./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec4_product39.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 551b0097 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec4_product39.cil.c -s /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 87e1d1b45ecae6206db87e264fd33705b608c5376aceaefe9ff79eccaaf25b96 --- Real Ultimate output --- This is Ultimate 0.3.0-?-551b009-m [2025-01-09 04:02:09,701 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-01-09 04:02:09,740 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-01-09 04:02:09,743 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-01-09 04:02:09,744 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-01-09 04:02:09,760 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-01-09 04:02:09,762 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-01-09 04:02:09,762 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-01-09 04:02:09,762 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-01-09 04:02:09,763 INFO L153 SettingsManager]: * Use memory slicer=true [2025-01-09 04:02:09,763 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-01-09 04:02:09,763 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-01-09 04:02:09,763 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-01-09 04:02:09,763 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-01-09 04:02:09,763 INFO L153 SettingsManager]: * Use SBE=true [2025-01-09 04:02:09,764 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-01-09 04:02:09,764 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-01-09 04:02:09,764 INFO L153 SettingsManager]: * sizeof long=4 [2025-01-09 04:02:09,764 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-01-09 04:02:09,764 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-01-09 04:02:09,764 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-01-09 04:02:09,764 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-01-09 04:02:09,764 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-01-09 04:02:09,764 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-01-09 04:02:09,764 INFO L153 SettingsManager]: * sizeof long double=12 [2025-01-09 04:02:09,764 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-01-09 04:02:09,764 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-01-09 04:02:09,765 INFO L153 SettingsManager]: * Use constant arrays=true [2025-01-09 04:02:09,765 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-01-09 04:02:09,765 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-01-09 04:02:09,765 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-01-09 04:02:09,765 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-01-09 04:02:09,766 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 04:02:09,766 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2025-01-09 04:02:09,766 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-01-09 04:02:09,766 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-01-09 04:02:09,766 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-01-09 04:02:09,766 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 04:02:09,766 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-01-09 04:02:09,766 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-01-09 04:02:09,766 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-01-09 04:02:09,766 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-01-09 04:02:09,766 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-01-09 04:02:09,766 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-01-09 04:02:09,767 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-01-09 04:02:09,767 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-01-09 04:02:09,767 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-01-09 04:02:09,767 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-01-09 04:02:09,767 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 87e1d1b45ecae6206db87e264fd33705b608c5376aceaefe9ff79eccaaf25b96 [2025-01-09 04:02:10,000 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-01-09 04:02:10,006 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-01-09 04:02:10,008 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-01-09 04:02:10,009 INFO L270 PluginConnector]: Initializing CDTParser... [2025-01-09 04:02:10,009 INFO L274 PluginConnector]: CDTParser initialized [2025-01-09 04:02:10,010 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec4_product39.cil.c [2025-01-09 04:02:11,157 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/d1e48d66e/cf8ae24d1ee344deabc0416eddfab69f/FLAG21b88efac [2025-01-09 04:02:11,484 INFO L384 CDTParser]: Found 1 translation units. [2025-01-09 04:02:11,495 INFO L180 CDTParser]: Scanning /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product39.cil.c [2025-01-09 04:02:11,505 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/d1e48d66e/cf8ae24d1ee344deabc0416eddfab69f/FLAG21b88efac [2025-01-09 04:02:11,515 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/d1e48d66e/cf8ae24d1ee344deabc0416eddfab69f [2025-01-09 04:02:11,519 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-01-09 04:02:11,522 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-01-09 04:02:11,526 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-01-09 04:02:11,526 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-01-09 04:02:11,530 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-01-09 04:02:11,530 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.01 04:02:11" (1/1) ... [2025-01-09 04:02:11,531 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@39ec6af and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:11, skipping insertion in model container [2025-01-09 04:02:11,531 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.01 04:02:11" (1/1) ... [2025-01-09 04:02:11,562 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-01-09 04:02:11,771 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product39.cil.c[15496,15509] [2025-01-09 04:02:11,782 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-01-09 04:02:11,792 INFO L200 MainTranslator]: Completed pre-run [2025-01-09 04:02:11,799 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [49] [2025-01-09 04:02:11,800 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [87] [2025-01-09 04:02:11,800 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [453] [2025-01-09 04:02:11,800 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [525] [2025-01-09 04:02:11,800 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [727] [2025-01-09 04:02:11,800 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [736] [2025-01-09 04:02:11,800 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [831] [2025-01-09 04:02:11,800 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification4_spec.i","") [927] [2025-01-09 04:02:11,847 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product39.cil.c[15496,15509] [2025-01-09 04:02:11,858 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-01-09 04:02:11,873 INFO L204 MainTranslator]: Completed translation [2025-01-09 04:02:11,875 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:11 WrapperNode [2025-01-09 04:02:11,875 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-01-09 04:02:11,876 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-01-09 04:02:11,877 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-01-09 04:02:11,877 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-01-09 04:02:11,881 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:11" (1/1) ... [2025-01-09 04:02:11,887 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:11" (1/1) ... [2025-01-09 04:02:11,905 INFO L138 Inliner]: procedures = 54, calls = 99, calls flagged for inlining = 23, calls inlined = 20, statements flattened = 198 [2025-01-09 04:02:11,906 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-01-09 04:02:11,906 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-01-09 04:02:11,906 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-01-09 04:02:11,906 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-01-09 04:02:11,913 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:11" (1/1) ... [2025-01-09 04:02:11,913 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:11" (1/1) ... [2025-01-09 04:02:11,914 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:11" (1/1) ... [2025-01-09 04:02:11,922 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-01-09 04:02:11,922 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:11" (1/1) ... [2025-01-09 04:02:11,922 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:11" (1/1) ... [2025-01-09 04:02:11,925 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:11" (1/1) ... [2025-01-09 04:02:11,926 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:11" (1/1) ... [2025-01-09 04:02:11,930 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:11" (1/1) ... [2025-01-09 04:02:11,931 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:11" (1/1) ... [2025-01-09 04:02:11,932 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:11" (1/1) ... [2025-01-09 04:02:11,933 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-01-09 04:02:11,933 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2025-01-09 04:02:11,933 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2025-01-09 04:02:11,933 INFO L274 PluginConnector]: RCFGBuilder initialized [2025-01-09 04:02:11,935 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:11" (1/1) ... [2025-01-09 04:02:11,939 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 04:02:11,951 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-01-09 04:02:11,961 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-01-09 04:02:11,967 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-01-09 04:02:11,979 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-01-09 04:02:11,980 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2025-01-09 04:02:11,980 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2025-01-09 04:02:11,980 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-01-09 04:02:11,980 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-01-09 04:02:11,980 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-01-09 04:02:11,980 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-01-09 04:02:11,981 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2025-01-09 04:02:11,981 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2025-01-09 04:02:11,981 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-01-09 04:02:11,982 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-01-09 04:02:11,982 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2025-01-09 04:02:11,982 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2025-01-09 04:02:11,982 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-01-09 04:02:11,982 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-01-09 04:02:11,982 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-01-09 04:02:11,982 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-01-09 04:02:11,982 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-01-09 04:02:12,063 INFO L234 CfgBuilder]: Building ICFG [2025-01-09 04:02:12,065 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2025-01-09 04:02:12,270 INFO L? ?]: Removed 43 outVars from TransFormulas that were not future-live. [2025-01-09 04:02:12,270 INFO L283 CfgBuilder]: Performing block encoding [2025-01-09 04:02:12,283 INFO L307 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-01-09 04:02:12,285 INFO L312 CfgBuilder]: Removed 2 assume(true) statements. [2025-01-09 04:02:12,285 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 04:02:12 BoogieIcfgContainer [2025-01-09 04:02:12,285 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2025-01-09 04:02:12,287 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-01-09 04:02:12,287 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-01-09 04:02:12,291 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-01-09 04:02:12,291 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 09.01 04:02:11" (1/3) ... [2025-01-09 04:02:12,292 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4196407c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.01 04:02:12, skipping insertion in model container [2025-01-09 04:02:12,292 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:11" (2/3) ... [2025-01-09 04:02:12,292 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4196407c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.01 04:02:12, skipping insertion in model container [2025-01-09 04:02:12,293 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 04:02:12" (3/3) ... [2025-01-09 04:02:12,294 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec4_product39.cil.c [2025-01-09 04:02:12,303 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-01-09 04:02:12,305 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec4_product39.cil.c that has 8 procedures, 85 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-01-09 04:02:12,343 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-01-09 04:02:12,352 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@416f9ec8, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-01-09 04:02:12,352 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-01-09 04:02:12,354 INFO L276 IsEmpty]: Start isEmpty. Operand has 85 states, 64 states have (on average 1.375) internal successors, (88), 73 states have internal predecessors, (88), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 9 states have call predecessors, (12), 12 states have call successors, (12) [2025-01-09 04:02:12,358 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2025-01-09 04:02:12,358 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:12,359 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:12,359 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:12,362 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:12,362 INFO L85 PathProgramCache]: Analyzing trace with hash 1313729756, now seen corresponding path program 1 times [2025-01-09 04:02:12,366 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:12,367 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1298057637] [2025-01-09 04:02:12,367 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:12,367 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:12,440 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 19 statements into 1 equivalence classes. [2025-01-09 04:02:12,476 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 19 of 19 statements. [2025-01-09 04:02:12,476 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:12,476 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:12,577 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:12,577 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:12,577 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1298057637] [2025-01-09 04:02:12,578 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1298057637] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:12,578 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:12,585 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2025-01-09 04:02:12,587 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1854602252] [2025-01-09 04:02:12,587 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:12,589 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-01-09 04:02:12,589 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:12,605 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-01-09 04:02:12,606 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-01-09 04:02:12,613 INFO L87 Difference]: Start difference. First operand has 85 states, 64 states have (on average 1.375) internal successors, (88), 73 states have internal predecessors, (88), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 9 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-01-09 04:02:12,641 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:12,641 INFO L93 Difference]: Finished difference Result 162 states and 219 transitions. [2025-01-09 04:02:12,641 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-01-09 04:02:12,642 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 19 [2025-01-09 04:02:12,642 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:12,651 INFO L225 Difference]: With dead ends: 162 [2025-01-09 04:02:12,651 INFO L226 Difference]: Without dead ends: 76 [2025-01-09 04:02:12,655 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-01-09 04:02:12,660 INFO L435 NwaCegarLoop]: 108 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 108 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:12,661 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 108 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:12,681 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 76 states. [2025-01-09 04:02:12,700 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 76 to 76. [2025-01-09 04:02:12,703 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 76 states, 57 states have (on average 1.3333333333333333) internal successors, (76), 65 states have internal predecessors, (76), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 8 states have call predecessors, (11), 11 states have call successors, (11) [2025-01-09 04:02:12,709 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 76 states to 76 states and 99 transitions. [2025-01-09 04:02:12,715 INFO L78 Accepts]: Start accepts. Automaton has 76 states and 99 transitions. Word has length 19 [2025-01-09 04:02:12,719 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:12,719 INFO L471 AbstractCegarLoop]: Abstraction has 76 states and 99 transitions. [2025-01-09 04:02:12,719 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-01-09 04:02:12,719 INFO L276 IsEmpty]: Start isEmpty. Operand 76 states and 99 transitions. [2025-01-09 04:02:12,720 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2025-01-09 04:02:12,720 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:12,720 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:12,720 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-01-09 04:02:12,720 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:12,721 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:12,721 INFO L85 PathProgramCache]: Analyzing trace with hash 187222854, now seen corresponding path program 1 times [2025-01-09 04:02:12,721 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:12,721 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [855035394] [2025-01-09 04:02:12,721 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:12,721 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:12,737 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 19 statements into 1 equivalence classes. [2025-01-09 04:02:12,761 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 19 of 19 statements. [2025-01-09 04:02:12,765 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:12,766 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:12,888 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:12,889 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:12,889 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [855035394] [2025-01-09 04:02:12,889 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [855035394] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:12,889 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:12,889 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-01-09 04:02:12,889 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1604125516] [2025-01-09 04:02:12,889 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:12,894 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-01-09 04:02:12,894 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:12,895 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-01-09 04:02:12,895 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:02:12,895 INFO L87 Difference]: Start difference. First operand 76 states and 99 transitions. Second operand has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-01-09 04:02:12,919 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:12,919 INFO L93 Difference]: Finished difference Result 116 states and 150 transitions. [2025-01-09 04:02:12,919 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-01-09 04:02:12,920 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 19 [2025-01-09 04:02:12,920 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:12,921 INFO L225 Difference]: With dead ends: 116 [2025-01-09 04:02:12,921 INFO L226 Difference]: Without dead ends: 68 [2025-01-09 04:02:12,922 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:02:12,924 INFO L435 NwaCegarLoop]: 87 mSDtfsCounter, 16 mSDsluCounter, 67 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 154 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:12,924 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [20 Valid, 154 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:12,925 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 68 states. [2025-01-09 04:02:12,932 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 68 to 68. [2025-01-09 04:02:12,934 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 68 states, 52 states have (on average 1.3461538461538463) internal successors, (70), 60 states have internal predecessors, (70), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 6 states have call predecessors, (9), 9 states have call successors, (9) [2025-01-09 04:02:12,934 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 68 states to 68 states and 88 transitions. [2025-01-09 04:02:12,936 INFO L78 Accepts]: Start accepts. Automaton has 68 states and 88 transitions. Word has length 19 [2025-01-09 04:02:12,936 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:12,936 INFO L471 AbstractCegarLoop]: Abstraction has 68 states and 88 transitions. [2025-01-09 04:02:12,937 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-01-09 04:02:12,937 INFO L276 IsEmpty]: Start isEmpty. Operand 68 states and 88 transitions. [2025-01-09 04:02:12,937 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2025-01-09 04:02:12,937 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:12,937 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:12,939 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-01-09 04:02:12,939 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:12,939 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:12,939 INFO L85 PathProgramCache]: Analyzing trace with hash -1399369590, now seen corresponding path program 1 times [2025-01-09 04:02:12,939 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:12,940 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1652830270] [2025-01-09 04:02:12,940 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:12,940 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:12,949 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 23 statements into 1 equivalence classes. [2025-01-09 04:02:12,964 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 23 of 23 statements. [2025-01-09 04:02:12,964 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:12,964 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:13,054 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:13,055 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:13,055 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1652830270] [2025-01-09 04:02:13,055 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1652830270] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:13,055 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:13,055 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2025-01-09 04:02:13,055 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [15514935] [2025-01-09 04:02:13,055 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:13,055 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-01-09 04:02:13,056 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:13,056 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-01-09 04:02:13,056 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:02:13,056 INFO L87 Difference]: Start difference. First operand 68 states and 88 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 2 states have internal predecessors, (22), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-01-09 04:02:13,099 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:13,103 INFO L93 Difference]: Finished difference Result 189 states and 250 transitions. [2025-01-09 04:02:13,104 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-01-09 04:02:13,104 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 2 states have internal predecessors, (22), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 23 [2025-01-09 04:02:13,105 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:13,110 INFO L225 Difference]: With dead ends: 189 [2025-01-09 04:02:13,110 INFO L226 Difference]: Without dead ends: 128 [2025-01-09 04:02:13,110 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:02:13,111 INFO L435 NwaCegarLoop]: 99 mSDtfsCounter, 69 mSDsluCounter, 78 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 69 SdHoareTripleChecker+Valid, 177 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:13,111 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [69 Valid, 177 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:13,112 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 128 states. [2025-01-09 04:02:13,130 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 128 to 125. [2025-01-09 04:02:13,131 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 125 states, 94 states have (on average 1.372340425531915) internal successors, (129), 109 states have internal predecessors, (129), 18 states have call successors, (18), 12 states have call predecessors, (18), 12 states have return successors, (18), 11 states have call predecessors, (18), 18 states have call successors, (18) [2025-01-09 04:02:13,132 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 125 states to 125 states and 165 transitions. [2025-01-09 04:02:13,132 INFO L78 Accepts]: Start accepts. Automaton has 125 states and 165 transitions. Word has length 23 [2025-01-09 04:02:13,132 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:13,132 INFO L471 AbstractCegarLoop]: Abstraction has 125 states and 165 transitions. [2025-01-09 04:02:13,133 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 2 states have internal predecessors, (22), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-01-09 04:02:13,133 INFO L276 IsEmpty]: Start isEmpty. Operand 125 states and 165 transitions. [2025-01-09 04:02:13,133 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2025-01-09 04:02:13,134 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:13,134 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:13,134 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-01-09 04:02:13,134 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:13,134 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:13,135 INFO L85 PathProgramCache]: Analyzing trace with hash 786862144, now seen corresponding path program 1 times [2025-01-09 04:02:13,135 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:13,135 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1113018200] [2025-01-09 04:02:13,135 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:13,135 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:13,141 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 27 statements into 1 equivalence classes. [2025-01-09 04:02:13,145 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 27 of 27 statements. [2025-01-09 04:02:13,145 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:13,146 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:13,263 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:13,264 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:13,264 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1113018200] [2025-01-09 04:02:13,264 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1113018200] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:13,264 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:13,264 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-01-09 04:02:13,264 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1861108009] [2025-01-09 04:02:13,264 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:13,264 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-01-09 04:02:13,264 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:13,264 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-01-09 04:02:13,264 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 04:02:13,265 INFO L87 Difference]: Start difference. First operand 125 states and 165 transitions. Second operand has 5 states, 5 states have (on average 5.2) internal successors, (26), 4 states have internal predecessors, (26), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-01-09 04:02:13,404 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:13,404 INFO L93 Difference]: Finished difference Result 349 states and 480 transitions. [2025-01-09 04:02:13,407 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-01-09 04:02:13,407 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.2) internal successors, (26), 4 states have internal predecessors, (26), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 27 [2025-01-09 04:02:13,407 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:13,409 INFO L225 Difference]: With dead ends: 349 [2025-01-09 04:02:13,409 INFO L226 Difference]: Without dead ends: 231 [2025-01-09 04:02:13,410 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-01-09 04:02:13,416 INFO L435 NwaCegarLoop]: 82 mSDtfsCounter, 54 mSDsluCounter, 236 mSDsCounter, 0 mSdLazyCounter, 27 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 54 SdHoareTripleChecker+Valid, 318 SdHoareTripleChecker+Invalid, 30 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 27 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:13,417 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [54 Valid, 318 Invalid, 30 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 27 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-01-09 04:02:13,417 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 231 states. [2025-01-09 04:02:13,460 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 231 to 231. [2025-01-09 04:02:13,462 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 231 states, 172 states have (on average 1.3488372093023255) internal successors, (232), 199 states have internal predecessors, (232), 36 states have call successors, (36), 24 states have call predecessors, (36), 22 states have return successors, (38), 20 states have call predecessors, (38), 36 states have call successors, (38) [2025-01-09 04:02:13,463 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 231 states to 231 states and 306 transitions. [2025-01-09 04:02:13,469 INFO L78 Accepts]: Start accepts. Automaton has 231 states and 306 transitions. Word has length 27 [2025-01-09 04:02:13,469 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:13,469 INFO L471 AbstractCegarLoop]: Abstraction has 231 states and 306 transitions. [2025-01-09 04:02:13,469 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.2) internal successors, (26), 4 states have internal predecessors, (26), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-01-09 04:02:13,469 INFO L276 IsEmpty]: Start isEmpty. Operand 231 states and 306 transitions. [2025-01-09 04:02:13,471 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2025-01-09 04:02:13,471 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:13,471 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:13,471 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-01-09 04:02:13,471 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:13,471 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:13,471 INFO L85 PathProgramCache]: Analyzing trace with hash 1658846149, now seen corresponding path program 1 times [2025-01-09 04:02:13,471 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:13,471 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1403020384] [2025-01-09 04:02:13,471 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:13,471 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:13,484 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 29 statements into 1 equivalence classes. [2025-01-09 04:02:13,498 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 29 of 29 statements. [2025-01-09 04:02:13,499 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:13,499 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:13,528 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:13,528 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:13,529 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1403020384] [2025-01-09 04:02:13,529 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1403020384] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:13,529 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:13,529 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2025-01-09 04:02:13,529 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1235202886] [2025-01-09 04:02:13,529 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:13,529 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-01-09 04:02:13,529 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:13,530 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-01-09 04:02:13,530 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:02:13,530 INFO L87 Difference]: Start difference. First operand 231 states and 306 transitions. Second operand has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 2 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-01-09 04:02:13,577 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:13,580 INFO L93 Difference]: Finished difference Result 569 states and 777 transitions. [2025-01-09 04:02:13,580 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-01-09 04:02:13,580 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 2 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 29 [2025-01-09 04:02:13,581 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:13,583 INFO L225 Difference]: With dead ends: 569 [2025-01-09 04:02:13,586 INFO L226 Difference]: Without dead ends: 345 [2025-01-09 04:02:13,587 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:02:13,587 INFO L435 NwaCegarLoop]: 87 mSDtfsCounter, 51 mSDsluCounter, 54 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 51 SdHoareTripleChecker+Valid, 141 SdHoareTripleChecker+Invalid, 19 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:13,588 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [51 Valid, 141 Invalid, 19 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:13,588 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 345 states. [2025-01-09 04:02:13,608 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 345 to 336. [2025-01-09 04:02:13,609 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 336 states, 257 states have (on average 1.311284046692607) internal successors, (337), 277 states have internal predecessors, (337), 41 states have call successors, (41), 39 states have call predecessors, (41), 37 states have return successors, (59), 36 states have call predecessors, (59), 41 states have call successors, (59) [2025-01-09 04:02:13,610 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 336 states to 336 states and 437 transitions. [2025-01-09 04:02:13,611 INFO L78 Accepts]: Start accepts. Automaton has 336 states and 437 transitions. Word has length 29 [2025-01-09 04:02:13,611 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:13,611 INFO L471 AbstractCegarLoop]: Abstraction has 336 states and 437 transitions. [2025-01-09 04:02:13,611 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 2 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-01-09 04:02:13,611 INFO L276 IsEmpty]: Start isEmpty. Operand 336 states and 437 transitions. [2025-01-09 04:02:13,612 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2025-01-09 04:02:13,612 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:13,612 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:13,612 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-01-09 04:02:13,612 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:13,613 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:13,613 INFO L85 PathProgramCache]: Analyzing trace with hash 1524312550, now seen corresponding path program 1 times [2025-01-09 04:02:13,613 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:13,613 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [893238434] [2025-01-09 04:02:13,613 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:13,613 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:13,618 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 31 statements into 1 equivalence classes. [2025-01-09 04:02:13,622 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 31 of 31 statements. [2025-01-09 04:02:13,622 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:13,622 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:13,696 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:13,697 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:13,697 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [893238434] [2025-01-09 04:02:13,697 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [893238434] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:13,697 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:13,697 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-01-09 04:02:13,697 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [989263664] [2025-01-09 04:02:13,698 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:13,698 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-01-09 04:02:13,698 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:13,699 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-01-09 04:02:13,699 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 04:02:13,699 INFO L87 Difference]: Start difference. First operand 336 states and 437 transitions. Second operand has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 04:02:13,759 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:13,761 INFO L93 Difference]: Finished difference Result 338 states and 438 transitions. [2025-01-09 04:02:13,761 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-01-09 04:02:13,762 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 31 [2025-01-09 04:02:13,762 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:13,763 INFO L225 Difference]: With dead ends: 338 [2025-01-09 04:02:13,763 INFO L226 Difference]: Without dead ends: 336 [2025-01-09 04:02:13,764 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-01-09 04:02:13,764 INFO L435 NwaCegarLoop]: 85 mSDtfsCounter, 44 mSDsluCounter, 221 mSDsCounter, 0 mSdLazyCounter, 30 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 44 SdHoareTripleChecker+Valid, 306 SdHoareTripleChecker+Invalid, 35 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 30 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:13,764 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [44 Valid, 306 Invalid, 35 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 30 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:13,765 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 336 states. [2025-01-09 04:02:13,789 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 336 to 336. [2025-01-09 04:02:13,790 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 336 states, 257 states have (on average 1.3035019455252919) internal successors, (335), 277 states have internal predecessors, (335), 41 states have call successors, (41), 39 states have call predecessors, (41), 37 states have return successors, (59), 36 states have call predecessors, (59), 41 states have call successors, (59) [2025-01-09 04:02:13,791 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 336 states to 336 states and 435 transitions. [2025-01-09 04:02:13,792 INFO L78 Accepts]: Start accepts. Automaton has 336 states and 435 transitions. Word has length 31 [2025-01-09 04:02:13,792 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:13,792 INFO L471 AbstractCegarLoop]: Abstraction has 336 states and 435 transitions. [2025-01-09 04:02:13,792 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 04:02:13,792 INFO L276 IsEmpty]: Start isEmpty. Operand 336 states and 435 transitions. [2025-01-09 04:02:13,793 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2025-01-09 04:02:13,793 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:13,793 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:13,793 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-01-09 04:02:13,794 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:13,794 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:13,794 INFO L85 PathProgramCache]: Analyzing trace with hash 1861923731, now seen corresponding path program 1 times [2025-01-09 04:02:13,794 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:13,794 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1575059456] [2025-01-09 04:02:13,794 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:13,794 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:13,800 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 41 statements into 1 equivalence classes. [2025-01-09 04:02:13,804 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 41 of 41 statements. [2025-01-09 04:02:13,804 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:13,804 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:13,843 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:13,843 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:13,843 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1575059456] [2025-01-09 04:02:13,843 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1575059456] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:13,843 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:13,843 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-01-09 04:02:13,843 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [20021644] [2025-01-09 04:02:13,844 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:13,844 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-01-09 04:02:13,844 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:13,845 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-01-09 04:02:13,845 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 04:02:13,845 INFO L87 Difference]: Start difference. First operand 336 states and 435 transitions. Second operand has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2025-01-09 04:02:13,874 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:13,874 INFO L93 Difference]: Finished difference Result 677 states and 895 transitions. [2025-01-09 04:02:13,874 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-01-09 04:02:13,875 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 41 [2025-01-09 04:02:13,875 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:13,876 INFO L225 Difference]: With dead ends: 677 [2025-01-09 04:02:13,876 INFO L226 Difference]: Without dead ends: 348 [2025-01-09 04:02:13,877 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 04:02:13,878 INFO L435 NwaCegarLoop]: 85 mSDtfsCounter, 0 mSDsluCounter, 249 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 334 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:13,878 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 334 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:13,878 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 348 states. [2025-01-09 04:02:13,891 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 348 to 348. [2025-01-09 04:02:13,891 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 348 states, 269 states have (on average 1.2899628252788105) internal successors, (347), 289 states have internal predecessors, (347), 41 states have call successors, (41), 39 states have call predecessors, (41), 37 states have return successors, (59), 36 states have call predecessors, (59), 41 states have call successors, (59) [2025-01-09 04:02:13,893 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 348 states to 348 states and 447 transitions. [2025-01-09 04:02:13,893 INFO L78 Accepts]: Start accepts. Automaton has 348 states and 447 transitions. Word has length 41 [2025-01-09 04:02:13,894 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:13,894 INFO L471 AbstractCegarLoop]: Abstraction has 348 states and 447 transitions. [2025-01-09 04:02:13,894 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2025-01-09 04:02:13,894 INFO L276 IsEmpty]: Start isEmpty. Operand 348 states and 447 transitions. [2025-01-09 04:02:13,895 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2025-01-09 04:02:13,895 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:13,895 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:13,895 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-01-09 04:02:13,895 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:13,896 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:13,896 INFO L85 PathProgramCache]: Analyzing trace with hash 850806481, now seen corresponding path program 1 times [2025-01-09 04:02:13,896 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:13,896 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [922230865] [2025-01-09 04:02:13,896 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:13,896 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:13,901 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 41 statements into 1 equivalence classes. [2025-01-09 04:02:13,904 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 41 of 41 statements. [2025-01-09 04:02:13,904 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:13,904 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:13,936 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:13,936 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:13,936 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [922230865] [2025-01-09 04:02:13,937 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [922230865] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:13,937 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:13,937 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-01-09 04:02:13,937 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1269030121] [2025-01-09 04:02:13,937 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:13,937 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-01-09 04:02:13,937 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:13,938 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-01-09 04:02:13,938 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 04:02:13,938 INFO L87 Difference]: Start difference. First operand 348 states and 447 transitions. Second operand has 4 states, 4 states have (on average 9.0) internal successors, (36), 4 states have internal predecessors, (36), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2025-01-09 04:02:13,959 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:13,959 INFO L93 Difference]: Finished difference Result 628 states and 827 transitions. [2025-01-09 04:02:13,959 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-01-09 04:02:13,960 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 9.0) internal successors, (36), 4 states have internal predecessors, (36), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 41 [2025-01-09 04:02:13,960 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:13,973 INFO L225 Difference]: With dead ends: 628 [2025-01-09 04:02:13,974 INFO L226 Difference]: Without dead ends: 287 [2025-01-09 04:02:13,974 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 04:02:13,975 INFO L435 NwaCegarLoop]: 86 mSDtfsCounter, 0 mSDsluCounter, 166 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 252 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:13,975 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 252 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:13,976 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 287 states. [2025-01-09 04:02:13,985 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 287 to 287. [2025-01-09 04:02:13,985 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 287 states, 222 states have (on average 1.2747747747747749) internal successors, (283), 239 states have internal predecessors, (283), 34 states have call successors, (34), 32 states have call predecessors, (34), 30 states have return successors, (42), 29 states have call predecessors, (42), 34 states have call successors, (42) [2025-01-09 04:02:13,986 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 287 states to 287 states and 359 transitions. [2025-01-09 04:02:13,987 INFO L78 Accepts]: Start accepts. Automaton has 287 states and 359 transitions. Word has length 41 [2025-01-09 04:02:13,987 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:13,987 INFO L471 AbstractCegarLoop]: Abstraction has 287 states and 359 transitions. [2025-01-09 04:02:13,987 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 9.0) internal successors, (36), 4 states have internal predecessors, (36), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2025-01-09 04:02:13,987 INFO L276 IsEmpty]: Start isEmpty. Operand 287 states and 359 transitions. [2025-01-09 04:02:13,988 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2025-01-09 04:02:13,988 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:13,988 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:13,988 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-01-09 04:02:13,988 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:13,989 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:13,989 INFO L85 PathProgramCache]: Analyzing trace with hash -170261873, now seen corresponding path program 1 times [2025-01-09 04:02:13,989 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:13,989 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [390604850] [2025-01-09 04:02:13,989 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:13,989 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:13,995 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 41 statements into 1 equivalence classes. [2025-01-09 04:02:13,999 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 41 of 41 statements. [2025-01-09 04:02:13,999 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:13,999 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:14,049 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:14,050 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:14,050 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [390604850] [2025-01-09 04:02:14,050 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [390604850] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:14,050 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:14,050 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-01-09 04:02:14,050 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [995472685] [2025-01-09 04:02:14,050 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:14,050 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-01-09 04:02:14,050 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:14,051 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-01-09 04:02:14,051 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 04:02:14,051 INFO L87 Difference]: Start difference. First operand 287 states and 359 transitions. Second operand has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2025-01-09 04:02:14,105 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:14,105 INFO L93 Difference]: Finished difference Result 633 states and 847 transitions. [2025-01-09 04:02:14,105 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-01-09 04:02:14,106 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 41 [2025-01-09 04:02:14,106 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:14,108 INFO L225 Difference]: With dead ends: 633 [2025-01-09 04:02:14,108 INFO L226 Difference]: Without dead ends: 434 [2025-01-09 04:02:14,108 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-01-09 04:02:14,109 INFO L435 NwaCegarLoop]: 137 mSDtfsCounter, 49 mSDsluCounter, 344 mSDsCounter, 0 mSdLazyCounter, 30 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 49 SdHoareTripleChecker+Valid, 481 SdHoareTripleChecker+Invalid, 34 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 30 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:14,109 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [49 Valid, 481 Invalid, 34 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 30 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:14,109 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 434 states. [2025-01-09 04:02:14,125 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 434 to 429. [2025-01-09 04:02:14,126 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 429 states, 328 states have (on average 1.2591463414634145) internal successors, (413), 352 states have internal predecessors, (413), 51 states have call successors, (51), 49 states have call predecessors, (51), 49 states have return successors, (85), 48 states have call predecessors, (85), 51 states have call successors, (85) [2025-01-09 04:02:14,128 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 429 states to 429 states and 549 transitions. [2025-01-09 04:02:14,128 INFO L78 Accepts]: Start accepts. Automaton has 429 states and 549 transitions. Word has length 41 [2025-01-09 04:02:14,128 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:14,128 INFO L471 AbstractCegarLoop]: Abstraction has 429 states and 549 transitions. [2025-01-09 04:02:14,128 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2025-01-09 04:02:14,129 INFO L276 IsEmpty]: Start isEmpty. Operand 429 states and 549 transitions. [2025-01-09 04:02:14,130 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 64 [2025-01-09 04:02:14,130 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:14,130 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:14,130 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-01-09 04:02:14,130 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:14,130 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:14,130 INFO L85 PathProgramCache]: Analyzing trace with hash 1163847191, now seen corresponding path program 1 times [2025-01-09 04:02:14,131 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:14,131 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [198803261] [2025-01-09 04:02:14,131 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:14,131 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:14,136 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 63 statements into 1 equivalence classes. [2025-01-09 04:02:14,139 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 63 of 63 statements. [2025-01-09 04:02:14,139 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:14,139 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:14,162 INFO L134 CoverageAnalysis]: Checked inductivity of 13 backedges. 13 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:14,163 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:14,163 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [198803261] [2025-01-09 04:02:14,163 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [198803261] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:14,163 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:14,163 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-01-09 04:02:14,163 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2056658997] [2025-01-09 04:02:14,163 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:14,163 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-01-09 04:02:14,163 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:14,164 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-01-09 04:02:14,164 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 04:02:14,164 INFO L87 Difference]: Start difference. First operand 429 states and 549 transitions. Second operand has 4 states, 4 states have (on average 14.0) internal successors, (56), 4 states have internal predecessors, (56), 4 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2025-01-09 04:02:14,214 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:14,214 INFO L93 Difference]: Finished difference Result 526 states and 674 transitions. [2025-01-09 04:02:14,215 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-01-09 04:02:14,215 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 14.0) internal successors, (56), 4 states have internal predecessors, (56), 4 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) Word has length 63 [2025-01-09 04:02:14,215 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:14,216 INFO L225 Difference]: With dead ends: 526 [2025-01-09 04:02:14,217 INFO L226 Difference]: Without dead ends: 210 [2025-01-09 04:02:14,217 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 04:02:14,218 INFO L435 NwaCegarLoop]: 121 mSDtfsCounter, 110 mSDsluCounter, 94 mSDsCounter, 0 mSdLazyCounter, 31 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 110 SdHoareTripleChecker+Valid, 215 SdHoareTripleChecker+Invalid, 33 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 31 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:14,218 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [110 Valid, 215 Invalid, 33 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 31 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:14,218 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 210 states. [2025-01-09 04:02:14,228 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 210 to 210. [2025-01-09 04:02:14,228 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 210 states, 161 states have (on average 1.2111801242236024) internal successors, (195), 172 states have internal predecessors, (195), 24 states have call successors, (24), 24 states have call predecessors, (24), 24 states have return successors, (41), 23 states have call predecessors, (41), 24 states have call successors, (41) [2025-01-09 04:02:14,229 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 210 states to 210 states and 260 transitions. [2025-01-09 04:02:14,229 INFO L78 Accepts]: Start accepts. Automaton has 210 states and 260 transitions. Word has length 63 [2025-01-09 04:02:14,229 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:14,229 INFO L471 AbstractCegarLoop]: Abstraction has 210 states and 260 transitions. [2025-01-09 04:02:14,230 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 14.0) internal successors, (56), 4 states have internal predecessors, (56), 4 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2025-01-09 04:02:14,230 INFO L276 IsEmpty]: Start isEmpty. Operand 210 states and 260 transitions. [2025-01-09 04:02:14,230 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 73 [2025-01-09 04:02:14,230 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:14,231 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:14,231 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2025-01-09 04:02:14,231 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:14,231 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:14,231 INFO L85 PathProgramCache]: Analyzing trace with hash 1138954800, now seen corresponding path program 1 times [2025-01-09 04:02:14,231 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:14,231 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [459161377] [2025-01-09 04:02:14,231 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:14,231 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:14,238 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 72 statements into 1 equivalence classes. [2025-01-09 04:02:14,242 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 72 of 72 statements. [2025-01-09 04:02:14,242 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:14,242 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:14,365 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 11 proven. 6 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2025-01-09 04:02:14,369 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:14,369 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [459161377] [2025-01-09 04:02:14,369 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [459161377] provided 0 perfect and 1 imperfect interpolant sequences [2025-01-09 04:02:14,369 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [845763100] [2025-01-09 04:02:14,369 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:14,370 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-01-09 04:02:14,370 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-01-09 04:02:14,372 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-01-09 04:02:14,373 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-01-09 04:02:14,415 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 72 statements into 1 equivalence classes. [2025-01-09 04:02:14,444 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 72 of 72 statements. [2025-01-09 04:02:14,444 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:14,444 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:14,447 INFO L256 TraceCheckSpWp]: Trace formula consists of 258 conjuncts, 8 conjuncts are in the unsatisfiable core [2025-01-09 04:02:14,451 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-01-09 04:02:14,528 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 13 proven. 6 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:14,528 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-01-09 04:02:14,630 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 11 proven. 6 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2025-01-09 04:02:14,631 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [845763100] provided 0 perfect and 2 imperfect interpolant sequences [2025-01-09 04:02:14,631 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2025-01-09 04:02:14,631 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [6, 6, 6] total 6 [2025-01-09 04:02:14,631 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1589844139] [2025-01-09 04:02:14,631 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2025-01-09 04:02:14,632 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-01-09 04:02:14,632 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:14,632 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-01-09 04:02:14,633 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2025-01-09 04:02:14,633 INFO L87 Difference]: Start difference. First operand 210 states and 260 transitions. Second operand has 6 states, 6 states have (on average 10.666666666666666) internal successors, (64), 6 states have internal predecessors, (64), 3 states have call successors, (8), 3 states have call predecessors, (8), 3 states have return successors, (7), 3 states have call predecessors, (7), 2 states have call successors, (7) [2025-01-09 04:02:14,729 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:14,729 INFO L93 Difference]: Finished difference Result 488 states and 644 transitions. [2025-01-09 04:02:14,729 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2025-01-09 04:02:14,730 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 10.666666666666666) internal successors, (64), 6 states have internal predecessors, (64), 3 states have call successors, (8), 3 states have call predecessors, (8), 3 states have return successors, (7), 3 states have call predecessors, (7), 2 states have call successors, (7) Word has length 72 [2025-01-09 04:02:14,730 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:14,732 INFO L225 Difference]: With dead ends: 488 [2025-01-09 04:02:14,732 INFO L226 Difference]: Without dead ends: 324 [2025-01-09 04:02:14,733 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 153 GetRequests, 140 SyntacticMatches, 5 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 10 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=30, Invalid=60, Unknown=0, NotChecked=0, Total=90 [2025-01-09 04:02:14,734 INFO L435 NwaCegarLoop]: 112 mSDtfsCounter, 76 mSDsluCounter, 336 mSDsCounter, 0 mSdLazyCounter, 63 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 76 SdHoareTripleChecker+Valid, 448 SdHoareTripleChecker+Invalid, 69 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 63 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:14,735 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [76 Valid, 448 Invalid, 69 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 63 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-01-09 04:02:14,735 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 324 states. [2025-01-09 04:02:14,772 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 324 to 295. [2025-01-09 04:02:14,773 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 295 states, 224 states have (on average 1.21875) internal successors, (273), 240 states have internal predecessors, (273), 35 states have call successors, (35), 35 states have call predecessors, (35), 35 states have return successors, (65), 31 states have call predecessors, (65), 35 states have call successors, (65) [2025-01-09 04:02:14,774 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 295 states to 295 states and 373 transitions. [2025-01-09 04:02:14,775 INFO L78 Accepts]: Start accepts. Automaton has 295 states and 373 transitions. Word has length 72 [2025-01-09 04:02:14,775 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:14,775 INFO L471 AbstractCegarLoop]: Abstraction has 295 states and 373 transitions. [2025-01-09 04:02:14,775 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 10.666666666666666) internal successors, (64), 6 states have internal predecessors, (64), 3 states have call successors, (8), 3 states have call predecessors, (8), 3 states have return successors, (7), 3 states have call predecessors, (7), 2 states have call successors, (7) [2025-01-09 04:02:14,775 INFO L276 IsEmpty]: Start isEmpty. Operand 295 states and 373 transitions. [2025-01-09 04:02:14,777 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 104 [2025-01-09 04:02:14,779 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:14,779 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:14,786 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2025-01-09 04:02:14,983 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2025-01-09 04:02:14,983 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:14,984 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:14,984 INFO L85 PathProgramCache]: Analyzing trace with hash -288338321, now seen corresponding path program 2 times [2025-01-09 04:02:14,984 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:14,984 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1094519003] [2025-01-09 04:02:14,984 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-01-09 04:02:14,984 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:14,997 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 103 statements into 2 equivalence classes. [2025-01-09 04:02:15,009 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) and asserted 103 of 103 statements. [2025-01-09 04:02:15,009 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2025-01-09 04:02:15,009 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-01-09 04:02:15,009 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-01-09 04:02:15,013 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 103 statements into 1 equivalence classes. [2025-01-09 04:02:15,021 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 103 of 103 statements. [2025-01-09 04:02:15,021 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:15,022 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-01-09 04:02:15,039 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-01-09 04:02:15,039 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-01-09 04:02:15,040 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-01-09 04:02:15,041 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11 [2025-01-09 04:02:15,043 INFO L422 BasicCegarLoop]: Path program histogram: [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:15,080 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-01-09 04:02:15,081 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 09.01 04:02:15 BoogieIcfgContainer [2025-01-09 04:02:15,082 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-01-09 04:02:15,082 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-01-09 04:02:15,082 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-01-09 04:02:15,082 INFO L274 PluginConnector]: Witness Printer initialized [2025-01-09 04:02:15,083 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 04:02:12" (3/4) ... [2025-01-09 04:02:15,083 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-01-09 04:02:15,177 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 93. [2025-01-09 04:02:15,276 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-01-09 04:02:15,276 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.yml [2025-01-09 04:02:15,276 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-01-09 04:02:15,277 INFO L158 Benchmark]: Toolchain (without parser) took 3755.23ms. Allocated memory is still 142.6MB. Free memory was 112.1MB in the beginning and 81.1MB in the end (delta: 31.0MB). Peak memory consumption was 28.8MB. Max. memory is 16.1GB. [2025-01-09 04:02:15,277 INFO L158 Benchmark]: CDTParser took 0.21ms. Allocated memory is still 201.3MB. Free memory is still 125.1MB. There was no memory consumed. Max. memory is 16.1GB. [2025-01-09 04:02:15,277 INFO L158 Benchmark]: CACSL2BoogieTranslator took 349.43ms. Allocated memory is still 142.6MB. Free memory was 112.1MB in the beginning and 93.7MB in the end (delta: 18.4MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-01-09 04:02:15,277 INFO L158 Benchmark]: Boogie Procedure Inliner took 30.12ms. Allocated memory is still 142.6MB. Free memory was 93.7MB in the beginning and 91.5MB in the end (delta: 2.2MB). There was no memory consumed. Max. memory is 16.1GB. [2025-01-09 04:02:15,277 INFO L158 Benchmark]: Boogie Preprocessor took 26.61ms. Allocated memory is still 142.6MB. Free memory was 91.5MB in the beginning and 89.8MB in the end (delta: 1.7MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-01-09 04:02:15,277 INFO L158 Benchmark]: RCFGBuilder took 352.02ms. Allocated memory is still 142.6MB. Free memory was 89.8MB in the beginning and 73.5MB in the end (delta: 16.4MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-01-09 04:02:15,277 INFO L158 Benchmark]: TraceAbstraction took 2794.36ms. Allocated memory is still 142.6MB. Free memory was 73.0MB in the beginning and 93.5MB in the end (delta: -20.5MB). There was no memory consumed. Max. memory is 16.1GB. [2025-01-09 04:02:15,278 INFO L158 Benchmark]: Witness Printer took 194.16ms. Allocated memory is still 142.6MB. Free memory was 93.5MB in the beginning and 81.1MB in the end (delta: 12.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-01-09 04:02:15,279 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.21ms. Allocated memory is still 201.3MB. Free memory is still 125.1MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 349.43ms. Allocated memory is still 142.6MB. Free memory was 112.1MB in the beginning and 93.7MB in the end (delta: 18.4MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 30.12ms. Allocated memory is still 142.6MB. Free memory was 93.7MB in the beginning and 91.5MB in the end (delta: 2.2MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 26.61ms. Allocated memory is still 142.6MB. Free memory was 91.5MB in the beginning and 89.8MB in the end (delta: 1.7MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * RCFGBuilder took 352.02ms. Allocated memory is still 142.6MB. Free memory was 89.8MB in the beginning and 73.5MB in the end (delta: 16.4MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 2794.36ms. Allocated memory is still 142.6MB. Free memory was 73.0MB in the beginning and 93.5MB in the end (delta: -20.5MB). There was no memory consumed. Max. memory is 16.1GB. * Witness Printer took 194.16ms. Allocated memory is still 142.6MB. Free memory was 93.5MB in the beginning and 81.1MB in the end (delta: 12.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [49] - GenericResultAtLocation [Line: 87]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [87] - GenericResultAtLocation [Line: 453]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [453] - GenericResultAtLocation [Line: 525]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [525] - GenericResultAtLocation [Line: 727]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [727] - GenericResultAtLocation [Line: 736]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [736] - GenericResultAtLocation [Line: 831]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [831] - GenericResultAtLocation [Line: 927]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification4_spec.i","") [927] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 732]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L257] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; [L534] int pumpRunning = 0; [L535] int systemActive = 1; [L738] int waterLevel = 1; [L739] int methaneLevelCritical = 0; [L832] int cleanupTimeShifts = 4; VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L905] int retValue_acc ; [L906] int tmp ; [L910] FCALL select_helpers() [L911] FCALL select_features() [L912] CALL, EXPR valid_product() [L79] int retValue_acc ; [L82] retValue_acc = 1 [L83] return (retValue_acc); VAL [\result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L912] RET, EXPR valid_product() [L912] tmp = valid_product() [L914] COND TRUE \read(tmp) [L916] FCALL setup() [L917] CALL runTest() [L899] CALL test() [L460] int splverifierCounter ; [L461] int tmp ; [L462] int tmp___0 ; [L463] int tmp___1 ; [L464] int tmp___2 ; [L467] splverifierCounter = 0 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L471] COND TRUE splverifierCounter < 4 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L477] tmp = __VERIFIER_nondet_int() [L479] COND TRUE \read(tmp) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L481] CALL waterRise() VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L756] COND TRUE waterLevel < 2 [L757] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L481] RET waterRise() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L487] tmp___0 = __VERIFIER_nondet_int() [L489] COND FALSE !(\read(tmp___0)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L497] tmp___2 = __VERIFIER_nondet_int() [L499] COND TRUE \read(tmp___2) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L514] CALL timeShift() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L542] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L549] COND TRUE \read(systemActive) [L551] CALL processEnvironment() [L597] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L600] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L615] CALL processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L571] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L574] COND TRUE ! pumpRunning [L576] CALL, EXPR isHighWaterLevel() [L694] int retValue_acc ; [L695] int tmp ; [L696] int tmp___0 ; [L700] CALL, EXPR isHighWaterSensorDry() [L818] int retValue_acc ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L821] COND FALSE !(waterLevel < 2) [L825] retValue_acc = 0 [L826] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L700] RET, EXPR isHighWaterSensorDry() [L700] tmp = isHighWaterSensorDry() [L702] COND FALSE !(\read(tmp)) [L705] tmp___0 = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L707] retValue_acc = tmp___0 [L708] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L576] RET, EXPR isHighWaterLevel() [L576] tmp = isHighWaterLevel() [L578] COND TRUE \read(tmp) [L580] CALL activatePump() [L625] pumpRunning = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L580] RET activatePump() [L615] RET processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L551] RET processEnvironment() [L557] CALL __utac_acc__Specification4_spec__1() [L929] int tmp ; [L930] int tmp___0 ; [L934] CALL, EXPR getWaterLevel() [L809] int retValue_acc ; [L812] retValue_acc = waterLevel [L813] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L934] RET, EXPR getWaterLevel() [L934] tmp = getWaterLevel() [L936] COND FALSE !(tmp == 0) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L557] RET __utac_acc__Specification4_spec__1() [L514] RET timeShift() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L471] COND TRUE splverifierCounter < 4 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L477] tmp = __VERIFIER_nondet_int() [L479] COND FALSE !(\read(tmp)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L487] tmp___0 = __VERIFIER_nondet_int() [L489] COND FALSE !(\read(tmp___0)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L497] tmp___2 = __VERIFIER_nondet_int() [L499] COND TRUE \read(tmp___2) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L514] CALL timeShift() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L542] COND TRUE \read(pumpRunning) [L544] CALL lowerWaterLevel() [L744] COND TRUE waterLevel > 0 [L745] waterLevel = waterLevel - 1 VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L544] RET lowerWaterLevel() [L549] COND TRUE \read(systemActive) [L551] CALL processEnvironment() [L597] int tmp ; VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L600] COND TRUE \read(pumpRunning) [L602] CALL, EXPR isMethaneAlarm() [L638] int retValue_acc ; [L642] CALL, EXPR isMethaneLevelCritical() [L777] int retValue_acc ; [L780] retValue_acc = methaneLevelCritical [L781] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L642] RET, EXPR isMethaneLevelCritical() [L642] retValue_acc = isMethaneLevelCritical() [L644] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L602] RET, EXPR isMethaneAlarm() [L602] tmp = isMethaneAlarm() [L604] COND FALSE !(\read(tmp)) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L610] CALL processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L571] int tmp ; VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L574] COND FALSE !(! pumpRunning) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L589] FCALL processEnvironment__wrappee__base() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L610] RET processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L551] RET processEnvironment() [L557] CALL __utac_acc__Specification4_spec__1() [L929] int tmp ; [L930] int tmp___0 ; [L934] CALL, EXPR getWaterLevel() [L809] int retValue_acc ; [L812] retValue_acc = waterLevel [L813] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L934] RET, EXPR getWaterLevel() [L934] tmp = getWaterLevel() [L936] COND FALSE !(tmp == 0) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L557] RET __utac_acc__Specification4_spec__1() [L514] RET timeShift() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L471] COND TRUE splverifierCounter < 4 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L477] tmp = __VERIFIER_nondet_int() [L479] COND FALSE !(\read(tmp)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L487] tmp___0 = __VERIFIER_nondet_int() [L489] COND FALSE !(\read(tmp___0)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L497] tmp___2 = __VERIFIER_nondet_int() [L499] COND TRUE \read(tmp___2) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L514] CALL timeShift() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L542] COND TRUE \read(pumpRunning) [L544] CALL lowerWaterLevel() [L744] COND TRUE waterLevel > 0 [L745] waterLevel = waterLevel - 1 VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L544] RET lowerWaterLevel() [L549] COND TRUE \read(systemActive) [L551] CALL processEnvironment() [L597] int tmp ; VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L600] COND TRUE \read(pumpRunning) [L602] CALL, EXPR isMethaneAlarm() [L638] int retValue_acc ; [L642] CALL, EXPR isMethaneLevelCritical() [L777] int retValue_acc ; [L780] retValue_acc = methaneLevelCritical [L781] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=1, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L642] RET, EXPR isMethaneLevelCritical() [L642] retValue_acc = isMethaneLevelCritical() [L644] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=1, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L602] RET, EXPR isMethaneAlarm() [L602] tmp = isMethaneAlarm() [L604] COND FALSE !(\read(tmp)) VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L610] CALL processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L571] int tmp ; VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L574] COND FALSE !(! pumpRunning) VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L589] FCALL processEnvironment__wrappee__base() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L610] RET processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L551] RET processEnvironment() [L557] CALL __utac_acc__Specification4_spec__1() [L929] int tmp ; [L930] int tmp___0 ; [L934] CALL, EXPR getWaterLevel() [L809] int retValue_acc ; [L812] retValue_acc = waterLevel [L813] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=1, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L934] RET, EXPR getWaterLevel() [L934] tmp = getWaterLevel() [L936] COND TRUE tmp == 0 [L938] CALL, EXPR isPumpRunning() [L649] int retValue_acc ; [L652] retValue_acc = pumpRunning [L653] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=1, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L938] RET, EXPR isPumpRunning() [L938] tmp___0 = isPumpRunning() [L940] COND TRUE \read(tmp___0) [L942] CALL __automaton_fail() [L732] reach_error() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 85 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 2.7s, OverallIterations: 12, TraceHistogramMax: 3, PathProgramHistogramMax: 2, EmptinessCheckTime: 0.0s, AutomataDifference: 0.7s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 473 SdHoareTripleChecker+Valid, 0.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 469 mSDsluCounter, 2934 SdHoareTripleChecker+Invalid, 0.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1845 mSDsCounter, 28 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 225 IncrementalHoareTripleChecker+Invalid, 253 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 28 mSolverCounterUnsat, 1089 mSDtfsCounter, 225 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 198 GetRequests, 160 SyntacticMatches, 5 SemanticMatches, 33 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 13 ImplicationChecksByTransitivity, 0.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=429occurred in iteration=9, InterpolantAutomatonStates: 47, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 11 MinimizatonAttempts, 46 StatesRemovedByMinimization, 4 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.0s InterpolantComputationTime, 581 NumberOfCodeBlocks, 581 NumberOfCodeBlocksAsserted, 14 NumberOfCheckSat, 537 ConstructedInterpolants, 0 QuantifiedInterpolants, 1002 SizeOfPredicates, 2 NumberOfNonLiveVariables, 258 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 13 InterpolantComputations, 10 PerfectInterpolantSequences, 52/70 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-01-09 04:02:15,295 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE