./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec4_product38.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 551b0097 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec4_product38.cil.c -s /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash dfe9857e69a888cdbad1416d1b07f69e8062222f8bcfc0bd9dc9f4a773a0fc6f --- Real Ultimate output --- This is Ultimate 0.3.0-?-551b009-m [2025-01-09 04:02:08,486 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-01-09 04:02:08,519 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-01-09 04:02:08,526 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-01-09 04:02:08,526 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-01-09 04:02:08,539 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-01-09 04:02:08,540 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-01-09 04:02:08,540 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-01-09 04:02:08,540 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-01-09 04:02:08,540 INFO L153 SettingsManager]: * Use memory slicer=true [2025-01-09 04:02:08,540 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-01-09 04:02:08,540 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-01-09 04:02:08,540 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-01-09 04:02:08,540 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-01-09 04:02:08,541 INFO L153 SettingsManager]: * Use SBE=true [2025-01-09 04:02:08,541 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-01-09 04:02:08,541 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-01-09 04:02:08,541 INFO L153 SettingsManager]: * sizeof long=4 [2025-01-09 04:02:08,541 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-01-09 04:02:08,541 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-01-09 04:02:08,541 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-01-09 04:02:08,541 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-01-09 04:02:08,541 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-01-09 04:02:08,541 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-01-09 04:02:08,541 INFO L153 SettingsManager]: * sizeof long double=12 [2025-01-09 04:02:08,542 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-01-09 04:02:08,542 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-01-09 04:02:08,542 INFO L153 SettingsManager]: * Use constant arrays=true [2025-01-09 04:02:08,542 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-01-09 04:02:08,542 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-01-09 04:02:08,542 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-01-09 04:02:08,542 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-01-09 04:02:08,542 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 04:02:08,542 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2025-01-09 04:02:08,542 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-01-09 04:02:08,542 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-01-09 04:02:08,542 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-01-09 04:02:08,542 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 04:02:08,542 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-01-09 04:02:08,542 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-01-09 04:02:08,543 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-01-09 04:02:08,543 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-01-09 04:02:08,543 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-01-09 04:02:08,543 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-01-09 04:02:08,543 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-01-09 04:02:08,543 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-01-09 04:02:08,543 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-01-09 04:02:08,543 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-01-09 04:02:08,543 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> dfe9857e69a888cdbad1416d1b07f69e8062222f8bcfc0bd9dc9f4a773a0fc6f [2025-01-09 04:02:08,725 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-01-09 04:02:08,731 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-01-09 04:02:08,733 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-01-09 04:02:08,733 INFO L270 PluginConnector]: Initializing CDTParser... [2025-01-09 04:02:08,734 INFO L274 PluginConnector]: CDTParser initialized [2025-01-09 04:02:08,734 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec4_product38.cil.c [2025-01-09 04:02:09,943 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/4b858196c/6b0713fb7b474dc3b5cd1fa02bc04c03/FLAG73ec14683 [2025-01-09 04:02:10,240 INFO L384 CDTParser]: Found 1 translation units. [2025-01-09 04:02:10,241 INFO L180 CDTParser]: Scanning /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product38.cil.c [2025-01-09 04:02:10,252 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/4b858196c/6b0713fb7b474dc3b5cd1fa02bc04c03/FLAG73ec14683 [2025-01-09 04:02:10,537 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/4b858196c/6b0713fb7b474dc3b5cd1fa02bc04c03 [2025-01-09 04:02:10,543 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-01-09 04:02:10,544 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-01-09 04:02:10,545 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-01-09 04:02:10,547 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-01-09 04:02:10,551 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-01-09 04:02:10,552 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.01 04:02:10" (1/1) ... [2025-01-09 04:02:10,553 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@294a2e42 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:10, skipping insertion in model container [2025-01-09 04:02:10,553 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.01 04:02:10" (1/1) ... [2025-01-09 04:02:10,579 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-01-09 04:02:10,724 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product38.cil.c[4301,4314] [2025-01-09 04:02:10,789 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-01-09 04:02:10,798 INFO L200 MainTranslator]: Completed pre-run [2025-01-09 04:02:10,804 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] [2025-01-09 04:02:10,805 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [153] [2025-01-09 04:02:10,805 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [252] [2025-01-09 04:02:10,805 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification4_spec.i","") [261] [2025-01-09 04:02:10,806 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [288] [2025-01-09 04:02:10,806 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [356] [2025-01-09 04:02:10,806 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [544] [2025-01-09 04:02:10,807 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [910] [2025-01-09 04:02:10,817 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product38.cil.c[4301,4314] [2025-01-09 04:02:10,839 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-01-09 04:02:10,859 INFO L204 MainTranslator]: Completed translation [2025-01-09 04:02:10,861 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:10 WrapperNode [2025-01-09 04:02:10,861 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-01-09 04:02:10,862 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-01-09 04:02:10,862 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-01-09 04:02:10,862 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-01-09 04:02:10,866 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:10" (1/1) ... [2025-01-09 04:02:10,873 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:10" (1/1) ... [2025-01-09 04:02:10,886 INFO L138 Inliner]: procedures = 54, calls = 98, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 198 [2025-01-09 04:02:10,887 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-01-09 04:02:10,887 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-01-09 04:02:10,887 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-01-09 04:02:10,887 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-01-09 04:02:10,893 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:10" (1/1) ... [2025-01-09 04:02:10,894 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:10" (1/1) ... [2025-01-09 04:02:10,895 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:10" (1/1) ... [2025-01-09 04:02:10,902 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-01-09 04:02:10,902 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:10" (1/1) ... [2025-01-09 04:02:10,902 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:10" (1/1) ... [2025-01-09 04:02:10,904 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:10" (1/1) ... [2025-01-09 04:02:10,905 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:10" (1/1) ... [2025-01-09 04:02:10,907 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:10" (1/1) ... [2025-01-09 04:02:10,908 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:10" (1/1) ... [2025-01-09 04:02:10,908 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:10" (1/1) ... [2025-01-09 04:02:10,909 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-01-09 04:02:10,910 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2025-01-09 04:02:10,910 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2025-01-09 04:02:10,910 INFO L274 PluginConnector]: RCFGBuilder initialized [2025-01-09 04:02:10,910 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:10" (1/1) ... [2025-01-09 04:02:10,913 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 04:02:10,922 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-01-09 04:02:10,939 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-01-09 04:02:10,941 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-01-09 04:02:10,956 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-01-09 04:02:10,956 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2025-01-09 04:02:10,956 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2025-01-09 04:02:10,956 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-01-09 04:02:10,956 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-01-09 04:02:10,956 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-01-09 04:02:10,956 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-01-09 04:02:10,956 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2025-01-09 04:02:10,956 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2025-01-09 04:02:10,956 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-01-09 04:02:10,956 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-01-09 04:02:10,956 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-01-09 04:02:10,956 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-01-09 04:02:10,957 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-01-09 04:02:10,957 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-01-09 04:02:10,957 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-01-09 04:02:11,005 INFO L234 CfgBuilder]: Building ICFG [2025-01-09 04:02:11,006 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2025-01-09 04:02:11,245 INFO L? ?]: Removed 43 outVars from TransFormulas that were not future-live. [2025-01-09 04:02:11,245 INFO L283 CfgBuilder]: Performing block encoding [2025-01-09 04:02:11,257 INFO L307 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-01-09 04:02:11,257 INFO L312 CfgBuilder]: Removed 2 assume(true) statements. [2025-01-09 04:02:11,257 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 04:02:11 BoogieIcfgContainer [2025-01-09 04:02:11,257 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2025-01-09 04:02:11,260 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-01-09 04:02:11,260 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-01-09 04:02:11,264 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-01-09 04:02:11,264 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 09.01 04:02:10" (1/3) ... [2025-01-09 04:02:11,264 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7c2e0a38 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.01 04:02:11, skipping insertion in model container [2025-01-09 04:02:11,264 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:10" (2/3) ... [2025-01-09 04:02:11,264 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7c2e0a38 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.01 04:02:11, skipping insertion in model container [2025-01-09 04:02:11,264 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 04:02:11" (3/3) ... [2025-01-09 04:02:11,265 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec4_product38.cil.c [2025-01-09 04:02:11,281 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-01-09 04:02:11,282 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec4_product38.cil.c that has 7 procedures, 79 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-01-09 04:02:11,335 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-01-09 04:02:11,345 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@5f24a8, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-01-09 04:02:11,345 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-01-09 04:02:11,348 INFO L276 IsEmpty]: Start isEmpty. Operand has 79 states, 61 states have (on average 1.3770491803278688) internal successors, (84), 69 states have internal predecessors, (84), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 8 states have call predecessors, (10), 10 states have call successors, (10) [2025-01-09 04:02:11,353 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2025-01-09 04:02:11,354 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:11,354 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:11,354 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:11,359 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:11,360 INFO L85 PathProgramCache]: Analyzing trace with hash 1026629236, now seen corresponding path program 1 times [2025-01-09 04:02:11,365 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:11,366 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [888419354] [2025-01-09 04:02:11,366 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:11,367 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:11,424 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 19 statements into 1 equivalence classes. [2025-01-09 04:02:11,439 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 19 of 19 statements. [2025-01-09 04:02:11,439 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:11,439 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:11,523 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:11,524 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:11,524 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [888419354] [2025-01-09 04:02:11,524 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [888419354] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:11,524 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:11,525 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-01-09 04:02:11,526 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1332429892] [2025-01-09 04:02:11,527 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:11,529 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-01-09 04:02:11,529 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:11,540 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-01-09 04:02:11,540 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:02:11,542 INFO L87 Difference]: Start difference. First operand has 79 states, 61 states have (on average 1.3770491803278688) internal successors, (84), 69 states have internal predecessors, (84), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 8 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-01-09 04:02:11,560 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:11,560 INFO L93 Difference]: Finished difference Result 138 states and 184 transitions. [2025-01-09 04:02:11,561 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-01-09 04:02:11,562 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 19 [2025-01-09 04:02:11,562 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:11,566 INFO L225 Difference]: With dead ends: 138 [2025-01-09 04:02:11,566 INFO L226 Difference]: Without dead ends: 62 [2025-01-09 04:02:11,568 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:02:11,570 INFO L435 NwaCegarLoop]: 83 mSDtfsCounter, 13 mSDsluCounter, 67 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 150 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:11,570 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [16 Valid, 150 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:11,579 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 62 states. [2025-01-09 04:02:11,589 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 62 to 62. [2025-01-09 04:02:11,590 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 62 states, 49 states have (on average 1.346938775510204) internal successors, (66), 56 states have internal predecessors, (66), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 5 states have call predecessors, (7), 7 states have call successors, (7) [2025-01-09 04:02:11,593 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 62 states to 62 states and 80 transitions. [2025-01-09 04:02:11,594 INFO L78 Accepts]: Start accepts. Automaton has 62 states and 80 transitions. Word has length 19 [2025-01-09 04:02:11,594 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:11,594 INFO L471 AbstractCegarLoop]: Abstraction has 62 states and 80 transitions. [2025-01-09 04:02:11,594 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-01-09 04:02:11,595 INFO L276 IsEmpty]: Start isEmpty. Operand 62 states and 80 transitions. [2025-01-09 04:02:11,595 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2025-01-09 04:02:11,596 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:11,596 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:11,596 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-01-09 04:02:11,596 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:11,596 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:11,597 INFO L85 PathProgramCache]: Analyzing trace with hash -408930962, now seen corresponding path program 1 times [2025-01-09 04:02:11,597 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:11,597 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1816712049] [2025-01-09 04:02:11,597 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:11,597 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:11,605 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 24 statements into 1 equivalence classes. [2025-01-09 04:02:11,613 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 24 of 24 statements. [2025-01-09 04:02:11,613 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:11,613 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:11,751 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:11,751 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:11,751 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1816712049] [2025-01-09 04:02:11,751 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1816712049] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:11,751 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:11,751 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-01-09 04:02:11,751 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1685309132] [2025-01-09 04:02:11,751 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:11,752 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-01-09 04:02:11,752 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:11,753 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-01-09 04:02:11,753 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 04:02:11,753 INFO L87 Difference]: Start difference. First operand 62 states and 80 transitions. Second operand has 5 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-01-09 04:02:11,786 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:11,786 INFO L93 Difference]: Finished difference Result 117 states and 154 transitions. [2025-01-09 04:02:11,786 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-01-09 04:02:11,787 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 24 [2025-01-09 04:02:11,787 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:11,787 INFO L225 Difference]: With dead ends: 117 [2025-01-09 04:02:11,787 INFO L226 Difference]: Without dead ends: 62 [2025-01-09 04:02:11,788 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-01-09 04:02:11,788 INFO L435 NwaCegarLoop]: 76 mSDtfsCounter, 74 mSDsluCounter, 150 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 74 SdHoareTripleChecker+Valid, 226 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:11,789 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [74 Valid, 226 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:11,789 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 62 states. [2025-01-09 04:02:11,794 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 62 to 62. [2025-01-09 04:02:11,794 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 62 states, 49 states have (on average 1.3265306122448979) internal successors, (65), 56 states have internal predecessors, (65), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 5 states have call predecessors, (7), 7 states have call successors, (7) [2025-01-09 04:02:11,795 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 62 states to 62 states and 79 transitions. [2025-01-09 04:02:11,795 INFO L78 Accepts]: Start accepts. Automaton has 62 states and 79 transitions. Word has length 24 [2025-01-09 04:02:11,795 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:11,795 INFO L471 AbstractCegarLoop]: Abstraction has 62 states and 79 transitions. [2025-01-09 04:02:11,796 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-01-09 04:02:11,796 INFO L276 IsEmpty]: Start isEmpty. Operand 62 states and 79 transitions. [2025-01-09 04:02:11,796 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2025-01-09 04:02:11,797 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:11,797 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:11,797 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-01-09 04:02:11,797 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:11,797 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:11,797 INFO L85 PathProgramCache]: Analyzing trace with hash -1161307611, now seen corresponding path program 1 times [2025-01-09 04:02:11,798 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:11,798 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1226208553] [2025-01-09 04:02:11,798 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:11,798 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:11,807 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 30 statements into 1 equivalence classes. [2025-01-09 04:02:11,813 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 30 of 30 statements. [2025-01-09 04:02:11,813 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:11,813 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:11,858 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:11,859 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:11,859 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1226208553] [2025-01-09 04:02:11,859 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1226208553] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:11,859 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:11,859 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-01-09 04:02:11,859 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [479013181] [2025-01-09 04:02:11,859 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:11,859 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-01-09 04:02:11,859 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:11,859 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-01-09 04:02:11,860 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:02:11,860 INFO L87 Difference]: Start difference. First operand 62 states and 79 transitions. Second operand has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-01-09 04:02:11,903 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:11,903 INFO L93 Difference]: Finished difference Result 155 states and 204 transitions. [2025-01-09 04:02:11,905 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-01-09 04:02:11,905 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 30 [2025-01-09 04:02:11,905 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:11,906 INFO L225 Difference]: With dead ends: 155 [2025-01-09 04:02:11,906 INFO L226 Difference]: Without dead ends: 100 [2025-01-09 04:02:11,907 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:02:11,907 INFO L435 NwaCegarLoop]: 90 mSDtfsCounter, 62 mSDsluCounter, 51 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 62 SdHoareTripleChecker+Valid, 141 SdHoareTripleChecker+Invalid, 15 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:11,908 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [62 Valid, 141 Invalid, 15 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:11,908 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 100 states. [2025-01-09 04:02:11,923 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 100 to 98. [2025-01-09 04:02:11,923 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 98 states, 77 states have (on average 1.3116883116883118) internal successors, (101), 84 states have internal predecessors, (101), 10 states have call successors, (10), 10 states have call predecessors, (10), 10 states have return successors, (14), 10 states have call predecessors, (14), 10 states have call successors, (14) [2025-01-09 04:02:11,925 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 98 states to 98 states and 125 transitions. [2025-01-09 04:02:11,925 INFO L78 Accepts]: Start accepts. Automaton has 98 states and 125 transitions. Word has length 30 [2025-01-09 04:02:11,925 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:11,925 INFO L471 AbstractCegarLoop]: Abstraction has 98 states and 125 transitions. [2025-01-09 04:02:11,925 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-01-09 04:02:11,925 INFO L276 IsEmpty]: Start isEmpty. Operand 98 states and 125 transitions. [2025-01-09 04:02:11,926 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2025-01-09 04:02:11,926 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:11,926 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:11,926 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-01-09 04:02:11,927 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:11,927 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:11,927 INFO L85 PathProgramCache]: Analyzing trace with hash -2122164560, now seen corresponding path program 1 times [2025-01-09 04:02:11,927 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:11,927 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2089062170] [2025-01-09 04:02:11,927 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:11,927 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:11,958 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 38 statements into 1 equivalence classes. [2025-01-09 04:02:11,965 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 38 of 38 statements. [2025-01-09 04:02:11,965 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:11,965 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:12,021 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:12,021 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:12,021 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2089062170] [2025-01-09 04:02:12,021 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2089062170] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:12,021 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:12,021 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-01-09 04:02:12,022 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [441244621] [2025-01-09 04:02:12,022 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:12,022 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-01-09 04:02:12,022 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:12,023 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-01-09 04:02:12,023 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 04:02:12,023 INFO L87 Difference]: Start difference. First operand 98 states and 125 transitions. Second operand has 5 states, 5 states have (on average 7.0) internal successors, (35), 5 states have internal predecessors, (35), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 04:02:12,062 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:12,063 INFO L93 Difference]: Finished difference Result 192 states and 251 transitions. [2025-01-09 04:02:12,063 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-01-09 04:02:12,063 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.0) internal successors, (35), 5 states have internal predecessors, (35), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 38 [2025-01-09 04:02:12,063 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:12,064 INFO L225 Difference]: With dead ends: 192 [2025-01-09 04:02:12,064 INFO L226 Difference]: Without dead ends: 101 [2025-01-09 04:02:12,065 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 04:02:12,066 INFO L435 NwaCegarLoop]: 76 mSDtfsCounter, 0 mSDsluCounter, 222 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 298 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:12,066 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 298 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:12,067 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 101 states. [2025-01-09 04:02:12,075 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 101 to 101. [2025-01-09 04:02:12,076 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 101 states, 80 states have (on average 1.3) internal successors, (104), 87 states have internal predecessors, (104), 10 states have call successors, (10), 10 states have call predecessors, (10), 10 states have return successors, (14), 10 states have call predecessors, (14), 10 states have call successors, (14) [2025-01-09 04:02:12,077 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 101 states to 101 states and 128 transitions. [2025-01-09 04:02:12,080 INFO L78 Accepts]: Start accepts. Automaton has 101 states and 128 transitions. Word has length 38 [2025-01-09 04:02:12,080 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:12,080 INFO L471 AbstractCegarLoop]: Abstraction has 101 states and 128 transitions. [2025-01-09 04:02:12,081 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.0) internal successors, (35), 5 states have internal predecessors, (35), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 04:02:12,081 INFO L276 IsEmpty]: Start isEmpty. Operand 101 states and 128 transitions. [2025-01-09 04:02:12,081 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2025-01-09 04:02:12,082 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:12,082 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:12,082 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-01-09 04:02:12,082 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:12,082 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:12,082 INFO L85 PathProgramCache]: Analyzing trace with hash 1161685486, now seen corresponding path program 1 times [2025-01-09 04:02:12,082 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:12,082 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [214977005] [2025-01-09 04:02:12,083 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:12,084 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:12,090 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 38 statements into 1 equivalence classes. [2025-01-09 04:02:12,096 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 38 of 38 statements. [2025-01-09 04:02:12,099 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:12,099 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:12,161 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:12,161 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:12,161 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [214977005] [2025-01-09 04:02:12,161 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [214977005] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:12,161 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:12,161 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-01-09 04:02:12,161 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [234047750] [2025-01-09 04:02:12,161 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:12,162 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-01-09 04:02:12,162 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:12,162 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-01-09 04:02:12,162 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 04:02:12,162 INFO L87 Difference]: Start difference. First operand 101 states and 128 transitions. Second operand has 4 states, 4 states have (on average 8.75) internal successors, (35), 4 states have internal predecessors, (35), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 04:02:12,183 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:12,184 INFO L93 Difference]: Finished difference Result 197 states and 260 transitions. [2025-01-09 04:02:12,184 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-01-09 04:02:12,184 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 8.75) internal successors, (35), 4 states have internal predecessors, (35), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 38 [2025-01-09 04:02:12,184 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:12,185 INFO L225 Difference]: With dead ends: 197 [2025-01-09 04:02:12,185 INFO L226 Difference]: Without dead ends: 103 [2025-01-09 04:02:12,186 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 04:02:12,186 INFO L435 NwaCegarLoop]: 77 mSDtfsCounter, 0 mSDsluCounter, 148 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 225 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:12,186 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 225 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:12,187 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 103 states. [2025-01-09 04:02:12,193 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 103 to 103. [2025-01-09 04:02:12,193 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 103 states, 82 states have (on average 1.2926829268292683) internal successors, (106), 89 states have internal predecessors, (106), 10 states have call successors, (10), 10 states have call predecessors, (10), 10 states have return successors, (14), 10 states have call predecessors, (14), 10 states have call successors, (14) [2025-01-09 04:02:12,194 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 103 states to 103 states and 130 transitions. [2025-01-09 04:02:12,194 INFO L78 Accepts]: Start accepts. Automaton has 103 states and 130 transitions. Word has length 38 [2025-01-09 04:02:12,194 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:12,195 INFO L471 AbstractCegarLoop]: Abstraction has 103 states and 130 transitions. [2025-01-09 04:02:12,195 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 8.75) internal successors, (35), 4 states have internal predecessors, (35), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 04:02:12,195 INFO L276 IsEmpty]: Start isEmpty. Operand 103 states and 130 transitions. [2025-01-09 04:02:12,195 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2025-01-09 04:02:12,196 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:12,196 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:12,196 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-01-09 04:02:12,196 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:12,196 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:12,196 INFO L85 PathProgramCache]: Analyzing trace with hash 140617132, now seen corresponding path program 1 times [2025-01-09 04:02:12,196 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:12,196 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [966210152] [2025-01-09 04:02:12,197 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:12,197 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:12,205 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 38 statements into 1 equivalence classes. [2025-01-09 04:02:12,214 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 38 of 38 statements. [2025-01-09 04:02:12,214 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:12,214 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:12,288 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:12,290 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:12,290 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [966210152] [2025-01-09 04:02:12,290 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [966210152] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:12,290 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:12,290 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-01-09 04:02:12,290 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [822293828] [2025-01-09 04:02:12,290 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:12,290 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-01-09 04:02:12,290 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:12,291 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-01-09 04:02:12,292 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 04:02:12,292 INFO L87 Difference]: Start difference. First operand 103 states and 130 transitions. Second operand has 4 states, 4 states have (on average 8.75) internal successors, (35), 4 states have internal predecessors, (35), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 04:02:12,379 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:12,380 INFO L93 Difference]: Finished difference Result 333 states and 438 transitions. [2025-01-09 04:02:12,380 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-01-09 04:02:12,380 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 8.75) internal successors, (35), 4 states have internal predecessors, (35), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 38 [2025-01-09 04:02:12,380 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:12,382 INFO L225 Difference]: With dead ends: 333 [2025-01-09 04:02:12,382 INFO L226 Difference]: Without dead ends: 237 [2025-01-09 04:02:12,383 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 04:02:12,383 INFO L435 NwaCegarLoop]: 133 mSDtfsCounter, 104 mSDsluCounter, 124 mSDsCounter, 0 mSdLazyCounter, 47 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 104 SdHoareTripleChecker+Valid, 257 SdHoareTripleChecker+Invalid, 52 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 47 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:12,383 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [104 Valid, 257 Invalid, 52 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 47 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-01-09 04:02:12,384 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 237 states. [2025-01-09 04:02:12,402 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 237 to 228. [2025-01-09 04:02:12,402 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 228 states, 180 states have (on average 1.2777777777777777) internal successors, (230), 193 states have internal predecessors, (230), 23 states have call successors, (23), 23 states have call predecessors, (23), 24 states have return successors, (41), 24 states have call predecessors, (41), 23 states have call successors, (41) [2025-01-09 04:02:12,404 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 228 states to 228 states and 294 transitions. [2025-01-09 04:02:12,404 INFO L78 Accepts]: Start accepts. Automaton has 228 states and 294 transitions. Word has length 38 [2025-01-09 04:02:12,404 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:12,404 INFO L471 AbstractCegarLoop]: Abstraction has 228 states and 294 transitions. [2025-01-09 04:02:12,404 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 8.75) internal successors, (35), 4 states have internal predecessors, (35), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 04:02:12,404 INFO L276 IsEmpty]: Start isEmpty. Operand 228 states and 294 transitions. [2025-01-09 04:02:12,405 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2025-01-09 04:02:12,405 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:12,405 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:12,405 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-01-09 04:02:12,405 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:12,406 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:12,406 INFO L85 PathProgramCache]: Analyzing trace with hash 1554130484, now seen corresponding path program 1 times [2025-01-09 04:02:12,406 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:12,406 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2034723339] [2025-01-09 04:02:12,406 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:12,406 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:12,412 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 40 statements into 1 equivalence classes. [2025-01-09 04:02:12,418 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 40 of 40 statements. [2025-01-09 04:02:12,418 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:12,418 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:12,521 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:12,521 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:12,521 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2034723339] [2025-01-09 04:02:12,521 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2034723339] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:12,521 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:12,521 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-01-09 04:02:12,522 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [917873478] [2025-01-09 04:02:12,522 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:12,522 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-01-09 04:02:12,522 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:12,522 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-01-09 04:02:12,523 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 04:02:12,523 INFO L87 Difference]: Start difference. First operand 228 states and 294 transitions. Second operand has 5 states, 5 states have (on average 7.0) internal successors, (35), 5 states have internal predecessors, (35), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2025-01-09 04:02:12,579 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:12,579 INFO L93 Difference]: Finished difference Result 447 states and 579 transitions. [2025-01-09 04:02:12,580 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-01-09 04:02:12,580 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.0) internal successors, (35), 5 states have internal predecessors, (35), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 40 [2025-01-09 04:02:12,581 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:12,582 INFO L225 Difference]: With dead ends: 447 [2025-01-09 04:02:12,582 INFO L226 Difference]: Without dead ends: 226 [2025-01-09 04:02:12,583 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-01-09 04:02:12,583 INFO L435 NwaCegarLoop]: 74 mSDtfsCounter, 30 mSDsluCounter, 211 mSDsCounter, 0 mSdLazyCounter, 24 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 30 SdHoareTripleChecker+Valid, 285 SdHoareTripleChecker+Invalid, 24 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 24 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:12,583 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [30 Valid, 285 Invalid, 24 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 24 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:12,584 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 226 states. [2025-01-09 04:02:12,598 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 226 to 226. [2025-01-09 04:02:12,598 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 226 states, 178 states have (on average 1.2696629213483146) internal successors, (226), 191 states have internal predecessors, (226), 23 states have call successors, (23), 23 states have call predecessors, (23), 24 states have return successors, (41), 24 states have call predecessors, (41), 23 states have call successors, (41) [2025-01-09 04:02:12,599 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 226 states to 226 states and 290 transitions. [2025-01-09 04:02:12,600 INFO L78 Accepts]: Start accepts. Automaton has 226 states and 290 transitions. Word has length 40 [2025-01-09 04:02:12,600 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:12,600 INFO L471 AbstractCegarLoop]: Abstraction has 226 states and 290 transitions. [2025-01-09 04:02:12,600 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.0) internal successors, (35), 5 states have internal predecessors, (35), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2025-01-09 04:02:12,600 INFO L276 IsEmpty]: Start isEmpty. Operand 226 states and 290 transitions. [2025-01-09 04:02:12,601 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2025-01-09 04:02:12,601 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:12,601 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:12,601 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-01-09 04:02:12,601 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:12,602 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:12,602 INFO L85 PathProgramCache]: Analyzing trace with hash 1965249862, now seen corresponding path program 1 times [2025-01-09 04:02:12,602 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:12,602 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [233543880] [2025-01-09 04:02:12,602 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:12,602 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:12,607 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 42 statements into 1 equivalence classes. [2025-01-09 04:02:12,611 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 42 of 42 statements. [2025-01-09 04:02:12,611 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:12,611 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:12,716 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:12,717 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:12,717 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [233543880] [2025-01-09 04:02:12,717 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [233543880] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:12,717 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:12,717 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-01-09 04:02:12,717 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1873205521] [2025-01-09 04:02:12,719 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:12,719 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-01-09 04:02:12,719 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:12,720 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-01-09 04:02:12,720 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 04:02:12,720 INFO L87 Difference]: Start difference. First operand 226 states and 290 transitions. Second operand has 5 states, 5 states have (on average 7.4) internal successors, (37), 5 states have internal predecessors, (37), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2025-01-09 04:02:12,775 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:12,775 INFO L93 Difference]: Finished difference Result 472 states and 639 transitions. [2025-01-09 04:02:12,775 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-01-09 04:02:12,776 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.4) internal successors, (37), 5 states have internal predecessors, (37), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 42 [2025-01-09 04:02:12,776 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:12,778 INFO L225 Difference]: With dead ends: 472 [2025-01-09 04:02:12,778 INFO L226 Difference]: Without dead ends: 293 [2025-01-09 04:02:12,778 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-01-09 04:02:12,779 INFO L435 NwaCegarLoop]: 123 mSDtfsCounter, 43 mSDsluCounter, 307 mSDsCounter, 0 mSdLazyCounter, 30 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 43 SdHoareTripleChecker+Valid, 430 SdHoareTripleChecker+Invalid, 34 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 30 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:12,779 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [43 Valid, 430 Invalid, 34 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 30 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:12,779 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 293 states. [2025-01-09 04:02:12,801 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 293 to 293. [2025-01-09 04:02:12,805 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 293 states, 229 states have (on average 1.25764192139738) internal successors, (288), 244 states have internal predecessors, (288), 31 states have call successors, (31), 31 states have call predecessors, (31), 32 states have return successors, (62), 32 states have call predecessors, (62), 31 states have call successors, (62) [2025-01-09 04:02:12,806 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 293 states to 293 states and 381 transitions. [2025-01-09 04:02:12,807 INFO L78 Accepts]: Start accepts. Automaton has 293 states and 381 transitions. Word has length 42 [2025-01-09 04:02:12,807 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:12,807 INFO L471 AbstractCegarLoop]: Abstraction has 293 states and 381 transitions. [2025-01-09 04:02:12,807 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.4) internal successors, (37), 5 states have internal predecessors, (37), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2025-01-09 04:02:12,807 INFO L276 IsEmpty]: Start isEmpty. Operand 293 states and 381 transitions. [2025-01-09 04:02:12,808 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2025-01-09 04:02:12,808 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:12,808 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:12,808 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-01-09 04:02:12,809 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:12,809 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:12,809 INFO L85 PathProgramCache]: Analyzing trace with hash -1615440050, now seen corresponding path program 1 times [2025-01-09 04:02:12,809 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:12,809 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1813720538] [2025-01-09 04:02:12,809 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:12,809 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:12,814 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 44 statements into 1 equivalence classes. [2025-01-09 04:02:12,821 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 44 of 44 statements. [2025-01-09 04:02:12,821 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:12,822 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:12,868 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:12,868 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:12,868 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1813720538] [2025-01-09 04:02:12,868 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1813720538] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:12,868 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:12,868 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-01-09 04:02:12,868 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1158871124] [2025-01-09 04:02:12,868 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:12,869 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-01-09 04:02:12,869 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:12,869 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-01-09 04:02:12,869 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-01-09 04:02:12,869 INFO L87 Difference]: Start difference. First operand 293 states and 381 transitions. Second operand has 6 states, 6 states have (on average 6.166666666666667) internal successors, (37), 6 states have internal predecessors, (37), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2025-01-09 04:02:13,012 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:13,013 INFO L93 Difference]: Finished difference Result 313 states and 407 transitions. [2025-01-09 04:02:13,013 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2025-01-09 04:02:13,013 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.166666666666667) internal successors, (37), 6 states have internal predecessors, (37), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) Word has length 44 [2025-01-09 04:02:13,014 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:13,015 INFO L225 Difference]: With dead ends: 313 [2025-01-09 04:02:13,015 INFO L226 Difference]: Without dead ends: 311 [2025-01-09 04:02:13,016 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=35, Invalid=75, Unknown=0, NotChecked=0, Total=110 [2025-01-09 04:02:13,016 INFO L435 NwaCegarLoop]: 56 mSDtfsCounter, 104 mSDsluCounter, 188 mSDsCounter, 0 mSdLazyCounter, 108 mSolverCounterSat, 20 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 107 SdHoareTripleChecker+Valid, 244 SdHoareTripleChecker+Invalid, 128 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 20 IncrementalHoareTripleChecker+Valid, 108 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:13,016 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [107 Valid, 244 Invalid, 128 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [20 Valid, 108 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-01-09 04:02:13,017 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 311 states. [2025-01-09 04:02:13,053 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 311 to 311. [2025-01-09 04:02:13,053 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 311 states, 245 states have (on average 1.2408163265306122) internal successors, (304), 260 states have internal predecessors, (304), 31 states have call successors, (31), 31 states have call predecessors, (31), 34 states have return successors, (67), 32 states have call predecessors, (67), 31 states have call successors, (67) [2025-01-09 04:02:13,055 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 311 states to 311 states and 402 transitions. [2025-01-09 04:02:13,056 INFO L78 Accepts]: Start accepts. Automaton has 311 states and 402 transitions. Word has length 44 [2025-01-09 04:02:13,056 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:13,056 INFO L471 AbstractCegarLoop]: Abstraction has 311 states and 402 transitions. [2025-01-09 04:02:13,056 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.166666666666667) internal successors, (37), 6 states have internal predecessors, (37), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2025-01-09 04:02:13,056 INFO L276 IsEmpty]: Start isEmpty. Operand 311 states and 402 transitions. [2025-01-09 04:02:13,058 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 75 [2025-01-09 04:02:13,058 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:13,058 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:13,058 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-01-09 04:02:13,059 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:13,059 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:13,059 INFO L85 PathProgramCache]: Analyzing trace with hash -130084726, now seen corresponding path program 1 times [2025-01-09 04:02:13,059 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:13,059 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [26689850] [2025-01-09 04:02:13,059 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:13,059 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:13,066 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 74 statements into 1 equivalence classes. [2025-01-09 04:02:13,072 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 74 of 74 statements. [2025-01-09 04:02:13,072 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:13,072 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:13,160 INFO L134 CoverageAnalysis]: Checked inductivity of 20 backedges. 12 proven. 6 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2025-01-09 04:02:13,160 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:13,160 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [26689850] [2025-01-09 04:02:13,160 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [26689850] provided 0 perfect and 1 imperfect interpolant sequences [2025-01-09 04:02:13,160 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2085747450] [2025-01-09 04:02:13,160 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:13,160 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-01-09 04:02:13,161 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-01-09 04:02:13,162 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-01-09 04:02:13,164 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-01-09 04:02:13,203 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 74 statements into 1 equivalence classes. [2025-01-09 04:02:13,231 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 74 of 74 statements. [2025-01-09 04:02:13,232 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:13,232 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:13,234 INFO L256 TraceCheckSpWp]: Trace formula consists of 264 conjuncts, 8 conjuncts are in the unsatisfiable core [2025-01-09 04:02:13,237 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-01-09 04:02:13,312 INFO L134 CoverageAnalysis]: Checked inductivity of 20 backedges. 14 proven. 6 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:13,312 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-01-09 04:02:13,406 INFO L134 CoverageAnalysis]: Checked inductivity of 20 backedges. 12 proven. 6 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2025-01-09 04:02:13,406 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2085747450] provided 0 perfect and 2 imperfect interpolant sequences [2025-01-09 04:02:13,406 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2025-01-09 04:02:13,406 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [6, 6, 6] total 6 [2025-01-09 04:02:13,406 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1942008755] [2025-01-09 04:02:13,406 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2025-01-09 04:02:13,407 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-01-09 04:02:13,407 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:13,407 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-01-09 04:02:13,407 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2025-01-09 04:02:13,407 INFO L87 Difference]: Start difference. First operand 311 states and 402 transitions. Second operand has 6 states, 6 states have (on average 11.0) internal successors, (66), 6 states have internal predecessors, (66), 3 states have call successors, (8), 3 states have call predecessors, (8), 3 states have return successors, (7), 3 states have call predecessors, (7), 2 states have call successors, (7) [2025-01-09 04:02:13,583 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:13,583 INFO L93 Difference]: Finished difference Result 713 states and 975 transitions. [2025-01-09 04:02:13,585 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2025-01-09 04:02:13,585 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 11.0) internal successors, (66), 6 states have internal predecessors, (66), 3 states have call successors, (8), 3 states have call predecessors, (8), 3 states have return successors, (7), 3 states have call predecessors, (7), 2 states have call successors, (7) Word has length 74 [2025-01-09 04:02:13,586 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:13,588 INFO L225 Difference]: With dead ends: 713 [2025-01-09 04:02:13,588 INFO L226 Difference]: Without dead ends: 451 [2025-01-09 04:02:13,594 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 157 GetRequests, 144 SyntacticMatches, 5 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 10 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=30, Invalid=60, Unknown=0, NotChecked=0, Total=90 [2025-01-09 04:02:13,594 INFO L435 NwaCegarLoop]: 113 mSDtfsCounter, 79 mSDsluCounter, 331 mSDsCounter, 0 mSdLazyCounter, 59 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 79 SdHoareTripleChecker+Valid, 444 SdHoareTripleChecker+Invalid, 70 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 59 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:13,594 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [79 Valid, 444 Invalid, 70 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 59 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-01-09 04:02:13,595 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 451 states. [2025-01-09 04:02:13,652 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 451 to 402. [2025-01-09 04:02:13,653 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 402 states, 315 states have (on average 1.2412698412698413) internal successors, (391), 335 states have internal predecessors, (391), 41 states have call successors, (41), 41 states have call predecessors, (41), 45 states have return successors, (91), 39 states have call predecessors, (91), 41 states have call successors, (91) [2025-01-09 04:02:13,658 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 402 states to 402 states and 523 transitions. [2025-01-09 04:02:13,658 INFO L78 Accepts]: Start accepts. Automaton has 402 states and 523 transitions. Word has length 74 [2025-01-09 04:02:13,658 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:13,658 INFO L471 AbstractCegarLoop]: Abstraction has 402 states and 523 transitions. [2025-01-09 04:02:13,659 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 11.0) internal successors, (66), 6 states have internal predecessors, (66), 3 states have call successors, (8), 3 states have call predecessors, (8), 3 states have return successors, (7), 3 states have call predecessors, (7), 2 states have call successors, (7) [2025-01-09 04:02:13,659 INFO L276 IsEmpty]: Start isEmpty. Operand 402 states and 523 transitions. [2025-01-09 04:02:13,682 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 107 [2025-01-09 04:02:13,682 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:13,682 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:13,691 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2025-01-09 04:02:13,883 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2025-01-09 04:02:13,883 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:13,887 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:13,887 INFO L85 PathProgramCache]: Analyzing trace with hash 1392294862, now seen corresponding path program 2 times [2025-01-09 04:02:13,887 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:13,890 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [992437292] [2025-01-09 04:02:13,890 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-01-09 04:02:13,890 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:13,912 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 106 statements into 2 equivalence classes. [2025-01-09 04:02:13,936 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) and asserted 106 of 106 statements. [2025-01-09 04:02:13,936 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2025-01-09 04:02:13,936 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-01-09 04:02:13,936 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-01-09 04:02:13,940 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 106 statements into 1 equivalence classes. [2025-01-09 04:02:13,956 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 106 of 106 statements. [2025-01-09 04:02:13,956 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:13,956 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-01-09 04:02:13,981 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-01-09 04:02:13,981 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-01-09 04:02:13,982 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-01-09 04:02:13,983 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2025-01-09 04:02:13,985 INFO L422 BasicCegarLoop]: Path program histogram: [2, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:14,047 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-01-09 04:02:14,050 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 09.01 04:02:14 BoogieIcfgContainer [2025-01-09 04:02:14,050 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-01-09 04:02:14,051 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-01-09 04:02:14,051 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-01-09 04:02:14,051 INFO L274 PluginConnector]: Witness Printer initialized [2025-01-09 04:02:14,051 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 04:02:11" (3/4) ... [2025-01-09 04:02:14,052 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-01-09 04:02:14,134 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 99. [2025-01-09 04:02:14,215 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-01-09 04:02:14,216 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.yml [2025-01-09 04:02:14,216 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-01-09 04:02:14,216 INFO L158 Benchmark]: Toolchain (without parser) took 3672.62ms. Allocated memory is still 167.8MB. Free memory was 133.1MB in the beginning and 106.9MB in the end (delta: 26.2MB). Peak memory consumption was 25.1MB. Max. memory is 16.1GB. [2025-01-09 04:02:14,216 INFO L158 Benchmark]: CDTParser took 0.22ms. Allocated memory is still 218.1MB. Free memory is still 134.3MB. There was no memory consumed. Max. memory is 16.1GB. [2025-01-09 04:02:14,216 INFO L158 Benchmark]: CACSL2BoogieTranslator took 316.61ms. Allocated memory is still 167.8MB. Free memory was 132.8MB in the beginning and 114.6MB in the end (delta: 18.2MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-01-09 04:02:14,217 INFO L158 Benchmark]: Boogie Procedure Inliner took 24.95ms. Allocated memory is still 167.8MB. Free memory was 114.6MB in the beginning and 112.6MB in the end (delta: 2.0MB). There was no memory consumed. Max. memory is 16.1GB. [2025-01-09 04:02:14,217 INFO L158 Benchmark]: Boogie Preprocessor took 21.93ms. Allocated memory is still 167.8MB. Free memory was 112.6MB in the beginning and 110.8MB in the end (delta: 1.7MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-01-09 04:02:14,217 INFO L158 Benchmark]: RCFGBuilder took 347.74ms. Allocated memory is still 167.8MB. Free memory was 110.8MB in the beginning and 94.4MB in the end (delta: 16.5MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-01-09 04:02:14,217 INFO L158 Benchmark]: TraceAbstraction took 2789.98ms. Allocated memory is still 167.8MB. Free memory was 93.8MB in the beginning and 120.6MB in the end (delta: -26.8MB). There was no memory consumed. Max. memory is 16.1GB. [2025-01-09 04:02:14,217 INFO L158 Benchmark]: Witness Printer took 165.01ms. Allocated memory is still 167.8MB. Free memory was 120.6MB in the beginning and 106.9MB in the end (delta: 13.7MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-01-09 04:02:14,218 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.22ms. Allocated memory is still 218.1MB. Free memory is still 134.3MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 316.61ms. Allocated memory is still 167.8MB. Free memory was 132.8MB in the beginning and 114.6MB in the end (delta: 18.2MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 24.95ms. Allocated memory is still 167.8MB. Free memory was 114.6MB in the beginning and 112.6MB in the end (delta: 2.0MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 21.93ms. Allocated memory is still 167.8MB. Free memory was 112.6MB in the beginning and 110.8MB in the end (delta: 1.7MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * RCFGBuilder took 347.74ms. Allocated memory is still 167.8MB. Free memory was 110.8MB in the beginning and 94.4MB in the end (delta: 16.5MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 2789.98ms. Allocated memory is still 167.8MB. Free memory was 93.8MB in the beginning and 120.6MB in the end (delta: -26.8MB). There was no memory consumed. Max. memory is 16.1GB. * Witness Printer took 165.01ms. Allocated memory is still 167.8MB. Free memory was 120.6MB in the beginning and 106.9MB in the end (delta: 13.7MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] - GenericResultAtLocation [Line: 153]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [153] - GenericResultAtLocation [Line: 252]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [252] - GenericResultAtLocation [Line: 261]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification4_spec.i","") [261] - GenericResultAtLocation [Line: 288]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [288] - GenericResultAtLocation [Line: 356]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [356] - GenericResultAtLocation [Line: 544]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [544] - GenericResultAtLocation [Line: 910]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [910] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 257]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L50] int cleanupTimeShifts = 4; [L159] int waterLevel = 1; [L160] int methaneLevelCritical = 0; [L359] int pumpRunning = 0; [L360] int systemActive = 1; [L714] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L131] int retValue_acc ; [L132] int tmp ; [L136] FCALL select_helpers() [L137] FCALL select_features() [L138] CALL, EXPR valid_product() [L937] int retValue_acc ; [L940] retValue_acc = 1 [L941] return (retValue_acc); VAL [\result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L138] RET, EXPR valid_product() [L138] tmp = valid_product() [L140] COND TRUE \read(tmp) [L142] FCALL setup() [L143] CALL runTest() [L122] CALL test() [L291] int splverifierCounter ; [L292] int tmp ; [L293] int tmp___0 ; [L294] int tmp___1 ; [L295] int tmp___2 ; [L298] splverifierCounter = 0 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L302] COND TRUE splverifierCounter < 4 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L308] tmp = __VERIFIER_nondet_int() [L310] COND TRUE \read(tmp) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L312] CALL waterRise() VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L177] COND TRUE waterLevel < 2 [L178] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L312] RET waterRise() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L318] tmp___0 = __VERIFIER_nondet_int() [L320] COND FALSE !(\read(tmp___0)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L328] tmp___2 = __VERIFIER_nondet_int() [L330] COND TRUE \read(tmp___2) [L332] CALL startSystem() [L540] systemActive = 1 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L332] RET startSystem() [L345] CALL timeShift() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L366] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L373] COND TRUE \read(systemActive) [L375] CALL processEnvironment() [L421] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L424] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L439] CALL processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L395] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L398] COND TRUE ! pumpRunning [L400] CALL, EXPR isHighWaterLevel() [L518] int retValue_acc ; [L519] int tmp ; [L520] int tmp___0 ; [L524] CALL, EXPR isHighWaterSensorDry() [L239] int retValue_acc ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L242] COND FALSE !(waterLevel < 2) [L246] retValue_acc = 0 [L247] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L524] RET, EXPR isHighWaterSensorDry() [L524] tmp = isHighWaterSensorDry() [L526] COND FALSE !(\read(tmp)) [L529] tmp___0 = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L531] retValue_acc = tmp___0 [L532] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L400] RET, EXPR isHighWaterLevel() [L400] tmp = isHighWaterLevel() [L402] COND TRUE \read(tmp) [L404] CALL activatePump() [L449] pumpRunning = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L404] RET activatePump() [L439] RET processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L375] RET processEnvironment() [L381] CALL __utac_acc__Specification4_spec__1() [L264] int tmp ; [L265] int tmp___0 ; [L269] CALL, EXPR getWaterLevel() [L230] int retValue_acc ; [L233] retValue_acc = waterLevel [L234] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L269] RET, EXPR getWaterLevel() [L269] tmp = getWaterLevel() [L271] COND FALSE !(tmp == 0) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L381] RET __utac_acc__Specification4_spec__1() [L345] RET timeShift() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L302] COND TRUE splverifierCounter < 4 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L308] tmp = __VERIFIER_nondet_int() [L310] COND FALSE !(\read(tmp)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L318] tmp___0 = __VERIFIER_nondet_int() [L320] COND FALSE !(\read(tmp___0)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L328] tmp___2 = __VERIFIER_nondet_int() [L330] COND TRUE \read(tmp___2) [L332] CALL startSystem() [L540] systemActive = 1 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L332] RET startSystem() [L345] CALL timeShift() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L366] COND TRUE \read(pumpRunning) [L368] CALL lowerWaterLevel() [L165] COND TRUE waterLevel > 0 [L166] waterLevel = waterLevel - 1 VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L368] RET lowerWaterLevel() [L373] COND TRUE \read(systemActive) [L375] CALL processEnvironment() [L421] int tmp ; VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L424] COND TRUE \read(pumpRunning) [L426] CALL, EXPR isMethaneAlarm() [L462] int retValue_acc ; [L466] CALL, EXPR isMethaneLevelCritical() [L198] int retValue_acc ; [L201] retValue_acc = methaneLevelCritical [L202] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L466] RET, EXPR isMethaneLevelCritical() [L466] retValue_acc = isMethaneLevelCritical() [L468] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L426] RET, EXPR isMethaneAlarm() [L426] tmp = isMethaneAlarm() [L428] COND FALSE !(\read(tmp)) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L434] CALL processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L395] int tmp ; VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L398] COND FALSE !(! pumpRunning) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L413] FCALL processEnvironment__wrappee__base() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L434] RET processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L375] RET processEnvironment() [L381] CALL __utac_acc__Specification4_spec__1() [L264] int tmp ; [L265] int tmp___0 ; [L269] CALL, EXPR getWaterLevel() [L230] int retValue_acc ; [L233] retValue_acc = waterLevel [L234] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L269] RET, EXPR getWaterLevel() [L269] tmp = getWaterLevel() [L271] COND FALSE !(tmp == 0) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L381] RET __utac_acc__Specification4_spec__1() [L345] RET timeShift() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L302] COND TRUE splverifierCounter < 4 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L308] tmp = __VERIFIER_nondet_int() [L310] COND FALSE !(\read(tmp)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L318] tmp___0 = __VERIFIER_nondet_int() [L320] COND FALSE !(\read(tmp___0)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L328] tmp___2 = __VERIFIER_nondet_int() [L330] COND TRUE \read(tmp___2) [L332] CALL startSystem() [L540] systemActive = 1 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L332] RET startSystem() [L345] CALL timeShift() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L366] COND TRUE \read(pumpRunning) [L368] CALL lowerWaterLevel() [L165] COND TRUE waterLevel > 0 [L166] waterLevel = waterLevel - 1 VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L368] RET lowerWaterLevel() [L373] COND TRUE \read(systemActive) [L375] CALL processEnvironment() [L421] int tmp ; VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L424] COND TRUE \read(pumpRunning) [L426] CALL, EXPR isMethaneAlarm() [L462] int retValue_acc ; [L466] CALL, EXPR isMethaneLevelCritical() [L198] int retValue_acc ; [L201] retValue_acc = methaneLevelCritical [L202] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=1, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L466] RET, EXPR isMethaneLevelCritical() [L466] retValue_acc = isMethaneLevelCritical() [L468] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=1, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L426] RET, EXPR isMethaneAlarm() [L426] tmp = isMethaneAlarm() [L428] COND FALSE !(\read(tmp)) VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L434] CALL processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L395] int tmp ; VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L398] COND FALSE !(! pumpRunning) VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L413] FCALL processEnvironment__wrappee__base() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L434] RET processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L375] RET processEnvironment() [L381] CALL __utac_acc__Specification4_spec__1() [L264] int tmp ; [L265] int tmp___0 ; [L269] CALL, EXPR getWaterLevel() [L230] int retValue_acc ; [L233] retValue_acc = waterLevel [L234] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=1, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L269] RET, EXPR getWaterLevel() [L269] tmp = getWaterLevel() [L271] COND TRUE tmp == 0 [L273] CALL, EXPR isPumpRunning() [L473] int retValue_acc ; [L476] retValue_acc = pumpRunning [L477] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=1, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L273] RET, EXPR isPumpRunning() [L273] tmp___0 = isPumpRunning() [L275] COND TRUE \read(tmp___0) [L277] CALL __automaton_fail() [L257] reach_error() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 79 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 2.7s, OverallIterations: 11, TraceHistogramMax: 3, PathProgramHistogramMax: 2, EmptinessCheckTime: 0.0s, AutomataDifference: 0.7s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 515 SdHoareTripleChecker+Valid, 0.4s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 509 mSDsluCounter, 2700 SdHoareTripleChecker+Invalid, 0.3s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1799 mSDsCounter, 47 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 315 IncrementalHoareTripleChecker+Invalid, 362 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 47 mSolverCounterUnsat, 901 mSDtfsCounter, 315 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 214 GetRequests, 168 SyntacticMatches, 5 SemanticMatches, 41 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 21 ImplicationChecksByTransitivity, 0.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=402occurred in iteration=10, InterpolantAutomatonStates: 51, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 10 MinimizatonAttempts, 60 StatesRemovedByMinimization, 3 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 1.0s InterpolantComputationTime, 567 NumberOfCodeBlocks, 567 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 523 ConstructedInterpolants, 0 QuantifiedInterpolants, 963 SizeOfPredicates, 2 NumberOfNonLiveVariables, 264 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 42/60 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-01-09 04:02:14,246 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE