./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec1_product56.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 551b0097 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec1_product56.cil.c -s /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash a24146f0f51336ad73890bbd928f5403b02b7d1c9a9c70cce136ffcb124619cc --- Real Ultimate output --- This is Ultimate 0.3.0-?-551b009-m [2025-01-09 03:59:49,099 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-01-09 03:59:49,134 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-01-09 03:59:49,137 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-01-09 03:59:49,137 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-01-09 03:59:49,153 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-01-09 03:59:49,154 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-01-09 03:59:49,154 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-01-09 03:59:49,154 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-01-09 03:59:49,154 INFO L153 SettingsManager]: * Use memory slicer=true [2025-01-09 03:59:49,154 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-01-09 03:59:49,154 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-01-09 03:59:49,155 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-01-09 03:59:49,155 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-01-09 03:59:49,155 INFO L153 SettingsManager]: * Use SBE=true [2025-01-09 03:59:49,155 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-01-09 03:59:49,155 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-01-09 03:59:49,155 INFO L153 SettingsManager]: * sizeof long=4 [2025-01-09 03:59:49,155 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-01-09 03:59:49,155 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-01-09 03:59:49,155 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-01-09 03:59:49,156 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-01-09 03:59:49,156 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-01-09 03:59:49,156 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-01-09 03:59:49,156 INFO L153 SettingsManager]: * sizeof long double=12 [2025-01-09 03:59:49,156 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-01-09 03:59:49,156 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-01-09 03:59:49,156 INFO L153 SettingsManager]: * Use constant arrays=true [2025-01-09 03:59:49,156 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-01-09 03:59:49,156 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-01-09 03:59:49,156 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-01-09 03:59:49,156 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-01-09 03:59:49,157 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 03:59:49,157 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2025-01-09 03:59:49,157 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-01-09 03:59:49,157 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-01-09 03:59:49,157 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-01-09 03:59:49,157 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 03:59:49,157 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-01-09 03:59:49,157 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-01-09 03:59:49,157 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-01-09 03:59:49,157 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-01-09 03:59:49,157 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-01-09 03:59:49,157 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-01-09 03:59:49,158 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-01-09 03:59:49,158 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-01-09 03:59:49,158 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-01-09 03:59:49,158 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-01-09 03:59:49,158 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> a24146f0f51336ad73890bbd928f5403b02b7d1c9a9c70cce136ffcb124619cc [2025-01-09 03:59:49,367 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-01-09 03:59:49,373 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-01-09 03:59:49,375 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-01-09 03:59:49,377 INFO L270 PluginConnector]: Initializing CDTParser... [2025-01-09 03:59:49,377 INFO L274 PluginConnector]: CDTParser initialized [2025-01-09 03:59:49,378 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec1_product56.cil.c [2025-01-09 03:59:50,669 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/6bafe2fec/6f35af8094bb4c50b3f572c3383d8221/FLAGcf30b0f0b [2025-01-09 03:59:50,966 INFO L384 CDTParser]: Found 1 translation units. [2025-01-09 03:59:50,967 INFO L180 CDTParser]: Scanning /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product56.cil.c [2025-01-09 03:59:50,977 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/6bafe2fec/6f35af8094bb4c50b3f572c3383d8221/FLAGcf30b0f0b [2025-01-09 03:59:50,989 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/6bafe2fec/6f35af8094bb4c50b3f572c3383d8221 [2025-01-09 03:59:50,991 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-01-09 03:59:50,992 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-01-09 03:59:50,993 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-01-09 03:59:50,993 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-01-09 03:59:50,996 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-01-09 03:59:50,997 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.01 03:59:50" (1/1) ... [2025-01-09 03:59:50,998 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6cbb6260 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:50, skipping insertion in model container [2025-01-09 03:59:50,998 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.01 03:59:50" (1/1) ... [2025-01-09 03:59:51,020 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-01-09 03:59:51,211 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product56.cil.c[16679,16692] [2025-01-09 03:59:51,223 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-01-09 03:59:51,230 INFO L200 MainTranslator]: Completed pre-run [2025-01-09 03:59:51,236 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] [2025-01-09 03:59:51,237 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [415] [2025-01-09 03:59:51,237 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [490] [2025-01-09 03:59:51,237 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [746] [2025-01-09 03:59:51,237 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [784] [2025-01-09 03:59:51,237 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [811] [2025-01-09 03:59:51,238 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [820] [2025-01-09 03:59:51,238 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [916] [2025-01-09 03:59:51,287 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product56.cil.c[16679,16692] [2025-01-09 03:59:51,294 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-01-09 03:59:51,310 INFO L204 MainTranslator]: Completed translation [2025-01-09 03:59:51,311 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51 WrapperNode [2025-01-09 03:59:51,311 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-01-09 03:59:51,312 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-01-09 03:59:51,312 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-01-09 03:59:51,312 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-01-09 03:59:51,317 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (1/1) ... [2025-01-09 03:59:51,331 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (1/1) ... [2025-01-09 03:59:51,349 INFO L138 Inliner]: procedures = 58, calls = 105, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 221 [2025-01-09 03:59:51,349 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-01-09 03:59:51,350 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-01-09 03:59:51,350 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-01-09 03:59:51,350 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-01-09 03:59:51,359 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (1/1) ... [2025-01-09 03:59:51,359 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (1/1) ... [2025-01-09 03:59:51,361 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (1/1) ... [2025-01-09 03:59:51,381 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-01-09 03:59:51,385 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (1/1) ... [2025-01-09 03:59:51,385 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (1/1) ... [2025-01-09 03:59:51,388 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (1/1) ... [2025-01-09 03:59:51,389 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (1/1) ... [2025-01-09 03:59:51,395 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (1/1) ... [2025-01-09 03:59:51,396 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (1/1) ... [2025-01-09 03:59:51,397 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (1/1) ... [2025-01-09 03:59:51,398 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-01-09 03:59:51,399 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2025-01-09 03:59:51,399 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2025-01-09 03:59:51,399 INFO L274 PluginConnector]: RCFGBuilder initialized [2025-01-09 03:59:51,400 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (1/1) ... [2025-01-09 03:59:51,405 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 03:59:51,421 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-01-09 03:59:51,432 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-01-09 03:59:51,440 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-01-09 03:59:51,478 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-01-09 03:59:51,481 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2025-01-09 03:59:51,482 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2025-01-09 03:59:51,482 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2025-01-09 03:59:51,482 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2025-01-09 03:59:51,482 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-01-09 03:59:51,482 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-01-09 03:59:51,482 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-01-09 03:59:51,482 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-01-09 03:59:51,482 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2025-01-09 03:59:51,482 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2025-01-09 03:59:51,482 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-01-09 03:59:51,482 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-01-09 03:59:51,482 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2025-01-09 03:59:51,482 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2025-01-09 03:59:51,482 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2025-01-09 03:59:51,482 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2025-01-09 03:59:51,482 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-01-09 03:59:51,482 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-01-09 03:59:51,482 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-01-09 03:59:51,482 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-01-09 03:59:51,483 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-01-09 03:59:51,582 INFO L234 CfgBuilder]: Building ICFG [2025-01-09 03:59:51,587 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2025-01-09 03:59:51,858 INFO L? ?]: Removed 49 outVars from TransFormulas that were not future-live. [2025-01-09 03:59:51,858 INFO L283 CfgBuilder]: Performing block encoding [2025-01-09 03:59:51,866 INFO L307 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-01-09 03:59:51,867 INFO L312 CfgBuilder]: Removed 2 assume(true) statements. [2025-01-09 03:59:51,867 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 03:59:51 BoogieIcfgContainer [2025-01-09 03:59:51,867 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2025-01-09 03:59:51,869 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-01-09 03:59:51,869 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-01-09 03:59:51,872 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-01-09 03:59:51,872 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 09.01 03:59:50" (1/3) ... [2025-01-09 03:59:51,872 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@6134d6cd and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.01 03:59:51, skipping insertion in model container [2025-01-09 03:59:51,873 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:51" (2/3) ... [2025-01-09 03:59:51,873 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@6134d6cd and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.01 03:59:51, skipping insertion in model container [2025-01-09 03:59:51,873 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 03:59:51" (3/3) ... [2025-01-09 03:59:51,874 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product56.cil.c [2025-01-09 03:59:51,884 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-01-09 03:59:51,885 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec1_product56.cil.c that has 10 procedures, 103 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-01-09 03:59:51,919 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-01-09 03:59:51,928 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@4979853a, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-01-09 03:59:51,928 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-01-09 03:59:51,931 INFO L276 IsEmpty]: Start isEmpty. Operand has 103 states, 75 states have (on average 1.36) internal successors, (102), 86 states have internal predecessors, (102), 17 states have call successors, (17), 9 states have call predecessors, (17), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) [2025-01-09 03:59:51,935 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2025-01-09 03:59:51,936 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:51,936 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:51,937 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:51,940 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:51,940 INFO L85 PathProgramCache]: Analyzing trace with hash -489424228, now seen corresponding path program 1 times [2025-01-09 03:59:51,945 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:51,945 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1965291238] [2025-01-09 03:59:51,946 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:51,946 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:51,993 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 23 statements into 1 equivalence classes. [2025-01-09 03:59:52,006 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 23 of 23 statements. [2025-01-09 03:59:52,006 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:52,006 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:52,042 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:52,042 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:52,043 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1965291238] [2025-01-09 03:59:52,043 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1965291238] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:52,043 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:52,043 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2025-01-09 03:59:52,044 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2139885870] [2025-01-09 03:59:52,044 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:52,047 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-01-09 03:59:52,047 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:52,058 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-01-09 03:59:52,058 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-01-09 03:59:52,060 INFO L87 Difference]: Start difference. First operand has 103 states, 75 states have (on average 1.36) internal successors, (102), 86 states have internal predecessors, (102), 17 states have call successors, (17), 9 states have call predecessors, (17), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) Second operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 03:59:52,079 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:52,079 INFO L93 Difference]: Finished difference Result 198 states and 267 transitions. [2025-01-09 03:59:52,080 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-01-09 03:59:52,081 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2025-01-09 03:59:52,081 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:52,087 INFO L225 Difference]: With dead ends: 198 [2025-01-09 03:59:52,087 INFO L226 Difference]: Without dead ends: 94 [2025-01-09 03:59:52,090 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-01-09 03:59:52,093 INFO L435 NwaCegarLoop]: 132 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 132 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:52,094 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 132 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 03:59:52,104 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 94 states. [2025-01-09 03:59:52,123 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 94 to 94. [2025-01-09 03:59:52,125 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 94 states, 68 states have (on average 1.3235294117647058) internal successors, (90), 78 states have internal predecessors, (90), 17 states have call successors, (17), 9 states have call predecessors, (17), 8 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2025-01-09 03:59:52,130 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 94 states to 94 states and 123 transitions. [2025-01-09 03:59:52,132 INFO L78 Accepts]: Start accepts. Automaton has 94 states and 123 transitions. Word has length 23 [2025-01-09 03:59:52,133 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:52,133 INFO L471 AbstractCegarLoop]: Abstraction has 94 states and 123 transitions. [2025-01-09 03:59:52,133 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 03:59:52,133 INFO L276 IsEmpty]: Start isEmpty. Operand 94 states and 123 transitions. [2025-01-09 03:59:52,134 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2025-01-09 03:59:52,136 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:52,136 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:52,136 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-01-09 03:59:52,136 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:52,137 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:52,138 INFO L85 PathProgramCache]: Analyzing trace with hash 499243080, now seen corresponding path program 1 times [2025-01-09 03:59:52,138 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:52,138 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1464910773] [2025-01-09 03:59:52,138 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:52,138 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:52,149 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 23 statements into 1 equivalence classes. [2025-01-09 03:59:52,158 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 23 of 23 statements. [2025-01-09 03:59:52,159 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:52,159 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:52,217 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:52,218 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:52,218 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1464910773] [2025-01-09 03:59:52,218 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1464910773] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:52,218 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:52,218 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-01-09 03:59:52,218 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [771465141] [2025-01-09 03:59:52,218 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:52,219 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-01-09 03:59:52,219 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:52,220 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-01-09 03:59:52,220 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 03:59:52,220 INFO L87 Difference]: Start difference. First operand 94 states and 123 transitions. Second operand has 3 states, 3 states have (on average 6.333333333333333) internal successors, (19), 3 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 03:59:52,232 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:52,232 INFO L93 Difference]: Finished difference Result 151 states and 197 transitions. [2025-01-09 03:59:52,233 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-01-09 03:59:52,233 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.333333333333333) internal successors, (19), 3 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2025-01-09 03:59:52,233 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:52,234 INFO L225 Difference]: With dead ends: 151 [2025-01-09 03:59:52,234 INFO L226 Difference]: Without dead ends: 86 [2025-01-09 03:59:52,235 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 03:59:52,235 INFO L435 NwaCegarLoop]: 111 mSDtfsCounter, 17 mSDsluCounter, 90 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 201 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:52,235 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 201 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 03:59:52,236 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 86 states. [2025-01-09 03:59:52,242 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 86 to 86. [2025-01-09 03:59:52,242 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 86 states, 63 states have (on average 1.3333333333333333) internal successors, (84), 73 states have internal predecessors, (84), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) [2025-01-09 03:59:52,243 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 86 states to 86 states and 112 transitions. [2025-01-09 03:59:52,243 INFO L78 Accepts]: Start accepts. Automaton has 86 states and 112 transitions. Word has length 23 [2025-01-09 03:59:52,244 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:52,244 INFO L471 AbstractCegarLoop]: Abstraction has 86 states and 112 transitions. [2025-01-09 03:59:52,244 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.333333333333333) internal successors, (19), 3 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 03:59:52,244 INFO L276 IsEmpty]: Start isEmpty. Operand 86 states and 112 transitions. [2025-01-09 03:59:52,244 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2025-01-09 03:59:52,244 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:52,245 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:52,245 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-01-09 03:59:52,245 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:52,245 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:52,245 INFO L85 PathProgramCache]: Analyzing trace with hash -334629490, now seen corresponding path program 1 times [2025-01-09 03:59:52,245 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:52,245 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [395049986] [2025-01-09 03:59:52,245 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:52,245 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:52,260 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 28 statements into 1 equivalence classes. [2025-01-09 03:59:52,275 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 28 of 28 statements. [2025-01-09 03:59:52,278 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:52,278 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:52,330 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:52,330 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:52,330 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [395049986] [2025-01-09 03:59:52,330 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [395049986] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:52,330 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:52,330 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-01-09 03:59:52,331 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1931301624] [2025-01-09 03:59:52,331 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:52,331 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-01-09 03:59:52,331 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:52,332 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-01-09 03:59:52,332 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 03:59:52,332 INFO L87 Difference]: Start difference. First operand 86 states and 112 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 03:59:52,369 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:52,369 INFO L93 Difference]: Finished difference Result 242 states and 321 transitions. [2025-01-09 03:59:52,370 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-01-09 03:59:52,370 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 28 [2025-01-09 03:59:52,370 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:52,371 INFO L225 Difference]: With dead ends: 242 [2025-01-09 03:59:52,371 INFO L226 Difference]: Without dead ends: 163 [2025-01-09 03:59:52,372 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 03:59:52,372 INFO L435 NwaCegarLoop]: 126 mSDtfsCounter, 91 mSDsluCounter, 100 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 91 SdHoareTripleChecker+Valid, 226 SdHoareTripleChecker+Invalid, 6 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:52,373 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [91 Valid, 226 Invalid, 6 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 03:59:52,373 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 163 states. [2025-01-09 03:59:52,389 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 163 to 160. [2025-01-09 03:59:52,389 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 160 states, 115 states have (on average 1.3565217391304347) internal successors, (156), 134 states have internal predecessors, (156), 28 states have call successors, (28), 16 states have call predecessors, (28), 16 states have return successors, (28), 17 states have call predecessors, (28), 28 states have call successors, (28) [2025-01-09 03:59:52,390 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 160 states to 160 states and 212 transitions. [2025-01-09 03:59:52,391 INFO L78 Accepts]: Start accepts. Automaton has 160 states and 212 transitions. Word has length 28 [2025-01-09 03:59:52,391 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:52,391 INFO L471 AbstractCegarLoop]: Abstraction has 160 states and 212 transitions. [2025-01-09 03:59:52,391 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 03:59:52,391 INFO L276 IsEmpty]: Start isEmpty. Operand 160 states and 212 transitions. [2025-01-09 03:59:52,392 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2025-01-09 03:59:52,392 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:52,392 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:52,392 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-01-09 03:59:52,392 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:52,393 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:52,393 INFO L85 PathProgramCache]: Analyzing trace with hash -119836574, now seen corresponding path program 1 times [2025-01-09 03:59:52,393 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:52,393 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1527780637] [2025-01-09 03:59:52,393 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:52,393 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:52,407 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 31 statements into 1 equivalence classes. [2025-01-09 03:59:52,421 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 31 of 31 statements. [2025-01-09 03:59:52,421 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:52,421 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:52,534 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:52,535 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:52,535 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1527780637] [2025-01-09 03:59:52,535 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1527780637] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:52,535 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:52,535 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-01-09 03:59:52,535 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [537578227] [2025-01-09 03:59:52,535 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:52,535 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-01-09 03:59:52,535 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:52,536 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-01-09 03:59:52,536 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 03:59:52,536 INFO L87 Difference]: Start difference. First operand 160 states and 212 transitions. Second operand has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 03:59:52,646 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:52,646 INFO L93 Difference]: Finished difference Result 402 states and 549 transitions. [2025-01-09 03:59:52,649 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-01-09 03:59:52,650 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 31 [2025-01-09 03:59:52,650 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:52,675 INFO L225 Difference]: With dead ends: 402 [2025-01-09 03:59:52,675 INFO L226 Difference]: Without dead ends: 249 [2025-01-09 03:59:52,676 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-01-09 03:59:52,677 INFO L435 NwaCegarLoop]: 111 mSDtfsCounter, 56 mSDsluCounter, 293 mSDsCounter, 0 mSdLazyCounter, 34 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 56 SdHoareTripleChecker+Valid, 404 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 34 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:52,677 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [56 Valid, 404 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 34 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-01-09 03:59:52,681 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 249 states. [2025-01-09 03:59:52,715 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 249 to 248. [2025-01-09 03:59:52,715 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 248 states, 181 states have (on average 1.3093922651933703) internal successors, (237), 198 states have internal predecessors, (237), 36 states have call successors, (36), 30 states have call predecessors, (36), 30 states have return successors, (48), 31 states have call predecessors, (48), 36 states have call successors, (48) [2025-01-09 03:59:52,720 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 248 states to 248 states and 321 transitions. [2025-01-09 03:59:52,720 INFO L78 Accepts]: Start accepts. Automaton has 248 states and 321 transitions. Word has length 31 [2025-01-09 03:59:52,721 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:52,721 INFO L471 AbstractCegarLoop]: Abstraction has 248 states and 321 transitions. [2025-01-09 03:59:52,721 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 03:59:52,721 INFO L276 IsEmpty]: Start isEmpty. Operand 248 states and 321 transitions. [2025-01-09 03:59:52,722 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2025-01-09 03:59:52,722 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:52,722 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:52,722 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-01-09 03:59:52,723 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:52,723 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:52,723 INFO L85 PathProgramCache]: Analyzing trace with hash -2056544790, now seen corresponding path program 1 times [2025-01-09 03:59:52,723 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:52,723 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [129191720] [2025-01-09 03:59:52,723 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:52,723 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:52,736 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 47 statements into 1 equivalence classes. [2025-01-09 03:59:52,745 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 47 of 47 statements. [2025-01-09 03:59:52,746 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:52,746 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:52,833 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:52,834 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:52,834 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [129191720] [2025-01-09 03:59:52,834 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [129191720] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:52,834 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:52,834 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-01-09 03:59:52,834 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1755351702] [2025-01-09 03:59:52,834 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:52,835 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-01-09 03:59:52,835 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:52,835 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-01-09 03:59:52,836 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 03:59:52,836 INFO L87 Difference]: Start difference. First operand 248 states and 321 transitions. Second operand has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2025-01-09 03:59:52,888 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:52,890 INFO L93 Difference]: Finished difference Result 497 states and 668 transitions. [2025-01-09 03:59:52,890 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-01-09 03:59:52,890 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 47 [2025-01-09 03:59:52,890 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:52,894 INFO L225 Difference]: With dead ends: 497 [2025-01-09 03:59:52,894 INFO L226 Difference]: Without dead ends: 256 [2025-01-09 03:59:52,895 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-01-09 03:59:52,896 INFO L435 NwaCegarLoop]: 122 mSDtfsCounter, 93 mSDsluCounter, 336 mSDsCounter, 0 mSdLazyCounter, 19 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 93 SdHoareTripleChecker+Valid, 458 SdHoareTripleChecker+Invalid, 21 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 19 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:52,898 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [93 Valid, 458 Invalid, 21 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 19 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 03:59:52,899 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 256 states. [2025-01-09 03:59:52,921 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 256 to 252. [2025-01-09 03:59:52,922 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 252 states, 185 states have (on average 1.3027027027027027) internal successors, (241), 202 states have internal predecessors, (241), 36 states have call successors, (36), 30 states have call predecessors, (36), 30 states have return successors, (48), 31 states have call predecessors, (48), 36 states have call successors, (48) [2025-01-09 03:59:52,923 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 252 states to 252 states and 325 transitions. [2025-01-09 03:59:52,924 INFO L78 Accepts]: Start accepts. Automaton has 252 states and 325 transitions. Word has length 47 [2025-01-09 03:59:52,924 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:52,924 INFO L471 AbstractCegarLoop]: Abstraction has 252 states and 325 transitions. [2025-01-09 03:59:52,924 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2025-01-09 03:59:52,924 INFO L276 IsEmpty]: Start isEmpty. Operand 252 states and 325 transitions. [2025-01-09 03:59:52,927 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2025-01-09 03:59:52,928 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:52,928 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:52,928 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-01-09 03:59:52,928 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:52,928 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:52,928 INFO L85 PathProgramCache]: Analyzing trace with hash -1238896340, now seen corresponding path program 1 times [2025-01-09 03:59:52,928 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:52,928 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [136414371] [2025-01-09 03:59:52,928 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:52,928 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:52,937 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 47 statements into 1 equivalence classes. [2025-01-09 03:59:52,942 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 47 of 47 statements. [2025-01-09 03:59:52,942 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:52,942 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:53,005 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:53,005 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:53,005 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [136414371] [2025-01-09 03:59:53,005 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [136414371] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:53,005 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:53,005 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-01-09 03:59:53,006 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1826267004] [2025-01-09 03:59:53,006 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:53,010 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-01-09 03:59:53,010 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:53,010 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-01-09 03:59:53,010 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 03:59:53,010 INFO L87 Difference]: Start difference. First operand 252 states and 325 transitions. Second operand has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2025-01-09 03:59:53,044 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:53,044 INFO L93 Difference]: Finished difference Result 503 states and 663 transitions. [2025-01-09 03:59:53,045 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-01-09 03:59:53,045 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 47 [2025-01-09 03:59:53,045 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:53,046 INFO L225 Difference]: With dead ends: 503 [2025-01-09 03:59:53,047 INFO L226 Difference]: Without dead ends: 258 [2025-01-09 03:59:53,047 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 03:59:53,048 INFO L435 NwaCegarLoop]: 109 mSDtfsCounter, 0 mSDsluCounter, 321 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 430 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:53,048 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 430 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 03:59:53,049 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 258 states. [2025-01-09 03:59:53,059 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 258 to 258. [2025-01-09 03:59:53,059 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 258 states, 191 states have (on average 1.293193717277487) internal successors, (247), 208 states have internal predecessors, (247), 36 states have call successors, (36), 30 states have call predecessors, (36), 30 states have return successors, (48), 31 states have call predecessors, (48), 36 states have call successors, (48) [2025-01-09 03:59:53,061 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 258 states to 258 states and 331 transitions. [2025-01-09 03:59:53,061 INFO L78 Accepts]: Start accepts. Automaton has 258 states and 331 transitions. Word has length 47 [2025-01-09 03:59:53,061 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:53,061 INFO L471 AbstractCegarLoop]: Abstraction has 258 states and 331 transitions. [2025-01-09 03:59:53,062 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2025-01-09 03:59:53,062 INFO L276 IsEmpty]: Start isEmpty. Operand 258 states and 331 transitions. [2025-01-09 03:59:53,062 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2025-01-09 03:59:53,062 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:53,063 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:53,063 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-01-09 03:59:53,063 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:53,063 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:53,063 INFO L85 PathProgramCache]: Analyzing trace with hash -1837690072, now seen corresponding path program 1 times [2025-01-09 03:59:53,063 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:53,063 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2127390762] [2025-01-09 03:59:53,063 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:53,064 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:53,069 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 47 statements into 1 equivalence classes. [2025-01-09 03:59:53,072 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 47 of 47 statements. [2025-01-09 03:59:53,072 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:53,072 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:53,136 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:53,136 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:53,136 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2127390762] [2025-01-09 03:59:53,136 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2127390762] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:53,136 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:53,136 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-01-09 03:59:53,136 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [484943712] [2025-01-09 03:59:53,136 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:53,137 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-01-09 03:59:53,137 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:53,137 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-01-09 03:59:53,137 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 03:59:53,137 INFO L87 Difference]: Start difference. First operand 258 states and 331 transitions. Second operand has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2025-01-09 03:59:53,284 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:53,284 INFO L93 Difference]: Finished difference Result 909 states and 1247 transitions. [2025-01-09 03:59:53,284 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-01-09 03:59:53,284 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 47 [2025-01-09 03:59:53,284 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:53,289 INFO L225 Difference]: With dead ends: 909 [2025-01-09 03:59:53,289 INFO L226 Difference]: Without dead ends: 658 [2025-01-09 03:59:53,291 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 03:59:53,292 INFO L435 NwaCegarLoop]: 212 mSDtfsCounter, 153 mSDsluCounter, 240 mSDsCounter, 0 mSdLazyCounter, 74 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 153 SdHoareTripleChecker+Valid, 452 SdHoareTripleChecker+Invalid, 83 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 74 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:53,293 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [153 Valid, 452 Invalid, 83 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 74 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-01-09 03:59:53,294 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 658 states. [2025-01-09 03:59:53,369 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 658 to 649. [2025-01-09 03:59:53,370 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 649 states, 476 states have (on average 1.2773109243697478) internal successors, (608), 508 states have internal predecessors, (608), 93 states have call successors, (93), 81 states have call predecessors, (93), 79 states have return successors, (154), 83 states have call predecessors, (154), 93 states have call successors, (154) [2025-01-09 03:59:53,375 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 649 states to 649 states and 855 transitions. [2025-01-09 03:59:53,376 INFO L78 Accepts]: Start accepts. Automaton has 649 states and 855 transitions. Word has length 47 [2025-01-09 03:59:53,377 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:53,377 INFO L471 AbstractCegarLoop]: Abstraction has 649 states and 855 transitions. [2025-01-09 03:59:53,377 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2025-01-09 03:59:53,377 INFO L276 IsEmpty]: Start isEmpty. Operand 649 states and 855 transitions. [2025-01-09 03:59:53,378 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2025-01-09 03:59:53,378 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:53,378 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:53,379 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-01-09 03:59:53,379 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:53,379 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:53,379 INFO L85 PathProgramCache]: Analyzing trace with hash -1981632306, now seen corresponding path program 1 times [2025-01-09 03:59:53,380 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:53,380 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1473676949] [2025-01-09 03:59:53,380 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:53,380 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:53,389 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 51 statements into 1 equivalence classes. [2025-01-09 03:59:53,396 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 51 of 51 statements. [2025-01-09 03:59:53,397 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:53,397 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 03:59:53,472 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 03:59:53,473 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 03:59:53,473 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1473676949] [2025-01-09 03:59:53,473 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1473676949] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 03:59:53,475 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 03:59:53,476 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-01-09 03:59:53,476 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1992844874] [2025-01-09 03:59:53,476 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 03:59:53,476 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-01-09 03:59:53,476 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 03:59:53,477 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-01-09 03:59:53,477 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-01-09 03:59:53,477 INFO L87 Difference]: Start difference. First operand 649 states and 855 transitions. Second operand has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2025-01-09 03:59:53,610 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 03:59:53,610 INFO L93 Difference]: Finished difference Result 1907 states and 2583 transitions. [2025-01-09 03:59:53,611 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-01-09 03:59:53,611 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 51 [2025-01-09 03:59:53,611 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 03:59:53,618 INFO L225 Difference]: With dead ends: 1907 [2025-01-09 03:59:53,618 INFO L226 Difference]: Without dead ends: 1265 [2025-01-09 03:59:53,621 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2025-01-09 03:59:53,622 INFO L435 NwaCegarLoop]: 110 mSDtfsCounter, 81 mSDsluCounter, 390 mSDsCounter, 0 mSdLazyCounter, 56 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 83 SdHoareTripleChecker+Valid, 500 SdHoareTripleChecker+Invalid, 60 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 56 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-01-09 03:59:53,622 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [83 Valid, 500 Invalid, 60 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 56 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-01-09 03:59:53,624 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1265 states. [2025-01-09 03:59:53,691 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1265 to 1265. [2025-01-09 03:59:53,693 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1265 states, 920 states have (on average 1.2543478260869565) internal successors, (1154), 983 states have internal predecessors, (1154), 186 states have call successors, (186), 162 states have call predecessors, (186), 158 states have return successors, (320), 166 states have call predecessors, (320), 186 states have call successors, (320) [2025-01-09 03:59:53,699 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1265 states to 1265 states and 1660 transitions. [2025-01-09 03:59:53,701 INFO L78 Accepts]: Start accepts. Automaton has 1265 states and 1660 transitions. Word has length 51 [2025-01-09 03:59:53,702 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 03:59:53,702 INFO L471 AbstractCegarLoop]: Abstraction has 1265 states and 1660 transitions. [2025-01-09 03:59:53,702 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2025-01-09 03:59:53,703 INFO L276 IsEmpty]: Start isEmpty. Operand 1265 states and 1660 transitions. [2025-01-09 03:59:53,704 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2025-01-09 03:59:53,705 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 03:59:53,705 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:53,705 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-01-09 03:59:53,705 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 03:59:53,705 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 03:59:53,705 INFO L85 PathProgramCache]: Analyzing trace with hash 1246109266, now seen corresponding path program 1 times [2025-01-09 03:59:53,706 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 03:59:53,706 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1996870913] [2025-01-09 03:59:53,706 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 03:59:53,706 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 03:59:53,713 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 55 statements into 1 equivalence classes. [2025-01-09 03:59:53,721 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 55 of 55 statements. [2025-01-09 03:59:53,723 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:53,723 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-01-09 03:59:53,723 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-01-09 03:59:53,727 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 55 statements into 1 equivalence classes. [2025-01-09 03:59:53,733 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 55 of 55 statements. [2025-01-09 03:59:53,734 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 03:59:53,734 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-01-09 03:59:53,757 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-01-09 03:59:53,758 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-01-09 03:59:53,758 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-01-09 03:59:53,760 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-01-09 03:59:53,763 INFO L422 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 03:59:53,810 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-01-09 03:59:53,816 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 09.01 03:59:53 BoogieIcfgContainer [2025-01-09 03:59:53,817 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-01-09 03:59:53,817 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-01-09 03:59:53,818 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-01-09 03:59:53,818 INFO L274 PluginConnector]: Witness Printer initialized [2025-01-09 03:59:53,818 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 03:59:51" (3/4) ... [2025-01-09 03:59:53,819 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-01-09 03:59:53,875 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 46. [2025-01-09 03:59:53,954 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-01-09 03:59:53,954 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.yml [2025-01-09 03:59:53,954 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-01-09 03:59:53,955 INFO L158 Benchmark]: Toolchain (without parser) took 2962.99ms. Allocated memory is still 201.3MB. Free memory was 157.4MB in the beginning and 168.6MB in the end (delta: -11.2MB). Peak memory consumption was 101.5MB. Max. memory is 16.1GB. [2025-01-09 03:59:53,955 INFO L158 Benchmark]: CDTParser took 0.19ms. Allocated memory is still 226.5MB. Free memory is still 139.7MB. There was no memory consumed. Max. memory is 16.1GB. [2025-01-09 03:59:53,955 INFO L158 Benchmark]: CACSL2BoogieTranslator took 318.77ms. Allocated memory is still 201.3MB. Free memory was 156.9MB in the beginning and 138.4MB in the end (delta: 18.5MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-01-09 03:59:53,955 INFO L158 Benchmark]: Boogie Procedure Inliner took 36.98ms. Allocated memory is still 201.3MB. Free memory was 138.4MB in the beginning and 136.3MB in the end (delta: 2.0MB). There was no memory consumed. Max. memory is 16.1GB. [2025-01-09 03:59:53,955 INFO L158 Benchmark]: Boogie Preprocessor took 48.49ms. Allocated memory is still 201.3MB. Free memory was 136.3MB in the beginning and 134.6MB in the end (delta: 1.7MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-01-09 03:59:53,956 INFO L158 Benchmark]: RCFGBuilder took 468.36ms. Allocated memory is still 201.3MB. Free memory was 134.1MB in the beginning and 116.4MB in the end (delta: 17.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-01-09 03:59:53,956 INFO L158 Benchmark]: TraceAbstraction took 1948.26ms. Allocated memory is still 201.3MB. Free memory was 115.8MB in the beginning and 68.3MB in the end (delta: 47.6MB). Peak memory consumption was 42.8MB. Max. memory is 16.1GB. [2025-01-09 03:59:53,956 INFO L158 Benchmark]: Witness Printer took 137.08ms. Allocated memory is still 201.3MB. Free memory was 68.3MB in the beginning and 168.6MB in the end (delta: -100.3MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-01-09 03:59:53,959 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.19ms. Allocated memory is still 226.5MB. Free memory is still 139.7MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 318.77ms. Allocated memory is still 201.3MB. Free memory was 156.9MB in the beginning and 138.4MB in the end (delta: 18.5MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 36.98ms. Allocated memory is still 201.3MB. Free memory was 138.4MB in the beginning and 136.3MB in the end (delta: 2.0MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 48.49ms. Allocated memory is still 201.3MB. Free memory was 136.3MB in the beginning and 134.6MB in the end (delta: 1.7MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * RCFGBuilder took 468.36ms. Allocated memory is still 201.3MB. Free memory was 134.1MB in the beginning and 116.4MB in the end (delta: 17.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 1948.26ms. Allocated memory is still 201.3MB. Free memory was 115.8MB in the beginning and 68.3MB in the end (delta: 47.6MB). Peak memory consumption was 42.8MB. Max. memory is 16.1GB. * Witness Printer took 137.08ms. Allocated memory is still 201.3MB. Free memory was 68.3MB in the beginning and 168.6MB in the end (delta: -100.3MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] - GenericResultAtLocation [Line: 415]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [415] - GenericResultAtLocation [Line: 490]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [490] - GenericResultAtLocation [Line: 746]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [746] - GenericResultAtLocation [Line: 784]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [784] - GenericResultAtLocation [Line: 811]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [811] - GenericResultAtLocation [Line: 820]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [820] - GenericResultAtLocation [Line: 916]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [916] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 816]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L219] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; [L500] int pumpRunning = 0; [L501] int systemActive = 1; [L821] int cleanupTimeShifts = 4; [L918] int waterLevel = 1; [L919] int methaneLevelCritical = 0; VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L894] int retValue_acc ; [L895] int tmp ; [L899] FCALL select_helpers() [L900] FCALL select_features() [L901] CALL, EXPR valid_product() [L776] int retValue_acc ; [L779] retValue_acc = 1 [L780] return (retValue_acc); VAL [\result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L901] RET, EXPR valid_product() [L901] tmp = valid_product() [L903] COND TRUE \read(tmp) [L905] FCALL setup() [L906] CALL runTest() [L888] CALL test() [L423] int splverifierCounter ; [L424] int tmp ; [L425] int tmp___0 ; [L426] int tmp___1 ; [L427] int tmp___2 ; [L430] splverifierCounter = 0 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L434] COND TRUE splverifierCounter < 4 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L440] tmp = __VERIFIER_nondet_int() [L442] COND TRUE \read(tmp) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L444] CALL waterRise() VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L936] COND TRUE waterLevel < 2 [L937] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L444] RET waterRise() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L450] tmp___0 = __VERIFIER_nondet_int() [L452] COND TRUE \read(tmp___0) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L454] CALL changeMethaneLevel() VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L948] COND FALSE !(\read(methaneLevelCritical)) [L951] methaneLevelCritical = 1 VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L454] RET changeMethaneLevel() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L460] tmp___2 = __VERIFIER_nondet_int() [L462] COND FALSE !(\read(tmp___2)) [L468] tmp___1 = __VERIFIER_nondet_int() [L470] COND FALSE !(\read(tmp___1)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L479] CALL timeShift() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L508] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L515] COND TRUE \read(systemActive) [L517] CALL processEnvironment() [L589] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L592] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L607] CALL processEnvironment__wrappee__lowWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L563] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L566] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L581] CALL processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L537] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L540] COND TRUE ! pumpRunning [L542] CALL, EXPR isHighWaterLevel() [L686] int retValue_acc ; [L687] int tmp ; [L688] int tmp___0 ; [L692] CALL, EXPR isHighWaterSensorDry() [L998] int retValue_acc ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L1001] COND FALSE !(waterLevel < 2) [L1005] retValue_acc = 0 [L1006] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L692] RET, EXPR isHighWaterSensorDry() [L692] tmp = isHighWaterSensorDry() [L694] COND FALSE !(\read(tmp)) [L697] tmp___0 = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L699] retValue_acc = tmp___0 [L700] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L542] RET, EXPR isHighWaterLevel() [L542] tmp = isHighWaterLevel() [L544] COND TRUE \read(tmp) [L546] CALL activatePump() [L617] pumpRunning = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L546] RET activatePump() [L581] RET processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L607] RET processEnvironment__wrappee__lowWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L517] RET processEnvironment() [L523] CALL __utac_acc__Specification1_spec__1() [L787] int tmp ; [L788] int tmp___0 ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L792] CALL, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L957] int retValue_acc ; [L960] retValue_acc = methaneLevelCritical [L961] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L792] RET, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L792] tmp = isMethaneLevelCritical() [L794] COND TRUE \read(tmp) [L796] CALL, EXPR isPumpRunning() [L641] int retValue_acc ; [L644] retValue_acc = pumpRunning [L645] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L796] RET, EXPR isPumpRunning() [L796] tmp___0 = isPumpRunning() [L798] COND TRUE \read(tmp___0) [L800] CALL __automaton_fail() [L816] reach_error() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 103 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 1.9s, OverallIterations: 9, TraceHistogramMax: 1, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.7s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 497 SdHoareTripleChecker+Valid, 0.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 491 mSDsluCounter, 2803 SdHoareTripleChecker+Invalid, 0.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1770 mSDsCounter, 28 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 205 IncrementalHoareTripleChecker+Invalid, 233 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 28 mSolverCounterUnsat, 1033 mSDtfsCounter, 205 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 44 GetRequests, 20 SyntacticMatches, 0 SemanticMatches, 24 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5 ImplicationChecksByTransitivity, 0.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1265occurred in iteration=8, InterpolantAutomatonStates: 36, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 8 MinimizatonAttempts, 17 StatesRemovedByMinimization, 4 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 0.5s InterpolantComputationTime, 352 NumberOfCodeBlocks, 352 NumberOfCodeBlocksAsserted, 9 NumberOfCheckSat, 289 ConstructedInterpolants, 0 QuantifiedInterpolants, 543 SizeOfPredicates, 0 NumberOfNonLiveVariables, 0 ConjunctsInSsa, 0 ConjunctsInUnsatCore, 8 InterpolantComputations, 8 PerfectInterpolantSequences, 0/0 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-01-09 03:59:53,978 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE