5, 26);call write~init~int(67, 26, 0, 1);call write~init~int(82, 26, 1, 1);call write~init~int(73, 26, 2, 1);call write~init~int(84, 26, 3, 1);call write~init~int(0, 26, 4, 1);call #Ultimate.allocInit(3, 27);call write~init~int(79, 27, 0, 1);call write~init~int(75, 27, 1, 1);call write~init~int(0, 27, 2, 1);call #Ultimate.allocInit(2, 28);call write~init~int(41, 28, 0, 1);call write~init~int(0, 28, 1, 1);~pumpRunning~0 := 0;~systemActive~0 := 1;~switchedOnBeforeTS~0 := 0;~cleanupTimeShifts~0 := 4;~head~0.base, ~head~0.offset := 0, 0;~waterLevel~0 := 1;~methaneLevelCritical~0 := 0; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,179 INFO L290 TraceCheckUtils]: 1: Hoare triple {1596#(= ~pumpRunning~0 0)} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret24#1, main_~retValue_acc~5#1, main_~tmp~5#1;havoc main_~retValue_acc~5#1;havoc main_~tmp~5#1;assume { :begin_inline_select_helpers } true; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,180 INFO L290 TraceCheckUtils]: 2: Hoare triple {1596#(= ~pumpRunning~0 0)} assume { :end_inline_select_helpers } true;assume { :begin_inline_select_features } true; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,180 INFO L290 TraceCheckUtils]: 3: Hoare triple {1596#(= ~pumpRunning~0 0)} assume { :end_inline_select_features } true;assume { :begin_inline_valid_product } true;havoc valid_product_#res#1;havoc valid_product_~retValue_acc~1#1;havoc valid_product_~retValue_acc~1#1;valid_product_~retValue_acc~1#1 := 1;valid_product_#res#1 := valid_product_~retValue_acc~1#1; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,180 INFO L290 TraceCheckUtils]: 4: Hoare triple {1596#(= ~pumpRunning~0 0)} main_#t~ret24#1 := valid_product_#res#1;assume { :end_inline_valid_product } true;assume -2147483648 <= main_#t~ret24#1 && main_#t~ret24#1 <= 2147483647;main_~tmp~5#1 := main_#t~ret24#1;havoc main_#t~ret24#1; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,181 INFO L290 TraceCheckUtils]: 5: Hoare triple {1596#(= ~pumpRunning~0 0)} assume 0 != main_~tmp~5#1;assume { :begin_inline_setup } true; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,181 INFO L290 TraceCheckUtils]: 6: Hoare triple {1596#(= ~pumpRunning~0 0)} assume { :end_inline_setup } true;assume { :begin_inline_runTest } true;assume { :begin_inline___utac_acc__Specification5_spec__1 } true;~switchedOnBeforeTS~0 := 0; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,181 INFO L290 TraceCheckUtils]: 7: Hoare triple {1596#(= ~pumpRunning~0 0)} assume { :end_inline___utac_acc__Specification5_spec__1 } true;assume { :begin_inline_test } true;havoc test_#t~nondet20#1, test_#t~nondet21#1, test_#t~nondet22#1, test_#t~nondet23#1, test_~splverifierCounter~0#1, test_~tmp~4#1, test_~tmp___0~2#1, test_~tmp___1~0#1, test_~tmp___2~0#1;havoc test_~splverifierCounter~0#1;havoc test_~tmp~4#1;havoc test_~tmp___0~2#1;havoc test_~tmp___1~0#1;havoc test_~tmp___2~0#1;test_~splverifierCounter~0#1 := 0; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,182 INFO L290 TraceCheckUtils]: 8: Hoare triple {1596#(= ~pumpRunning~0 0)} assume !false; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,182 INFO L290 TraceCheckUtils]: 9: Hoare triple {1596#(= ~pumpRunning~0 0)} assume test_~splverifierCounter~0#1 < 4; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,187 INFO L290 TraceCheckUtils]: 10: Hoare triple {1596#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet20#1 && test_#t~nondet20#1 <= 2147483647;test_~tmp~4#1 := test_#t~nondet20#1;havoc test_#t~nondet20#1; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,188 INFO L290 TraceCheckUtils]: 11: Hoare triple {1596#(= ~pumpRunning~0 0)} assume !(0 != test_~tmp~4#1); {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,188 INFO L290 TraceCheckUtils]: 12: Hoare triple {1596#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet21#1 && test_#t~nondet21#1 <= 2147483647;test_~tmp___0~2#1 := test_#t~nondet21#1;havoc test_#t~nondet21#1; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,189 INFO L290 TraceCheckUtils]: 13: Hoare triple {1596#(= ~pumpRunning~0 0)} assume !(0 != test_~tmp___0~2#1); {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,189 INFO L290 TraceCheckUtils]: 14: Hoare triple {1596#(= ~pumpRunning~0 0)} assume -2147483648 <= test_#t~nondet22#1 && test_#t~nondet22#1 <= 2147483647;test_~tmp___2~0#1 := test_#t~nondet22#1;havoc test_#t~nondet22#1; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,190 INFO L290 TraceCheckUtils]: 15: Hoare triple {1596#(= ~pumpRunning~0 0)} assume 0 != test_~tmp___2~0#1;assume { :begin_inline_startSystem } true;~systemActive~0 := 1; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,190 INFO L290 TraceCheckUtils]: 16: Hoare triple {1596#(= ~pumpRunning~0 0)} assume { :end_inline_startSystem } true; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,190 INFO L272 TraceCheckUtils]: 17: Hoare triple {1596#(= ~pumpRunning~0 0)} call timeShift(); {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,191 INFO L290 TraceCheckUtils]: 18: Hoare triple {1596#(= ~pumpRunning~0 0)} assume { :begin_inline___utac_acc__Specification5_spec__2 } true;havoc __utac_acc__Specification5_spec__2_#t~ret17#1; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,191 INFO L272 TraceCheckUtils]: 19: Hoare triple {1596#(= ~pumpRunning~0 0)} call __utac_acc__Specification5_spec__2_#t~ret17#1 := isPumpRunning(); {1594#true} is VALID [2022-02-20 18:11:51,191 INFO L290 TraceCheckUtils]: 20: Hoare triple {1594#true} havoc ~retValue_acc~3;~retValue_acc~3 := ~pumpRunning~0;#res := ~retValue_acc~3; {1594#true} is VALID [2022-02-20 18:11:51,192 INFO L290 TraceCheckUtils]: 21: Hoare triple {1594#true} assume true; {1594#true} is VALID [2022-02-20 18:11:51,192 INFO L284 TraceCheckUtils]: 22: Hoare quadruple {1594#true} {1596#(= ~pumpRunning~0 0)} #233#return; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,193 INFO L290 TraceCheckUtils]: 23: Hoare triple {1596#(= ~pumpRunning~0 0)} assume -2147483648 <= __utac_acc__Specification5_spec__2_#t~ret17#1 && __utac_acc__Specification5_spec__2_#t~ret17#1 <= 2147483647;~switchedOnBeforeTS~0 := __utac_acc__Specification5_spec__2_#t~ret17#1;havoc __utac_acc__Specification5_spec__2_#t~ret17#1; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,193 INFO L290 TraceCheckUtils]: 24: Hoare triple {1596#(= ~pumpRunning~0 0)} assume { :end_inline___utac_acc__Specification5_spec__2 } true; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,193 INFO L290 TraceCheckUtils]: 25: Hoare triple {1596#(= ~pumpRunning~0 0)} assume !(0 != ~pumpRunning~0); {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,194 INFO L290 TraceCheckUtils]: 26: Hoare triple {1596#(= ~pumpRunning~0 0)} assume 0 != ~systemActive~0;assume { :begin_inline_processEnvironment } true;havoc processEnvironment_#t~ret6#1, processEnvironment_~tmp~1#1;havoc processEnvironment_~tmp~1#1; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,194 INFO L290 TraceCheckUtils]: 27: Hoare triple {1596#(= ~pumpRunning~0 0)} assume !(0 != ~pumpRunning~0); {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,195 INFO L272 TraceCheckUtils]: 28: Hoare triple {1596#(= ~pumpRunning~0 0)} call processEnvironment__wrappee__lowWaterSensor(); {1612#(= ~pumpRunning~0 |old(~pumpRunning~0)|)} is VALID [2022-02-20 18:11:51,195 INFO L290 TraceCheckUtils]: 29: Hoare triple {1612#(= ~pumpRunning~0 |old(~pumpRunning~0)|)} havoc ~tmp~0#1; {1594#true} is VALID [2022-02-20 18:11:51,195 INFO L290 TraceCheckUtils]: 30: Hoare triple {1594#true} assume !(0 != ~pumpRunning~0); {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,196 INFO L272 TraceCheckUtils]: 31: Hoare triple {1596#(= ~pumpRunning~0 0)} call processEnvironment__wrappee__base(); {1594#true} is VALID [2022-02-20 18:11:51,196 INFO L290 TraceCheckUtils]: 32: Hoare triple {1594#true} assume true; {1594#true} is VALID [2022-02-20 18:11:51,196 INFO L284 TraceCheckUtils]: 33: Hoare quadruple {1594#true} {1596#(= ~pumpRunning~0 0)} #255#return; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,197 INFO L290 TraceCheckUtils]: 34: Hoare triple {1596#(= ~pumpRunning~0 0)} assume true; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,197 INFO L284 TraceCheckUtils]: 35: Hoare quadruple {1596#(= ~pumpRunning~0 0)} {1596#(= ~pumpRunning~0 0)} #239#return; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,198 INFO L290 TraceCheckUtils]: 36: Hoare triple {1596#(= ~pumpRunning~0 0)} assume { :end_inline_processEnvironment } true; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,198 INFO L290 TraceCheckUtils]: 37: Hoare triple {1596#(= ~pumpRunning~0 0)} assume { :begin_inline___utac_acc__Specification5_spec__3 } true;havoc __utac_acc__Specification5_spec__3_#t~ret18#1, __utac_acc__Specification5_spec__3_#t~ret19#1, __utac_acc__Specification5_spec__3_~tmp~3#1, __utac_acc__Specification5_spec__3_~tmp___0~1#1;havoc __utac_acc__Specification5_spec__3_~tmp~3#1;havoc __utac_acc__Specification5_spec__3_~tmp___0~1#1;assume { :begin_inline_getWaterLevel } true;havoc getWaterLevel_#res#1;havoc getWaterLevel_~retValue_acc~10#1;havoc getWaterLevel_~retValue_acc~10#1;getWaterLevel_~retValue_acc~10#1 := ~waterLevel~0;getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~10#1; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,199 INFO L290 TraceCheckUtils]: 38: Hoare triple {1596#(= ~pumpRunning~0 0)} __utac_acc__Specification5_spec__3_#t~ret18#1 := getWaterLevel_#res#1;assume { :end_inline_getWaterLevel } true;assume -2147483648 <= __utac_acc__Specification5_spec__3_#t~ret18#1 && __utac_acc__Specification5_spec__3_#t~ret18#1 <= 2147483647;__utac_acc__Specification5_spec__3_~tmp~3#1 := __utac_acc__Specification5_spec__3_#t~ret18#1;havoc __utac_acc__Specification5_spec__3_#t~ret18#1; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,199 INFO L290 TraceCheckUtils]: 39: Hoare triple {1596#(= ~pumpRunning~0 0)} assume 2 != __utac_acc__Specification5_spec__3_~tmp~3#1; {1596#(= ~pumpRunning~0 0)} is VALID [2022-02-20 18:11:51,199 INFO L272 TraceCheckUtils]: 40: Hoare triple {1596#(= ~pumpRunning~0 0)} call __utac_acc__Specification5_spec__3_#t~ret19#1 := isPumpRunning(); {1594#true} is VALID [2022-02-20 18:11:51,200 INFO L290 TraceCheckUtils]: 41: Hoare triple {1594#true} havoc ~retValue_acc~3;~retValue_acc~3 := ~pumpRunning~0;#res := ~retValue_acc~3; {1615#(= ~pumpRunning~0 |isPumpRunning_#res|)} is VALID [2022-02-20 18:11:51,200 INFO L290 TraceCheckUtils]: 42: Hoare triple {1615#(= ~pumpRunning~0 |isPumpRunning_#res|)} assume true; {1615#(= ~pumpRunning~0 |isPumpRunning_#res|)} is VALID [2022-02-20 18:11:51,201 INFO L284 TraceCheckUtils]: 43: Hoare quadruple {1615#(= ~pumpRunning~0 |isPumpRunning_#res|)} {1596#(= ~pumpRunning~0 0)} #241#return; {1610#(= 0 |timeShift___utac_acc__Specification5_spec__3_#t~ret19#1|)} is VALID [2022-02-20 18:11:51,202 INFO L290 TraceCheckUtils]: 44: Hoare triple {1610#(= 0 |timeShift___utac_acc__Specification5_spec__3_#t~ret19#1|)} assume -2147483648 <= __utac_acc__Specification5_spec__3_#t~ret19#1 && __utac_acc__Specification5_spec__3_#t~ret19#1 <= 2147483647;__utac_acc__Specification5_spec__3_~tmp___0~1#1 := __utac_acc__Specification5_spec__3_#t~ret19#1;havoc __utac_acc__Specification5_spec__3_#t~ret19#1; {1611#(= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~1#1| 0)} is VALID [2022-02-20 18:11:51,202 INFO L290 TraceCheckUtils]: 45: Hoare triple {1611#(= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~1#1| 0)} assume 0 != __utac_acc__Specification5_spec__3_~tmp___0~1#1; {1595#false} is VALID [2022-02-20 18:11:51,202 INFO L290 TraceCheckUtils]: 46: Hoare triple {1595#false} assume 0 == ~switchedOnBeforeTS~0;assume { :begin_inline___automaton_fail } true; {1595#false} is VALID [2022-02-20 18:11:51,203 INFO L290 TraceCheckUtils]: 47: Hoare triple {1595#false} assume !false; {1595#false} is VALID [2022-02-20 18:11:51,203 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-02-20 18:11:51,203 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 18:11:51,204 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1397227791] [2022-02-20 18:11:51,204 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1397227791] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 18:11:51,204 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 18:11:51,204 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-02-20 18:11:51,204 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [176224019] [2022-02-20 18:11:51,204 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 18:11:51,205 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 5.571428571428571) internal successors, (39), 5 states have internal predecessors, (39), 1 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 1 states have call successors, (4) Word has length 48 [2022-02-20 18:11:51,205 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 18:11:51,206 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 7 states have (on average 5.571428571428571) internal successors, (39), 5 states have internal predecessors, (39), 1 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 1 states have call successors, (4) [2022-02-20 18:11:51,243 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 48 edges. 48 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:11:51,243 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-20 18:11:51,243 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 18:11:51,244 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-20 18:11:51,244 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-02-20 18:11:51,245 INFO L87 Difference]: Start difference. First operand 75 states and 94 transitions. Second operand has 7 states, 7 states have (on average 5.571428571428571) internal successors, (39), 5 states have internal predecessors, (39), 1 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 1 states have call successors, (4) [2022-02-20 18:11:51,622 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:11:51,623 INFO L93 Difference]: Finished difference Result 125 states and 158 transitions. [2022-02-20 18:11:51,623 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-20 18:11:51,623 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 5.571428571428571) internal successors, (39), 5 states have internal predecessors, (39), 1 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 1 states have call successors, (4) Word has length 48 [2022-02-20 18:11:51,624 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 18:11:51,624 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 7 states have (on average 5.571428571428571) internal successors, (39), 5 states have internal predecessors, (39), 1 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 1 states have call successors, (4) [2022-02-20 18:11:51,627 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 158 transitions. [2022-02-20 18:11:51,627 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 7 states have (on average 5.571428571428571) internal successors, (39), 5 states have internal predecessors, (39), 1 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 1 states have call successors, (4) [2022-02-20 18:11:51,630 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 158 transitions. [2022-02-20 18:11:51,630 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 158 transitions. [2022-02-20 18:11:51,784 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 158 edges. 158 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 18:11:51,784 INFO L225 Difference]: With dead ends: 125 [2022-02-20 18:11:51,784 INFO L226 Difference]: Without dead ends: 0 [2022-02-20 18:11:51,785 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 20 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=33, Invalid=77, Unknown=0, NotChecked=0, Total=110 [2022-02-20 18:11:51,786 INFO L933 BasicCegarLoop]: 52 mSDtfsCounter, 50 mSDsluCounter, 141 mSDsCounter, 0 mSdLazyCounter, 90 mSolverCounterSat, 21 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 52 SdHoareTripleChecker+Valid, 193 SdHoareTripleChecker+Invalid, 111 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 21 IncrementalHoareTripleChecker+Valid, 90 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 18:11:51,786 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [52 Valid, 193 Invalid, 111 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [21 Valid, 90 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 18:11:51,787 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-02-20 18:11:51,787 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-02-20 18:11:51,787 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 18:11:51,787 INFO L82 GeneralOperation]: Start isEquivalent. First operand 0 states. Second operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 18:11:51,787 INFO L74 IsIncluded]: Start isIncluded. First operand 0 states. Second operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 18:11:51,787 INFO L87 Difference]: Start difference. First operand 0 states. Second operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 18:11:51,787 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:11:51,787 INFO L93 Difference]: Finished difference Result 0 states and 0 transitions. [2022-02-20 18:11:51,787 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-02-20 18:11:51,787 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:11:51,788 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:11:51,788 INFO L74 IsIncluded]: Start isIncluded. First operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Second operand 0 states. [2022-02-20 18:11:51,788 INFO L87 Difference]: Start difference. First operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Second operand 0 states. [2022-02-20 18:11:51,788 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 18:11:51,788 INFO L93 Difference]: Finished difference Result 0 states and 0 transitions. [2022-02-20 18:11:51,788 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-02-20 18:11:51,789 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:11:51,789 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 18:11:51,789 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 18:11:51,789 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 18:11:51,790 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 18:11:51,790 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-02-20 18:11:51,790 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 48 [2022-02-20 18:11:51,790 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 18:11:51,790 INFO L470 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-02-20 18:11:51,790 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 5.571428571428571) internal successors, (39), 5 states have internal predecessors, (39), 1 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 1 states have call successors, (4) [2022-02-20 18:11:51,791 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-02-20 18:11:51,791 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 18:11:51,793 INFO L764 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-02-20 18:11:51,794 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-02-20 18:11:51,795 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-02-20 18:11:52,067 INFO L861 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 197 204) the Hoare annotation is: true [2022-02-20 18:11:52,067 INFO L858 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 197 204) no Hoare annotation was computed. [2022-02-20 18:11:52,068 INFO L858 garLoopResultBuilder]: For program point deactivatePumpFINAL(lines 197 204) no Hoare annotation was computed. [2022-02-20 18:11:52,068 INFO L858 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 130 136) no Hoare annotation was computed. [2022-02-20 18:11:52,068 INFO L861 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 130 136) the Hoare annotation is: true [2022-02-20 18:11:52,068 INFO L861 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 899 910) the Hoare annotation is: true [2022-02-20 18:11:52,068 INFO L858 garLoopResultBuilder]: For program point L903-1(lines 899 910) no Hoare annotation was computed. [2022-02-20 18:11:52,068 INFO L858 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 899 910) no Hoare annotation was computed. [2022-02-20 18:11:52,068 INFO L861 garLoopResultBuilder]: At program point L417(line 417) the Hoare annotation is: true [2022-02-20 18:11:52,069 INFO L858 garLoopResultBuilder]: For program point L417-1(line 417) no Hoare annotation was computed. [2022-02-20 18:11:52,069 INFO L858 garLoopResultBuilder]: For program point cleanupEXIT(lines 411 440) no Hoare annotation was computed. [2022-02-20 18:11:52,069 INFO L861 garLoopResultBuilder]: At program point cleanupENTRY(lines 411 440) the Hoare annotation is: true [2022-02-20 18:11:52,069 INFO L861 garLoopResultBuilder]: At program point L436(lines 411 440) the Hoare annotation is: true [2022-02-20 18:11:52,069 INFO L858 garLoopResultBuilder]: For program point L432(line 432) no Hoare annotation was computed. [2022-02-20 18:11:52,069 INFO L858 garLoopResultBuilder]: For program point L425(lines 425 429) no Hoare annotation was computed. [2022-02-20 18:11:52,069 INFO L861 garLoopResultBuilder]: At program point L425-1(lines 425 429) the Hoare annotation is: true [2022-02-20 18:11:52,070 INFO L858 garLoopResultBuilder]: For program point L422(line 422) no Hoare annotation was computed. [2022-02-20 18:11:52,070 INFO L861 garLoopResultBuilder]: At program point L421-2(lines 421 435) the Hoare annotation is: true [2022-02-20 18:11:52,070 INFO L854 garLoopResultBuilder]: At program point L320(line 320) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) (not (= 1 ~systemActive~0))) [2022-02-20 18:11:52,070 INFO L858 garLoopResultBuilder]: For program point L320-1(line 320) no Hoare annotation was computed. [2022-02-20 18:11:52,070 INFO L854 garLoopResultBuilder]: At program point L948(lines 943 951) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) (not (= 1 ~systemActive~0))) [2022-02-20 18:11:52,070 INFO L858 garLoopResultBuilder]: For program point L110(lines 110 116) no Hoare annotation was computed. [2022-02-20 18:11:52,070 INFO L858 garLoopResultBuilder]: For program point L110-2(lines 106 128) no Hoare annotation was computed. [2022-02-20 18:11:52,071 INFO L858 garLoopResultBuilder]: For program point L172(lines 172 180) no Hoare annotation was computed. [2022-02-20 18:11:52,071 INFO L858 garLoopResultBuilder]: For program point L168(lines 168 185) no Hoare annotation was computed. [2022-02-20 18:11:52,071 INFO L858 garLoopResultBuilder]: For program point timeShiftFINAL(lines 103 129) no Hoare annotation was computed. [2022-02-20 18:11:52,071 INFO L854 garLoopResultBuilder]: At program point L916(lines 911 919) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:11:52,071 INFO L854 garLoopResultBuilder]: At program point L305(line 305) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) (not (= 1 ~systemActive~0))) [2022-02-20 18:11:52,071 INFO L858 garLoopResultBuilder]: For program point L305-1(line 305) no Hoare annotation was computed. [2022-02-20 18:11:52,072 INFO L858 garLoopResultBuilder]: For program point L879(lines 879 883) no Hoare annotation was computed. [2022-02-20 18:11:52,072 INFO L854 garLoopResultBuilder]: At program point L879-2(lines 875 886) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:11:52,072 INFO L858 garLoopResultBuilder]: For program point L966(line 966) no Hoare annotation was computed. [2022-02-20 18:11:52,072 INFO L858 garLoopResultBuilder]: For program point L322(lines 322 332) no Hoare annotation was computed. [2022-02-20 18:11:52,072 INFO L858 garLoopResultBuilder]: For program point L318(lines 318 335) no Hoare annotation was computed. [2022-02-20 18:11:52,072 INFO L854 garLoopResultBuilder]: At program point L318-1(lines 310 338) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) (not (= 1 ~systemActive~0))) [2022-02-20 18:11:52,072 INFO L854 garLoopResultBuilder]: At program point L178(line 178) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:11:52,073 INFO L854 garLoopResultBuilder]: At program point L174(line 174) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:11:52,073 INFO L854 garLoopResultBuilder]: At program point L967(lines 962 969) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:11:52,073 INFO L858 garLoopResultBuilder]: For program point L323(lines 323 329) no Hoare annotation was computed. [2022-02-20 18:11:52,073 INFO L854 garLoopResultBuilder]: At program point L183(line 183) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) (not (= 1 ~systemActive~0))) [2022-02-20 18:11:52,073 INFO L854 garLoopResultBuilder]: At program point L183-1(lines 164 188) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) (not (= 1 ~systemActive~0))) [2022-02-20 18:11:52,073 INFO L854 garLoopResultBuilder]: At program point L212(lines 205 215) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:11:52,073 INFO L858 garLoopResultBuilder]: For program point L117-1(lines 117 123) no Hoare annotation was computed. [2022-02-20 18:11:52,074 INFO L854 garLoopResultBuilder]: At program point L307(lines 300 309) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) (not (= 1 ~systemActive~0))) [2022-02-20 18:11:52,074 INFO L854 garLoopResultBuilder]: At program point timeShiftENTRY(lines 103 129) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) (not (= 1 ~systemActive~0))) [2022-02-20 18:11:52,074 INFO L858 garLoopResultBuilder]: For program point timeShiftEXIT(lines 103 129) no Hoare annotation was computed. [2022-02-20 18:11:52,074 INFO L858 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 966) no Hoare annotation was computed. [2022-02-20 18:11:52,074 INFO L861 garLoopResultBuilder]: At program point L502(lines 483 505) the Hoare annotation is: true [2022-02-20 18:11:52,074 INFO L854 garLoopResultBuilder]: At program point L469(lines 465 471) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0)) [2022-02-20 18:11:52,075 INFO L858 garLoopResultBuilder]: For program point L391(lines 391 395) no Hoare annotation was computed. [2022-02-20 18:11:52,075 INFO L854 garLoopResultBuilder]: At program point L391-2(lines 383 396) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-02-20 18:11:52,075 INFO L858 garLoopResultBuilder]: For program point L354(lines 353 400) no Hoare annotation was computed. [2022-02-20 18:11:52,075 INFO L858 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-02-20 18:11:52,075 INFO L858 garLoopResultBuilder]: For program point L383(lines 383 396) no Hoare annotation was computed. [2022-02-20 18:11:52,075 INFO L858 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-02-20 18:11:52,075 INFO L858 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-02-20 18:11:52,076 INFO L854 garLoopResultBuilder]: At program point L375(line 375) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-02-20 18:11:52,076 INFO L861 garLoopResultBuilder]: At program point L404(lines 343 408) the Hoare annotation is: true [2022-02-20 18:11:52,076 INFO L858 garLoopResultBuilder]: For program point L363(lines 363 369) no Hoare annotation was computed. [2022-02-20 18:11:52,076 INFO L858 garLoopResultBuilder]: For program point L363-1(lines 363 369) no Hoare annotation was computed. [2022-02-20 18:11:52,076 INFO L854 garLoopResultBuilder]: At program point L297(lines 292 299) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0)) [2022-02-20 18:11:52,076 INFO L858 garLoopResultBuilder]: For program point L355(lines 355 359) no Hoare annotation was computed. [2022-02-20 18:11:52,076 INFO L858 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-02-20 18:11:52,077 INFO L854 garLoopResultBuilder]: At program point L285(lines 280 287) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-02-20 18:11:52,077 INFO L854 garLoopResultBuilder]: At program point L83(lines 78 86) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0)) [2022-02-20 18:11:52,077 INFO L854 garLoopResultBuilder]: At program point L401(lines 352 402) the Hoare annotation is: false [2022-02-20 18:11:52,077 INFO L854 garLoopResultBuilder]: At program point L75(lines 71 77) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0)) [2022-02-20 18:11:52,077 INFO L861 garLoopResultBuilder]: At program point L480(lines 472 482) the Hoare annotation is: true [2022-02-20 18:11:52,077 INFO L858 garLoopResultBuilder]: For program point L373(lines 373 379) no Hoare annotation was computed. [2022-02-20 18:11:52,077 INFO L858 garLoopResultBuilder]: For program point L373-1(lines 373 379) no Hoare annotation was computed. [2022-02-20 18:11:52,078 INFO L854 garLoopResultBuilder]: At program point L398(lines 353 400) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-02-20 18:11:52,078 INFO L858 garLoopResultBuilder]: For program point L493(lines 493 500) no Hoare annotation was computed. [2022-02-20 18:11:52,078 INFO L854 garLoopResultBuilder]: At program point L365(line 365) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-02-20 18:11:52,078 INFO L858 garLoopResultBuilder]: For program point L493-2(lines 493 500) no Hoare annotation was computed. [2022-02-20 18:11:52,078 INFO L854 garLoopResultBuilder]: At program point L68(lines 64 70) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0)) [2022-02-20 18:11:52,078 INFO L858 garLoopResultBuilder]: For program point waterRiseEXIT(lines 887 898) no Hoare annotation was computed. [2022-02-20 18:11:52,079 INFO L858 garLoopResultBuilder]: For program point L891-1(lines 887 898) no Hoare annotation was computed. [2022-02-20 18:11:52,079 INFO L861 garLoopResultBuilder]: At program point waterRiseENTRY(lines 887 898) the Hoare annotation is: true [2022-02-20 18:11:52,079 INFO L854 garLoopResultBuilder]: At program point L157(line 157) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) (not (= 1 ~systemActive~0))) [2022-02-20 18:11:52,079 INFO L858 garLoopResultBuilder]: For program point L157-1(lines 138 162) no Hoare annotation was computed. [2022-02-20 18:11:52,079 INFO L854 garLoopResultBuilder]: At program point processEnvironment__wrappee__lowWaterSensorENTRY(lines 138 162) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) (not (= 1 ~systemActive~0))) [2022-02-20 18:11:52,079 INFO L858 garLoopResultBuilder]: For program point processEnvironment__wrappee__lowWaterSensorEXIT(lines 138 162) no Hoare annotation was computed. [2022-02-20 18:11:52,079 INFO L854 garLoopResultBuilder]: At program point L957(lines 952 960) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:11:52,080 INFO L854 garLoopResultBuilder]: At program point L152(line 152) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:11:52,080 INFO L854 garLoopResultBuilder]: At program point L276(lines 261 279) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:11:52,080 INFO L854 garLoopResultBuilder]: At program point L148(line 148) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= 1 ~systemActive~0))) [2022-02-20 18:11:52,080 INFO L858 garLoopResultBuilder]: For program point L146(lines 146 154) no Hoare annotation was computed. [2022-02-20 18:11:52,080 INFO L858 garLoopResultBuilder]: For program point L142(lines 142 159) no Hoare annotation was computed. [2022-02-20 18:11:52,080 INFO L858 garLoopResultBuilder]: For program point L270(lines 270 274) no Hoare annotation was computed. [2022-02-20 18:11:52,080 INFO L858 garLoopResultBuilder]: For program point L270-2(lines 270 274) no Hoare annotation was computed. [2022-02-20 18:11:52,081 INFO L858 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 216 224) no Hoare annotation was computed. [2022-02-20 18:11:52,081 INFO L861 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 216 224) the Hoare annotation is: true [2022-02-20 18:11:52,081 INFO L858 garLoopResultBuilder]: For program point isPumpRunningFINAL(lines 216 224) no Hoare annotation was computed. [2022-02-20 18:11:52,084 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1] [2022-02-20 18:11:52,085 INFO L180 ceAbstractionStarter]: Computing trace abstraction results [2022-02-20 18:11:52,088 WARN L170 areAnnotationChecker]: deactivatePumpFINAL has no Hoare annotation [2022-02-20 18:11:52,089 WARN L170 areAnnotationChecker]: processEnvironment__wrappee__baseEXIT has no Hoare annotation [2022-02-20 18:11:52,089 WARN L170 areAnnotationChecker]: L903-1 has no Hoare annotation [2022-02-20 18:11:52,089 WARN L170 areAnnotationChecker]: L903-1 has no Hoare annotation [2022-02-20 18:11:52,090 WARN L170 areAnnotationChecker]: ULTIMATE.startENTRY has no Hoare annotation [2022-02-20 18:11:52,090 WARN L170 areAnnotationChecker]: L891-1 has no Hoare annotation [2022-02-20 18:11:52,090 WARN L170 areAnnotationChecker]: L891-1 has no Hoare annotation [2022-02-20 18:11:52,090 WARN L170 areAnnotationChecker]: L142 has no Hoare annotation [2022-02-20 18:11:52,090 WARN L170 areAnnotationChecker]: isPumpRunningFINAL has no Hoare annotation [2022-02-20 18:11:52,090 WARN L170 areAnnotationChecker]: deactivatePumpFINAL has no Hoare annotation [2022-02-20 18:11:52,090 WARN L170 areAnnotationChecker]: processEnvironment__wrappee__baseEXIT has no Hoare annotation [2022-02-20 18:11:52,090 WARN L170 areAnnotationChecker]: processEnvironment__wrappee__baseEXIT has no Hoare annotation [2022-02-20 18:11:52,091 WARN L170 areAnnotationChecker]: L903-1 has no Hoare annotation [2022-02-20 18:11:52,091 WARN L170 areAnnotationChecker]: L417-1 has no Hoare annotation [2022-02-20 18:11:52,091 WARN L170 areAnnotationChecker]: L305-1 has no Hoare annotation [2022-02-20 18:11:52,092 WARN L170 areAnnotationChecker]: L-1 has no Hoare annotation [2022-02-20 18:11:52,092 WARN L170 areAnnotationChecker]: L891-1 has no Hoare annotation [2022-02-20 18:11:52,092 WARN L170 areAnnotationChecker]: L142 has no Hoare annotation [2022-02-20 18:11:52,092 WARN L170 areAnnotationChecker]: L142 has no Hoare annotation [2022-02-20 18:11:52,092 WARN L170 areAnnotationChecker]: isPumpRunningFINAL has no Hoare annotation [2022-02-20 18:11:52,092 WARN L170 areAnnotationChecker]: deactivatePumpEXIT has no Hoare annotation [2022-02-20 18:11:52,092 WARN L170 areAnnotationChecker]: deactivatePumpEXIT has no Hoare annotation [2022-02-20 18:11:52,092 WARN L170 areAnnotationChecker]: L157-1 has no Hoare annotation [2022-02-20 18:11:52,092 WARN L170 areAnnotationChecker]: changeMethaneLevelEXIT has no Hoare annotation [2022-02-20 18:11:52,093 WARN L170 areAnnotationChecker]: L417-1 has no Hoare annotation [2022-02-20 18:11:52,093 WARN L170 areAnnotationChecker]: L305-1 has no Hoare annotation [2022-02-20 18:11:52,095 WARN L170 areAnnotationChecker]: waterRiseEXIT has no Hoare annotation [2022-02-20 18:11:52,095 WARN L170 areAnnotationChecker]: L270 has no Hoare annotation [2022-02-20 18:11:52,095 WARN L170 areAnnotationChecker]: L157-1 has no Hoare annotation [2022-02-20 18:11:52,095 WARN L170 areAnnotationChecker]: isPumpRunningEXIT has no Hoare annotation [2022-02-20 18:11:52,095 WARN L170 areAnnotationChecker]: isPumpRunningEXIT has no Hoare annotation [2022-02-20 18:11:52,095 WARN L170 areAnnotationChecker]: L117-1 has no Hoare annotation [2022-02-20 18:11:52,096 WARN L170 areAnnotationChecker]: processEnvironment__wrappee__lowWaterSensorEXIT has no Hoare annotation [2022-02-20 18:11:52,096 WARN L170 areAnnotationChecker]: processEnvironment__wrappee__lowWaterSensorEXIT has no Hoare annotation [2022-02-20 18:11:52,096 WARN L170 areAnnotationChecker]: L373-1 has no Hoare annotation [2022-02-20 18:11:52,096 WARN L170 areAnnotationChecker]: L422 has no Hoare annotation [2022-02-20 18:11:52,096 WARN L170 areAnnotationChecker]: L110 has no Hoare annotation [2022-02-20 18:11:52,097 WARN L170 areAnnotationChecker]: L363-1 has no Hoare annotation [2022-02-20 18:11:52,097 WARN L170 areAnnotationChecker]: L270 has no Hoare annotation [2022-02-20 18:11:52,097 WARN L170 areAnnotationChecker]: L270 has no Hoare annotation [2022-02-20 18:11:52,097 WARN L170 areAnnotationChecker]: L320-1 has no Hoare annotation [2022-02-20 18:11:52,097 WARN L170 areAnnotationChecker]: L117-1 has no Hoare annotation [2022-02-20 18:11:52,097 WARN L170 areAnnotationChecker]: L383 has no Hoare annotation [2022-02-20 18:11:52,097 WARN L170 areAnnotationChecker]: L383 has no Hoare annotation [2022-02-20 18:11:52,098 WARN L170 areAnnotationChecker]: cleanupEXIT has no Hoare annotation [2022-02-20 18:11:52,098 WARN L170 areAnnotationChecker]: L422 has no Hoare annotation [2022-02-20 18:11:52,098 WARN L170 areAnnotationChecker]: L110 has no Hoare annotation [2022-02-20 18:11:52,098 WARN L170 areAnnotationChecker]: L110 has no Hoare annotation [2022-02-20 18:11:52,098 WARN L170 areAnnotationChecker]: L493 has no Hoare annotation [2022-02-20 18:11:52,098 WARN L170 areAnnotationChecker]: L373 has no Hoare annotation [2022-02-20 18:11:52,098 WARN L170 areAnnotationChecker]: L373 has no Hoare annotation [2022-02-20 18:11:52,098 WARN L170 areAnnotationChecker]: L270-2 has no Hoare annotation [2022-02-20 18:11:52,098 WARN L170 areAnnotationChecker]: L322 has no Hoare annotation [2022-02-20 18:11:52,099 WARN L170 areAnnotationChecker]: L322 has no Hoare annotation [2022-02-20 18:11:52,099 WARN L170 areAnnotationChecker]: L318 has no Hoare annotation [2022-02-20 18:11:52,099 WARN L170 areAnnotationChecker]: L391 has no Hoare annotation [2022-02-20 18:11:52,099 WARN L170 areAnnotationChecker]: L391 has no Hoare annotation [2022-02-20 18:11:52,100 WARN L170 areAnnotationChecker]: cleanupEXIT has no Hoare annotation [2022-02-20 18:11:52,100 WARN L170 areAnnotationChecker]: L425 has no Hoare annotation [2022-02-20 18:11:52,100 WARN L170 areAnnotationChecker]: L425 has no Hoare annotation [2022-02-20 18:11:52,100 WARN L170 areAnnotationChecker]: L879 has no Hoare annotation [2022-02-20 18:11:52,100 WARN L170 areAnnotationChecker]: L879 has no Hoare annotation [2022-02-20 18:11:52,100 WARN L170 areAnnotationChecker]: L110-2 has no Hoare annotation [2022-02-20 18:11:52,100 WARN L170 areAnnotationChecker]: L110-2 has no Hoare annotation [2022-02-20 18:11:52,100 WARN L170 areAnnotationChecker]: L493 has no Hoare annotation [2022-02-20 18:11:52,100 WARN L170 areAnnotationChecker]: L493 has no Hoare annotation [2022-02-20 18:11:52,101 WARN L170 areAnnotationChecker]: L373-1 has no Hoare annotation [2022-02-20 18:11:52,101 WARN L170 areAnnotationChecker]: L146 has no Hoare annotation [2022-02-20 18:11:52,101 WARN L170 areAnnotationChecker]: L323 has no Hoare annotation [2022-02-20 18:11:52,101 WARN L170 areAnnotationChecker]: L323 has no Hoare annotation [2022-02-20 18:11:52,101 WARN L170 areAnnotationChecker]: timeShiftFINAL has no Hoare annotation [2022-02-20 18:11:52,101 WARN L170 areAnnotationChecker]: L318 has no Hoare annotation [2022-02-20 18:11:52,101 WARN L170 areAnnotationChecker]: L318 has no Hoare annotation [2022-02-20 18:11:52,103 WARN L170 areAnnotationChecker]: L432 has no Hoare annotation [2022-02-20 18:11:52,103 WARN L170 areAnnotationChecker]: L110-2 has no Hoare annotation [2022-02-20 18:11:52,103 WARN L170 areAnnotationChecker]: L168 has no Hoare annotation [2022-02-20 18:11:52,103 WARN L170 areAnnotationChecker]: L168 has no Hoare annotation [2022-02-20 18:11:52,104 WARN L170 areAnnotationChecker]: L493-2 has no Hoare annotation [2022-02-20 18:11:52,104 WARN L170 areAnnotationChecker]: L146 has no Hoare annotation [2022-02-20 18:11:52,104 WARN L170 areAnnotationChecker]: L146 has no Hoare annotation [2022-02-20 18:11:52,104 WARN L170 areAnnotationChecker]: L966 has no Hoare annotation [2022-02-20 18:11:52,104 WARN L170 areAnnotationChecker]: L966 has no Hoare annotation [2022-02-20 18:11:52,104 WARN L170 areAnnotationChecker]: timeShiftFINAL has no Hoare annotation [2022-02-20 18:11:52,105 WARN L170 areAnnotationChecker]: L320-1 has no Hoare annotation [2022-02-20 18:11:52,105 WARN L170 areAnnotationChecker]: L354 has no Hoare annotation [2022-02-20 18:11:52,105 WARN L170 areAnnotationChecker]: L493-2 has no Hoare annotation [2022-02-20 18:11:52,105 WARN L170 areAnnotationChecker]: L432 has no Hoare annotation [2022-02-20 18:11:52,107 WARN L170 areAnnotationChecker]: ULTIMATE.startFINAL has no Hoare annotation [2022-02-20 18:11:52,107 WARN L170 areAnnotationChecker]: L157-1 has no Hoare annotation [2022-02-20 18:11:52,107 WARN L170 areAnnotationChecker]: L157-1 has no Hoare annotation [2022-02-20 18:11:52,107 WARN L170 areAnnotationChecker]: timeShiftEXIT has no Hoare annotation [2022-02-20 18:11:52,108 WARN L170 areAnnotationChecker]: timeShiftEXIT has no Hoare annotation [2022-02-20 18:11:52,108 WARN L170 areAnnotationChecker]: timeShiftEXIT has no Hoare annotation [2022-02-20 18:11:52,108 WARN L170 areAnnotationChecker]: L354 has no Hoare annotation [2022-02-20 18:11:52,108 WARN L170 areAnnotationChecker]: L354 has no Hoare annotation [2022-02-20 18:11:52,108 WARN L170 areAnnotationChecker]: L172 has no Hoare annotation [2022-02-20 18:11:52,108 WARN L170 areAnnotationChecker]: ULTIMATE.startFINAL has no Hoare annotation [2022-02-20 18:11:52,108 WARN L170 areAnnotationChecker]: L355 has no Hoare annotation [2022-02-20 18:11:52,108 WARN L170 areAnnotationChecker]: L172 has no Hoare annotation [2022-02-20 18:11:52,108 WARN L170 areAnnotationChecker]: L172 has no Hoare annotation [2022-02-20 18:11:52,109 WARN L170 areAnnotationChecker]: L363 has no Hoare annotation [2022-02-20 18:11:52,109 WARN L170 areAnnotationChecker]: L363 has no Hoare annotation [2022-02-20 18:11:52,109 WARN L170 areAnnotationChecker]: L363-1 has no Hoare annotation [2022-02-20 18:11:52,109 INFO L163 areAnnotationChecker]: CFG has 28 edges. 28 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. 0 times interpolants missing. [2022-02-20 18:11:52,123 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 20.02 06:11:52 BoogieIcfgContainer [2022-02-20 18:11:52,123 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-02-20 18:11:52,124 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-02-20 18:11:52,124 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-02-20 18:11:52,124 INFO L275 PluginConnector]: Witness Printer initialized [2022-02-20 18:11:52,125 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 06:11:48" (3/4) ... [2022-02-20 18:11:52,127 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-02-20 18:11:52,132 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-02-20 18:11:52,132 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-02-20 18:11:52,132 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-02-20 18:11:52,133 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-02-20 18:11:52,133 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-02-20 18:11:52,133 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-02-20 18:11:52,133 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__lowWaterSensor [2022-02-20 18:11:52,133 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-02-20 18:11:52,140 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 51 nodes and edges [2022-02-20 18:11:52,140 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-02-20 18:11:52,141 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-02-20 18:11:52,141 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-02-20 18:11:52,141 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-02-20 18:11:52,142 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-02-20 18:11:52,142 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-02-20 18:11:52,162 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive) [2022-02-20 18:11:52,163 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 == systemActive) [2022-02-20 18:11:52,163 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive) [2022-02-20 18:11:52,163 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive) [2022-02-20 18:11:52,164 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 == systemActive) [2022-02-20 18:11:52,164 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive) [2022-02-20 18:11:52,164 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 == systemActive) [2022-02-20 18:11:52,164 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 == systemActive) [2022-02-20 18:11:52,165 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 == systemActive) [2022-02-20 18:11:52,165 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(\old(pumpRunning) == 0) || !(1 == systemActive) [2022-02-20 18:11:52,183 INFO L141 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2022-02-20 18:11:52,183 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-02-20 18:11:52,184 INFO L158 Benchmark]: Toolchain (without parser) took 4433.64ms. Allocated memory was 86.0MB in the beginning and 127.9MB in the end (delta: 41.9MB). Free memory was 48.0MB in the beginning and 35.9MB in the end (delta: 12.0MB). Peak memory consumption was 54.6MB. Max. memory is 16.1GB. [2022-02-20 18:11:52,184 INFO L158 Benchmark]: CDTParser took 0.20ms. Allocated memory is still 86.0MB. Free memory is still 65.6MB. There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 18:11:52,185 INFO L158 Benchmark]: CACSL2BoogieTranslator took 547.69ms. Allocated memory was 86.0MB in the beginning and 104.9MB in the end (delta: 18.9MB). Free memory was 47.7MB in the beginning and 68.3MB in the end (delta: -20.6MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2022-02-20 18:11:52,185 INFO L158 Benchmark]: Boogie Procedure Inliner took 83.92ms. Allocated memory is still 104.9MB. Free memory was 68.3MB in the beginning and 65.6MB in the end (delta: 2.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:11:52,185 INFO L158 Benchmark]: Boogie Preprocessor took 37.26ms. Allocated memory is still 104.9MB. Free memory was 65.6MB in the beginning and 63.8MB in the end (delta: 1.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-02-20 18:11:52,186 INFO L158 Benchmark]: RCFGBuilder took 537.30ms. Allocated memory is still 104.9MB. Free memory was 63.8MB in the beginning and 43.2MB in the end (delta: 20.6MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2022-02-20 18:11:52,186 INFO L158 Benchmark]: TraceAbstraction took 3161.10ms. Allocated memory was 104.9MB in the beginning and 127.9MB in the end (delta: 23.1MB). Free memory was 42.5MB in the beginning and 41.2MB in the end (delta: 1.3MB). Peak memory consumption was 27.5MB. Max. memory is 16.1GB. [2022-02-20 18:11:52,186 INFO L158 Benchmark]: Witness Printer took 59.30ms. Allocated memory is still 127.9MB. Free memory was 41.2MB in the beginning and 35.9MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-02-20 18:11:52,188 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.20ms. Allocated memory is still 86.0MB. Free memory is still 65.6MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 547.69ms. Allocated memory was 86.0MB in the beginning and 104.9MB in the end (delta: 18.9MB). Free memory was 47.7MB in the beginning and 68.3MB in the end (delta: -20.6MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 83.92ms. Allocated memory is still 104.9MB. Free memory was 68.3MB in the beginning and 65.6MB in the end (delta: 2.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 37.26ms. Allocated memory is still 104.9MB. Free memory was 65.6MB in the beginning and 63.8MB in the end (delta: 1.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 537.30ms. Allocated memory is still 104.9MB. Free memory was 63.8MB in the beginning and 43.2MB in the end (delta: 20.6MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * TraceAbstraction took 3161.10ms. Allocated memory was 104.9MB in the beginning and 127.9MB in the end (delta: 23.1MB). Free memory was 42.5MB in the beginning and 41.2MB in the end (delta: 1.3MB). Peak memory consumption was 27.5MB. Max. memory is 16.1GB. * Witness Printer took 59.30ms. Allocated memory is still 127.9MB. Free memory was 41.2MB in the beginning and 35.9MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 966]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 93 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 3.1s, OverallIterations: 4, TraceHistogramMax: 2, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 1.6s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.3s, InitialAbstractionConstructionTime: 0.0s, PartialOrderReductionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 153 SdHoareTripleChecker+Valid, 0.1s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 148 mSDsluCounter, 573 SdHoareTripleChecker+Invalid, 0.1s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 218 mSDsCounter, 22 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 92 IncrementalHoareTripleChecker+Invalid, 114 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 22 mSolverCounterUnsat, 355 mSDtfsCounter, 92 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 40 GetRequests, 29 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=93occurred in iteration=0, InterpolantAutomatonStates: 15, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.1s AutomataMinimizationTime, 4 MinimizatonAttempts, 0 StatesRemovedByMinimization, 0 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 44 LocationsWithAnnotation, 225 PreInvPairs, 240 NumberOfFragments, 309 HoareAnnotationTreeSize, 225 FomulaSimplifications, 0 FormulaSimplificationTreeSizeReduction, 0.0s HoareSimplificationTime, 44 FomulaSimplificationsInter, 143 FormulaSimplificationTreeSizeReductionInter, 0.2s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 0.4s InterpolantComputationTime, 151 NumberOfCodeBlocks, 151 NumberOfCodeBlocksAsserted, 4 NumberOfCheckSat, 147 ConstructedInterpolants, 0 QuantifiedInterpolants, 243 SizeOfPredicates, 0 NumberOfNonLiveVariables, 0 ConjunctsInSsa, 0 ConjunctsInUnsatCore, 4 InterpolantComputations, 4 PerfectInterpolantSequences, 12/12 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 300]: Loop Invariant Derived loop invariant: (!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive) - InvariantResult [Line: 310]: Loop Invariant Derived loop invariant: (!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive) - InvariantResult [Line: 421]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 78]: Loop Invariant Derived loop invariant: pumpRunning == 0 && 1 == systemActive - InvariantResult [Line: 483]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 911]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 == systemActive) - InvariantResult [Line: 952]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 == systemActive) - InvariantResult [Line: 64]: Loop Invariant Derived loop invariant: pumpRunning == 0 && 1 == systemActive - InvariantResult [Line: 352]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 71]: Loop Invariant Derived loop invariant: pumpRunning == 0 && 1 == systemActive - InvariantResult [Line: 411]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 943]: Loop Invariant Derived loop invariant: (!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive) - InvariantResult [Line: 164]: Loop Invariant Derived loop invariant: (!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive) - InvariantResult [Line: 465]: Loop Invariant Derived loop invariant: pumpRunning == 0 && 1 == systemActive - InvariantResult [Line: 962]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 == systemActive) - InvariantResult [Line: 261]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 == systemActive) - InvariantResult [Line: 280]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && splverifierCounter == 0 - InvariantResult [Line: 875]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 == systemActive) - InvariantResult [Line: 353]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && splverifierCounter == 0 - InvariantResult [Line: 343]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 472]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 205]: Loop Invariant Derived loop invariant: !(\old(pumpRunning) == 0) || !(1 == systemActive) - InvariantResult [Line: 292]: Loop Invariant Derived loop invariant: pumpRunning == 0 && 1 == systemActive RESULT: Ultimate proved your program to be correct! [2022-02-20 18:11:52,227 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE