./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec1_product54.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 551b0097 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec1_product54.cil.c -s /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 90a76a2882b85be994db917b0e3084e326cc29272a09018948be7f2d57c03e00 --- Real Ultimate output --- This is Ultimate 0.3.0-?-551b009-m [2025-01-09 03:59:48,380 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-01-09 03:59:48,456 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-01-09 03:59:48,461 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-01-09 03:59:48,461 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-01-09 03:59:48,487 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-01-09 03:59:48,487 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-01-09 03:59:48,488 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-01-09 03:59:48,488 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-01-09 03:59:48,488 INFO L153 SettingsManager]: * Use memory slicer=true [2025-01-09 03:59:48,489 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-01-09 03:59:48,490 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-01-09 03:59:48,490 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-01-09 03:59:48,490 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-01-09 03:59:48,490 INFO L153 SettingsManager]: * Use SBE=true [2025-01-09 03:59:48,491 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-01-09 03:59:48,491 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-01-09 03:59:48,491 INFO L153 SettingsManager]: * sizeof long=4 [2025-01-09 03:59:48,491 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-01-09 03:59:48,491 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-01-09 03:59:48,491 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-01-09 03:59:48,491 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-01-09 03:59:48,492 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-01-09 03:59:48,492 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-01-09 03:59:48,492 INFO L153 SettingsManager]: * sizeof long double=12 [2025-01-09 03:59:48,492 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-01-09 03:59:48,492 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-01-09 03:59:48,492 INFO L153 SettingsManager]: * Use constant arrays=true [2025-01-09 03:59:48,492 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-01-09 03:59:48,492 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-01-09 03:59:48,492 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-01-09 03:59:48,493 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-01-09 03:59:48,493 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 03:59:48,493 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2025-01-09 03:59:48,494 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-01-09 03:59:48,494 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-01-09 03:59:48,494 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-01-09 03:59:48,494 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 03:59:48,494 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-01-09 03:59:48,494 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-01-09 03:59:48,494 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-01-09 03:59:48,494 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-01-09 03:59:48,494 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-01-09 03:59:48,494 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-01-09 03:59:48,494 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-01-09 03:59:48,495 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-01-09 03:59:48,495 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-01-09 03:59:48,495 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-01-09 03:59:48,495 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 90a76a2882b85be994db917b0e3084e326cc29272a09018948be7f2d57c03e00 [2025-01-09 03:59:48,770 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-01-09 03:59:48,781 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-01-09 03:59:48,784 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-01-09 03:59:48,785 INFO L270 PluginConnector]: Initializing CDTParser... [2025-01-09 03:59:48,785 INFO L274 PluginConnector]: CDTParser initialized [2025-01-09 03:59:48,786 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec1_product54.cil.c [2025-01-09 03:59:50,045 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/087a9cb41/6e593d19a6504ea793c835fe44d372b8/FLAG10353e8a9 [2025-01-09 03:59:50,396 INFO L384 CDTParser]: Found 1 translation units. [2025-01-09 03:59:50,396 INFO L180 CDTParser]: Scanning /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product54.cil.c [2025-01-09 03:59:50,413 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/087a9cb41/6e593d19a6504ea793c835fe44d372b8/FLAG10353e8a9 [2025-01-09 03:59:50,612 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/087a9cb41/6e593d19a6504ea793c835fe44d372b8 [2025-01-09 03:59:50,614 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-01-09 03:59:50,615 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-01-09 03:59:50,617 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-01-09 03:59:50,617 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-01-09 03:59:50,620 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-01-09 03:59:50,621 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.01 03:59:50" (1/1) ... [2025-01-09 03:59:50,622 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@bfd05b6 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:50, skipping insertion in model container [2025-01-09 03:59:50,622 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.01 03:59:50" (1/1) ... [2025-01-09 03:59:50,659 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-01-09 03:59:50,845 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product54.cil.c[3816,3829] [2025-01-09 03:59:50,942 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-01-09 03:59:50,953 INFO L200 MainTranslator]: Completed pre-run [2025-01-09 03:59:50,961 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] [2025-01-09 03:59:50,962 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [153] [2025-01-09 03:59:50,962 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [221] [2025-01-09 03:59:50,963 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [230] [2025-01-09 03:59:50,963 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [470] [2025-01-09 03:59:50,963 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [505] [2025-01-09 03:59:50,963 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [531] [2025-01-09 03:59:50,963 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [897] [2025-01-09 03:59:50,983 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product54.cil.c[3816,3829] [2025-01-09 03:59:51,035 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-01-09 03:59:51,062 INFO L204 MainTranslator]: Completed translation [2025-01-09 03:59:51,063 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51 WrapperNode [2025-01-09 03:59:51,063 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-01-09 03:59:51,064 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-01-09 03:59:51,064 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-01-09 03:59:51,064 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-01-09 03:59:51,069 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (1/1) ... [2025-01-09 03:59:51,083 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (1/1) ... [2025-01-09 03:59:51,108 INFO L138 Inliner]: procedures = 57, calls = 103, calls flagged for inlining = 23, calls inlined = 20, statements flattened = 216 [2025-01-09 03:59:51,108 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-01-09 03:59:51,109 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-01-09 03:59:51,109 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-01-09 03:59:51,109 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-01-09 03:59:51,115 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (1/1) ... [2025-01-09 03:59:51,116 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (1/1) ... [2025-01-09 03:59:51,117 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (1/1) ... [2025-01-09 03:59:51,134 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-01-09 03:59:51,134 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (1/1) ... [2025-01-09 03:59:51,134 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (1/1) ... [2025-01-09 03:59:51,139 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (1/1) ... [2025-01-09 03:59:51,140 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (1/1) ... [2025-01-09 03:59:51,143 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (1/1) ... [2025-01-09 03:59:51,145 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (1/1) ... [2025-01-09 03:59:51,146 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (1/1) ... [2025-01-09 03:59:51,147 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-01-09 03:59:51,148 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2025-01-09 03:59:51,148 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2025-01-09 03:59:51,148 INFO L274 PluginConnector]: RCFGBuilder initialized [2025-01-09 03:59:51,149 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (1/1) ... [2025-01-09 03:59:51,152 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 03:59:51,163 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-01-09 03:59:51,174 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-01-09 03:59:51,176 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-01-09 03:59:51,198 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-01-09 03:59:51,199 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2025-01-09 03:59:51,199 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2025-01-09 03:59:51,199 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2025-01-09 03:59:51,199 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2025-01-09 03:59:51,200 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-01-09 03:59:51,200 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-01-09 03:59:51,200 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-01-09 03:59:51,201 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-01-09 03:59:51,201 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2025-01-09 03:59:51,201 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2025-01-09 03:59:51,202 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-01-09 03:59:51,202 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-01-09 03:59:51,202 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2025-01-09 03:59:51,202 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2025-01-09 03:59:51,202 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2025-01-09 03:59:51,202 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2025-01-09 03:59:51,202 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-01-09 03:59:51,202 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-01-09 03:59:51,203 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-01-09 03:59:51,203 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-01-09 03:59:51,203 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-01-09 03:59:51,276 INFO L234 CfgBuilder]: Building ICFG [2025-01-09 03:59:51,277 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2025-01-09 03:59:51,532 INFO L? ?]: Removed 49 outVars from TransFormulas that were not future-live. [2025-01-09 03:59:51,533 INFO L283 CfgBuilder]: Performing block encoding [2025-01-09 03:59:51,547 INFO L307 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-01-09 03:59:51,548 INFO L312 CfgBuilder]: Removed 2 assume(true) statements. [2025-01-09 03:59:51,548 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 03:59:51 BoogieIcfgContainer [2025-01-09 03:59:51,549 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2025-01-09 03:59:51,551 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-01-09 03:59:51,551 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-01-09 03:59:51,555 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-01-09 03:59:51,555 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 09.01 03:59:50" (1/3) ... [2025-01-09 03:59:51,555 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@50922862 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.01 03:59:51, skipping insertion in model container [2025-01-09 03:59:51,556 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (2/3) ... [2025-01-09 03:59:51,556 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@50922862 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.01 03:59:51, skipping insertion in model container [2025-01-09 03:59:51,556 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 03:59:51" (3/3) ... [2025-01-09 03:59:51,557 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product54.cil.c [2025-01-09 03:59:51,567 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-01-09 03:59:51,568 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec1_product54.cil.c that has 10 procedures, 99 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-01-09 03:59:51,631 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-01-09 03:59:51,644 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@17d5ab33, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-01-09 03:59:51,644 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-01-09 03:59:51,647 INFO L276 IsEmpty]: Start isEmpty. Operand has 99 states, 72 states have (on average 1.3611111111111112) internal successors, (98), 82 states have internal predecessors, (98), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2025-01-09 03:59:51,654 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2025-01-09 03:59:51,654 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:51,654 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:51,655 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:51,660 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:51,661 INFO L85 PathProgramCache]: Analyzing trace with hash -1671038598, now seen corresponding path program 1 times [2025-01-09 03:59:51,667 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:51,670 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1683958304] [2025-01-09 03:59:51,670 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:51,671 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:51,726 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 23 statements into 1 equivalence classes. [2025-01-09 03:59:51,745 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 23 of 23 statements. [2025-01-09 03:59:51,746 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:51,746 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:51,853 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:51,854 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:51,854 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1683958304] [2025-01-09 03:59:51,855 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1683958304] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:51,855 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:51,855 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-01-09 03:59:51,856 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1190983680] [2025-01-09 03:59:51,857 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:51,860 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-01-09 03:59:51,861 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:51,878 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-01-09 03:59:51,878 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 03:59:51,881 INFO L87 Difference]: Start difference. First operand has 99 states, 72 states have (on average 1.3611111111111112) internal successors, (98), 82 states have internal predecessors, (98), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) Second operand has 3 states, 3 states have (on average 6.333333333333333) internal successors, (19), 3 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 03:59:51,921 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:51,922 INFO L93 Difference]: Finished difference Result 178 states and 236 transitions. [2025-01-09 03:59:51,923 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-01-09 03:59:51,924 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.333333333333333) internal successors, (19), 3 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2025-01-09 03:59:51,925 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:51,931 INFO L225 Difference]: With dead ends: 178 [2025-01-09 03:59:51,931 INFO L226 Difference]: Without dead ends: 82 [2025-01-09 03:59:51,933 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 03:59:51,936 INFO L435 NwaCegarLoop]: 109 mSDtfsCounter, 13 mSDsluCounter, 93 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 202 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:51,936 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [16 Valid, 202 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 03:59:51,947 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 82 states. [2025-01-09 03:59:51,966 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 82 to 82. [2025-01-09 03:59:51,967 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 82 states, 60 states have (on average 1.3333333333333333) internal successors, (80), 69 states have internal predecessors, (80), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 8 states have call predecessors, (13), 13 states have call successors, (13) [2025-01-09 03:59:51,973 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 82 states to 82 states and 106 transitions. [2025-01-09 03:59:51,976 INFO L78 Accepts]: Start accepts. Automaton has 82 states and 106 transitions. Word has length 23 [2025-01-09 03:59:51,976 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:51,977 INFO L471 AbstractCegarLoop]: Abstraction has 82 states and 106 transitions. [2025-01-09 03:59:51,977 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.333333333333333) internal successors, (19), 3 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 03:59:51,977 INFO L276 IsEmpty]: Start isEmpty. Operand 82 states and 106 transitions. [2025-01-09 03:59:51,978 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2025-01-09 03:59:51,979 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:51,979 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:51,979 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-01-09 03:59:51,979 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:51,980 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:51,980 INFO L85 PathProgramCache]: Analyzing trace with hash -1589422770, now seen corresponding path program 1 times [2025-01-09 03:59:51,980 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:51,980 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [818313106] [2025-01-09 03:59:51,980 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:51,980 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:51,992 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 28 statements into 1 equivalence classes. [2025-01-09 03:59:52,003 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 28 of 28 statements. [2025-01-09 03:59:52,003 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:52,003 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:52,198 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:52,198 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:52,198 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [818313106] [2025-01-09 03:59:52,198 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [818313106] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:52,198 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:52,199 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-01-09 03:59:52,199 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [47282901] [2025-01-09 03:59:52,199 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:52,200 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-01-09 03:59:52,200 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:52,200 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-01-09 03:59:52,200 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2025-01-09 03:59:52,202 INFO L87 Difference]: Start difference. First operand 82 states and 106 transitions. Second operand has 6 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 03:59:52,356 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:52,357 INFO L93 Difference]: Finished difference Result 157 states and 206 transitions. [2025-01-09 03:59:52,358 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-01-09 03:59:52,358 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 28 [2025-01-09 03:59:52,358 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:52,360 INFO L225 Difference]: With dead ends: 157 [2025-01-09 03:59:52,361 INFO L226 Difference]: Without dead ends: 82 [2025-01-09 03:59:52,362 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=20, Invalid=36, Unknown=0, NotChecked=0, Total=56 [2025-01-09 03:59:52,364 INFO L435 NwaCegarLoop]: 102 mSDtfsCounter, 101 mSDsluCounter, 146 mSDsCounter, 0 mSdLazyCounter, 65 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 101 SdHoareTripleChecker+Valid, 248 SdHoareTripleChecker+Invalid, 66 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 65 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:52,364 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [101 Valid, 248 Invalid, 66 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 65 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-01-09 03:59:52,365 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 82 states. [2025-01-09 03:59:52,378 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 82 to 82. [2025-01-09 03:59:52,380 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 82 states, 60 states have (on average 1.3166666666666667) internal successors, (79), 69 states have internal predecessors, (79), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 8 states have call predecessors, (13), 13 states have call successors, (13) [2025-01-09 03:59:52,382 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 82 states to 82 states and 105 transitions. [2025-01-09 03:59:52,385 INFO L78 Accepts]: Start accepts. Automaton has 82 states and 105 transitions. Word has length 28 [2025-01-09 03:59:52,385 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:52,385 INFO L471 AbstractCegarLoop]: Abstraction has 82 states and 105 transitions. [2025-01-09 03:59:52,386 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 03:59:52,386 INFO L276 IsEmpty]: Start isEmpty. Operand 82 states and 105 transitions. [2025-01-09 03:59:52,387 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2025-01-09 03:59:52,389 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:52,389 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:52,389 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-01-09 03:59:52,389 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:52,390 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:52,391 INFO L85 PathProgramCache]: Analyzing trace with hash -1819315007, now seen corresponding path program 1 times [2025-01-09 03:59:52,391 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:52,391 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1299741317] [2025-01-09 03:59:52,391 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:52,391 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:52,405 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 41 statements into 1 equivalence classes. [2025-01-09 03:59:52,418 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 41 of 41 statements. [2025-01-09 03:59:52,418 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:52,418 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:52,485 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-01-09 03:59:52,485 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:52,485 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1299741317] [2025-01-09 03:59:52,485 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1299741317] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:52,486 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:52,486 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-01-09 03:59:52,486 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [255904970] [2025-01-09 03:59:52,486 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:52,486 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-01-09 03:59:52,486 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:52,487 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-01-09 03:59:52,487 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 03:59:52,487 INFO L87 Difference]: Start difference. First operand 82 states and 105 transitions. Second operand has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2025-01-09 03:59:52,550 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:52,551 INFO L93 Difference]: Finished difference Result 203 states and 268 transitions. [2025-01-09 03:59:52,553 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-01-09 03:59:52,553 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 41 [2025-01-09 03:59:52,553 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:52,556 INFO L225 Difference]: With dead ends: 203 [2025-01-09 03:59:52,556 INFO L226 Difference]: Without dead ends: 128 [2025-01-09 03:59:52,558 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 03:59:52,560 INFO L435 NwaCegarLoop]: 122 mSDtfsCounter, 59 mSDsluCounter, 72 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 59 SdHoareTripleChecker+Valid, 194 SdHoareTripleChecker+Invalid, 19 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:52,560 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [59 Valid, 194 Invalid, 19 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 03:59:52,562 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 128 states. [2025-01-09 03:59:52,585 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 128 to 126. [2025-01-09 03:59:52,585 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 126 states, 93 states have (on average 1.2903225806451613) internal successors, (120), 101 states have internal predecessors, (120), 17 states have call successors, (17), 15 states have call predecessors, (17), 15 states have return successors, (23), 15 states have call predecessors, (23), 17 states have call successors, (23) [2025-01-09 03:59:52,587 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 126 states to 126 states and 160 transitions. [2025-01-09 03:59:52,589 INFO L78 Accepts]: Start accepts. Automaton has 126 states and 160 transitions. Word has length 41 [2025-01-09 03:59:52,589 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:52,590 INFO L471 AbstractCegarLoop]: Abstraction has 126 states and 160 transitions. [2025-01-09 03:59:52,590 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2025-01-09 03:59:52,590 INFO L276 IsEmpty]: Start isEmpty. Operand 126 states and 160 transitions. [2025-01-09 03:59:52,592 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2025-01-09 03:59:52,593 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:52,593 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:52,593 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-01-09 03:59:52,593 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:52,595 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:52,596 INFO L85 PathProgramCache]: Analyzing trace with hash -349364972, now seen corresponding path program 1 times [2025-01-09 03:59:52,596 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:52,596 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [696936172] [2025-01-09 03:59:52,596 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:52,596 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:52,608 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 47 statements into 1 equivalence classes. [2025-01-09 03:59:52,616 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 47 of 47 statements. [2025-01-09 03:59:52,619 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:52,619 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:52,740 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:52,740 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:52,740 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [696936172] [2025-01-09 03:59:52,741 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [696936172] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:52,741 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:52,741 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-01-09 03:59:52,741 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1437665250] [2025-01-09 03:59:52,741 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:52,741 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-01-09 03:59:52,741 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:52,742 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-01-09 03:59:52,742 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 03:59:52,742 INFO L87 Difference]: Start difference. First operand 126 states and 160 transitions. Second operand has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2025-01-09 03:59:52,901 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:52,902 INFO L93 Difference]: Finished difference Result 453 states and 609 transitions. [2025-01-09 03:59:52,902 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-01-09 03:59:52,902 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 47 [2025-01-09 03:59:52,903 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:52,907 INFO L225 Difference]: With dead ends: 453 [2025-01-09 03:59:52,908 INFO L226 Difference]: Without dead ends: 334 [2025-01-09 03:59:52,909 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 03:59:52,910 INFO L435 NwaCegarLoop]: 188 mSDtfsCounter, 143 mSDsluCounter, 176 mSDsCounter, 0 mSdLazyCounter, 66 mSolverCounterSat, 7 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 143 SdHoareTripleChecker+Valid, 364 SdHoareTripleChecker+Invalid, 73 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 7 IncrementalHoareTripleChecker+Valid, 66 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:52,910 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [143 Valid, 364 Invalid, 73 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [7 Valid, 66 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-01-09 03:59:52,912 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 334 states. [2025-01-09 03:59:52,958 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 334 to 325. [2025-01-09 03:59:52,960 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 325 states, 240 states have (on average 1.2833333333333334) internal successors, (308), 257 states have internal predecessors, (308), 43 states have call successors, (43), 39 states have call predecessors, (43), 41 states have return successors, (77), 41 states have call predecessors, (77), 43 states have call successors, (77) [2025-01-09 03:59:52,965 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 325 states to 325 states and 428 transitions. [2025-01-09 03:59:52,965 INFO L78 Accepts]: Start accepts. Automaton has 325 states and 428 transitions. Word has length 47 [2025-01-09 03:59:52,965 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:52,965 INFO L471 AbstractCegarLoop]: Abstraction has 325 states and 428 transitions. [2025-01-09 03:59:52,966 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2025-01-09 03:59:52,966 INFO L276 IsEmpty]: Start isEmpty. Operand 325 states and 428 transitions. [2025-01-09 03:59:52,967 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2025-01-09 03:59:52,967 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:52,967 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:52,967 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-01-09 03:59:52,967 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:52,968 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:52,968 INFO L85 PathProgramCache]: Analyzing trace with hash -568219690, now seen corresponding path program 1 times [2025-01-09 03:59:52,968 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:52,968 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [269030379] [2025-01-09 03:59:52,968 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:52,969 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:52,980 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 47 statements into 1 equivalence classes. [2025-01-09 03:59:53,011 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 47 of 47 statements. [2025-01-09 03:59:53,011 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:53,011 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:53,075 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:53,075 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:53,075 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [269030379] [2025-01-09 03:59:53,075 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [269030379] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:53,075 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:53,076 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-01-09 03:59:53,076 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2122822815] [2025-01-09 03:59:53,076 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:53,076 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-01-09 03:59:53,076 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:53,077 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-01-09 03:59:53,077 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 03:59:53,077 INFO L87 Difference]: Start difference. First operand 325 states and 428 transitions. Second operand has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2025-01-09 03:59:53,118 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:53,118 INFO L93 Difference]: Finished difference Result 652 states and 885 transitions. [2025-01-09 03:59:53,120 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-01-09 03:59:53,120 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 47 [2025-01-09 03:59:53,120 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:53,125 INFO L225 Difference]: With dead ends: 652 [2025-01-09 03:59:53,125 INFO L226 Difference]: Without dead ends: 334 [2025-01-09 03:59:53,126 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 03:59:53,127 INFO L435 NwaCegarLoop]: 102 mSDtfsCounter, 0 mSDsluCounter, 300 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 402 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:53,127 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 402 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 03:59:53,129 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 334 states. [2025-01-09 03:59:53,165 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 334 to 334. [2025-01-09 03:59:53,167 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 334 states, 249 states have (on average 1.2730923694779117) internal successors, (317), 266 states have internal predecessors, (317), 43 states have call successors, (43), 39 states have call predecessors, (43), 41 states have return successors, (77), 41 states have call predecessors, (77), 43 states have call successors, (77) [2025-01-09 03:59:53,169 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 334 states to 334 states and 437 transitions. [2025-01-09 03:59:53,170 INFO L78 Accepts]: Start accepts. Automaton has 334 states and 437 transitions. Word has length 47 [2025-01-09 03:59:53,170 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:53,170 INFO L471 AbstractCegarLoop]: Abstraction has 334 states and 437 transitions. [2025-01-09 03:59:53,171 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2025-01-09 03:59:53,171 INFO L276 IsEmpty]: Start isEmpty. Operand 334 states and 437 transitions. [2025-01-09 03:59:53,172 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2025-01-09 03:59:53,175 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:53,175 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:53,175 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-01-09 03:59:53,175 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:53,176 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:53,176 INFO L85 PathProgramCache]: Analyzing trace with hash -1385868140, now seen corresponding path program 1 times [2025-01-09 03:59:53,176 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:53,176 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2080796030] [2025-01-09 03:59:53,176 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:53,176 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:53,186 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 47 statements into 1 equivalence classes. [2025-01-09 03:59:53,190 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 47 of 47 statements. [2025-01-09 03:59:53,190 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:53,190 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:53,268 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:53,268 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:53,268 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2080796030] [2025-01-09 03:59:53,268 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2080796030] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:53,268 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:53,268 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-01-09 03:59:53,269 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1003128665] [2025-01-09 03:59:53,269 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:53,269 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-01-09 03:59:53,269 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:53,270 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-01-09 03:59:53,270 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-01-09 03:59:53,270 INFO L87 Difference]: Start difference. First operand 334 states and 437 transitions. Second operand has 6 states, 6 states have (on average 6.666666666666667) internal successors, (40), 6 states have internal predecessors, (40), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2025-01-09 03:59:53,319 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:53,320 INFO L93 Difference]: Finished difference Result 620 states and 843 transitions. [2025-01-09 03:59:53,322 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2025-01-09 03:59:53,322 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.666666666666667) internal successors, (40), 6 states have internal predecessors, (40), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 47 [2025-01-09 03:59:53,323 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:53,325 INFO L225 Difference]: With dead ends: 620 [2025-01-09 03:59:53,325 INFO L226 Difference]: Without dead ends: 293 [2025-01-09 03:59:53,326 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-01-09 03:59:53,327 INFO L435 NwaCegarLoop]: 101 mSDtfsCounter, 0 mSDsluCounter, 396 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 497 SdHoareTripleChecker+Invalid, 25 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:53,327 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 497 Invalid, 25 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 03:59:53,328 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 293 states. [2025-01-09 03:59:53,355 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 293 to 293. [2025-01-09 03:59:53,356 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 293 states, 217 states have (on average 1.2580645161290323) internal successors, (273), 232 states have internal predecessors, (273), 39 states have call successors, (39), 35 states have call predecessors, (39), 36 states have return successors, (64), 36 states have call predecessors, (64), 39 states have call successors, (64) [2025-01-09 03:59:53,359 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 293 states to 293 states and 376 transitions. [2025-01-09 03:59:53,360 INFO L78 Accepts]: Start accepts. Automaton has 293 states and 376 transitions. Word has length 47 [2025-01-09 03:59:53,361 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:53,361 INFO L471 AbstractCegarLoop]: Abstraction has 293 states and 376 transitions. [2025-01-09 03:59:53,361 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.666666666666667) internal successors, (40), 6 states have internal predecessors, (40), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2025-01-09 03:59:53,361 INFO L276 IsEmpty]: Start isEmpty. Operand 293 states and 376 transitions. [2025-01-09 03:59:53,362 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2025-01-09 03:59:53,363 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:53,363 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:53,363 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-01-09 03:59:53,363 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:53,364 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:53,365 INFO L85 PathProgramCache]: Analyzing trace with hash -1798759179, now seen corresponding path program 1 times [2025-01-09 03:59:53,365 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:53,365 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [321432242] [2025-01-09 03:59:53,365 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:53,365 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:53,374 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 49 statements into 1 equivalence classes. [2025-01-09 03:59:53,378 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 49 of 49 statements. [2025-01-09 03:59:53,378 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:53,379 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:53,510 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:53,510 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:53,510 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [321432242] [2025-01-09 03:59:53,511 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [321432242] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:53,511 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:53,511 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-01-09 03:59:53,511 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [247563220] [2025-01-09 03:59:53,511 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:53,511 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-01-09 03:59:53,511 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:53,512 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-01-09 03:59:53,512 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-01-09 03:59:53,512 INFO L87 Difference]: Start difference. First operand 293 states and 376 transitions. Second operand has 6 states, 6 states have (on average 6.666666666666667) internal successors, (40), 6 states have internal predecessors, (40), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2025-01-09 03:59:53,743 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:53,743 INFO L93 Difference]: Finished difference Result 335 states and 428 transitions. [2025-01-09 03:59:53,743 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2025-01-09 03:59:53,744 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.666666666666667) internal successors, (40), 6 states have internal predecessors, (40), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 49 [2025-01-09 03:59:53,744 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:53,746 INFO L225 Difference]: With dead ends: 335 [2025-01-09 03:59:53,746 INFO L226 Difference]: Without dead ends: 333 [2025-01-09 03:59:53,746 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=35, Invalid=75, Unknown=0, NotChecked=0, Total=110 [2025-01-09 03:59:53,747 INFO L435 NwaCegarLoop]: 76 mSDtfsCounter, 112 mSDsluCounter, 250 mSDsCounter, 0 mSdLazyCounter, 155 mSolverCounterSat, 34 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 117 SdHoareTripleChecker+Valid, 326 SdHoareTripleChecker+Invalid, 189 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 34 IncrementalHoareTripleChecker+Valid, 155 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:53,748 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [117 Valid, 326 Invalid, 189 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [34 Valid, 155 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2025-01-09 03:59:53,749 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 333 states. [2025-01-09 03:59:53,778 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 333 to 331. [2025-01-09 03:59:53,780 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 331 states, 245 states have (on average 1.2326530612244897) internal successors, (302), 260 states have internal predecessors, (302), 42 states have call successors, (42), 35 states have call predecessors, (42), 43 states have return successors, (77), 45 states have call predecessors, (77), 42 states have call successors, (77) [2025-01-09 03:59:53,783 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 331 states to 331 states and 421 transitions. [2025-01-09 03:59:53,784 INFO L78 Accepts]: Start accepts. Automaton has 331 states and 421 transitions. Word has length 49 [2025-01-09 03:59:53,785 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:53,785 INFO L471 AbstractCegarLoop]: Abstraction has 331 states and 421 transitions. [2025-01-09 03:59:53,785 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.666666666666667) internal successors, (40), 6 states have internal predecessors, (40), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2025-01-09 03:59:53,786 INFO L276 IsEmpty]: Start isEmpty. Operand 331 states and 421 transitions. [2025-01-09 03:59:53,786 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2025-01-09 03:59:53,786 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:53,787 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:53,787 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-01-09 03:59:53,787 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:53,787 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:53,787 INFO L85 PathProgramCache]: Analyzing trace with hash 623610360, now seen corresponding path program 1 times [2025-01-09 03:59:53,788 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:53,788 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1386743495] [2025-01-09 03:59:53,788 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:53,788 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:53,796 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 51 statements into 1 equivalence classes. [2025-01-09 03:59:53,802 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 51 of 51 statements. [2025-01-09 03:59:53,803 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:53,803 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:53,904 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:53,908 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:53,908 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1386743495] [2025-01-09 03:59:53,908 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1386743495] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:53,908 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:53,908 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-01-09 03:59:53,908 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1025817564] [2025-01-09 03:59:53,908 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:53,909 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-01-09 03:59:53,910 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:53,911 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-01-09 03:59:53,911 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-01-09 03:59:53,911 INFO L87 Difference]: Start difference. First operand 331 states and 421 transitions. Second operand has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2025-01-09 03:59:54,095 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:54,096 INFO L93 Difference]: Finished difference Result 961 states and 1259 transitions. [2025-01-09 03:59:54,097 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-01-09 03:59:54,097 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 51 [2025-01-09 03:59:54,097 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:54,103 INFO L225 Difference]: With dead ends: 961 [2025-01-09 03:59:54,103 INFO L226 Difference]: Without dead ends: 637 [2025-01-09 03:59:54,105 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2025-01-09 03:59:54,105 INFO L435 NwaCegarLoop]: 103 mSDtfsCounter, 74 mSDsluCounter, 364 mSDsCounter, 0 mSdLazyCounter, 54 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 76 SdHoareTripleChecker+Valid, 467 SdHoareTripleChecker+Invalid, 58 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 54 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:54,105 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [76 Valid, 467 Invalid, 58 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 54 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-01-09 03:59:54,107 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 637 states. [2025-01-09 03:59:54,171 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 637 to 637. [2025-01-09 03:59:54,173 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 637 states, 466 states have (on average 1.2103004291845494) internal successors, (564), 495 states have internal predecessors, (564), 84 states have call successors, (84), 70 states have call predecessors, (84), 86 states have return successors, (159), 90 states have call predecessors, (159), 84 states have call successors, (159) [2025-01-09 03:59:54,177 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 637 states to 637 states and 807 transitions. [2025-01-09 03:59:54,179 INFO L78 Accepts]: Start accepts. Automaton has 637 states and 807 transitions. Word has length 51 [2025-01-09 03:59:54,180 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:54,180 INFO L471 AbstractCegarLoop]: Abstraction has 637 states and 807 transitions. [2025-01-09 03:59:54,180 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2025-01-09 03:59:54,180 INFO L276 IsEmpty]: Start isEmpty. Operand 637 states and 807 transitions. [2025-01-09 03:59:54,181 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2025-01-09 03:59:54,182 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:54,182 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:54,182 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-01-09 03:59:54,182 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:54,184 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:54,184 INFO L85 PathProgramCache]: Analyzing trace with hash 666360636, now seen corresponding path program 1 times [2025-01-09 03:59:54,184 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:54,184 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1810713606] [2025-01-09 03:59:54,184 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:54,184 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:54,194 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 55 statements into 1 equivalence classes. [2025-01-09 03:59:54,206 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 55 of 55 statements. [2025-01-09 03:59:54,206 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:54,206 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-01-09 03:59:54,207 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-01-09 03:59:54,213 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 55 statements into 1 equivalence classes. [2025-01-09 03:59:54,220 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 55 of 55 statements. [2025-01-09 03:59:54,220 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:54,220 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-01-09 03:59:54,242 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-01-09 03:59:54,243 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-01-09 03:59:54,244 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-01-09 03:59:54,245 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-01-09 03:59:54,247 INFO L422 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:54,307 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-01-09 03:59:54,313 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 09.01 03:59:54 BoogieIcfgContainer [2025-01-09 03:59:54,314 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-01-09 03:59:54,314 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-01-09 03:59:54,314 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-01-09 03:59:54,316 INFO L274 PluginConnector]: Witness Printer initialized [2025-01-09 03:59:54,317 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 03:59:51" (3/4) ... [2025-01-09 03:59:54,318 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-01-09 03:59:54,389 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 46. [2025-01-09 03:59:54,471 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-01-09 03:59:54,471 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.yml [2025-01-09 03:59:54,471 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-01-09 03:59:54,472 INFO L158 Benchmark]: Toolchain (without parser) took 3856.57ms. Allocated memory is still 142.6MB. Free memory was 105.3MB in the beginning and 63.7MB in the end (delta: 41.6MB). Peak memory consumption was 41.1MB. Max. memory is 16.1GB. [2025-01-09 03:59:54,472 INFO L158 Benchmark]: CDTParser took 0.26ms. Allocated memory is still 201.3MB. Free memory is still 126.1MB. There was no memory consumed. Max. memory is 16.1GB. [2025-01-09 03:59:54,472 INFO L158 Benchmark]: CACSL2BoogieTranslator took 446.65ms. Allocated memory is still 142.6MB. Free memory was 105.3MB in the beginning and 87.0MB in the end (delta: 18.3MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-01-09 03:59:54,473 INFO L158 Benchmark]: Boogie Procedure Inliner took 44.58ms. Allocated memory is still 142.6MB. Free memory was 87.0MB in the beginning and 84.9MB in the end (delta: 2.1MB). There was no memory consumed. Max. memory is 16.1GB. [2025-01-09 03:59:54,473 INFO L158 Benchmark]: Boogie Preprocessor took 38.43ms. Allocated memory is still 142.6MB. Free memory was 84.9MB in the beginning and 82.8MB in the end (delta: 2.2MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-01-09 03:59:54,473 INFO L158 Benchmark]: RCFGBuilder took 400.72ms. Allocated memory is still 142.6MB. Free memory was 82.8MB in the beginning and 65.0MB in the end (delta: 17.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-01-09 03:59:54,473 INFO L158 Benchmark]: TraceAbstraction took 2762.72ms. Allocated memory is still 142.6MB. Free memory was 65.0MB in the beginning and 72.1MB in the end (delta: -7.1MB). There was no memory consumed. Max. memory is 16.1GB. [2025-01-09 03:59:54,474 INFO L158 Benchmark]: Witness Printer took 157.12ms. Allocated memory is still 142.6MB. Free memory was 72.1MB in the beginning and 63.7MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-01-09 03:59:54,475 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.26ms. Allocated memory is still 201.3MB. Free memory is still 126.1MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 446.65ms. Allocated memory is still 142.6MB. Free memory was 105.3MB in the beginning and 87.0MB in the end (delta: 18.3MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 44.58ms. Allocated memory is still 142.6MB. Free memory was 87.0MB in the beginning and 84.9MB in the end (delta: 2.1MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 38.43ms. Allocated memory is still 142.6MB. Free memory was 84.9MB in the beginning and 82.8MB in the end (delta: 2.2MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * RCFGBuilder took 400.72ms. Allocated memory is still 142.6MB. Free memory was 82.8MB in the beginning and 65.0MB in the end (delta: 17.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 2762.72ms. Allocated memory is still 142.6MB. Free memory was 65.0MB in the beginning and 72.1MB in the end (delta: -7.1MB). There was no memory consumed. Max. memory is 16.1GB. * Witness Printer took 157.12ms. Allocated memory is still 142.6MB. Free memory was 72.1MB in the beginning and 63.7MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] - GenericResultAtLocation [Line: 153]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [153] - GenericResultAtLocation [Line: 221]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [221] - GenericResultAtLocation [Line: 230]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [230] - GenericResultAtLocation [Line: 470]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [470] - GenericResultAtLocation [Line: 505]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [505] - GenericResultAtLocation [Line: 531]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [531] - GenericResultAtLocation [Line: 897]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [897] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 226]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L50] int cleanupTimeShifts = 4; [L239] int pumpRunning = 0; [L240] int systemActive = 1; [L701] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; [L899] int waterLevel = 1; [L900] int methaneLevelCritical = 0; VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L131] int retValue_acc ; [L132] int tmp ; [L136] FCALL select_helpers() [L137] FCALL select_features() [L138] CALL, EXPR valid_product() [L497] int retValue_acc ; [L500] retValue_acc = 1 [L501] return (retValue_acc); VAL [\result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L138] RET, EXPR valid_product() [L138] tmp = valid_product() [L140] COND TRUE \read(tmp) [L142] FCALL setup() [L143] CALL runTest() [L122] CALL test() [L156] int splverifierCounter ; [L157] int tmp ; [L158] int tmp___0 ; [L159] int tmp___1 ; [L160] int tmp___2 ; [L163] splverifierCounter = 0 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L167] COND TRUE splverifierCounter < 4 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L173] tmp = __VERIFIER_nondet_int() [L175] COND TRUE \read(tmp) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L177] CALL waterRise() VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L917] COND TRUE waterLevel < 2 [L918] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L177] RET waterRise() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L183] tmp___0 = __VERIFIER_nondet_int() [L185] COND TRUE \read(tmp___0) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L187] CALL changeMethaneLevel() VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L929] COND FALSE !(\read(methaneLevelCritical)) [L932] methaneLevelCritical = 1 VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L187] RET changeMethaneLevel() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L193] tmp___2 = __VERIFIER_nondet_int() [L195] COND FALSE !(\read(tmp___2)) [L201] tmp___1 = __VERIFIER_nondet_int() [L203] COND TRUE \read(tmp___1) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L210] CALL timeShift() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L247] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L254] COND TRUE \read(systemActive) [L256] CALL processEnvironment() [L328] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L331] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L346] CALL processEnvironment__wrappee__lowWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L302] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L305] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L320] CALL processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L276] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L279] COND TRUE ! pumpRunning [L281] CALL, EXPR isHighWaterLevel() [L425] int retValue_acc ; [L426] int tmp ; [L427] int tmp___0 ; [L431] CALL, EXPR isHighWaterSensorDry() [L979] int retValue_acc ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L982] COND FALSE !(waterLevel < 2) [L986] retValue_acc = 0 [L987] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L431] RET, EXPR isHighWaterSensorDry() [L431] tmp = isHighWaterSensorDry() [L433] COND FALSE !(\read(tmp)) [L436] tmp___0 = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L438] retValue_acc = tmp___0 [L439] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L281] RET, EXPR isHighWaterLevel() [L281] tmp = isHighWaterLevel() [L283] COND TRUE \read(tmp) [L285] CALL activatePump() [L356] pumpRunning = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L285] RET activatePump() [L320] RET processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L346] RET processEnvironment__wrappee__lowWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L256] RET processEnvironment() [L262] CALL __utac_acc__Specification1_spec__1() [L507] int tmp ; [L508] int tmp___0 ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L512] CALL, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L938] int retValue_acc ; [L941] retValue_acc = methaneLevelCritical [L942] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L512] RET, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L512] tmp = isMethaneLevelCritical() [L514] COND TRUE \read(tmp) [L516] CALL, EXPR isPumpRunning() [L380] int retValue_acc ; [L383] retValue_acc = pumpRunning [L384] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L516] RET, EXPR isPumpRunning() [L516] tmp___0 = isPumpRunning() [L518] COND TRUE \read(tmp___0) [L520] CALL __automaton_fail() [L226] reach_error() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 99 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 2.6s, OverallIterations: 9, TraceHistogramMax: 2, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 1.0s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 512 SdHoareTripleChecker+Valid, 0.5s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 502 mSDsluCounter, 2700 SdHoareTripleChecker+Invalid, 0.4s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1797 mSDsCounter, 54 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 394 IncrementalHoareTripleChecker+Invalid, 448 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 54 mSolverCounterUnsat, 903 mSDtfsCounter, 394 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 58 GetRequests, 25 SyntacticMatches, 0 SemanticMatches, 33 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 12 ImplicationChecksByTransitivity, 0.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=637occurred in iteration=8, InterpolantAutomatonStates: 42, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 8 MinimizatonAttempts, 13 StatesRemovedByMinimization, 3 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 0.9s InterpolantComputationTime, 388 NumberOfCodeBlocks, 388 NumberOfCodeBlocksAsserted, 9 NumberOfCheckSat, 325 ConstructedInterpolants, 0 QuantifiedInterpolants, 639 SizeOfPredicates, 0 NumberOfNonLiveVariables, 0 ConjunctsInSsa, 0 ConjunctsInUnsatCore, 8 InterpolantComputations, 8 PerfectInterpolantSequences, 3/3 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-01-09 03:59:54,494 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE