./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec4_product42.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 551b0097 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec4_product42.cil.c -s /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 190527f0b5c755657048457e241e1db06174c0bd15c9c37dddb3c55b0e7d73ce --- Real Ultimate output --- This is Ultimate 0.3.0-?-551b009-m [2025-01-09 04:02:12,241 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-01-09 04:02:12,315 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-01-09 04:02:12,320 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-01-09 04:02:12,324 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-01-09 04:02:12,345 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-01-09 04:02:12,346 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-01-09 04:02:12,346 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-01-09 04:02:12,347 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-01-09 04:02:12,347 INFO L153 SettingsManager]: * Use memory slicer=true [2025-01-09 04:02:12,347 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-01-09 04:02:12,347 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-01-09 04:02:12,347 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-01-09 04:02:12,347 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-01-09 04:02:12,348 INFO L153 SettingsManager]: * Use SBE=true [2025-01-09 04:02:12,348 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-01-09 04:02:12,348 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-01-09 04:02:12,348 INFO L153 SettingsManager]: * sizeof long=4 [2025-01-09 04:02:12,348 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-01-09 04:02:12,348 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-01-09 04:02:12,348 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-01-09 04:02:12,349 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-01-09 04:02:12,349 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-01-09 04:02:12,349 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-01-09 04:02:12,349 INFO L153 SettingsManager]: * sizeof long double=12 [2025-01-09 04:02:12,349 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-01-09 04:02:12,349 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-01-09 04:02:12,349 INFO L153 SettingsManager]: * Use constant arrays=true [2025-01-09 04:02:12,349 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-01-09 04:02:12,350 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-01-09 04:02:12,350 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-01-09 04:02:12,350 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-01-09 04:02:12,350 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 04:02:12,350 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2025-01-09 04:02:12,350 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-01-09 04:02:12,350 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-01-09 04:02:12,350 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-01-09 04:02:12,351 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 04:02:12,351 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-01-09 04:02:12,351 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-01-09 04:02:12,351 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-01-09 04:02:12,351 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-01-09 04:02:12,351 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-01-09 04:02:12,351 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-01-09 04:02:12,352 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-01-09 04:02:12,352 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-01-09 04:02:12,352 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-01-09 04:02:12,352 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-01-09 04:02:12,352 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 190527f0b5c755657048457e241e1db06174c0bd15c9c37dddb3c55b0e7d73ce [2025-01-09 04:02:12,710 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-01-09 04:02:12,717 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-01-09 04:02:12,721 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-01-09 04:02:12,722 INFO L270 PluginConnector]: Initializing CDTParser... [2025-01-09 04:02:12,722 INFO L274 PluginConnector]: CDTParser initialized [2025-01-09 04:02:12,724 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec4_product42.cil.c [2025-01-09 04:02:14,038 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/2c405c498/7d3c212a1812440185ea2b3c8c8f2a46/FLAGc6dc21178 [2025-01-09 04:02:14,354 INFO L384 CDTParser]: Found 1 translation units. [2025-01-09 04:02:14,355 INFO L180 CDTParser]: Scanning /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product42.cil.c [2025-01-09 04:02:14,371 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/2c405c498/7d3c212a1812440185ea2b3c8c8f2a46/FLAGc6dc21178 [2025-01-09 04:02:14,390 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/2c405c498/7d3c212a1812440185ea2b3c8c8f2a46 [2025-01-09 04:02:14,393 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-01-09 04:02:14,395 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-01-09 04:02:14,396 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-01-09 04:02:14,397 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-01-09 04:02:14,401 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-01-09 04:02:14,403 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.01 04:02:14" (1/1) ... [2025-01-09 04:02:14,404 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@dfa1513 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:14, skipping insertion in model container [2025-01-09 04:02:14,404 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.01 04:02:14" (1/1) ... [2025-01-09 04:02:14,441 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-01-09 04:02:14,705 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product42.cil.c[17943,17956] [2025-01-09 04:02:14,709 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-01-09 04:02:14,719 INFO L200 MainTranslator]: Completed pre-run [2025-01-09 04:02:14,726 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2025-01-09 04:02:14,728 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [150] [2025-01-09 04:02:14,728 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [516] [2025-01-09 04:02:14,728 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification4_spec.i","") [554] [2025-01-09 04:02:14,729 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [582] [2025-01-09 04:02:14,729 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [681] [2025-01-09 04:02:14,729 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [749] [2025-01-09 04:02:14,729 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [929] [2025-01-09 04:02:14,781 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product42.cil.c[17943,17956] [2025-01-09 04:02:14,781 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-01-09 04:02:14,796 INFO L204 MainTranslator]: Completed translation [2025-01-09 04:02:14,797 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:14 WrapperNode [2025-01-09 04:02:14,797 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-01-09 04:02:14,798 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-01-09 04:02:14,798 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-01-09 04:02:14,798 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-01-09 04:02:14,803 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:14" (1/1) ... [2025-01-09 04:02:14,815 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:14" (1/1) ... [2025-01-09 04:02:14,834 INFO L138 Inliner]: procedures = 54, calls = 96, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 193 [2025-01-09 04:02:14,834 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-01-09 04:02:14,835 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-01-09 04:02:14,835 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-01-09 04:02:14,835 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-01-09 04:02:14,848 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:14" (1/1) ... [2025-01-09 04:02:14,849 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:14" (1/1) ... [2025-01-09 04:02:14,852 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:14" (1/1) ... [2025-01-09 04:02:14,863 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-01-09 04:02:14,863 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:14" (1/1) ... [2025-01-09 04:02:14,863 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:14" (1/1) ... [2025-01-09 04:02:14,868 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:14" (1/1) ... [2025-01-09 04:02:14,869 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:14" (1/1) ... [2025-01-09 04:02:14,872 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:14" (1/1) ... [2025-01-09 04:02:14,873 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:14" (1/1) ... [2025-01-09 04:02:14,874 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:14" (1/1) ... [2025-01-09 04:02:14,875 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-01-09 04:02:14,879 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2025-01-09 04:02:14,879 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2025-01-09 04:02:14,879 INFO L274 PluginConnector]: RCFGBuilder initialized [2025-01-09 04:02:14,880 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:14" (1/1) ... [2025-01-09 04:02:14,889 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 04:02:14,905 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-01-09 04:02:14,919 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-01-09 04:02:14,923 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-01-09 04:02:14,949 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-01-09 04:02:14,949 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2025-01-09 04:02:14,949 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2025-01-09 04:02:14,949 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-01-09 04:02:14,950 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-01-09 04:02:14,950 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-01-09 04:02:14,950 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-01-09 04:02:14,950 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-01-09 04:02:14,950 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-01-09 04:02:14,950 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-01-09 04:02:14,950 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-01-09 04:02:14,950 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-01-09 04:02:14,950 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-01-09 04:02:14,950 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-01-09 04:02:15,028 INFO L234 CfgBuilder]: Building ICFG [2025-01-09 04:02:15,031 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2025-01-09 04:02:15,292 INFO L? ?]: Removed 43 outVars from TransFormulas that were not future-live. [2025-01-09 04:02:15,293 INFO L283 CfgBuilder]: Performing block encoding [2025-01-09 04:02:15,303 INFO L307 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-01-09 04:02:15,303 INFO L312 CfgBuilder]: Removed 2 assume(true) statements. [2025-01-09 04:02:15,304 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 04:02:15 BoogieIcfgContainer [2025-01-09 04:02:15,304 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2025-01-09 04:02:15,305 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-01-09 04:02:15,305 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-01-09 04:02:15,309 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-01-09 04:02:15,310 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 09.01 04:02:14" (1/3) ... [2025-01-09 04:02:15,310 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@67c65a05 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.01 04:02:15, skipping insertion in model container [2025-01-09 04:02:15,310 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:14" (2/3) ... [2025-01-09 04:02:15,310 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@67c65a05 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.01 04:02:15, skipping insertion in model container [2025-01-09 04:02:15,311 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 04:02:15" (3/3) ... [2025-01-09 04:02:15,312 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec4_product42.cil.c [2025-01-09 04:02:15,327 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-01-09 04:02:15,329 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec4_product42.cil.c that has 6 procedures, 73 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-01-09 04:02:15,385 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-01-09 04:02:15,397 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@6f0076b, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-01-09 04:02:15,397 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-01-09 04:02:15,401 INFO L276 IsEmpty]: Start isEmpty. Operand has 73 states, 58 states have (on average 1.3793103448275863) internal successors, (80), 64 states have internal predecessors, (80), 8 states have call successors, (8), 5 states have call predecessors, (8), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2025-01-09 04:02:15,408 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2025-01-09 04:02:15,408 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:15,409 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:15,409 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:15,414 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:15,414 INFO L85 PathProgramCache]: Analyzing trace with hash -1041452320, now seen corresponding path program 1 times [2025-01-09 04:02:15,421 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:15,425 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1719319934] [2025-01-09 04:02:15,426 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:15,427 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:15,505 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 19 statements into 1 equivalence classes. [2025-01-09 04:02:15,535 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 19 of 19 statements. [2025-01-09 04:02:15,536 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:15,536 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:15,676 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:15,677 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:15,677 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1719319934] [2025-01-09 04:02:15,678 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1719319934] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:15,678 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:15,678 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-01-09 04:02:15,680 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [105930314] [2025-01-09 04:02:15,681 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:15,683 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-01-09 04:02:15,684 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:15,697 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-01-09 04:02:15,698 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:02:15,699 INFO L87 Difference]: Start difference. First operand has 73 states, 58 states have (on average 1.3793103448275863) internal successors, (80), 64 states have internal predecessors, (80), 8 states have call successors, (8), 5 states have call predecessors, (8), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) Second operand has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-01-09 04:02:15,727 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:15,727 INFO L93 Difference]: Finished difference Result 126 states and 168 transitions. [2025-01-09 04:02:15,728 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-01-09 04:02:15,730 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 19 [2025-01-09 04:02:15,731 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:15,736 INFO L225 Difference]: With dead ends: 126 [2025-01-09 04:02:15,737 INFO L226 Difference]: Without dead ends: 56 [2025-01-09 04:02:15,740 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:02:15,744 INFO L435 NwaCegarLoop]: 75 mSDtfsCounter, 13 mSDsluCounter, 59 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 134 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:15,747 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [16 Valid, 134 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:15,762 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 56 states. [2025-01-09 04:02:15,784 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 56 to 56. [2025-01-09 04:02:15,785 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 56 states, 46 states have (on average 1.3478260869565217) internal successors, (62), 51 states have internal predecessors, (62), 5 states have call successors, (5), 4 states have call predecessors, (5), 4 states have return successors, (5), 4 states have call predecessors, (5), 5 states have call successors, (5) [2025-01-09 04:02:15,790 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 56 states to 56 states and 72 transitions. [2025-01-09 04:02:15,794 INFO L78 Accepts]: Start accepts. Automaton has 56 states and 72 transitions. Word has length 19 [2025-01-09 04:02:15,796 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:15,796 INFO L471 AbstractCegarLoop]: Abstraction has 56 states and 72 transitions. [2025-01-09 04:02:15,796 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-01-09 04:02:15,797 INFO L276 IsEmpty]: Start isEmpty. Operand 56 states and 72 transitions. [2025-01-09 04:02:15,798 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2025-01-09 04:02:15,798 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:15,798 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:15,798 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-01-09 04:02:15,798 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:15,799 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:15,799 INFO L85 PathProgramCache]: Analyzing trace with hash 1234429540, now seen corresponding path program 1 times [2025-01-09 04:02:15,800 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:15,800 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [675310598] [2025-01-09 04:02:15,800 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:15,800 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:15,811 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 24 statements into 1 equivalence classes. [2025-01-09 04:02:15,826 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 24 of 24 statements. [2025-01-09 04:02:15,826 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:15,826 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:15,962 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:15,962 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:15,963 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [675310598] [2025-01-09 04:02:15,963 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [675310598] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:15,963 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:15,963 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-01-09 04:02:15,963 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [497704958] [2025-01-09 04:02:15,963 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:15,964 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-01-09 04:02:15,964 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:15,981 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-01-09 04:02:15,982 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 04:02:15,982 INFO L87 Difference]: Start difference. First operand 56 states and 72 transitions. Second operand has 5 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-01-09 04:02:16,040 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:16,041 INFO L93 Difference]: Finished difference Result 105 states and 138 transitions. [2025-01-09 04:02:16,041 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-01-09 04:02:16,041 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 24 [2025-01-09 04:02:16,042 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:16,042 INFO L225 Difference]: With dead ends: 105 [2025-01-09 04:02:16,042 INFO L226 Difference]: Without dead ends: 56 [2025-01-09 04:02:16,043 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-01-09 04:02:16,044 INFO L435 NwaCegarLoop]: 68 mSDtfsCounter, 66 mSDsluCounter, 134 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 66 SdHoareTripleChecker+Valid, 202 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:16,044 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [66 Valid, 202 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:16,045 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 56 states. [2025-01-09 04:02:16,049 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 56 to 56. [2025-01-09 04:02:16,049 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 56 states, 46 states have (on average 1.326086956521739) internal successors, (61), 51 states have internal predecessors, (61), 5 states have call successors, (5), 4 states have call predecessors, (5), 4 states have return successors, (5), 4 states have call predecessors, (5), 5 states have call successors, (5) [2025-01-09 04:02:16,050 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 56 states to 56 states and 71 transitions. [2025-01-09 04:02:16,050 INFO L78 Accepts]: Start accepts. Automaton has 56 states and 71 transitions. Word has length 24 [2025-01-09 04:02:16,051 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:16,051 INFO L471 AbstractCegarLoop]: Abstraction has 56 states and 71 transitions. [2025-01-09 04:02:16,051 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-01-09 04:02:16,051 INFO L276 IsEmpty]: Start isEmpty. Operand 56 states and 71 transitions. [2025-01-09 04:02:16,051 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2025-01-09 04:02:16,052 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:16,052 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:16,052 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-01-09 04:02:16,052 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:16,052 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:16,052 INFO L85 PathProgramCache]: Analyzing trace with hash 1577775027, now seen corresponding path program 1 times [2025-01-09 04:02:16,053 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:16,053 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [321633882] [2025-01-09 04:02:16,053 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:16,053 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:16,061 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 29 statements into 1 equivalence classes. [2025-01-09 04:02:16,066 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 29 of 29 statements. [2025-01-09 04:02:16,067 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:16,067 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:16,088 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:16,088 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:16,088 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [321633882] [2025-01-09 04:02:16,088 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [321633882] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:16,088 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:16,089 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-01-09 04:02:16,089 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1407398070] [2025-01-09 04:02:16,089 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:16,089 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-01-09 04:02:16,089 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:16,090 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-01-09 04:02:16,090 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:02:16,090 INFO L87 Difference]: Start difference. First operand 56 states and 71 transitions. Second operand has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 04:02:16,117 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:16,117 INFO L93 Difference]: Finished difference Result 140 states and 182 transitions. [2025-01-09 04:02:16,118 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-01-09 04:02:16,118 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 29 [2025-01-09 04:02:16,118 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:16,119 INFO L225 Difference]: With dead ends: 140 [2025-01-09 04:02:16,119 INFO L226 Difference]: Without dead ends: 91 [2025-01-09 04:02:16,120 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:02:16,120 INFO L435 NwaCegarLoop]: 68 mSDtfsCounter, 60 mSDsluCounter, 44 mSDsCounter, 0 mSdLazyCounter, 7 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 60 SdHoareTripleChecker+Valid, 112 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 7 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:16,121 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [60 Valid, 112 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 7 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:16,121 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 91 states. [2025-01-09 04:02:16,131 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 91 to 89. [2025-01-09 04:02:16,132 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 89 states, 72 states have (on average 1.3194444444444444) internal successors, (95), 79 states have internal predecessors, (95), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (10), 8 states have call predecessors, (10), 8 states have call successors, (10) [2025-01-09 04:02:16,133 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 89 states to 89 states and 113 transitions. [2025-01-09 04:02:16,133 INFO L78 Accepts]: Start accepts. Automaton has 89 states and 113 transitions. Word has length 29 [2025-01-09 04:02:16,133 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:16,133 INFO L471 AbstractCegarLoop]: Abstraction has 89 states and 113 transitions. [2025-01-09 04:02:16,133 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 04:02:16,133 INFO L276 IsEmpty]: Start isEmpty. Operand 89 states and 113 transitions. [2025-01-09 04:02:16,134 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2025-01-09 04:02:16,134 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:16,134 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:16,134 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-01-09 04:02:16,134 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:16,134 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:16,135 INFO L85 PathProgramCache]: Analyzing trace with hash 1104401257, now seen corresponding path program 1 times [2025-01-09 04:02:16,135 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:16,135 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1980322021] [2025-01-09 04:02:16,135 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:16,135 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:16,142 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 35 statements into 1 equivalence classes. [2025-01-09 04:02:16,148 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 35 of 35 statements. [2025-01-09 04:02:16,148 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:16,148 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:16,220 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:16,220 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:16,220 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1980322021] [2025-01-09 04:02:16,220 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1980322021] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:16,220 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:16,220 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-01-09 04:02:16,220 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1468342322] [2025-01-09 04:02:16,220 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:16,221 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-01-09 04:02:16,221 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:16,221 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-01-09 04:02:16,221 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:02:16,224 INFO L87 Difference]: Start difference. First operand 89 states and 113 transitions. Second operand has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 04:02:16,264 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:16,265 INFO L93 Difference]: Finished difference Result 243 states and 324 transitions. [2025-01-09 04:02:16,265 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-01-09 04:02:16,265 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 35 [2025-01-09 04:02:16,265 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:16,267 INFO L225 Difference]: With dead ends: 243 [2025-01-09 04:02:16,267 INFO L226 Difference]: Without dead ends: 161 [2025-01-09 04:02:16,268 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:02:16,268 INFO L435 NwaCegarLoop]: 67 mSDtfsCounter, 41 mSDsluCounter, 58 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 41 SdHoareTripleChecker+Valid, 125 SdHoareTripleChecker+Invalid, 13 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:16,268 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [41 Valid, 125 Invalid, 13 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:16,269 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 161 states. [2025-01-09 04:02:16,283 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 161 to 159. [2025-01-09 04:02:16,284 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 159 states, 130 states have (on average 1.3153846153846154) internal successors, (171), 140 states have internal predecessors, (171), 15 states have call successors, (15), 15 states have call predecessors, (15), 13 states have return successors, (21), 13 states have call predecessors, (21), 15 states have call successors, (21) [2025-01-09 04:02:16,286 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 159 states to 159 states and 207 transitions. [2025-01-09 04:02:16,286 INFO L78 Accepts]: Start accepts. Automaton has 159 states and 207 transitions. Word has length 35 [2025-01-09 04:02:16,286 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:16,286 INFO L471 AbstractCegarLoop]: Abstraction has 159 states and 207 transitions. [2025-01-09 04:02:16,287 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 04:02:16,287 INFO L276 IsEmpty]: Start isEmpty. Operand 159 states and 207 transitions. [2025-01-09 04:02:16,288 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2025-01-09 04:02:16,288 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:16,288 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:16,288 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-01-09 04:02:16,289 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:16,289 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:16,289 INFO L85 PathProgramCache]: Analyzing trace with hash 2125469611, now seen corresponding path program 1 times [2025-01-09 04:02:16,289 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:16,289 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1753787188] [2025-01-09 04:02:16,289 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:16,290 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:16,298 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 35 statements into 1 equivalence classes. [2025-01-09 04:02:16,307 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 35 of 35 statements. [2025-01-09 04:02:16,307 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:16,307 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:16,438 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:16,438 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:16,438 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1753787188] [2025-01-09 04:02:16,438 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1753787188] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:16,438 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:16,439 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2025-01-09 04:02:16,439 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [631082129] [2025-01-09 04:02:16,439 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:16,439 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2025-01-09 04:02:16,439 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:16,440 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2025-01-09 04:02:16,440 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2025-01-09 04:02:16,440 INFO L87 Difference]: Start difference. First operand 159 states and 207 transitions. Second operand has 8 states, 8 states have (on average 4.0) internal successors, (32), 8 states have internal predecessors, (32), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 04:02:16,716 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:16,718 INFO L93 Difference]: Finished difference Result 383 states and 526 transitions. [2025-01-09 04:02:16,718 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2025-01-09 04:02:16,719 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 4.0) internal successors, (32), 8 states have internal predecessors, (32), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 35 [2025-01-09 04:02:16,719 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:16,725 INFO L225 Difference]: With dead ends: 383 [2025-01-09 04:02:16,725 INFO L226 Difference]: Without dead ends: 231 [2025-01-09 04:02:16,743 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 17 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=44, Invalid=138, Unknown=0, NotChecked=0, Total=182 [2025-01-09 04:02:16,746 INFO L435 NwaCegarLoop]: 64 mSDtfsCounter, 91 mSDsluCounter, 337 mSDsCounter, 0 mSdLazyCounter, 104 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 91 SdHoareTripleChecker+Valid, 401 SdHoareTripleChecker+Invalid, 107 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 104 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:16,748 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [91 Valid, 401 Invalid, 107 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 104 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2025-01-09 04:02:16,749 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 231 states. [2025-01-09 04:02:16,779 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 231 to 227. [2025-01-09 04:02:16,782 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 227 states, 184 states have (on average 1.2934782608695652) internal successors, (238), 200 states have internal predecessors, (238), 21 states have call successors, (21), 21 states have call predecessors, (21), 21 states have return successors, (39), 21 states have call predecessors, (39), 21 states have call successors, (39) [2025-01-09 04:02:16,787 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 227 states to 227 states and 298 transitions. [2025-01-09 04:02:16,791 INFO L78 Accepts]: Start accepts. Automaton has 227 states and 298 transitions. Word has length 35 [2025-01-09 04:02:16,791 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:16,791 INFO L471 AbstractCegarLoop]: Abstraction has 227 states and 298 transitions. [2025-01-09 04:02:16,792 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 4.0) internal successors, (32), 8 states have internal predecessors, (32), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-01-09 04:02:16,792 INFO L276 IsEmpty]: Start isEmpty. Operand 227 states and 298 transitions. [2025-01-09 04:02:16,794 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 62 [2025-01-09 04:02:16,794 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:16,794 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:16,796 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-01-09 04:02:16,796 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:16,797 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:16,797 INFO L85 PathProgramCache]: Analyzing trace with hash -692738068, now seen corresponding path program 1 times [2025-01-09 04:02:16,800 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:16,800 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [764826370] [2025-01-09 04:02:16,800 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:16,800 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:16,820 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 61 statements into 1 equivalence classes. [2025-01-09 04:02:16,837 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 61 of 61 statements. [2025-01-09 04:02:16,837 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:16,837 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:16,965 INFO L134 CoverageAnalysis]: Checked inductivity of 16 backedges. 12 proven. 0 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2025-01-09 04:02:16,966 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:16,966 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [764826370] [2025-01-09 04:02:16,966 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [764826370] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:16,966 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:16,966 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-01-09 04:02:16,967 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1172779616] [2025-01-09 04:02:16,967 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:16,967 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-01-09 04:02:16,967 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:16,969 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-01-09 04:02:16,969 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 04:02:16,969 INFO L87 Difference]: Start difference. First operand 227 states and 298 transitions. Second operand has 5 states, 5 states have (on average 10.6) internal successors, (53), 5 states have internal predecessors, (53), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2025-01-09 04:02:17,011 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:17,013 INFO L93 Difference]: Finished difference Result 456 states and 623 transitions. [2025-01-09 04:02:17,013 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-01-09 04:02:17,013 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 10.6) internal successors, (53), 5 states have internal predecessors, (53), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) Word has length 61 [2025-01-09 04:02:17,014 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:17,016 INFO L225 Difference]: With dead ends: 456 [2025-01-09 04:02:17,016 INFO L226 Difference]: Without dead ends: 236 [2025-01-09 04:02:17,017 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 04:02:17,017 INFO L435 NwaCegarLoop]: 68 mSDtfsCounter, 0 mSDsluCounter, 197 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 265 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:17,018 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 265 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:17,019 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 236 states. [2025-01-09 04:02:17,033 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 236 to 236. [2025-01-09 04:02:17,034 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 236 states, 193 states have (on average 1.2797927461139897) internal successors, (247), 209 states have internal predecessors, (247), 21 states have call successors, (21), 21 states have call predecessors, (21), 21 states have return successors, (39), 21 states have call predecessors, (39), 21 states have call successors, (39) [2025-01-09 04:02:17,035 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 236 states to 236 states and 307 transitions. [2025-01-09 04:02:17,036 INFO L78 Accepts]: Start accepts. Automaton has 236 states and 307 transitions. Word has length 61 [2025-01-09 04:02:17,036 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:17,036 INFO L471 AbstractCegarLoop]: Abstraction has 236 states and 307 transitions. [2025-01-09 04:02:17,036 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 10.6) internal successors, (53), 5 states have internal predecessors, (53), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2025-01-09 04:02:17,036 INFO L276 IsEmpty]: Start isEmpty. Operand 236 states and 307 transitions. [2025-01-09 04:02:17,039 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 62 [2025-01-09 04:02:17,039 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:17,039 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:17,039 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-01-09 04:02:17,040 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:17,040 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:17,040 INFO L85 PathProgramCache]: Analyzing trace with hash -2064545366, now seen corresponding path program 1 times [2025-01-09 04:02:17,040 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:17,040 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1943990862] [2025-01-09 04:02:17,041 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:17,041 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:17,051 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 61 statements into 1 equivalence classes. [2025-01-09 04:02:17,055 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 61 of 61 statements. [2025-01-09 04:02:17,056 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:17,056 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:17,146 INFO L134 CoverageAnalysis]: Checked inductivity of 16 backedges. 12 proven. 0 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2025-01-09 04:02:17,147 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:17,147 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1943990862] [2025-01-09 04:02:17,147 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1943990862] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:17,147 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:17,147 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-01-09 04:02:17,147 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [339502400] [2025-01-09 04:02:17,147 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:17,147 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-01-09 04:02:17,147 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:17,148 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-01-09 04:02:17,148 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-01-09 04:02:17,148 INFO L87 Difference]: Start difference. First operand 236 states and 307 transitions. Second operand has 6 states, 6 states have (on average 8.833333333333334) internal successors, (53), 6 states have internal predecessors, (53), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2025-01-09 04:02:17,187 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:17,187 INFO L93 Difference]: Finished difference Result 424 states and 561 transitions. [2025-01-09 04:02:17,188 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2025-01-09 04:02:17,188 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 8.833333333333334) internal successors, (53), 6 states have internal predecessors, (53), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) Word has length 61 [2025-01-09 04:02:17,188 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:17,189 INFO L225 Difference]: With dead ends: 424 [2025-01-09 04:02:17,189 INFO L226 Difference]: Without dead ends: 195 [2025-01-09 04:02:17,190 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-01-09 04:02:17,190 INFO L435 NwaCegarLoop]: 67 mSDtfsCounter, 0 mSDsluCounter, 260 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 327 SdHoareTripleChecker+Invalid, 25 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:17,190 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 327 Invalid, 25 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:17,191 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 195 states. [2025-01-09 04:02:17,203 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 195 to 195. [2025-01-09 04:02:17,203 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 195 states, 157 states have (on average 1.267515923566879) internal successors, (199), 169 states have internal predecessors, (199), 18 states have call successors, (18), 18 states have call predecessors, (18), 19 states have return successors, (29), 19 states have call predecessors, (29), 18 states have call successors, (29) [2025-01-09 04:02:17,204 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 195 states to 195 states and 246 transitions. [2025-01-09 04:02:17,204 INFO L78 Accepts]: Start accepts. Automaton has 195 states and 246 transitions. Word has length 61 [2025-01-09 04:02:17,205 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:17,205 INFO L471 AbstractCegarLoop]: Abstraction has 195 states and 246 transitions. [2025-01-09 04:02:17,205 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 8.833333333333334) internal successors, (53), 6 states have internal predecessors, (53), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2025-01-09 04:02:17,205 INFO L276 IsEmpty]: Start isEmpty. Operand 195 states and 246 transitions. [2025-01-09 04:02:17,207 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 66 [2025-01-09 04:02:17,207 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:17,207 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:17,207 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-01-09 04:02:17,207 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:17,208 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:17,208 INFO L85 PathProgramCache]: Analyzing trace with hash 409311630, now seen corresponding path program 1 times [2025-01-09 04:02:17,208 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:17,208 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [912312243] [2025-01-09 04:02:17,208 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:17,208 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:17,219 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 65 statements into 1 equivalence classes. [2025-01-09 04:02:17,226 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 65 of 65 statements. [2025-01-09 04:02:17,229 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:17,229 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:17,441 INFO L134 CoverageAnalysis]: Checked inductivity of 16 backedges. 12 proven. 4 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:17,442 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:17,443 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [912312243] [2025-01-09 04:02:17,443 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [912312243] provided 0 perfect and 1 imperfect interpolant sequences [2025-01-09 04:02:17,443 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [453830585] [2025-01-09 04:02:17,443 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:17,443 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-01-09 04:02:17,444 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-01-09 04:02:17,447 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-01-09 04:02:17,451 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-01-09 04:02:17,511 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 65 statements into 1 equivalence classes. [2025-01-09 04:02:17,545 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 65 of 65 statements. [2025-01-09 04:02:17,545 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:17,545 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:17,548 INFO L256 TraceCheckSpWp]: Trace formula consists of 246 conjuncts, 8 conjuncts are in the unsatisfiable core [2025-01-09 04:02:17,553 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-01-09 04:02:17,666 INFO L134 CoverageAnalysis]: Checked inductivity of 16 backedges. 12 proven. 4 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:17,669 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-01-09 04:02:17,807 INFO L134 CoverageAnalysis]: Checked inductivity of 16 backedges. 12 proven. 4 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-01-09 04:02:17,809 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [453830585] provided 0 perfect and 2 imperfect interpolant sequences [2025-01-09 04:02:17,809 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2025-01-09 04:02:17,809 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [6, 6, 6] total 8 [2025-01-09 04:02:17,809 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1224273991] [2025-01-09 04:02:17,809 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2025-01-09 04:02:17,810 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2025-01-09 04:02:17,810 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:17,810 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2025-01-09 04:02:17,812 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-01-09 04:02:17,812 INFO L87 Difference]: Start difference. First operand 195 states and 246 transitions. Second operand has 8 states, 8 states have (on average 7.75) internal successors, (62), 8 states have internal predecessors, (62), 3 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2025-01-09 04:02:17,950 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:17,951 INFO L93 Difference]: Finished difference Result 442 states and 601 transitions. [2025-01-09 04:02:17,951 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2025-01-09 04:02:17,952 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 7.75) internal successors, (62), 8 states have internal predecessors, (62), 3 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 65 [2025-01-09 04:02:17,952 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:17,957 INFO L225 Difference]: With dead ends: 442 [2025-01-09 04:02:17,957 INFO L226 Difference]: Without dead ends: 289 [2025-01-09 04:02:17,959 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 139 GetRequests, 124 SyntacticMatches, 5 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 19 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=40, Invalid=92, Unknown=0, NotChecked=0, Total=132 [2025-01-09 04:02:17,962 INFO L435 NwaCegarLoop]: 99 mSDtfsCounter, 71 mSDsluCounter, 281 mSDsCounter, 0 mSdLazyCounter, 55 mSolverCounterSat, 12 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 71 SdHoareTripleChecker+Valid, 380 SdHoareTripleChecker+Invalid, 67 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 12 IncrementalHoareTripleChecker+Valid, 55 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:17,962 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [71 Valid, 380 Invalid, 67 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [12 Valid, 55 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-01-09 04:02:17,963 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 289 states. [2025-01-09 04:02:17,989 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 289 to 261. [2025-01-09 04:02:17,990 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 261 states, 207 states have (on average 1.2608695652173914) internal successors, (261), 222 states have internal predecessors, (261), 27 states have call successors, (27), 27 states have call predecessors, (27), 26 states have return successors, (46), 24 states have call predecessors, (46), 27 states have call successors, (46) [2025-01-09 04:02:17,992 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 261 states to 261 states and 334 transitions. [2025-01-09 04:02:17,993 INFO L78 Accepts]: Start accepts. Automaton has 261 states and 334 transitions. Word has length 65 [2025-01-09 04:02:17,993 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:17,993 INFO L471 AbstractCegarLoop]: Abstraction has 261 states and 334 transitions. [2025-01-09 04:02:17,994 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 7.75) internal successors, (62), 8 states have internal predecessors, (62), 3 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2025-01-09 04:02:17,994 INFO L276 IsEmpty]: Start isEmpty. Operand 261 states and 334 transitions. [2025-01-09 04:02:17,996 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 90 [2025-01-09 04:02:17,997 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:17,997 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:18,006 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2025-01-09 04:02:18,201 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7,2 /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-01-09 04:02:18,201 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:18,202 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:18,202 INFO L85 PathProgramCache]: Analyzing trace with hash -1576831858, now seen corresponding path program 2 times [2025-01-09 04:02:18,202 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:18,202 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [50998176] [2025-01-09 04:02:18,202 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-01-09 04:02:18,202 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:18,227 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 89 statements into 2 equivalence classes. [2025-01-09 04:02:18,247 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) and asserted 89 of 89 statements. [2025-01-09 04:02:18,247 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2025-01-09 04:02:18,247 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-01-09 04:02:18,248 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-01-09 04:02:18,255 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 89 statements into 1 equivalence classes. [2025-01-09 04:02:18,267 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 89 of 89 statements. [2025-01-09 04:02:18,267 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:18,267 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-01-09 04:02:18,297 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-01-09 04:02:18,298 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-01-09 04:02:18,299 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-01-09 04:02:18,301 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-01-09 04:02:18,304 INFO L422 BasicCegarLoop]: Path program histogram: [2, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:18,375 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-01-09 04:02:18,378 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 09.01 04:02:18 BoogieIcfgContainer [2025-01-09 04:02:18,379 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-01-09 04:02:18,379 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-01-09 04:02:18,379 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-01-09 04:02:18,379 INFO L274 PluginConnector]: Witness Printer initialized [2025-01-09 04:02:18,380 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 04:02:15" (3/4) ... [2025-01-09 04:02:18,381 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-01-09 04:02:18,474 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 87. [2025-01-09 04:02:18,568 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-01-09 04:02:18,569 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.yml [2025-01-09 04:02:18,569 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-01-09 04:02:18,570 INFO L158 Benchmark]: Toolchain (without parser) took 4175.06ms. Allocated memory is still 142.6MB. Free memory was 106.9MB in the beginning and 85.5MB in the end (delta: 21.3MB). Peak memory consumption was 18.5MB. Max. memory is 16.1GB. [2025-01-09 04:02:18,570 INFO L158 Benchmark]: CDTParser took 0.32ms. Allocated memory is still 201.3MB. Free memory is still 127.7MB. There was no memory consumed. Max. memory is 16.1GB. [2025-01-09 04:02:18,570 INFO L158 Benchmark]: CACSL2BoogieTranslator took 400.97ms. Allocated memory is still 142.6MB. Free memory was 105.9MB in the beginning and 88.1MB in the end (delta: 17.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-01-09 04:02:18,570 INFO L158 Benchmark]: Boogie Procedure Inliner took 36.81ms. Allocated memory is still 142.6MB. Free memory was 88.1MB in the beginning and 86.2MB in the end (delta: 1.9MB). There was no memory consumed. Max. memory is 16.1GB. [2025-01-09 04:02:18,571 INFO L158 Benchmark]: Boogie Preprocessor took 40.25ms. Allocated memory is still 142.6MB. Free memory was 86.2MB in the beginning and 84.4MB in the end (delta: 1.8MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-01-09 04:02:18,571 INFO L158 Benchmark]: RCFGBuilder took 425.08ms. Allocated memory is still 142.6MB. Free memory was 84.4MB in the beginning and 68.6MB in the end (delta: 15.8MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-01-09 04:02:18,571 INFO L158 Benchmark]: TraceAbstraction took 3073.29ms. Allocated memory is still 142.6MB. Free memory was 67.7MB in the beginning and 96.6MB in the end (delta: -28.9MB). There was no memory consumed. Max. memory is 16.1GB. [2025-01-09 04:02:18,571 INFO L158 Benchmark]: Witness Printer took 189.70ms. Allocated memory is still 142.6MB. Free memory was 96.6MB in the beginning and 85.5MB in the end (delta: 11.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-01-09 04:02:18,573 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.32ms. Allocated memory is still 201.3MB. Free memory is still 127.7MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 400.97ms. Allocated memory is still 142.6MB. Free memory was 105.9MB in the beginning and 88.1MB in the end (delta: 17.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 36.81ms. Allocated memory is still 142.6MB. Free memory was 88.1MB in the beginning and 86.2MB in the end (delta: 1.9MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 40.25ms. Allocated memory is still 142.6MB. Free memory was 86.2MB in the beginning and 84.4MB in the end (delta: 1.8MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * RCFGBuilder took 425.08ms. Allocated memory is still 142.6MB. Free memory was 84.4MB in the beginning and 68.6MB in the end (delta: 15.8MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * TraceAbstraction took 3073.29ms. Allocated memory is still 142.6MB. Free memory was 67.7MB in the beginning and 96.6MB in the end (delta: -28.9MB). There was no memory consumed. Max. memory is 16.1GB. * Witness Printer took 189.70ms. Allocated memory is still 142.6MB. Free memory was 96.6MB in the beginning and 85.5MB in the end (delta: 11.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 150]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [150] - GenericResultAtLocation [Line: 516]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [516] - GenericResultAtLocation [Line: 554]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification4_spec.i","") [554] - GenericResultAtLocation [Line: 582]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [582] - GenericResultAtLocation [Line: 681]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [681] - GenericResultAtLocation [Line: 749]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [749] - GenericResultAtLocation [Line: 929]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [929] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 934]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L57] int waterLevel = 1; [L58] int methaneLevelCritical = 0; [L320] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; [L583] int cleanupTimeShifts = 4; [L752] int pumpRunning = 0; [L753] int systemActive = 1; VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L659] int retValue_acc ; [L660] int tmp ; [L664] FCALL select_helpers() [L665] FCALL select_features() [L666] CALL, EXPR valid_product() [L546] int retValue_acc ; [L549] retValue_acc = 1 [L550] return (retValue_acc); VAL [\result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L666] RET, EXPR valid_product() [L666] tmp = valid_product() [L668] COND TRUE \read(tmp) [L670] FCALL setup() [L671] CALL runTest() [L653] CALL test() [L684] int splverifierCounter ; [L685] int tmp ; [L686] int tmp___0 ; [L687] int tmp___1 ; [L688] int tmp___2 ; [L691] splverifierCounter = 0 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L695] COND TRUE splverifierCounter < 4 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L701] tmp = __VERIFIER_nondet_int() [L703] COND TRUE \read(tmp) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L705] CALL waterRise() VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L75] COND TRUE waterLevel < 2 [L76] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L705] RET waterRise() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L711] tmp___0 = __VERIFIER_nondet_int() [L713] COND FALSE !(\read(tmp___0)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L721] tmp___2 = __VERIFIER_nondet_int() [L723] COND TRUE \read(tmp___2) [L725] CALL startSystem() [L925] systemActive = 1 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L725] RET startSystem() [L738] CALL timeShift() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L759] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L766] COND TRUE \read(systemActive) [L768] CALL processEnvironment() [L788] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L791] COND TRUE ! pumpRunning [L793] CALL, EXPR isHighWaterLevel() [L903] int retValue_acc ; [L904] int tmp ; [L905] int tmp___0 ; [L909] CALL, EXPR isHighWaterSensorDry() [L137] int retValue_acc ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L140] COND FALSE !(waterLevel < 2) [L144] retValue_acc = 0 [L145] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L909] RET, EXPR isHighWaterSensorDry() [L909] tmp = isHighWaterSensorDry() [L911] COND FALSE !(\read(tmp)) [L914] tmp___0 = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L916] retValue_acc = tmp___0 [L917] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L793] RET, EXPR isHighWaterLevel() [L793] tmp = isHighWaterLevel() [L795] COND TRUE \read(tmp) [L797] CALL activatePump() [L822] int tmp ; [L826] CALL, EXPR isMethaneAlarm() [L847] int retValue_acc ; [L851] CALL, EXPR isMethaneLevelCritical() [L96] int retValue_acc ; [L99] retValue_acc = methaneLevelCritical [L100] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L851] RET, EXPR isMethaneLevelCritical() [L851] retValue_acc = isMethaneLevelCritical() [L853] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L826] RET, EXPR isMethaneAlarm() [L826] tmp = isMethaneAlarm() [L828] COND FALSE !(\read(tmp)) [L832] CALL activatePump__wrappee__highWaterSensor() [L816] pumpRunning = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L832] RET activatePump__wrappee__highWaterSensor() [L797] RET activatePump() [L768] RET processEnvironment() [L774] CALL __utac_acc__Specification4_spec__1() [L558] int tmp ; [L559] int tmp___0 ; [L563] CALL, EXPR getWaterLevel() [L128] int retValue_acc ; [L131] retValue_acc = waterLevel [L132] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L563] RET, EXPR getWaterLevel() [L563] tmp = getWaterLevel() [L565] COND FALSE !(tmp == 0) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L774] RET __utac_acc__Specification4_spec__1() [L738] RET timeShift() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L695] COND TRUE splverifierCounter < 4 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L701] tmp = __VERIFIER_nondet_int() [L703] COND FALSE !(\read(tmp)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L711] tmp___0 = __VERIFIER_nondet_int() [L713] COND FALSE !(\read(tmp___0)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L721] tmp___2 = __VERIFIER_nondet_int() [L723] COND TRUE \read(tmp___2) [L725] CALL startSystem() [L925] systemActive = 1 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L725] RET startSystem() [L738] CALL timeShift() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L759] COND TRUE \read(pumpRunning) [L761] CALL lowerWaterLevel() [L63] COND TRUE waterLevel > 0 [L64] waterLevel = waterLevel - 1 VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L761] RET lowerWaterLevel() [L766] COND TRUE \read(systemActive) [L768] CALL processEnvironment() [L788] int tmp ; VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L791] COND FALSE !(! pumpRunning) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L806] FCALL processEnvironment__wrappee__base() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L768] RET processEnvironment() [L774] CALL __utac_acc__Specification4_spec__1() [L558] int tmp ; [L559] int tmp___0 ; [L563] CALL, EXPR getWaterLevel() [L128] int retValue_acc ; [L131] retValue_acc = waterLevel [L132] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L563] RET, EXPR getWaterLevel() [L563] tmp = getWaterLevel() [L565] COND FALSE !(tmp == 0) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L774] RET __utac_acc__Specification4_spec__1() [L738] RET timeShift() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L695] COND TRUE splverifierCounter < 4 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L701] tmp = __VERIFIER_nondet_int() [L703] COND FALSE !(\read(tmp)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L711] tmp___0 = __VERIFIER_nondet_int() [L713] COND FALSE !(\read(tmp___0)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L721] tmp___2 = __VERIFIER_nondet_int() [L723] COND TRUE \read(tmp___2) [L725] CALL startSystem() [L925] systemActive = 1 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L725] RET startSystem() [L738] CALL timeShift() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L759] COND TRUE \read(pumpRunning) [L761] CALL lowerWaterLevel() [L63] COND TRUE waterLevel > 0 [L64] waterLevel = waterLevel - 1 VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L761] RET lowerWaterLevel() [L766] COND TRUE \read(systemActive) [L768] CALL processEnvironment() [L788] int tmp ; VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L791] COND FALSE !(! pumpRunning) VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L806] FCALL processEnvironment__wrappee__base() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L768] RET processEnvironment() [L774] CALL __utac_acc__Specification4_spec__1() [L558] int tmp ; [L559] int tmp___0 ; [L563] CALL, EXPR getWaterLevel() [L128] int retValue_acc ; [L131] retValue_acc = waterLevel [L132] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=1, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L563] RET, EXPR getWaterLevel() [L563] tmp = getWaterLevel() [L565] COND TRUE tmp == 0 [L567] CALL, EXPR isPumpRunning() [L858] int retValue_acc ; [L861] retValue_acc = pumpRunning [L862] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=1, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L567] RET, EXPR isPumpRunning() [L567] tmp___0 = isPumpRunning() [L569] COND TRUE \read(tmp___0) [L571] CALL __automaton_fail() [L934] reach_error() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] - StatisticsResult: Ultimate Automizer benchmark data CFG has 6 procedures, 73 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 2.9s, OverallIterations: 9, TraceHistogramMax: 3, PathProgramHistogramMax: 2, EmptinessCheckTime: 0.0s, AutomataDifference: 0.8s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 345 SdHoareTripleChecker+Valid, 0.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 342 mSDsluCounter, 1946 SdHoareTripleChecker+Invalid, 0.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1370 mSDsCounter, 21 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 230 IncrementalHoareTripleChecker+Invalid, 251 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 21 mSolverCounterUnsat, 576 mSDtfsCounter, 230 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 186 GetRequests, 144 SyntacticMatches, 5 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 37 ImplicationChecksByTransitivity, 0.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=261occurred in iteration=8, InterpolantAutomatonStates: 43, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 8 MinimizatonAttempts, 36 StatesRemovedByMinimization, 4 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.2s InterpolantComputationTime, 483 NumberOfCodeBlocks, 483 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 449 ConstructedInterpolants, 0 QuantifiedInterpolants, 827 SizeOfPredicates, 2 NumberOfNonLiveVariables, 246 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 10 InterpolantComputations, 7 PerfectInterpolantSequences, 68/80 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-01-09 04:02:18,595 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE