./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec1_product53.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 551b0097 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec1_product53.cil.c -s /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 55ce316e71b3537e039a3a4d2127e4eace2c49bce87df09105114bd008c08800 --- Real Ultimate output --- This is Ultimate 0.3.0-?-551b009-m [2025-01-09 03:59:46,374 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-01-09 03:59:46,410 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-01-09 03:59:46,414 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-01-09 03:59:46,414 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-01-09 03:59:46,429 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-01-09 03:59:46,430 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-01-09 03:59:46,430 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-01-09 03:59:46,430 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-01-09 03:59:46,430 INFO L153 SettingsManager]: * Use memory slicer=true [2025-01-09 03:59:46,430 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-01-09 03:59:46,430 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-01-09 03:59:46,430 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-01-09 03:59:46,430 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-01-09 03:59:46,430 INFO L153 SettingsManager]: * Use SBE=true [2025-01-09 03:59:46,431 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-01-09 03:59:46,431 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-01-09 03:59:46,431 INFO L153 SettingsManager]: * sizeof long=4 [2025-01-09 03:59:46,431 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-01-09 03:59:46,431 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-01-09 03:59:46,431 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-01-09 03:59:46,431 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-01-09 03:59:46,431 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-01-09 03:59:46,431 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-01-09 03:59:46,431 INFO L153 SettingsManager]: * sizeof long double=12 [2025-01-09 03:59:46,431 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-01-09 03:59:46,431 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-01-09 03:59:46,431 INFO L153 SettingsManager]: * Use constant arrays=true [2025-01-09 03:59:46,431 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-01-09 03:59:46,431 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-01-09 03:59:46,431 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-01-09 03:59:46,431 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-01-09 03:59:46,431 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 03:59:46,431 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2025-01-09 03:59:46,432 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-01-09 03:59:46,432 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-01-09 03:59:46,432 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-01-09 03:59:46,432 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 03:59:46,432 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-01-09 03:59:46,432 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-01-09 03:59:46,432 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-01-09 03:59:46,432 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-01-09 03:59:46,432 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-01-09 03:59:46,432 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-01-09 03:59:46,432 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-01-09 03:59:46,432 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-01-09 03:59:46,432 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-01-09 03:59:46,432 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-01-09 03:59:46,432 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 55ce316e71b3537e039a3a4d2127e4eace2c49bce87df09105114bd008c08800 [2025-01-09 03:59:46,607 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-01-09 03:59:46,616 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-01-09 03:59:46,618 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-01-09 03:59:46,620 INFO L270 PluginConnector]: Initializing CDTParser... [2025-01-09 03:59:46,621 INFO L274 PluginConnector]: CDTParser initialized [2025-01-09 03:59:46,622 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec1_product53.cil.c [2025-01-09 03:59:47,816 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/e493544c9/cbd1a3fb1bda402c9f9b3b3456672fde/FLAG5df506632 [2025-01-09 03:59:48,167 INFO L384 CDTParser]: Found 1 translation units. [2025-01-09 03:59:48,167 INFO L180 CDTParser]: Scanning /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product53.cil.c [2025-01-09 03:59:48,184 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/e493544c9/cbd1a3fb1bda402c9f9b3b3456672fde/FLAG5df506632 [2025-01-09 03:59:48,202 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/e493544c9/cbd1a3fb1bda402c9f9b3b3456672fde [2025-01-09 03:59:48,204 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-01-09 03:59:48,208 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-01-09 03:59:48,209 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-01-09 03:59:48,209 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-01-09 03:59:48,215 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-01-09 03:59:48,215 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.01 03:59:48" (1/1) ... [2025-01-09 03:59:48,216 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@596afd3 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:48, skipping insertion in model container [2025-01-09 03:59:48,216 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.01 03:59:48" (1/1) ... [2025-01-09 03:59:48,250 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-01-09 03:59:48,379 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product53.cil.c[2044,2057] [2025-01-09 03:59:48,448 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-01-09 03:59:48,455 INFO L200 MainTranslator]: Completed pre-run [2025-01-09 03:59:48,460 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [49] [2025-01-09 03:59:48,461 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [78] [2025-01-09 03:59:48,461 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [87] [2025-01-09 03:59:48,461 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [453] [2025-01-09 03:59:48,461 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [557] [2025-01-09 03:59:48,461 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [786] [2025-01-09 03:59:48,461 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [851] [2025-01-09 03:59:48,461 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [886] [2025-01-09 03:59:48,467 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product53.cil.c[2044,2057] [2025-01-09 03:59:48,500 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-01-09 03:59:48,511 INFO L204 MainTranslator]: Completed translation [2025-01-09 03:59:48,511 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:48 WrapperNode [2025-01-09 03:59:48,511 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-01-09 03:59:48,512 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-01-09 03:59:48,512 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-01-09 03:59:48,512 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-01-09 03:59:48,516 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:48" (1/1) ... [2025-01-09 03:59:48,524 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:48" (1/1) ... [2025-01-09 03:59:48,541 INFO L138 Inliner]: procedures = 56, calls = 102, calls flagged for inlining = 22, calls inlined = 19, statements flattened = 213 [2025-01-09 03:59:48,541 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-01-09 03:59:48,542 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-01-09 03:59:48,542 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-01-09 03:59:48,542 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-01-09 03:59:48,548 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:48" (1/1) ... [2025-01-09 03:59:48,548 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:48" (1/1) ... [2025-01-09 03:59:48,549 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:48" (1/1) ... [2025-01-09 03:59:48,560 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-01-09 03:59:48,560 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:48" (1/1) ... [2025-01-09 03:59:48,560 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:48" (1/1) ... [2025-01-09 03:59:48,563 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:48" (1/1) ... [2025-01-09 03:59:48,563 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:48" (1/1) ... [2025-01-09 03:59:48,565 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:48" (1/1) ... [2025-01-09 03:59:48,566 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:48" (1/1) ... [2025-01-09 03:59:48,567 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:48" (1/1) ... [2025-01-09 03:59:48,568 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-01-09 03:59:48,569 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2025-01-09 03:59:48,569 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2025-01-09 03:59:48,569 INFO L274 PluginConnector]: RCFGBuilder initialized [2025-01-09 03:59:48,569 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:48" (1/1) ... [2025-01-09 03:59:48,577 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 03:59:48,588 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-01-09 03:59:48,600 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-01-09 03:59:48,604 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-01-09 03:59:48,624 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-01-09 03:59:48,624 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2025-01-09 03:59:48,625 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2025-01-09 03:59:48,625 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-01-09 03:59:48,625 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-01-09 03:59:48,625 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-01-09 03:59:48,625 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-01-09 03:59:48,625 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2025-01-09 03:59:48,625 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2025-01-09 03:59:48,625 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2025-01-09 03:59:48,625 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2025-01-09 03:59:48,625 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-01-09 03:59:48,625 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-01-09 03:59:48,626 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2025-01-09 03:59:48,626 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2025-01-09 03:59:48,626 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2025-01-09 03:59:48,626 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2025-01-09 03:59:48,626 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-01-09 03:59:48,626 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-01-09 03:59:48,626 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-01-09 03:59:48,626 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-01-09 03:59:48,626 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-01-09 03:59:48,689 INFO L234 CfgBuilder]: Building ICFG [2025-01-09 03:59:48,691 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2025-01-09 03:59:48,907 INFO L? ?]: Removed 49 outVars from TransFormulas that were not future-live. [2025-01-09 03:59:48,908 INFO L283 CfgBuilder]: Performing block encoding [2025-01-09 03:59:48,915 INFO L307 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-01-09 03:59:48,915 INFO L312 CfgBuilder]: Removed 2 assume(true) statements. [2025-01-09 03:59:48,916 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 03:59:48 BoogieIcfgContainer [2025-01-09 03:59:48,916 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2025-01-09 03:59:48,917 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-01-09 03:59:48,917 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-01-09 03:59:48,921 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-01-09 03:59:48,921 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 09.01 03:59:48" (1/3) ... [2025-01-09 03:59:48,921 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5b4d309b and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.01 03:59:48, skipping insertion in model container [2025-01-09 03:59:48,921 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:48" (2/3) ... [2025-01-09 03:59:48,922 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5b4d309b and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.01 03:59:48, skipping insertion in model container [2025-01-09 03:59:48,922 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 03:59:48" (3/3) ... [2025-01-09 03:59:48,923 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product53.cil.c [2025-01-09 03:59:48,936 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-01-09 03:59:48,938 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec1_product53.cil.c that has 10 procedures, 98 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-01-09 03:59:48,976 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-01-09 03:59:48,984 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@52e93709, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-01-09 03:59:48,984 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-01-09 03:59:48,989 INFO L276 IsEmpty]: Start isEmpty. Operand has 98 states, 71 states have (on average 1.3661971830985915) internal successors, (97), 81 states have internal predecessors, (97), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2025-01-09 03:59:49,001 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2025-01-09 03:59:49,001 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:49,001 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:49,002 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:49,010 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:49,011 INFO L85 PathProgramCache]: Analyzing trace with hash -1524941256, now seen corresponding path program 1 times [2025-01-09 03:59:49,020 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:49,021 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [700308180] [2025-01-09 03:59:49,021 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:49,021 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:49,084 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 23 statements into 1 equivalence classes. [2025-01-09 03:59:49,098 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 23 of 23 statements. [2025-01-09 03:59:49,099 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:49,099 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:49,216 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:49,216 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:49,216 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [700308180] [2025-01-09 03:59:49,217 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [700308180] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:49,217 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:49,217 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-01-09 03:59:49,218 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1035363969] [2025-01-09 03:59:49,218 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:49,224 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-01-09 03:59:49,224 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:49,235 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-01-09 03:59:49,235 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 03:59:49,237 INFO L87 Difference]: Start difference. First operand has 98 states, 71 states have (on average 1.3661971830985915) internal successors, (97), 81 states have internal predecessors, (97), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) Second operand has 3 states, 3 states have (on average 6.333333333333333) internal successors, (19), 3 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 03:59:49,258 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:49,259 INFO L93 Difference]: Finished difference Result 176 states and 234 transitions. [2025-01-09 03:59:49,260 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-01-09 03:59:49,261 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.333333333333333) internal successors, (19), 3 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2025-01-09 03:59:49,261 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:49,266 INFO L225 Difference]: With dead ends: 176 [2025-01-09 03:59:49,267 INFO L226 Difference]: Without dead ends: 81 [2025-01-09 03:59:49,269 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 03:59:49,271 INFO L435 NwaCegarLoop]: 108 mSDtfsCounter, 12 mSDsluCounter, 93 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 201 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:49,272 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [15 Valid, 201 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 03:59:49,280 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 81 states. [2025-01-09 03:59:49,292 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 81 to 81. [2025-01-09 03:59:49,293 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 81 states, 59 states have (on average 1.3389830508474576) internal successors, (79), 68 states have internal predecessors, (79), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 8 states have call predecessors, (13), 13 states have call successors, (13) [2025-01-09 03:59:49,296 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 81 states to 81 states and 105 transitions. [2025-01-09 03:59:49,297 INFO L78 Accepts]: Start accepts. Automaton has 81 states and 105 transitions. Word has length 23 [2025-01-09 03:59:49,298 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:49,298 INFO L471 AbstractCegarLoop]: Abstraction has 81 states and 105 transitions. [2025-01-09 03:59:49,298 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.333333333333333) internal successors, (19), 3 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 03:59:49,298 INFO L276 IsEmpty]: Start isEmpty. Operand 81 states and 105 transitions. [2025-01-09 03:59:49,299 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2025-01-09 03:59:49,299 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:49,299 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:49,300 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-01-09 03:59:49,300 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:49,300 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:49,300 INFO L85 PathProgramCache]: Analyzing trace with hash -1148774368, now seen corresponding path program 1 times [2025-01-09 03:59:49,300 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:49,301 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [684940582] [2025-01-09 03:59:49,301 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:49,301 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:49,308 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 27 statements into 1 equivalence classes. [2025-01-09 03:59:49,315 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 27 of 27 statements. [2025-01-09 03:59:49,315 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:49,315 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:49,438 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:49,438 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:49,439 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [684940582] [2025-01-09 03:59:49,439 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [684940582] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:49,439 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:49,439 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-01-09 03:59:49,439 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1289387689] [2025-01-09 03:59:49,439 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:49,440 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-01-09 03:59:49,440 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:49,441 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-01-09 03:59:49,441 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2025-01-09 03:59:49,441 INFO L87 Difference]: Start difference. First operand 81 states and 105 transitions. Second operand has 6 states, 6 states have (on average 4.0) internal successors, (24), 6 states have internal predecessors, (24), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 03:59:49,523 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:49,523 INFO L93 Difference]: Finished difference Result 155 states and 204 transitions. [2025-01-09 03:59:49,523 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-01-09 03:59:49,524 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.0) internal successors, (24), 6 states have internal predecessors, (24), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 27 [2025-01-09 03:59:49,524 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:49,525 INFO L225 Difference]: With dead ends: 155 [2025-01-09 03:59:49,525 INFO L226 Difference]: Without dead ends: 81 [2025-01-09 03:59:49,526 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=20, Invalid=36, Unknown=0, NotChecked=0, Total=56 [2025-01-09 03:59:49,526 INFO L435 NwaCegarLoop]: 101 mSDtfsCounter, 101 mSDsluCounter, 146 mSDsCounter, 0 mSdLazyCounter, 63 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 101 SdHoareTripleChecker+Valid, 247 SdHoareTripleChecker+Invalid, 63 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 63 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:49,526 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [101 Valid, 247 Invalid, 63 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 63 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-01-09 03:59:49,527 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 81 states. [2025-01-09 03:59:49,532 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 81 to 81. [2025-01-09 03:59:49,533 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 81 states, 59 states have (on average 1.3220338983050848) internal successors, (78), 68 states have internal predecessors, (78), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 8 states have call predecessors, (13), 13 states have call successors, (13) [2025-01-09 03:59:49,534 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 81 states to 81 states and 104 transitions. [2025-01-09 03:59:49,534 INFO L78 Accepts]: Start accepts. Automaton has 81 states and 104 transitions. Word has length 27 [2025-01-09 03:59:49,534 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:49,534 INFO L471 AbstractCegarLoop]: Abstraction has 81 states and 104 transitions. [2025-01-09 03:59:49,534 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.0) internal successors, (24), 6 states have internal predecessors, (24), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 03:59:49,534 INFO L276 IsEmpty]: Start isEmpty. Operand 81 states and 104 transitions. [2025-01-09 03:59:49,535 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2025-01-09 03:59:49,535 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:49,535 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:49,536 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-01-09 03:59:49,536 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:49,536 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:49,536 INFO L85 PathProgramCache]: Analyzing trace with hash -103832595, now seen corresponding path program 1 times [2025-01-09 03:59:49,536 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:49,536 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [413779528] [2025-01-09 03:59:49,536 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:49,537 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:49,547 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 40 statements into 1 equivalence classes. [2025-01-09 03:59:49,551 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 40 of 40 statements. [2025-01-09 03:59:49,552 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:49,552 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:49,646 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-01-09 03:59:49,646 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:49,646 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [413779528] [2025-01-09 03:59:49,646 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [413779528] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:49,646 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:49,647 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-01-09 03:59:49,647 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1252234347] [2025-01-09 03:59:49,647 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:49,648 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-01-09 03:59:49,648 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:49,648 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-01-09 03:59:49,649 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 03:59:49,649 INFO L87 Difference]: Start difference. First operand 81 states and 104 transitions. Second operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2025-01-09 03:59:49,700 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:49,702 INFO L93 Difference]: Finished difference Result 200 states and 265 transitions. [2025-01-09 03:59:49,702 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-01-09 03:59:49,703 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 40 [2025-01-09 03:59:49,703 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:49,704 INFO L225 Difference]: With dead ends: 200 [2025-01-09 03:59:49,704 INFO L226 Difference]: Without dead ends: 126 [2025-01-09 03:59:49,704 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 03:59:49,705 INFO L435 NwaCegarLoop]: 121 mSDtfsCounter, 59 mSDsluCounter, 71 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 59 SdHoareTripleChecker+Valid, 192 SdHoareTripleChecker+Invalid, 19 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:49,705 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [59 Valid, 192 Invalid, 19 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 03:59:49,708 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 126 states. [2025-01-09 03:59:49,727 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 126 to 124. [2025-01-09 03:59:49,728 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 124 states, 91 states have (on average 1.2967032967032968) internal successors, (118), 99 states have internal predecessors, (118), 17 states have call successors, (17), 15 states have call predecessors, (17), 15 states have return successors, (23), 15 states have call predecessors, (23), 17 states have call successors, (23) [2025-01-09 03:59:49,729 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 124 states to 124 states and 158 transitions. [2025-01-09 03:59:49,732 INFO L78 Accepts]: Start accepts. Automaton has 124 states and 158 transitions. Word has length 40 [2025-01-09 03:59:49,732 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:49,732 INFO L471 AbstractCegarLoop]: Abstraction has 124 states and 158 transitions. [2025-01-09 03:59:49,732 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2025-01-09 03:59:49,732 INFO L276 IsEmpty]: Start isEmpty. Operand 124 states and 158 transitions. [2025-01-09 03:59:49,733 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2025-01-09 03:59:49,733 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:49,733 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:49,733 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-01-09 03:59:49,735 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:49,736 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:49,736 INFO L85 PathProgramCache]: Analyzing trace with hash 1869049858, now seen corresponding path program 1 times [2025-01-09 03:59:49,736 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:49,736 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [908335546] [2025-01-09 03:59:49,736 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:49,736 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:49,748 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 46 statements into 1 equivalence classes. [2025-01-09 03:59:49,757 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 46 of 46 statements. [2025-01-09 03:59:49,757 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:49,757 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:49,821 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:49,822 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:49,822 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [908335546] [2025-01-09 03:59:49,822 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [908335546] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:49,822 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:49,822 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-01-09 03:59:49,822 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [748335135] [2025-01-09 03:59:49,822 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:49,823 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-01-09 03:59:49,823 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:49,823 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-01-09 03:59:49,824 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 03:59:49,824 INFO L87 Difference]: Start difference. First operand 124 states and 158 transitions. Second operand has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2025-01-09 03:59:49,848 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:49,850 INFO L93 Difference]: Finished difference Result 244 states and 319 transitions. [2025-01-09 03:59:49,851 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-01-09 03:59:49,851 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 46 [2025-01-09 03:59:49,851 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:49,853 INFO L225 Difference]: With dead ends: 244 [2025-01-09 03:59:49,856 INFO L226 Difference]: Without dead ends: 127 [2025-01-09 03:59:49,857 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 03:59:49,859 INFO L435 NwaCegarLoop]: 101 mSDtfsCounter, 0 mSDsluCounter, 297 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 398 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:49,859 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 398 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 03:59:49,860 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 127 states. [2025-01-09 03:59:49,875 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 127 to 127. [2025-01-09 03:59:49,875 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 127 states, 94 states have (on average 1.2872340425531914) internal successors, (121), 102 states have internal predecessors, (121), 17 states have call successors, (17), 15 states have call predecessors, (17), 15 states have return successors, (23), 15 states have call predecessors, (23), 17 states have call successors, (23) [2025-01-09 03:59:49,876 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 127 states to 127 states and 161 transitions. [2025-01-09 03:59:49,876 INFO L78 Accepts]: Start accepts. Automaton has 127 states and 161 transitions. Word has length 46 [2025-01-09 03:59:49,877 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:49,877 INFO L471 AbstractCegarLoop]: Abstraction has 127 states and 161 transitions. [2025-01-09 03:59:49,877 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2025-01-09 03:59:49,877 INFO L276 IsEmpty]: Start isEmpty. Operand 127 states and 161 transitions. [2025-01-09 03:59:49,877 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2025-01-09 03:59:49,878 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:49,878 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:49,878 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-01-09 03:59:49,878 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:49,878 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:49,878 INFO L85 PathProgramCache]: Analyzing trace with hash 1051401408, now seen corresponding path program 1 times [2025-01-09 03:59:49,878 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:49,878 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1724340588] [2025-01-09 03:59:49,878 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:49,879 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:49,885 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 46 statements into 1 equivalence classes. [2025-01-09 03:59:49,890 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 46 of 46 statements. [2025-01-09 03:59:49,890 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:49,890 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:49,950 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:49,950 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:49,950 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1724340588] [2025-01-09 03:59:49,950 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1724340588] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:49,950 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:49,951 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-01-09 03:59:49,951 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [685788688] [2025-01-09 03:59:49,951 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:49,951 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-01-09 03:59:49,951 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:49,952 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-01-09 03:59:49,952 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-01-09 03:59:49,952 INFO L87 Difference]: Start difference. First operand 127 states and 161 transitions. Second operand has 6 states, 6 states have (on average 6.5) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2025-01-09 03:59:49,979 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:49,979 INFO L93 Difference]: Finished difference Result 249 states and 330 transitions. [2025-01-09 03:59:49,979 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2025-01-09 03:59:49,980 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.5) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 46 [2025-01-09 03:59:49,980 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:49,981 INFO L225 Difference]: With dead ends: 249 [2025-01-09 03:59:49,981 INFO L226 Difference]: Without dead ends: 129 [2025-01-09 03:59:49,981 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-01-09 03:59:49,982 INFO L435 NwaCegarLoop]: 100 mSDtfsCounter, 0 mSDsluCounter, 392 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 492 SdHoareTripleChecker+Invalid, 25 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:49,982 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 492 Invalid, 25 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 03:59:49,982 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 129 states. [2025-01-09 03:59:49,990 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 129 to 129. [2025-01-09 03:59:49,991 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 129 states, 96 states have (on average 1.28125) internal successors, (123), 104 states have internal predecessors, (123), 17 states have call successors, (17), 15 states have call predecessors, (17), 15 states have return successors, (23), 15 states have call predecessors, (23), 17 states have call successors, (23) [2025-01-09 03:59:49,992 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 129 states to 129 states and 163 transitions. [2025-01-09 03:59:49,992 INFO L78 Accepts]: Start accepts. Automaton has 129 states and 163 transitions. Word has length 46 [2025-01-09 03:59:49,992 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:49,992 INFO L471 AbstractCegarLoop]: Abstraction has 129 states and 163 transitions. [2025-01-09 03:59:49,993 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.5) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2025-01-09 03:59:49,993 INFO L276 IsEmpty]: Start isEmpty. Operand 129 states and 163 transitions. [2025-01-09 03:59:49,993 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2025-01-09 03:59:49,993 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:49,994 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:49,994 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-01-09 03:59:49,994 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:49,994 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:49,994 INFO L85 PathProgramCache]: Analyzing trace with hash 1270256126, now seen corresponding path program 1 times [2025-01-09 03:59:49,994 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:49,994 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1874489184] [2025-01-09 03:59:49,995 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:49,995 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:50,001 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 46 statements into 1 equivalence classes. [2025-01-09 03:59:50,010 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 46 of 46 statements. [2025-01-09 03:59:50,010 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:50,010 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:50,098 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:50,099 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:50,099 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1874489184] [2025-01-09 03:59:50,099 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1874489184] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:50,099 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:50,099 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-01-09 03:59:50,099 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1732774643] [2025-01-09 03:59:50,099 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:50,099 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-01-09 03:59:50,100 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:50,100 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-01-09 03:59:50,100 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 03:59:50,100 INFO L87 Difference]: Start difference. First operand 129 states and 163 transitions. Second operand has 4 states, 4 states have (on average 9.75) internal successors, (39), 4 states have internal predecessors, (39), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2025-01-09 03:59:50,224 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:50,225 INFO L93 Difference]: Finished difference Result 419 states and 550 transitions. [2025-01-09 03:59:50,226 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-01-09 03:59:50,226 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 9.75) internal successors, (39), 4 states have internal predecessors, (39), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 46 [2025-01-09 03:59:50,226 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:50,228 INFO L225 Difference]: With dead ends: 419 [2025-01-09 03:59:50,229 INFO L226 Difference]: Without dead ends: 297 [2025-01-09 03:59:50,230 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 03:59:50,230 INFO L435 NwaCegarLoop]: 181 mSDtfsCounter, 137 mSDsluCounter, 171 mSDsCounter, 0 mSdLazyCounter, 63 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 137 SdHoareTripleChecker+Valid, 352 SdHoareTripleChecker+Invalid, 68 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 63 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:50,230 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [137 Valid, 352 Invalid, 68 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 63 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-01-09 03:59:50,231 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 297 states. [2025-01-09 03:59:50,266 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 297 to 288. [2025-01-09 03:59:50,269 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 288 states, 212 states have (on average 1.2641509433962264) internal successors, (268), 227 states have internal predecessors, (268), 39 states have call successors, (39), 35 states have call predecessors, (39), 36 states have return successors, (64), 36 states have call predecessors, (64), 39 states have call successors, (64) [2025-01-09 03:59:50,271 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 288 states to 288 states and 371 transitions. [2025-01-09 03:59:50,272 INFO L78 Accepts]: Start accepts. Automaton has 288 states and 371 transitions. Word has length 46 [2025-01-09 03:59:50,272 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:50,272 INFO L471 AbstractCegarLoop]: Abstraction has 288 states and 371 transitions. [2025-01-09 03:59:50,272 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 9.75) internal successors, (39), 4 states have internal predecessors, (39), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2025-01-09 03:59:50,272 INFO L276 IsEmpty]: Start isEmpty. Operand 288 states and 371 transitions. [2025-01-09 03:59:50,275 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 49 [2025-01-09 03:59:50,277 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:50,278 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:50,278 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-01-09 03:59:50,278 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:50,278 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:50,278 INFO L85 PathProgramCache]: Analyzing trace with hash -2133326365, now seen corresponding path program 1 times [2025-01-09 03:59:50,278 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:50,278 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [149642554] [2025-01-09 03:59:50,278 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:50,278 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:50,289 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 48 statements into 1 equivalence classes. [2025-01-09 03:59:50,296 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 48 of 48 statements. [2025-01-09 03:59:50,297 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:50,297 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:50,402 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:50,402 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:50,402 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [149642554] [2025-01-09 03:59:50,402 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [149642554] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:50,402 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:50,402 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-01-09 03:59:50,402 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1921532274] [2025-01-09 03:59:50,402 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:50,403 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-01-09 03:59:50,403 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:50,403 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-01-09 03:59:50,403 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-01-09 03:59:50,404 INFO L87 Difference]: Start difference. First operand 288 states and 371 transitions. Second operand has 6 states, 6 states have (on average 6.5) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2025-01-09 03:59:50,606 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:50,606 INFO L93 Difference]: Finished difference Result 330 states and 423 transitions. [2025-01-09 03:59:50,606 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2025-01-09 03:59:50,607 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.5) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 48 [2025-01-09 03:59:50,607 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:50,609 INFO L225 Difference]: With dead ends: 330 [2025-01-09 03:59:50,609 INFO L226 Difference]: Without dead ends: 328 [2025-01-09 03:59:50,609 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=35, Invalid=75, Unknown=0, NotChecked=0, Total=110 [2025-01-09 03:59:50,610 INFO L435 NwaCegarLoop]: 75 mSDtfsCounter, 112 mSDsluCounter, 246 mSDsCounter, 0 mSdLazyCounter, 155 mSolverCounterSat, 34 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 117 SdHoareTripleChecker+Valid, 321 SdHoareTripleChecker+Invalid, 189 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 34 IncrementalHoareTripleChecker+Valid, 155 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:50,610 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [117 Valid, 321 Invalid, 189 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [34 Valid, 155 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-01-09 03:59:50,615 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 328 states. [2025-01-09 03:59:50,648 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 328 to 326. [2025-01-09 03:59:50,649 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 326 states, 240 states have (on average 1.2375) internal successors, (297), 255 states have internal predecessors, (297), 42 states have call successors, (42), 35 states have call predecessors, (42), 43 states have return successors, (77), 45 states have call predecessors, (77), 42 states have call successors, (77) [2025-01-09 03:59:50,653 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 326 states to 326 states and 416 transitions. [2025-01-09 03:59:50,654 INFO L78 Accepts]: Start accepts. Automaton has 326 states and 416 transitions. Word has length 48 [2025-01-09 03:59:50,654 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:50,654 INFO L471 AbstractCegarLoop]: Abstraction has 326 states and 416 transitions. [2025-01-09 03:59:50,654 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.5) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2025-01-09 03:59:50,654 INFO L276 IsEmpty]: Start isEmpty. Operand 326 states and 416 transitions. [2025-01-09 03:59:50,656 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2025-01-09 03:59:50,656 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:50,656 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:50,657 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-01-09 03:59:50,657 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:50,657 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:50,657 INFO L85 PathProgramCache]: Analyzing trace with hash 1174242456, now seen corresponding path program 1 times [2025-01-09 03:59:50,658 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:50,658 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [697642458] [2025-01-09 03:59:50,658 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:50,658 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:50,667 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 50 statements into 1 equivalence classes. [2025-01-09 03:59:50,678 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 50 of 50 statements. [2025-01-09 03:59:50,678 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:50,678 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:50,753 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:50,755 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:50,756 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [697642458] [2025-01-09 03:59:50,756 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [697642458] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:50,756 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:50,756 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-01-09 03:59:50,756 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1796737752] [2025-01-09 03:59:50,756 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:50,756 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-01-09 03:59:50,756 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:50,756 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-01-09 03:59:50,757 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-01-09 03:59:50,757 INFO L87 Difference]: Start difference. First operand 326 states and 416 transitions. Second operand has 6 states, 6 states have (on average 6.833333333333333) internal successors, (41), 5 states have internal predecessors, (41), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2025-01-09 03:59:50,884 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:50,885 INFO L93 Difference]: Finished difference Result 946 states and 1244 transitions. [2025-01-09 03:59:50,885 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-01-09 03:59:50,885 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.833333333333333) internal successors, (41), 5 states have internal predecessors, (41), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 50 [2025-01-09 03:59:50,886 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:50,889 INFO L225 Difference]: With dead ends: 946 [2025-01-09 03:59:50,890 INFO L226 Difference]: Without dead ends: 627 [2025-01-09 03:59:50,891 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2025-01-09 03:59:50,892 INFO L435 NwaCegarLoop]: 102 mSDtfsCounter, 74 mSDsluCounter, 360 mSDsCounter, 0 mSdLazyCounter, 54 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 76 SdHoareTripleChecker+Valid, 462 SdHoareTripleChecker+Invalid, 58 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 54 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:50,892 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [76 Valid, 462 Invalid, 58 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 54 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-01-09 03:59:50,893 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 627 states. [2025-01-09 03:59:50,939 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 627 to 627. [2025-01-09 03:59:50,940 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 627 states, 456 states have (on average 1.2149122807017543) internal successors, (554), 485 states have internal predecessors, (554), 84 states have call successors, (84), 70 states have call predecessors, (84), 86 states have return successors, (159), 90 states have call predecessors, (159), 84 states have call successors, (159) [2025-01-09 03:59:50,944 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 627 states to 627 states and 797 transitions. [2025-01-09 03:59:50,946 INFO L78 Accepts]: Start accepts. Automaton has 627 states and 797 transitions. Word has length 50 [2025-01-09 03:59:50,946 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:50,946 INFO L471 AbstractCegarLoop]: Abstraction has 627 states and 797 transitions. [2025-01-09 03:59:50,946 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.833333333333333) internal successors, (41), 5 states have internal predecessors, (41), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2025-01-09 03:59:50,947 INFO L276 IsEmpty]: Start isEmpty. Operand 627 states and 797 transitions. [2025-01-09 03:59:50,948 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2025-01-09 03:59:50,948 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:50,948 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:50,948 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-01-09 03:59:50,948 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:50,949 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:50,949 INFO L85 PathProgramCache]: Analyzing trace with hash 490045972, now seen corresponding path program 1 times [2025-01-09 03:59:50,949 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:50,949 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1428045881] [2025-01-09 03:59:50,949 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:50,950 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:50,956 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 54 statements into 1 equivalence classes. [2025-01-09 03:59:50,963 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 54 of 54 statements. [2025-01-09 03:59:50,965 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:50,965 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-01-09 03:59:50,965 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-01-09 03:59:50,970 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 54 statements into 1 equivalence classes. [2025-01-09 03:59:50,975 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 54 of 54 statements. [2025-01-09 03:59:50,976 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:50,976 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-01-09 03:59:50,997 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-01-09 03:59:50,997 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-01-09 03:59:50,998 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-01-09 03:59:50,999 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-01-09 03:59:51,001 INFO L422 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:51,049 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-01-09 03:59:51,051 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 09.01 03:59:51 BoogieIcfgContainer [2025-01-09 03:59:51,051 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-01-09 03:59:51,051 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-01-09 03:59:51,051 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-01-09 03:59:51,051 INFO L274 PluginConnector]: Witness Printer initialized [2025-01-09 03:59:51,053 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 03:59:48" (3/4) ... [2025-01-09 03:59:51,054 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-01-09 03:59:51,117 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 45. [2025-01-09 03:59:51,177 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-01-09 03:59:51,181 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.yml [2025-01-09 03:59:51,181 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-01-09 03:59:51,181 INFO L158 Benchmark]: Toolchain (without parser) took 2976.82ms. Allocated memory is still 167.8MB. Free memory was 135.0MB in the beginning and 75.8MB in the end (delta: 59.2MB). Peak memory consumption was 57.9MB. Max. memory is 16.1GB. [2025-01-09 03:59:51,181 INFO L158 Benchmark]: CDTParser took 0.76ms. Allocated memory is still 201.3MB. Free memory is still 128.2MB. There was no memory consumed. Max. memory is 16.1GB. [2025-01-09 03:59:51,182 INFO L158 Benchmark]: CACSL2BoogieTranslator took 302.95ms. Allocated memory is still 167.8MB. Free memory was 135.0MB in the beginning and 116.2MB in the end (delta: 18.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-01-09 03:59:51,183 INFO L158 Benchmark]: Boogie Procedure Inliner took 29.21ms. Allocated memory is still 167.8MB. Free memory was 116.2MB in the beginning and 114.3MB in the end (delta: 1.9MB). There was no memory consumed. Max. memory is 16.1GB. [2025-01-09 03:59:51,183 INFO L158 Benchmark]: Boogie Preprocessor took 26.17ms. Allocated memory is still 167.8MB. Free memory was 114.3MB in the beginning and 112.4MB in the end (delta: 1.9MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-01-09 03:59:51,183 INFO L158 Benchmark]: RCFGBuilder took 347.41ms. Allocated memory is still 167.8MB. Free memory was 112.4MB in the beginning and 94.7MB in the end (delta: 17.7MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-01-09 03:59:51,183 INFO L158 Benchmark]: TraceAbstraction took 2133.50ms. Allocated memory is still 167.8MB. Free memory was 94.3MB in the beginning and 84.2MB in the end (delta: 10.1MB). Peak memory consumption was 7.6MB. Max. memory is 16.1GB. [2025-01-09 03:59:51,183 INFO L158 Benchmark]: Witness Printer took 129.59ms. Allocated memory is still 167.8MB. Free memory was 84.2MB in the beginning and 75.8MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-01-09 03:59:51,184 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.76ms. Allocated memory is still 201.3MB. Free memory is still 128.2MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 302.95ms. Allocated memory is still 167.8MB. Free memory was 135.0MB in the beginning and 116.2MB in the end (delta: 18.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 29.21ms. Allocated memory is still 167.8MB. Free memory was 116.2MB in the beginning and 114.3MB in the end (delta: 1.9MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 26.17ms. Allocated memory is still 167.8MB. Free memory was 114.3MB in the beginning and 112.4MB in the end (delta: 1.9MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * RCFGBuilder took 347.41ms. Allocated memory is still 167.8MB. Free memory was 112.4MB in the beginning and 94.7MB in the end (delta: 17.7MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 2133.50ms. Allocated memory is still 167.8MB. Free memory was 94.3MB in the beginning and 84.2MB in the end (delta: 10.1MB). Peak memory consumption was 7.6MB. Max. memory is 16.1GB. * Witness Printer took 129.59ms. Allocated memory is still 167.8MB. Free memory was 84.2MB in the beginning and 75.8MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [49] - GenericResultAtLocation [Line: 78]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [78] - GenericResultAtLocation [Line: 87]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [87] - GenericResultAtLocation [Line: 453]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [453] - GenericResultAtLocation [Line: 557]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [557] - GenericResultAtLocation [Line: 786]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [786] - GenericResultAtLocation [Line: 851]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [851] - GenericResultAtLocation [Line: 886]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [886] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 83]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L257] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; [L454] int cleanupTimeShifts = 4; [L564] int pumpRunning = 0; [L565] int systemActive = 1; [L888] int waterLevel = 1; [L889] int methaneLevelCritical = 0; VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L535] int retValue_acc ; [L536] int tmp ; [L540] FCALL select_helpers() [L541] FCALL select_features() [L542] CALL, EXPR valid_product() [L878] int retValue_acc ; [L881] retValue_acc = 1 [L882] return (retValue_acc); VAL [\result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L542] RET, EXPR valid_product() [L542] tmp = valid_product() [L544] COND TRUE \read(tmp) [L546] FCALL setup() [L547] CALL runTest() [L526] CALL test() [L788] int splverifierCounter ; [L789] int tmp ; [L790] int tmp___0 ; [L791] int tmp___1 ; [L792] int tmp___2 ; [L795] splverifierCounter = 0 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L799] COND TRUE splverifierCounter < 4 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L805] tmp = __VERIFIER_nondet_int() [L807] COND TRUE \read(tmp) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L809] CALL waterRise() VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L906] COND TRUE waterLevel < 2 [L907] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L809] RET waterRise() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L815] tmp___0 = __VERIFIER_nondet_int() [L817] COND TRUE \read(tmp___0) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L819] CALL changeMethaneLevel() VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L918] COND FALSE !(\read(methaneLevelCritical)) [L921] methaneLevelCritical = 1 VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L819] RET changeMethaneLevel() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L825] tmp___2 = __VERIFIER_nondet_int() [L827] COND TRUE \read(tmp___2) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L840] CALL timeShift() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L571] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L578] COND TRUE \read(systemActive) [L580] CALL processEnvironment() [L652] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L655] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L670] CALL processEnvironment__wrappee__lowWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L626] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L629] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L644] CALL processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L600] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L603] COND TRUE ! pumpRunning [L605] CALL, EXPR isHighWaterLevel() [L749] int retValue_acc ; [L750] int tmp ; [L751] int tmp___0 ; [L755] CALL, EXPR isHighWaterSensorDry() [L968] int retValue_acc ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L971] COND FALSE !(waterLevel < 2) [L975] retValue_acc = 0 [L976] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L755] RET, EXPR isHighWaterSensorDry() [L755] tmp = isHighWaterSensorDry() [L757] COND FALSE !(\read(tmp)) [L760] tmp___0 = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L762] retValue_acc = tmp___0 [L763] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L605] RET, EXPR isHighWaterLevel() [L605] tmp = isHighWaterLevel() [L607] COND TRUE \read(tmp) [L609] CALL activatePump() [L680] pumpRunning = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L609] RET activatePump() [L644] RET processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L670] RET processEnvironment__wrappee__lowWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L580] RET processEnvironment() [L586] CALL __utac_acc__Specification1_spec__1() [L54] int tmp ; [L55] int tmp___0 ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L59] CALL, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L927] int retValue_acc ; [L930] retValue_acc = methaneLevelCritical [L931] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L59] RET, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L59] tmp = isMethaneLevelCritical() [L61] COND TRUE \read(tmp) [L63] CALL, EXPR isPumpRunning() [L704] int retValue_acc ; [L707] retValue_acc = pumpRunning [L708] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L63] RET, EXPR isPumpRunning() [L63] tmp___0 = isPumpRunning() [L65] COND TRUE \read(tmp___0) [L67] CALL __automaton_fail() [L83] reach_error() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 98 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 2.0s, OverallIterations: 9, TraceHistogramMax: 2, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.7s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 505 SdHoareTripleChecker+Valid, 0.4s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 495 mSDsluCounter, 2665 SdHoareTripleChecker+Invalid, 0.3s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1776 mSDsCounter, 51 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 389 IncrementalHoareTripleChecker+Invalid, 440 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 51 mSolverCounterUnsat, 889 mSDtfsCounter, 389 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 58 GetRequests, 25 SyntacticMatches, 0 SemanticMatches, 33 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 12 ImplicationChecksByTransitivity, 0.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=627occurred in iteration=8, InterpolantAutomatonStates: 42, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 8 MinimizatonAttempts, 13 StatesRemovedByMinimization, 3 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 0.7s InterpolantComputationTime, 380 NumberOfCodeBlocks, 380 NumberOfCodeBlocksAsserted, 9 NumberOfCheckSat, 318 ConstructedInterpolants, 0 QuantifiedInterpolants, 621 SizeOfPredicates, 0 NumberOfNonLiveVariables, 0 ConjunctsInSsa, 0 ConjunctsInUnsatCore, 8 InterpolantComputations, 8 PerfectInterpolantSequences, 3/3 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-01-09 03:59:51,202 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE