./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec1_product39.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 551b0097 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec1_product39.cil.c -s /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 1a60868809a0ad0cb359a526a1f66a469756e048a31d4d83c9a3de774ac0575c --- Real Ultimate output --- This is Ultimate 0.3.0-?-551b009-m [2025-01-09 03:59:35,162 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-01-09 03:59:35,221 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-01-09 03:59:35,225 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-01-09 03:59:35,225 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-01-09 03:59:35,240 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-01-09 03:59:35,241 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-01-09 03:59:35,241 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-01-09 03:59:35,242 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-01-09 03:59:35,242 INFO L153 SettingsManager]: * Use memory slicer=true [2025-01-09 03:59:35,242 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-01-09 03:59:35,243 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-01-09 03:59:35,243 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-01-09 03:59:35,243 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-01-09 03:59:35,243 INFO L153 SettingsManager]: * Use SBE=true [2025-01-09 03:59:35,243 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-01-09 03:59:35,244 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-01-09 03:59:35,244 INFO L153 SettingsManager]: * sizeof long=4 [2025-01-09 03:59:35,244 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-01-09 03:59:35,244 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-01-09 03:59:35,245 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-01-09 03:59:35,245 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-01-09 03:59:35,245 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-01-09 03:59:35,245 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-01-09 03:59:35,245 INFO L153 SettingsManager]: * sizeof long double=12 [2025-01-09 03:59:35,245 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-01-09 03:59:35,245 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-01-09 03:59:35,245 INFO L153 SettingsManager]: * Use constant arrays=true [2025-01-09 03:59:35,245 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-01-09 03:59:35,245 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-01-09 03:59:35,245 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-01-09 03:59:35,245 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-01-09 03:59:35,245 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 03:59:35,245 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2025-01-09 03:59:35,246 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-01-09 03:59:35,246 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-01-09 03:59:35,246 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-01-09 03:59:35,246 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 03:59:35,246 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-01-09 03:59:35,246 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-01-09 03:59:35,246 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-01-09 03:59:35,246 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-01-09 03:59:35,246 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-01-09 03:59:35,246 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-01-09 03:59:35,246 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-01-09 03:59:35,246 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-01-09 03:59:35,246 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-01-09 03:59:35,246 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-01-09 03:59:35,246 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 1a60868809a0ad0cb359a526a1f66a469756e048a31d4d83c9a3de774ac0575c [2025-01-09 03:59:35,473 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-01-09 03:59:35,479 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-01-09 03:59:35,481 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-01-09 03:59:35,482 INFO L270 PluginConnector]: Initializing CDTParser... [2025-01-09 03:59:35,482 INFO L274 PluginConnector]: CDTParser initialized [2025-01-09 03:59:35,483 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec1_product39.cil.c [2025-01-09 03:59:36,609 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/1b92f77de/9edba8325de9429fa95cc66a7f3eaa31/FLAG4aba6881a [2025-01-09 03:59:36,849 INFO L384 CDTParser]: Found 1 translation units. [2025-01-09 03:59:36,850 INFO L180 CDTParser]: Scanning /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product39.cil.c [2025-01-09 03:59:36,860 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/1b92f77de/9edba8325de9429fa95cc66a7f3eaa31/FLAG4aba6881a [2025-01-09 03:59:36,871 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/1b92f77de/9edba8325de9429fa95cc66a7f3eaa31 [2025-01-09 03:59:36,873 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-01-09 03:59:36,874 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-01-09 03:59:36,874 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-01-09 03:59:36,874 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-01-09 03:59:36,877 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-01-09 03:59:36,878 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.01 03:59:36" (1/1) ... [2025-01-09 03:59:36,879 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@55efa566 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:36, skipping insertion in model container [2025-01-09 03:59:36,879 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.01 03:59:36" (1/1) ... [2025-01-09 03:59:36,901 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-01-09 03:59:37,081 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product39.cil.c[11731,11744] [2025-01-09 03:59:37,121 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-01-09 03:59:37,135 INFO L200 MainTranslator]: Completed pre-run [2025-01-09 03:59:37,143 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] [2025-01-09 03:59:37,145 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [415] [2025-01-09 03:59:37,145 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [444] [2025-01-09 03:59:37,145 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [453] [2025-01-09 03:59:37,146 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [553] [2025-01-09 03:59:37,146 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [623] [2025-01-09 03:59:37,146 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [819] [2025-01-09 03:59:37,146 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [857] [2025-01-09 03:59:37,179 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product39.cil.c[11731,11744] [2025-01-09 03:59:37,192 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-01-09 03:59:37,206 INFO L204 MainTranslator]: Completed translation [2025-01-09 03:59:37,208 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:37 WrapperNode [2025-01-09 03:59:37,208 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-01-09 03:59:37,210 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-01-09 03:59:37,210 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-01-09 03:59:37,210 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-01-09 03:59:37,214 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:37" (1/1) ... [2025-01-09 03:59:37,223 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:37" (1/1) ... [2025-01-09 03:59:37,241 INFO L138 Inliner]: procedures = 54, calls = 99, calls flagged for inlining = 21, calls inlined = 18, statements flattened = 186 [2025-01-09 03:59:37,241 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-01-09 03:59:37,242 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-01-09 03:59:37,242 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-01-09 03:59:37,242 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-01-09 03:59:37,248 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:37" (1/1) ... [2025-01-09 03:59:37,248 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:37" (1/1) ... [2025-01-09 03:59:37,249 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:37" (1/1) ... [2025-01-09 03:59:37,259 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-01-09 03:59:37,260 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:37" (1/1) ... [2025-01-09 03:59:37,260 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:37" (1/1) ... [2025-01-09 03:59:37,263 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:37" (1/1) ... [2025-01-09 03:59:37,263 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:37" (1/1) ... [2025-01-09 03:59:37,266 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:37" (1/1) ... [2025-01-09 03:59:37,267 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:37" (1/1) ... [2025-01-09 03:59:37,267 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:37" (1/1) ... [2025-01-09 03:59:37,268 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-01-09 03:59:37,270 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2025-01-09 03:59:37,270 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2025-01-09 03:59:37,270 INFO L274 PluginConnector]: RCFGBuilder initialized [2025-01-09 03:59:37,271 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:37" (1/1) ... [2025-01-09 03:59:37,275 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 03:59:37,284 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-01-09 03:59:37,294 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-01-09 03:59:37,298 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-01-09 03:59:37,315 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-01-09 03:59:37,315 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2025-01-09 03:59:37,315 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2025-01-09 03:59:37,315 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-01-09 03:59:37,315 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-01-09 03:59:37,316 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-01-09 03:59:37,316 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-01-09 03:59:37,316 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2025-01-09 03:59:37,316 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2025-01-09 03:59:37,316 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2025-01-09 03:59:37,316 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2025-01-09 03:59:37,316 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-01-09 03:59:37,316 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-01-09 03:59:37,316 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2025-01-09 03:59:37,316 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2025-01-09 03:59:37,316 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-01-09 03:59:37,316 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-01-09 03:59:37,316 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-01-09 03:59:37,316 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-01-09 03:59:37,316 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-01-09 03:59:37,377 INFO L234 CfgBuilder]: Building ICFG [2025-01-09 03:59:37,379 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2025-01-09 03:59:37,551 INFO L? ?]: Removed 40 outVars from TransFormulas that were not future-live. [2025-01-09 03:59:37,551 INFO L283 CfgBuilder]: Performing block encoding [2025-01-09 03:59:37,562 INFO L307 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-01-09 03:59:37,563 INFO L312 CfgBuilder]: Removed 2 assume(true) statements. [2025-01-09 03:59:37,563 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 03:59:37 BoogieIcfgContainer [2025-01-09 03:59:37,563 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2025-01-09 03:59:37,565 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-01-09 03:59:37,565 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-01-09 03:59:37,568 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-01-09 03:59:37,568 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 09.01 03:59:36" (1/3) ... [2025-01-09 03:59:37,569 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@13d8e43c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.01 03:59:37, skipping insertion in model container [2025-01-09 03:59:37,569 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:37" (2/3) ... [2025-01-09 03:59:37,569 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@13d8e43c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.01 03:59:37, skipping insertion in model container [2025-01-09 03:59:37,569 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 03:59:37" (3/3) ... [2025-01-09 03:59:37,570 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product39.cil.c [2025-01-09 03:59:37,580 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-01-09 03:59:37,581 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec1_product39.cil.c that has 9 procedures, 90 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-01-09 03:59:37,623 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-01-09 03:59:37,631 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@710bf9be, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-01-09 03:59:37,631 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-01-09 03:59:37,634 INFO L276 IsEmpty]: Start isEmpty. Operand has 90 states, 66 states have (on average 1.3636363636363635) internal successors, (90), 75 states have internal predecessors, (90), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) [2025-01-09 03:59:37,640 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2025-01-09 03:59:37,641 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:37,641 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:37,641 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:37,646 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:37,646 INFO L85 PathProgramCache]: Analyzing trace with hash -691185436, now seen corresponding path program 1 times [2025-01-09 03:59:37,652 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:37,652 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1019774421] [2025-01-09 03:59:37,652 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:37,653 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:37,713 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 23 statements into 1 equivalence classes. [2025-01-09 03:59:37,732 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 23 of 23 statements. [2025-01-09 03:59:37,732 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:37,732 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:37,794 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:37,795 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:37,795 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1019774421] [2025-01-09 03:59:37,795 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1019774421] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:37,795 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:37,795 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2025-01-09 03:59:37,796 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [259358607] [2025-01-09 03:59:37,797 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:37,800 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-01-09 03:59:37,800 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:37,813 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-01-09 03:59:37,814 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-01-09 03:59:37,815 INFO L87 Difference]: Start difference. First operand has 90 states, 66 states have (on average 1.3636363636363635) internal successors, (90), 75 states have internal predecessors, (90), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 03:59:37,837 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:37,839 INFO L93 Difference]: Finished difference Result 172 states and 231 transitions. [2025-01-09 03:59:37,840 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-01-09 03:59:37,841 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2025-01-09 03:59:37,841 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:37,847 INFO L225 Difference]: With dead ends: 172 [2025-01-09 03:59:37,847 INFO L226 Difference]: Without dead ends: 81 [2025-01-09 03:59:37,850 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-01-09 03:59:37,853 INFO L435 NwaCegarLoop]: 114 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 114 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:37,853 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 114 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 03:59:37,867 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 81 states. [2025-01-09 03:59:37,883 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 81 to 81. [2025-01-09 03:59:37,884 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 81 states, 59 states have (on average 1.3220338983050848) internal successors, (78), 67 states have internal predecessors, (78), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2025-01-09 03:59:37,888 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 81 states to 81 states and 105 transitions. [2025-01-09 03:59:37,889 INFO L78 Accepts]: Start accepts. Automaton has 81 states and 105 transitions. Word has length 23 [2025-01-09 03:59:37,890 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:37,890 INFO L471 AbstractCegarLoop]: Abstraction has 81 states and 105 transitions. [2025-01-09 03:59:37,890 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 03:59:37,890 INFO L276 IsEmpty]: Start isEmpty. Operand 81 states and 105 transitions. [2025-01-09 03:59:37,891 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2025-01-09 03:59:37,892 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:37,892 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:37,892 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-01-09 03:59:37,892 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:37,892 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:37,893 INFO L85 PathProgramCache]: Analyzing trace with hash -723586482, now seen corresponding path program 1 times [2025-01-09 03:59:37,893 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:37,893 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [724134418] [2025-01-09 03:59:37,893 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:37,893 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:37,902 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 23 statements into 1 equivalence classes. [2025-01-09 03:59:37,917 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 23 of 23 statements. [2025-01-09 03:59:37,917 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:37,917 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:37,984 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:37,985 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:37,985 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [724134418] [2025-01-09 03:59:37,985 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [724134418] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:37,985 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:37,985 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-01-09 03:59:37,985 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [962912834] [2025-01-09 03:59:37,985 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:37,987 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-01-09 03:59:37,987 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:37,987 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-01-09 03:59:37,987 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 03:59:37,988 INFO L87 Difference]: Start difference. First operand 81 states and 105 transitions. Second operand has 3 states, 3 states have (on average 6.333333333333333) internal successors, (19), 3 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 03:59:38,002 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:38,002 INFO L93 Difference]: Finished difference Result 126 states and 162 transitions. [2025-01-09 03:59:38,003 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-01-09 03:59:38,003 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.333333333333333) internal successors, (19), 3 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2025-01-09 03:59:38,003 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:38,005 INFO L225 Difference]: With dead ends: 126 [2025-01-09 03:59:38,005 INFO L226 Difference]: Without dead ends: 73 [2025-01-09 03:59:38,006 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 03:59:38,006 INFO L435 NwaCegarLoop]: 93 mSDtfsCounter, 16 mSDsluCounter, 73 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 166 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:38,007 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [20 Valid, 166 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 03:59:38,007 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 73 states. [2025-01-09 03:59:38,012 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 73 to 73. [2025-01-09 03:59:38,012 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 73 states, 54 states have (on average 1.3333333333333333) internal successors, (72), 62 states have internal predecessors, (72), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 8 states have call predecessors, (11), 11 states have call successors, (11) [2025-01-09 03:59:38,013 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 73 states to 73 states and 94 transitions. [2025-01-09 03:59:38,014 INFO L78 Accepts]: Start accepts. Automaton has 73 states and 94 transitions. Word has length 23 [2025-01-09 03:59:38,014 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:38,014 INFO L471 AbstractCegarLoop]: Abstraction has 73 states and 94 transitions. [2025-01-09 03:59:38,014 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.333333333333333) internal successors, (19), 3 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 03:59:38,014 INFO L276 IsEmpty]: Start isEmpty. Operand 73 states and 94 transitions. [2025-01-09 03:59:38,015 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2025-01-09 03:59:38,015 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:38,015 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:38,016 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-01-09 03:59:38,016 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:38,016 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:38,016 INFO L85 PathProgramCache]: Analyzing trace with hash -229394096, now seen corresponding path program 1 times [2025-01-09 03:59:38,016 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:38,016 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1691770302] [2025-01-09 03:59:38,017 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:38,017 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:38,024 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 27 statements into 1 equivalence classes. [2025-01-09 03:59:38,035 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 27 of 27 statements. [2025-01-09 03:59:38,035 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:38,035 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:38,146 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:38,147 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:38,147 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1691770302] [2025-01-09 03:59:38,147 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1691770302] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:38,147 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:38,147 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-01-09 03:59:38,147 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1061577969] [2025-01-09 03:59:38,147 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:38,147 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-01-09 03:59:38,147 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:38,148 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-01-09 03:59:38,149 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2025-01-09 03:59:38,149 INFO L87 Difference]: Start difference. First operand 73 states and 94 transitions. Second operand has 6 states, 6 states have (on average 4.0) internal successors, (24), 6 states have internal predecessors, (24), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 03:59:38,286 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:38,286 INFO L93 Difference]: Finished difference Result 245 states and 322 transitions. [2025-01-09 03:59:38,286 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2025-01-09 03:59:38,287 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.0) internal successors, (24), 6 states have internal predecessors, (24), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 27 [2025-01-09 03:59:38,287 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:38,288 INFO L225 Difference]: With dead ends: 245 [2025-01-09 03:59:38,288 INFO L226 Difference]: Without dead ends: 179 [2025-01-09 03:59:38,289 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=20, Invalid=36, Unknown=0, NotChecked=0, Total=56 [2025-01-09 03:59:38,289 INFO L435 NwaCegarLoop]: 105 mSDtfsCounter, 162 mSDsluCounter, 315 mSDsCounter, 0 mSdLazyCounter, 90 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 162 SdHoareTripleChecker+Valid, 420 SdHoareTripleChecker+Invalid, 91 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 90 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:38,290 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [162 Valid, 420 Invalid, 91 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 90 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-01-09 03:59:38,290 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 179 states. [2025-01-09 03:59:38,312 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 179 to 173. [2025-01-09 03:59:38,314 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 173 states, 126 states have (on average 1.3650793650793651) internal successors, (172), 144 states have internal predecessors, (172), 27 states have call successors, (27), 19 states have call predecessors, (27), 19 states have return successors, (28), 19 states have call predecessors, (28), 27 states have call successors, (28) [2025-01-09 03:59:38,315 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 173 states to 173 states and 227 transitions. [2025-01-09 03:59:38,315 INFO L78 Accepts]: Start accepts. Automaton has 173 states and 227 transitions. Word has length 27 [2025-01-09 03:59:38,315 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:38,315 INFO L471 AbstractCegarLoop]: Abstraction has 173 states and 227 transitions. [2025-01-09 03:59:38,315 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.0) internal successors, (24), 6 states have internal predecessors, (24), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 03:59:38,315 INFO L276 IsEmpty]: Start isEmpty. Operand 173 states and 227 transitions. [2025-01-09 03:59:38,316 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2025-01-09 03:59:38,316 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:38,316 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:38,316 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-01-09 03:59:38,316 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:38,317 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:38,317 INFO L85 PathProgramCache]: Analyzing trace with hash -1772294778, now seen corresponding path program 1 times [2025-01-09 03:59:38,317 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:38,317 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [807396515] [2025-01-09 03:59:38,317 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:38,317 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:38,322 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 31 statements into 1 equivalence classes. [2025-01-09 03:59:38,327 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 31 of 31 statements. [2025-01-09 03:59:38,327 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:38,327 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:38,389 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:38,389 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:38,389 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [807396515] [2025-01-09 03:59:38,389 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [807396515] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:38,389 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:38,389 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-01-09 03:59:38,389 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1640072838] [2025-01-09 03:59:38,390 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:38,390 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-01-09 03:59:38,390 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:38,390 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-01-09 03:59:38,390 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 03:59:38,391 INFO L87 Difference]: Start difference. First operand 173 states and 227 transitions. Second operand has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 03:59:38,457 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:38,457 INFO L93 Difference]: Finished difference Result 413 states and 557 transitions. [2025-01-09 03:59:38,457 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-01-09 03:59:38,458 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 31 [2025-01-09 03:59:38,458 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:38,459 INFO L225 Difference]: With dead ends: 413 [2025-01-09 03:59:38,459 INFO L226 Difference]: Without dead ends: 247 [2025-01-09 03:59:38,460 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-01-09 03:59:38,461 INFO L435 NwaCegarLoop]: 91 mSDtfsCounter, 48 mSDsluCounter, 238 mSDsCounter, 0 mSdLazyCounter, 30 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 48 SdHoareTripleChecker+Valid, 329 SdHoareTripleChecker+Invalid, 39 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 30 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:38,461 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [48 Valid, 329 Invalid, 39 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 30 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 03:59:38,462 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 247 states. [2025-01-09 03:59:38,486 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 247 to 245. [2025-01-09 03:59:38,489 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 245 states, 180 states have (on average 1.3111111111111111) internal successors, (236), 197 states have internal predecessors, (236), 34 states have call successors, (34), 30 states have call predecessors, (34), 30 states have return successors, (44), 31 states have call predecessors, (44), 34 states have call successors, (44) [2025-01-09 03:59:38,491 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 245 states to 245 states and 314 transitions. [2025-01-09 03:59:38,492 INFO L78 Accepts]: Start accepts. Automaton has 245 states and 314 transitions. Word has length 31 [2025-01-09 03:59:38,493 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:38,493 INFO L471 AbstractCegarLoop]: Abstraction has 245 states and 314 transitions. [2025-01-09 03:59:38,493 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 03:59:38,493 INFO L276 IsEmpty]: Start isEmpty. Operand 245 states and 314 transitions. [2025-01-09 03:59:38,494 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2025-01-09 03:59:38,496 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:38,496 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:38,496 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-01-09 03:59:38,496 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:38,497 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:38,497 INFO L85 PathProgramCache]: Analyzing trace with hash 1622899187, now seen corresponding path program 1 times [2025-01-09 03:59:38,497 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:38,497 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [601722686] [2025-01-09 03:59:38,497 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:38,497 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:38,505 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 41 statements into 1 equivalence classes. [2025-01-09 03:59:38,514 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 41 of 41 statements. [2025-01-09 03:59:38,514 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:38,514 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:38,581 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:38,581 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:38,581 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [601722686] [2025-01-09 03:59:38,581 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [601722686] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:38,581 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:38,581 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-01-09 03:59:38,581 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2132030264] [2025-01-09 03:59:38,581 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:38,582 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-01-09 03:59:38,582 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:38,582 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-01-09 03:59:38,582 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 03:59:38,582 INFO L87 Difference]: Start difference. First operand 245 states and 314 transitions. Second operand has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2025-01-09 03:59:38,617 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:38,617 INFO L93 Difference]: Finished difference Result 489 states and 638 transitions. [2025-01-09 03:59:38,618 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-01-09 03:59:38,619 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) Word has length 41 [2025-01-09 03:59:38,619 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:38,622 INFO L225 Difference]: With dead ends: 489 [2025-01-09 03:59:38,622 INFO L226 Difference]: Without dead ends: 251 [2025-01-09 03:59:38,625 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 03:59:38,626 INFO L435 NwaCegarLoop]: 91 mSDtfsCounter, 0 mSDsluCounter, 267 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 358 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:38,626 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 358 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 03:59:38,627 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 251 states. [2025-01-09 03:59:38,665 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 251 to 251. [2025-01-09 03:59:38,669 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 251 states, 186 states have (on average 1.3010752688172043) internal successors, (242), 203 states have internal predecessors, (242), 34 states have call successors, (34), 30 states have call predecessors, (34), 30 states have return successors, (44), 31 states have call predecessors, (44), 34 states have call successors, (44) [2025-01-09 03:59:38,670 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 251 states to 251 states and 320 transitions. [2025-01-09 03:59:38,670 INFO L78 Accepts]: Start accepts. Automaton has 251 states and 320 transitions. Word has length 41 [2025-01-09 03:59:38,671 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:38,671 INFO L471 AbstractCegarLoop]: Abstraction has 251 states and 320 transitions. [2025-01-09 03:59:38,671 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2025-01-09 03:59:38,671 INFO L276 IsEmpty]: Start isEmpty. Operand 251 states and 320 transitions. [2025-01-09 03:59:38,672 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2025-01-09 03:59:38,672 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:38,672 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:38,672 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-01-09 03:59:38,673 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:38,673 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:38,673 INFO L85 PathProgramCache]: Analyzing trace with hash -371245519, now seen corresponding path program 1 times [2025-01-09 03:59:38,673 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:38,673 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1191342829] [2025-01-09 03:59:38,673 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:38,673 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:38,679 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 41 statements into 1 equivalence classes. [2025-01-09 03:59:38,684 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 41 of 41 statements. [2025-01-09 03:59:38,684 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:38,684 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:38,737 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:38,738 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:38,739 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1191342829] [2025-01-09 03:59:38,739 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1191342829] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:38,739 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:38,739 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-01-09 03:59:38,739 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [559948024] [2025-01-09 03:59:38,739 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:38,740 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-01-09 03:59:38,740 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:38,740 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-01-09 03:59:38,740 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 03:59:38,740 INFO L87 Difference]: Start difference. First operand 251 states and 320 transitions. Second operand has 4 states, 4 states have (on average 9.0) internal successors, (36), 4 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2025-01-09 03:59:38,767 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:38,767 INFO L93 Difference]: Finished difference Result 499 states and 657 transitions. [2025-01-09 03:59:38,768 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-01-09 03:59:38,768 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 9.0) internal successors, (36), 4 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) Word has length 41 [2025-01-09 03:59:38,768 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:38,770 INFO L225 Difference]: With dead ends: 499 [2025-01-09 03:59:38,770 INFO L226 Difference]: Without dead ends: 255 [2025-01-09 03:59:38,770 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 03:59:38,771 INFO L435 NwaCegarLoop]: 92 mSDtfsCounter, 0 mSDsluCounter, 178 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 270 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:38,771 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 270 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 03:59:38,774 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 255 states. [2025-01-09 03:59:38,793 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 255 to 255. [2025-01-09 03:59:38,794 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 255 states, 190 states have (on average 1.2947368421052632) internal successors, (246), 207 states have internal predecessors, (246), 34 states have call successors, (34), 30 states have call predecessors, (34), 30 states have return successors, (44), 31 states have call predecessors, (44), 34 states have call successors, (44) [2025-01-09 03:59:38,795 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 255 states to 255 states and 324 transitions. [2025-01-09 03:59:38,796 INFO L78 Accepts]: Start accepts. Automaton has 255 states and 324 transitions. Word has length 41 [2025-01-09 03:59:38,796 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:38,796 INFO L471 AbstractCegarLoop]: Abstraction has 255 states and 324 transitions. [2025-01-09 03:59:38,796 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 9.0) internal successors, (36), 4 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2025-01-09 03:59:38,796 INFO L276 IsEmpty]: Start isEmpty. Operand 255 states and 324 transitions. [2025-01-09 03:59:38,798 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2025-01-09 03:59:38,798 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:38,798 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:38,799 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-01-09 03:59:38,799 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:38,799 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:38,799 INFO L85 PathProgramCache]: Analyzing trace with hash -1188893969, now seen corresponding path program 1 times [2025-01-09 03:59:38,799 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:38,800 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [927121157] [2025-01-09 03:59:38,800 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:38,800 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:38,810 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 41 statements into 1 equivalence classes. [2025-01-09 03:59:38,817 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 41 of 41 statements. [2025-01-09 03:59:38,817 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:38,817 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:38,877 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:38,878 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:38,878 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [927121157] [2025-01-09 03:59:38,878 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [927121157] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:38,878 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:38,878 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-01-09 03:59:38,878 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1283640281] [2025-01-09 03:59:38,879 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:38,879 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-01-09 03:59:38,879 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:38,879 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-01-09 03:59:38,880 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 03:59:38,880 INFO L87 Difference]: Start difference. First operand 255 states and 324 transitions. Second operand has 4 states, 4 states have (on average 9.0) internal successors, (36), 4 states have internal predecessors, (36), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2025-01-09 03:59:38,972 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:38,972 INFO L93 Difference]: Finished difference Result 861 states and 1132 transitions. [2025-01-09 03:59:38,973 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-01-09 03:59:38,973 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 9.0) internal successors, (36), 4 states have internal predecessors, (36), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) Word has length 41 [2025-01-09 03:59:38,973 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:38,976 INFO L225 Difference]: With dead ends: 861 [2025-01-09 03:59:38,976 INFO L226 Difference]: Without dead ends: 613 [2025-01-09 03:59:38,977 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 03:59:38,979 INFO L435 NwaCegarLoop]: 158 mSDtfsCounter, 125 mSDsluCounter, 149 mSDsCounter, 0 mSdLazyCounter, 53 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 125 SdHoareTripleChecker+Valid, 307 SdHoareTripleChecker+Invalid, 58 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 53 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:38,979 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [125 Valid, 307 Invalid, 58 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 53 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-01-09 03:59:38,980 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 613 states. [2025-01-09 03:59:39,044 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 613 to 599. [2025-01-09 03:59:39,046 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 599 states, 446 states have (on average 1.2690582959641257) internal successors, (566), 480 states have internal predecessors, (566), 79 states have call successors, (79), 71 states have call predecessors, (79), 73 states have return successors, (122), 75 states have call predecessors, (122), 79 states have call successors, (122) [2025-01-09 03:59:39,049 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 599 states to 599 states and 767 transitions. [2025-01-09 03:59:39,051 INFO L78 Accepts]: Start accepts. Automaton has 599 states and 767 transitions. Word has length 41 [2025-01-09 03:59:39,051 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:39,051 INFO L471 AbstractCegarLoop]: Abstraction has 599 states and 767 transitions. [2025-01-09 03:59:39,051 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 9.0) internal successors, (36), 4 states have internal predecessors, (36), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2025-01-09 03:59:39,052 INFO L276 IsEmpty]: Start isEmpty. Operand 599 states and 767 transitions. [2025-01-09 03:59:39,053 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2025-01-09 03:59:39,053 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:39,053 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:39,054 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-01-09 03:59:39,054 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:39,054 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:39,055 INFO L85 PathProgramCache]: Analyzing trace with hash -1586870251, now seen corresponding path program 1 times [2025-01-09 03:59:39,055 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:39,055 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1150275916] [2025-01-09 03:59:39,055 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:39,055 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:39,062 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 45 statements into 1 equivalence classes. [2025-01-09 03:59:39,070 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 45 of 45 statements. [2025-01-09 03:59:39,072 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:39,072 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:39,136 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:39,136 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:39,137 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1150275916] [2025-01-09 03:59:39,138 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1150275916] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:39,138 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:39,138 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-01-09 03:59:39,138 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [908310579] [2025-01-09 03:59:39,138 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:39,139 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-01-09 03:59:39,139 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:39,140 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-01-09 03:59:39,140 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-01-09 03:59:39,140 INFO L87 Difference]: Start difference. First operand 599 states and 767 transitions. Second operand has 6 states, 6 states have (on average 6.333333333333333) internal successors, (38), 5 states have internal predecessors, (38), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2025-01-09 03:59:39,273 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:39,273 INFO L93 Difference]: Finished difference Result 1755 states and 2319 transitions. [2025-01-09 03:59:39,273 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-01-09 03:59:39,274 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.333333333333333) internal successors, (38), 5 states have internal predecessors, (38), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 45 [2025-01-09 03:59:39,274 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:39,282 INFO L225 Difference]: With dead ends: 1755 [2025-01-09 03:59:39,283 INFO L226 Difference]: Without dead ends: 1163 [2025-01-09 03:59:39,287 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2025-01-09 03:59:39,288 INFO L435 NwaCegarLoop]: 92 mSDtfsCounter, 64 mSDsluCounter, 324 mSDsCounter, 0 mSdLazyCounter, 50 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 66 SdHoareTripleChecker+Valid, 416 SdHoareTripleChecker+Invalid, 54 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 50 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:39,288 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [66 Valid, 416 Invalid, 54 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 50 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-01-09 03:59:39,290 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1163 states. [2025-01-09 03:59:39,375 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1163 to 1163. [2025-01-09 03:59:39,377 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1163 states, 858 states have (on average 1.2447552447552448) internal successors, (1068), 925 states have internal predecessors, (1068), 158 states have call successors, (158), 142 states have call predecessors, (158), 146 states have return successors, (257), 150 states have call predecessors, (257), 158 states have call successors, (257) [2025-01-09 03:59:39,383 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1163 states to 1163 states and 1483 transitions. [2025-01-09 03:59:39,384 INFO L78 Accepts]: Start accepts. Automaton has 1163 states and 1483 transitions. Word has length 45 [2025-01-09 03:59:39,384 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:39,384 INFO L471 AbstractCegarLoop]: Abstraction has 1163 states and 1483 transitions. [2025-01-09 03:59:39,385 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.333333333333333) internal successors, (38), 5 states have internal predecessors, (38), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2025-01-09 03:59:39,385 INFO L276 IsEmpty]: Start isEmpty. Operand 1163 states and 1483 transitions. [2025-01-09 03:59:39,386 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2025-01-09 03:59:39,386 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:39,386 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:39,386 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-01-09 03:59:39,386 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:39,387 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:39,387 INFO L85 PathProgramCache]: Analyzing trace with hash 608011225, now seen corresponding path program 1 times [2025-01-09 03:59:39,387 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:39,387 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1875204649] [2025-01-09 03:59:39,387 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:39,387 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:39,392 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 49 statements into 1 equivalence classes. [2025-01-09 03:59:39,397 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 49 of 49 statements. [2025-01-09 03:59:39,397 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:39,397 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-01-09 03:59:39,397 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-01-09 03:59:39,399 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 49 statements into 1 equivalence classes. [2025-01-09 03:59:39,403 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 49 of 49 statements. [2025-01-09 03:59:39,403 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:39,403 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-01-09 03:59:39,422 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-01-09 03:59:39,423 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-01-09 03:59:39,424 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-01-09 03:59:39,425 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-01-09 03:59:39,427 INFO L422 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:39,457 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-01-09 03:59:39,462 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 09.01 03:59:39 BoogieIcfgContainer [2025-01-09 03:59:39,463 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-01-09 03:59:39,464 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-01-09 03:59:39,464 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-01-09 03:59:39,464 INFO L274 PluginConnector]: Witness Printer initialized [2025-01-09 03:59:39,465 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 03:59:37" (3/4) ... [2025-01-09 03:59:39,465 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-01-09 03:59:39,519 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 42. [2025-01-09 03:59:39,570 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-01-09 03:59:39,571 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.yml [2025-01-09 03:59:39,571 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-01-09 03:59:39,571 INFO L158 Benchmark]: Toolchain (without parser) took 2697.96ms. Allocated memory is still 142.6MB. Free memory was 113.2MB in the beginning and 70.0MB in the end (delta: 43.2MB). Peak memory consumption was 43.2MB. Max. memory is 16.1GB. [2025-01-09 03:59:39,572 INFO L158 Benchmark]: CDTParser took 0.19ms. Allocated memory is still 226.5MB. Free memory is still 146.2MB. There was no memory consumed. Max. memory is 16.1GB. [2025-01-09 03:59:39,572 INFO L158 Benchmark]: CACSL2BoogieTranslator took 334.85ms. Allocated memory is still 142.6MB. Free memory was 113.2MB in the beginning and 95.1MB in the end (delta: 18.1MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-01-09 03:59:39,572 INFO L158 Benchmark]: Boogie Procedure Inliner took 31.53ms. Allocated memory is still 142.6MB. Free memory was 95.1MB in the beginning and 93.3MB in the end (delta: 1.8MB). There was no memory consumed. Max. memory is 16.1GB. [2025-01-09 03:59:39,572 INFO L158 Benchmark]: Boogie Preprocessor took 26.65ms. Allocated memory is still 142.6MB. Free memory was 93.3MB in the beginning and 91.5MB in the end (delta: 1.8MB). There was no memory consumed. Max. memory is 16.1GB. [2025-01-09 03:59:39,572 INFO L158 Benchmark]: RCFGBuilder took 293.41ms. Allocated memory is still 142.6MB. Free memory was 91.5MB in the beginning and 75.3MB in the end (delta: 16.1MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-01-09 03:59:39,572 INFO L158 Benchmark]: TraceAbstraction took 1898.04ms. Allocated memory is still 142.6MB. Free memory was 74.8MB in the beginning and 78.4MB in the end (delta: -3.6MB). Peak memory consumption was 1.2MB. Max. memory is 16.1GB. [2025-01-09 03:59:39,573 INFO L158 Benchmark]: Witness Printer took 106.91ms. Allocated memory is still 142.6MB. Free memory was 78.4MB in the beginning and 70.0MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-01-09 03:59:39,574 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.19ms. Allocated memory is still 226.5MB. Free memory is still 146.2MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 334.85ms. Allocated memory is still 142.6MB. Free memory was 113.2MB in the beginning and 95.1MB in the end (delta: 18.1MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 31.53ms. Allocated memory is still 142.6MB. Free memory was 95.1MB in the beginning and 93.3MB in the end (delta: 1.8MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 26.65ms. Allocated memory is still 142.6MB. Free memory was 93.3MB in the beginning and 91.5MB in the end (delta: 1.8MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 293.41ms. Allocated memory is still 142.6MB. Free memory was 91.5MB in the beginning and 75.3MB in the end (delta: 16.1MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 1898.04ms. Allocated memory is still 142.6MB. Free memory was 74.8MB in the beginning and 78.4MB in the end (delta: -3.6MB). Peak memory consumption was 1.2MB. Max. memory is 16.1GB. * Witness Printer took 106.91ms. Allocated memory is still 142.6MB. Free memory was 78.4MB in the beginning and 70.0MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] - GenericResultAtLocation [Line: 415]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [415] - GenericResultAtLocation [Line: 444]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [444] - GenericResultAtLocation [Line: 453]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [453] - GenericResultAtLocation [Line: 553]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [553] - GenericResultAtLocation [Line: 623]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [623] - GenericResultAtLocation [Line: 819]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [819] - GenericResultAtLocation [Line: 857]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [857] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 449]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L219] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; [L460] int waterLevel = 1; [L461] int methaneLevelCritical = 0; [L627] int pumpRunning = 0; [L628] int systemActive = 1; [L858] int cleanupTimeShifts = 4; VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L931] int retValue_acc ; [L932] int tmp ; [L936] FCALL select_helpers() [L937] FCALL select_features() [L938] CALL, EXPR valid_product() [L849] int retValue_acc ; [L852] retValue_acc = 1 [L853] return (retValue_acc); VAL [\result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L938] RET, EXPR valid_product() [L938] tmp = valid_product() [L940] COND TRUE \read(tmp) [L942] FCALL setup() [L943] CALL runTest() [L925] CALL test() [L558] int splverifierCounter ; [L559] int tmp ; [L560] int tmp___0 ; [L561] int tmp___1 ; [L562] int tmp___2 ; [L565] splverifierCounter = 0 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L569] COND TRUE splverifierCounter < 4 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L575] tmp = __VERIFIER_nondet_int() [L577] COND TRUE \read(tmp) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L579] CALL waterRise() VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L478] COND TRUE waterLevel < 2 [L479] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L579] RET waterRise() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L585] tmp___0 = __VERIFIER_nondet_int() [L587] COND TRUE \read(tmp___0) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L589] CALL changeMethaneLevel() VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L490] COND FALSE !(\read(methaneLevelCritical)) [L493] methaneLevelCritical = 1 VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L589] RET changeMethaneLevel() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L595] tmp___2 = __VERIFIER_nondet_int() [L597] COND TRUE \read(tmp___2) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L612] CALL timeShift() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L634] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L641] COND TRUE \read(systemActive) [L643] CALL processEnvironment() [L689] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L692] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L707] CALL processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L663] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L666] COND TRUE ! pumpRunning [L668] CALL, EXPR isHighWaterLevel() [L786] int retValue_acc ; [L787] int tmp ; [L788] int tmp___0 ; [L792] CALL, EXPR isHighWaterSensorDry() [L540] int retValue_acc ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L543] COND FALSE !(waterLevel < 2) [L547] retValue_acc = 0 [L548] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L792] RET, EXPR isHighWaterSensorDry() [L792] tmp = isHighWaterSensorDry() [L794] COND FALSE !(\read(tmp)) [L797] tmp___0 = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L799] retValue_acc = tmp___0 [L800] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L668] RET, EXPR isHighWaterLevel() [L668] tmp = isHighWaterLevel() [L670] COND TRUE \read(tmp) [L672] CALL activatePump() [L717] pumpRunning = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L672] RET activatePump() [L707] RET processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L643] RET processEnvironment() [L649] CALL __utac_acc__Specification1_spec__1() [L420] int tmp ; [L421] int tmp___0 ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L425] CALL, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L499] int retValue_acc ; [L502] retValue_acc = methaneLevelCritical [L503] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L425] RET, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L425] tmp = isMethaneLevelCritical() [L427] COND TRUE \read(tmp) [L429] CALL, EXPR isPumpRunning() [L741] int retValue_acc ; [L744] retValue_acc = pumpRunning [L745] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L429] RET, EXPR isPumpRunning() [L429] tmp___0 = isPumpRunning() [L431] COND TRUE \read(tmp___0) [L433] CALL __automaton_fail() [L449] reach_error() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 90 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 1.8s, OverallIterations: 9, TraceHistogramMax: 1, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.6s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 421 SdHoareTripleChecker+Valid, 0.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 415 mSDsluCounter, 2380 SdHoareTripleChecker+Invalid, 0.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1544 mSDsCounter, 19 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 252 IncrementalHoareTripleChecker+Invalid, 271 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 19 mSolverCounterUnsat, 836 mSDtfsCounter, 252 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 44 GetRequests, 18 SyntacticMatches, 0 SemanticMatches, 26 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5 ImplicationChecksByTransitivity, 0.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1163occurred in iteration=8, InterpolantAutomatonStates: 36, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 8 MinimizatonAttempts, 22 StatesRemovedByMinimization, 3 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 0.5s InterpolantComputationTime, 321 NumberOfCodeBlocks, 321 NumberOfCodeBlocksAsserted, 9 NumberOfCheckSat, 264 ConstructedInterpolants, 0 QuantifiedInterpolants, 493 SizeOfPredicates, 0 NumberOfNonLiveVariables, 0 ConjunctsInSsa, 0 ConjunctsInUnsatCore, 8 InterpolantComputations, 8 PerfectInterpolantSequences, 0/0 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-01-09 03:59:39,588 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE