./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec1_product34.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version c00e63dc Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec1_product34.cil.c -s /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash b1a2a4f6154f8b607411cb85c1a9c20d409d0ca16407a9f3bb2fc8f7ede01236 --- Real Ultimate output --- This is Ultimate 0.3.0-?-c00e63d-m [2025-02-05 15:50:48,967 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-02-05 15:50:49,014 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-02-05 15:50:49,017 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-02-05 15:50:49,018 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-02-05 15:50:49,030 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-02-05 15:50:49,031 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-02-05 15:50:49,031 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-02-05 15:50:49,031 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-02-05 15:50:49,031 INFO L153 SettingsManager]: * Use memory slicer=true [2025-02-05 15:50:49,031 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-02-05 15:50:49,032 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-02-05 15:50:49,032 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-02-05 15:50:49,032 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-02-05 15:50:49,032 INFO L153 SettingsManager]: * Use SBE=true [2025-02-05 15:50:49,032 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-02-05 15:50:49,032 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-02-05 15:50:49,032 INFO L153 SettingsManager]: * sizeof long=4 [2025-02-05 15:50:49,032 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-02-05 15:50:49,032 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-02-05 15:50:49,032 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-02-05 15:50:49,033 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-02-05 15:50:49,033 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-02-05 15:50:49,033 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-02-05 15:50:49,033 INFO L153 SettingsManager]: * sizeof long double=12 [2025-02-05 15:50:49,033 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-02-05 15:50:49,033 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-02-05 15:50:49,033 INFO L153 SettingsManager]: * Use constant arrays=true [2025-02-05 15:50:49,033 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-02-05 15:50:49,033 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-02-05 15:50:49,033 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-02-05 15:50:49,033 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-02-05 15:50:49,034 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-02-05 15:50:49,034 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-02-05 15:50:49,034 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-02-05 15:50:49,034 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-02-05 15:50:49,034 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-02-05 15:50:49,034 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-02-05 15:50:49,034 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-02-05 15:50:49,034 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-02-05 15:50:49,034 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-02-05 15:50:49,034 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-02-05 15:50:49,034 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-02-05 15:50:49,035 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> b1a2a4f6154f8b607411cb85c1a9c20d409d0ca16407a9f3bb2fc8f7ede01236 [2025-02-05 15:50:49,273 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-02-05 15:50:49,278 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-02-05 15:50:49,279 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-02-05 15:50:49,280 INFO L270 PluginConnector]: Initializing CDTParser... [2025-02-05 15:50:49,280 INFO L274 PluginConnector]: CDTParser initialized [2025-02-05 15:50:49,280 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec1_product34.cil.c [2025-02-05 15:50:50,400 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/81de19ec3/34f0945ef2e3479688ba7a6def9c6b3a/FLAGf1014fe75 [2025-02-05 15:50:50,711 INFO L384 CDTParser]: Found 1 translation units. [2025-02-05 15:50:50,711 INFO L180 CDTParser]: Scanning /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product34.cil.c [2025-02-05 15:50:50,730 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/81de19ec3/34f0945ef2e3479688ba7a6def9c6b3a/FLAGf1014fe75 [2025-02-05 15:50:50,743 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/81de19ec3/34f0945ef2e3479688ba7a6def9c6b3a [2025-02-05 15:50:50,746 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-02-05 15:50:50,747 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-02-05 15:50:50,748 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-02-05 15:50:50,748 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-02-05 15:50:50,751 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-02-05 15:50:50,752 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 05.02 03:50:50" (1/1) ... [2025-02-05 15:50:50,753 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@574bc346 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:50, skipping insertion in model container [2025-02-05 15:50:50,753 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 05.02 03:50:50" (1/1) ... [2025-02-05 15:50:50,776 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-02-05 15:50:50,926 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product34.cil.c[12584,12597] [2025-02-05 15:50:50,951 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-02-05 15:50:50,960 INFO L200 MainTranslator]: Completed pre-run [2025-02-05 15:50:50,965 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] [2025-02-05 15:50:50,966 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [153] [2025-02-05 15:50:50,966 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [519] [2025-02-05 15:50:50,966 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [528] [2025-02-05 15:50:50,966 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [627] [2025-02-05 15:50:50,967 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [695] [2025-02-05 15:50:50,967 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [859] [2025-02-05 15:50:50,967 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [885] [2025-02-05 15:50:51,006 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product34.cil.c[12584,12597] [2025-02-05 15:50:51,019 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-02-05 15:50:51,034 INFO L204 MainTranslator]: Completed translation [2025-02-05 15:50:51,035 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:51 WrapperNode [2025-02-05 15:50:51,035 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-02-05 15:50:51,036 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-02-05 15:50:51,036 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-02-05 15:50:51,036 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-02-05 15:50:51,041 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:51" (1/1) ... [2025-02-05 15:50:51,048 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:51" (1/1) ... [2025-02-05 15:50:51,066 INFO L138 Inliner]: procedures = 53, calls = 94, calls flagged for inlining = 20, calls inlined = 17, statements flattened = 164 [2025-02-05 15:50:51,067 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-02-05 15:50:51,067 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-02-05 15:50:51,067 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-02-05 15:50:51,068 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-02-05 15:50:51,074 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:51" (1/1) ... [2025-02-05 15:50:51,074 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:51" (1/1) ... [2025-02-05 15:50:51,076 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:51" (1/1) ... [2025-02-05 15:50:51,090 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-02-05 15:50:51,091 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:51" (1/1) ... [2025-02-05 15:50:51,091 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:51" (1/1) ... [2025-02-05 15:50:51,095 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:51" (1/1) ... [2025-02-05 15:50:51,100 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:51" (1/1) ... [2025-02-05 15:50:51,101 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:51" (1/1) ... [2025-02-05 15:50:51,102 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:51" (1/1) ... [2025-02-05 15:50:51,106 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-02-05 15:50:51,107 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-02-05 15:50:51,107 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-02-05 15:50:51,107 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-02-05 15:50:51,108 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:51" (1/1) ... [2025-02-05 15:50:51,112 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-02-05 15:50:51,120 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-02-05 15:50:51,131 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-02-05 15:50:51,136 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-02-05 15:50:51,167 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-02-05 15:50:51,167 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2025-02-05 15:50:51,167 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2025-02-05 15:50:51,167 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2025-02-05 15:50:51,167 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2025-02-05 15:50:51,167 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-02-05 15:50:51,168 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-02-05 15:50:51,168 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-02-05 15:50:51,168 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-02-05 15:50:51,168 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-02-05 15:50:51,168 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-02-05 15:50:51,168 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-02-05 15:50:51,168 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-02-05 15:50:51,168 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-02-05 15:50:51,168 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-02-05 15:50:51,168 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-02-05 15:50:51,225 INFO L257 CfgBuilder]: Building ICFG [2025-02-05 15:50:51,226 INFO L287 CfgBuilder]: Building CFG for each procedure with an implementation [2025-02-05 15:50:51,253 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L578: #res := ~retValue_acc~4; [2025-02-05 15:50:51,299 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L793-1: isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~8#1; [2025-02-05 15:50:51,300 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L624-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~6#1; [2025-02-05 15:50:51,300 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L848-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~9#1; [2025-02-05 15:50:51,317 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint cleanupFINAL: assume true; [2025-02-05 15:50:51,358 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L917-1: valid_product_#res#1 := valid_product_~retValue_acc~11#1; [2025-02-05 15:50:51,358 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L150-1: main_#res#1 := main_~retValue_acc~0#1; [2025-02-05 15:50:51,370 INFO L? ?]: Removed 36 outVars from TransFormulas that were not future-live. [2025-02-05 15:50:51,370 INFO L308 CfgBuilder]: Performing block encoding [2025-02-05 15:50:51,377 INFO L332 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-02-05 15:50:51,377 INFO L337 CfgBuilder]: Removed 0 assume(true) statements. [2025-02-05 15:50:51,378 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:50:51 BoogieIcfgContainer [2025-02-05 15:50:51,378 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-02-05 15:50:51,380 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-02-05 15:50:51,380 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-02-05 15:50:51,383 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-02-05 15:50:51,383 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 05.02 03:50:50" (1/3) ... [2025-02-05 15:50:51,383 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1eaaa7d7 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 05.02 03:50:51, skipping insertion in model container [2025-02-05 15:50:51,383 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:51" (2/3) ... [2025-02-05 15:50:51,383 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1eaaa7d7 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 05.02 03:50:51, skipping insertion in model container [2025-02-05 15:50:51,384 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:50:51" (3/3) ... [2025-02-05 15:50:51,384 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product34.cil.c [2025-02-05 15:50:51,394 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-02-05 15:50:51,395 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec1_product34.cil.c that has 7 procedures, 74 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-02-05 15:50:51,428 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-02-05 15:50:51,436 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@4a6ac4ca, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-02-05 15:50:51,436 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-02-05 15:50:51,440 INFO L276 IsEmpty]: Start isEmpty. Operand has 73 states, 56 states have (on average 1.375) internal successors, (77), 62 states have internal predecessors, (77), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2025-02-05 15:50:51,444 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2025-02-05 15:50:51,445 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:51,445 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:51,445 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:51,449 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:51,449 INFO L85 PathProgramCache]: Analyzing trace with hash -1364926603, now seen corresponding path program 1 times [2025-02-05 15:50:51,454 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:51,454 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [929723232] [2025-02-05 15:50:51,454 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:51,456 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:51,516 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 23 statements into 1 equivalence classes. [2025-02-05 15:50:51,535 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 23 of 23 statements. [2025-02-05 15:50:51,535 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:51,535 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:51,590 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:51,591 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:51,591 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [929723232] [2025-02-05 15:50:51,591 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [929723232] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:51,591 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:51,592 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2025-02-05 15:50:51,593 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [998344794] [2025-02-05 15:50:51,593 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:51,595 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-02-05 15:50:51,595 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:51,614 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-02-05 15:50:51,614 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-02-05 15:50:51,616 INFO L87 Difference]: Start difference. First operand has 73 states, 56 states have (on average 1.375) internal successors, (77), 62 states have internal predecessors, (77), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) Second operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:51,635 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:51,637 INFO L93 Difference]: Finished difference Result 130 states and 175 transitions. [2025-02-05 15:50:51,637 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-02-05 15:50:51,638 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2025-02-05 15:50:51,639 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:51,645 INFO L225 Difference]: With dead ends: 130 [2025-02-05 15:50:51,645 INFO L226 Difference]: Without dead ends: 65 [2025-02-05 15:50:51,650 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-02-05 15:50:51,652 INFO L435 NwaCegarLoop]: 88 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 88 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:51,652 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 88 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:51,661 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 65 states. [2025-02-05 15:50:51,672 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 65 to 65. [2025-02-05 15:50:51,673 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 65 states, 50 states have (on average 1.32) internal successors, (66), 55 states have internal predecessors, (66), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2025-02-05 15:50:51,676 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 65 states to 65 states and 83 transitions. [2025-02-05 15:50:51,677 INFO L78 Accepts]: Start accepts. Automaton has 65 states and 83 transitions. Word has length 23 [2025-02-05 15:50:51,677 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:51,677 INFO L471 AbstractCegarLoop]: Abstraction has 65 states and 83 transitions. [2025-02-05 15:50:51,677 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:51,677 INFO L276 IsEmpty]: Start isEmpty. Operand 65 states and 83 transitions. [2025-02-05 15:50:51,678 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2025-02-05 15:50:51,679 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:51,679 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:51,679 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-02-05 15:50:51,679 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:51,679 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:51,680 INFO L85 PathProgramCache]: Analyzing trace with hash -166916983, now seen corresponding path program 1 times [2025-02-05 15:50:51,680 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:51,680 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1887757242] [2025-02-05 15:50:51,680 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:51,680 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:51,688 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 24 statements into 1 equivalence classes. [2025-02-05 15:50:51,694 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 24 of 24 statements. [2025-02-05 15:50:51,694 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:51,694 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:51,761 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:51,762 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:51,762 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1887757242] [2025-02-05 15:50:51,762 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1887757242] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:51,762 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:51,762 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-02-05 15:50:51,763 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [312267709] [2025-02-05 15:50:51,763 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:51,763 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:50:51,764 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:51,764 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:50:51,765 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:50:51,765 INFO L87 Difference]: Start difference. First operand 65 states and 83 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:51,775 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:51,776 INFO L93 Difference]: Finished difference Result 96 states and 122 transitions. [2025-02-05 15:50:51,776 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:50:51,776 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2025-02-05 15:50:51,777 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:51,777 INFO L225 Difference]: With dead ends: 96 [2025-02-05 15:50:51,777 INFO L226 Difference]: Without dead ends: 56 [2025-02-05 15:50:51,778 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:50:51,778 INFO L435 NwaCegarLoop]: 70 mSDtfsCounter, 12 mSDsluCounter, 54 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 124 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:51,778 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [15 Valid, 124 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:51,779 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 56 states. [2025-02-05 15:50:51,783 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 56 to 56. [2025-02-05 15:50:51,784 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 56 states, 44 states have (on average 1.3409090909090908) internal successors, (59), 49 states have internal predecessors, (59), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2025-02-05 15:50:51,784 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 56 states to 56 states and 71 transitions. [2025-02-05 15:50:51,785 INFO L78 Accepts]: Start accepts. Automaton has 56 states and 71 transitions. Word has length 24 [2025-02-05 15:50:51,785 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:51,785 INFO L471 AbstractCegarLoop]: Abstraction has 56 states and 71 transitions. [2025-02-05 15:50:51,785 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:51,785 INFO L276 IsEmpty]: Start isEmpty. Operand 56 states and 71 transitions. [2025-02-05 15:50:51,785 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2025-02-05 15:50:51,785 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:51,786 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:51,786 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-02-05 15:50:51,786 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:51,786 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:51,786 INFO L85 PathProgramCache]: Analyzing trace with hash -999588650, now seen corresponding path program 1 times [2025-02-05 15:50:51,786 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:51,786 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1828623877] [2025-02-05 15:50:51,786 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:51,786 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:51,798 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 28 statements into 1 equivalence classes. [2025-02-05 15:50:51,805 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 28 of 28 statements. [2025-02-05 15:50:51,805 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:51,805 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:51,910 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:51,910 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:51,911 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1828623877] [2025-02-05 15:50:51,911 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1828623877] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:51,911 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:51,911 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-02-05 15:50:51,911 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [61670006] [2025-02-05 15:50:51,911 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:51,911 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:50:51,911 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:51,912 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:50:51,912 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:50:51,912 INFO L87 Difference]: Start difference. First operand 56 states and 71 transitions. Second operand has 5 states, 5 states have (on average 5.0) internal successors, (25), 5 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:51,948 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:51,948 INFO L93 Difference]: Finished difference Result 105 states and 136 transitions. [2025-02-05 15:50:51,949 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:50:51,949 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.0) internal successors, (25), 5 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 28 [2025-02-05 15:50:51,949 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:51,950 INFO L225 Difference]: With dead ends: 105 [2025-02-05 15:50:51,950 INFO L226 Difference]: Without dead ends: 56 [2025-02-05 15:50:51,950 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-02-05 15:50:51,951 INFO L435 NwaCegarLoop]: 67 mSDtfsCounter, 65 mSDsluCounter, 132 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 65 SdHoareTripleChecker+Valid, 199 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:51,951 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [65 Valid, 199 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:51,951 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 56 states. [2025-02-05 15:50:51,955 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 56 to 56. [2025-02-05 15:50:51,955 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 56 states, 44 states have (on average 1.3181818181818181) internal successors, (58), 49 states have internal predecessors, (58), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2025-02-05 15:50:51,956 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 56 states to 56 states and 70 transitions. [2025-02-05 15:50:51,956 INFO L78 Accepts]: Start accepts. Automaton has 56 states and 70 transitions. Word has length 28 [2025-02-05 15:50:51,956 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:51,956 INFO L471 AbstractCegarLoop]: Abstraction has 56 states and 70 transitions. [2025-02-05 15:50:51,956 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.0) internal successors, (25), 5 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:51,957 INFO L276 IsEmpty]: Start isEmpty. Operand 56 states and 70 transitions. [2025-02-05 15:50:51,957 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2025-02-05 15:50:51,957 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:51,957 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:51,957 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-02-05 15:50:51,958 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:51,958 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:51,958 INFO L85 PathProgramCache]: Analyzing trace with hash 2018080077, now seen corresponding path program 1 times [2025-02-05 15:50:51,958 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:51,958 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1768831798] [2025-02-05 15:50:51,958 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:51,958 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:51,964 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 33 statements into 1 equivalence classes. [2025-02-05 15:50:51,968 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 33 of 33 statements. [2025-02-05 15:50:51,968 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:51,968 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:51,991 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:51,991 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:51,992 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1768831798] [2025-02-05 15:50:51,992 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1768831798] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:51,992 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:51,992 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-02-05 15:50:51,992 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1141579428] [2025-02-05 15:50:51,992 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:51,992 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:50:51,993 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:51,994 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:50:51,994 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:50:51,994 INFO L87 Difference]: Start difference. First operand 56 states and 70 transitions. Second operand has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:52,024 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:52,027 INFO L93 Difference]: Finished difference Result 143 states and 183 transitions. [2025-02-05 15:50:52,027 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:50:52,027 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2025-02-05 15:50:52,027 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:52,028 INFO L225 Difference]: With dead ends: 143 [2025-02-05 15:50:52,028 INFO L226 Difference]: Without dead ends: 94 [2025-02-05 15:50:52,028 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:50:52,029 INFO L435 NwaCegarLoop]: 83 mSDtfsCounter, 59 mSDsluCounter, 47 mSDsCounter, 0 mSdLazyCounter, 7 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 59 SdHoareTripleChecker+Valid, 130 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 7 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:52,029 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [59 Valid, 130 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 7 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:52,029 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 94 states. [2025-02-05 15:50:52,040 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 94 to 92. [2025-02-05 15:50:52,040 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 92 states, 71 states have (on average 1.3098591549295775) internal successors, (93), 77 states have internal predecessors, (93), 10 states have call successors, (10), 10 states have call predecessors, (10), 10 states have return successors, (12), 10 states have call predecessors, (12), 10 states have call successors, (12) [2025-02-05 15:50:52,041 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 92 states to 92 states and 115 transitions. [2025-02-05 15:50:52,043 INFO L78 Accepts]: Start accepts. Automaton has 92 states and 115 transitions. Word has length 33 [2025-02-05 15:50:52,043 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:52,043 INFO L471 AbstractCegarLoop]: Abstraction has 92 states and 115 transitions. [2025-02-05 15:50:52,043 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:52,044 INFO L276 IsEmpty]: Start isEmpty. Operand 92 states and 115 transitions. [2025-02-05 15:50:52,045 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2025-02-05 15:50:52,045 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:52,046 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:52,046 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-02-05 15:50:52,046 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:52,046 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:52,046 INFO L85 PathProgramCache]: Analyzing trace with hash -572691872, now seen corresponding path program 1 times [2025-02-05 15:50:52,046 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:52,046 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2045561699] [2025-02-05 15:50:52,047 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:52,047 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:52,055 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 37 statements into 1 equivalence classes. [2025-02-05 15:50:52,065 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 37 of 37 statements. [2025-02-05 15:50:52,065 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:52,065 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:52,121 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:52,121 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:52,121 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2045561699] [2025-02-05 15:50:52,122 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2045561699] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:52,122 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:52,122 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-02-05 15:50:52,122 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [188985577] [2025-02-05 15:50:52,122 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:52,122 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:50:52,122 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:52,123 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:50:52,123 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:50:52,124 INFO L87 Difference]: Start difference. First operand 92 states and 115 transitions. Second operand has 5 states, 5 states have (on average 6.8) internal successors, (34), 5 states have internal predecessors, (34), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:52,156 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:52,157 INFO L93 Difference]: Finished difference Result 180 states and 229 transitions. [2025-02-05 15:50:52,158 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:50:52,158 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.8) internal successors, (34), 5 states have internal predecessors, (34), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 37 [2025-02-05 15:50:52,158 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:52,159 INFO L225 Difference]: With dead ends: 180 [2025-02-05 15:50:52,160 INFO L226 Difference]: Without dead ends: 95 [2025-02-05 15:50:52,161 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:50:52,162 INFO L435 NwaCegarLoop]: 67 mSDtfsCounter, 0 mSDsluCounter, 194 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 261 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:52,162 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 261 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:52,163 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 95 states. [2025-02-05 15:50:52,168 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 95 to 95. [2025-02-05 15:50:52,169 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 95 states, 74 states have (on average 1.2972972972972974) internal successors, (96), 80 states have internal predecessors, (96), 10 states have call successors, (10), 10 states have call predecessors, (10), 10 states have return successors, (12), 10 states have call predecessors, (12), 10 states have call successors, (12) [2025-02-05 15:50:52,169 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 95 states to 95 states and 118 transitions. [2025-02-05 15:50:52,170 INFO L78 Accepts]: Start accepts. Automaton has 95 states and 118 transitions. Word has length 37 [2025-02-05 15:50:52,170 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:52,170 INFO L471 AbstractCegarLoop]: Abstraction has 95 states and 118 transitions. [2025-02-05 15:50:52,170 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.8) internal successors, (34), 5 states have internal predecessors, (34), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:52,170 INFO L276 IsEmpty]: Start isEmpty. Operand 95 states and 118 transitions. [2025-02-05 15:50:52,170 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2025-02-05 15:50:52,171 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:52,171 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:52,171 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-02-05 15:50:52,171 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:52,171 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:52,171 INFO L85 PathProgramCache]: Analyzing trace with hash -1083226049, now seen corresponding path program 1 times [2025-02-05 15:50:52,171 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:52,171 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [901815651] [2025-02-05 15:50:52,172 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:52,172 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:52,177 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 37 statements into 1 equivalence classes. [2025-02-05 15:50:52,186 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 37 of 37 statements. [2025-02-05 15:50:52,187 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:52,187 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:52,244 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:52,245 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:52,245 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [901815651] [2025-02-05 15:50:52,245 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [901815651] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:52,245 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:52,245 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-02-05 15:50:52,245 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1416773740] [2025-02-05 15:50:52,245 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:52,245 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-02-05 15:50:52,246 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:52,246 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-02-05 15:50:52,247 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-02-05 15:50:52,247 INFO L87 Difference]: Start difference. First operand 95 states and 118 transitions. Second operand has 4 states, 4 states have (on average 8.5) internal successors, (34), 4 states have internal predecessors, (34), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:52,266 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:52,267 INFO L93 Difference]: Finished difference Result 185 states and 236 transitions. [2025-02-05 15:50:52,268 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-02-05 15:50:52,268 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 8.5) internal successors, (34), 4 states have internal predecessors, (34), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 37 [2025-02-05 15:50:52,268 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:52,269 INFO L225 Difference]: With dead ends: 185 [2025-02-05 15:50:52,269 INFO L226 Difference]: Without dead ends: 97 [2025-02-05 15:50:52,269 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-02-05 15:50:52,271 INFO L435 NwaCegarLoop]: 68 mSDtfsCounter, 0 mSDsluCounter, 130 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 198 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:52,271 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 198 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:52,272 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 97 states. [2025-02-05 15:50:52,281 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 97 to 97. [2025-02-05 15:50:52,283 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 97 states, 76 states have (on average 1.2894736842105263) internal successors, (98), 82 states have internal predecessors, (98), 10 states have call successors, (10), 10 states have call predecessors, (10), 10 states have return successors, (12), 10 states have call predecessors, (12), 10 states have call successors, (12) [2025-02-05 15:50:52,284 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 97 states to 97 states and 120 transitions. [2025-02-05 15:50:52,285 INFO L78 Accepts]: Start accepts. Automaton has 97 states and 120 transitions. Word has length 37 [2025-02-05 15:50:52,285 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:52,286 INFO L471 AbstractCegarLoop]: Abstraction has 97 states and 120 transitions. [2025-02-05 15:50:52,286 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 8.5) internal successors, (34), 4 states have internal predecessors, (34), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:52,286 INFO L276 IsEmpty]: Start isEmpty. Operand 97 states and 120 transitions. [2025-02-05 15:50:52,286 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2025-02-05 15:50:52,287 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:52,287 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:52,287 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-02-05 15:50:52,287 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:52,288 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:52,288 INFO L85 PathProgramCache]: Analyzing trace with hash 1217596541, now seen corresponding path program 1 times [2025-02-05 15:50:52,288 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:52,288 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [698672804] [2025-02-05 15:50:52,288 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:52,288 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:52,297 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 37 statements into 1 equivalence classes. [2025-02-05 15:50:52,303 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 37 of 37 statements. [2025-02-05 15:50:52,303 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:52,303 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:52,358 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:52,359 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:52,359 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [698672804] [2025-02-05 15:50:52,359 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [698672804] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:52,359 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:52,359 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-02-05 15:50:52,359 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1779469957] [2025-02-05 15:50:52,359 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:52,360 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:50:52,360 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:52,360 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:50:52,360 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:50:52,363 INFO L87 Difference]: Start difference. First operand 97 states and 120 transitions. Second operand has 3 states, 3 states have (on average 11.333333333333334) internal successors, (34), 3 states have internal predecessors, (34), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:52,389 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:52,389 INFO L93 Difference]: Finished difference Result 230 states and 288 transitions. [2025-02-05 15:50:52,389 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:50:52,390 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.333333333333334) internal successors, (34), 3 states have internal predecessors, (34), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 37 [2025-02-05 15:50:52,390 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:52,390 INFO L225 Difference]: With dead ends: 230 [2025-02-05 15:50:52,390 INFO L226 Difference]: Without dead ends: 140 [2025-02-05 15:50:52,391 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:50:52,391 INFO L435 NwaCegarLoop]: 68 mSDtfsCounter, 36 mSDsluCounter, 57 mSDsCounter, 0 mSdLazyCounter, 8 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 36 SdHoareTripleChecker+Valid, 125 SdHoareTripleChecker+Invalid, 9 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 8 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:52,391 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [36 Valid, 125 Invalid, 9 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 8 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:52,392 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 140 states. [2025-02-05 15:50:52,422 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 140 to 138. [2025-02-05 15:50:52,423 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 138 states, 108 states have (on average 1.2685185185185186) internal successors, (137), 115 states have internal predecessors, (137), 15 states have call successors, (15), 15 states have call predecessors, (15), 14 states have return successors, (17), 14 states have call predecessors, (17), 15 states have call successors, (17) [2025-02-05 15:50:52,423 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 138 states to 138 states and 169 transitions. [2025-02-05 15:50:52,428 INFO L78 Accepts]: Start accepts. Automaton has 138 states and 169 transitions. Word has length 37 [2025-02-05 15:50:52,428 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:52,428 INFO L471 AbstractCegarLoop]: Abstraction has 138 states and 169 transitions. [2025-02-05 15:50:52,428 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.333333333333334) internal successors, (34), 3 states have internal predecessors, (34), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:52,428 INFO L276 IsEmpty]: Start isEmpty. Operand 138 states and 169 transitions. [2025-02-05 15:50:52,429 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 40 [2025-02-05 15:50:52,429 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:52,429 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:52,429 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-02-05 15:50:52,429 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:52,430 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:52,430 INFO L85 PathProgramCache]: Analyzing trace with hash 1177032809, now seen corresponding path program 1 times [2025-02-05 15:50:52,430 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:52,430 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1253836085] [2025-02-05 15:50:52,430 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:52,430 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:52,440 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 39 statements into 1 equivalence classes. [2025-02-05 15:50:52,453 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 39 of 39 statements. [2025-02-05 15:50:52,453 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:52,453 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:52,524 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:52,524 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:52,524 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1253836085] [2025-02-05 15:50:52,524 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1253836085] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:52,524 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:52,524 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-02-05 15:50:52,524 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [760002579] [2025-02-05 15:50:52,524 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:52,524 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:50:52,524 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:52,525 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:50:52,525 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:50:52,525 INFO L87 Difference]: Start difference. First operand 138 states and 169 transitions. Second operand has 5 states, 5 states have (on average 6.8) internal successors, (34), 5 states have internal predecessors, (34), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:52,566 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:52,566 INFO L93 Difference]: Finished difference Result 140 states and 170 transitions. [2025-02-05 15:50:52,567 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:50:52,567 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.8) internal successors, (34), 5 states have internal predecessors, (34), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 39 [2025-02-05 15:50:52,567 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:52,568 INFO L225 Difference]: With dead ends: 140 [2025-02-05 15:50:52,568 INFO L226 Difference]: Without dead ends: 138 [2025-02-05 15:50:52,568 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-02-05 15:50:52,568 INFO L435 NwaCegarLoop]: 66 mSDtfsCounter, 45 mSDsluCounter, 176 mSDsCounter, 0 mSdLazyCounter, 22 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 45 SdHoareTripleChecker+Valid, 242 SdHoareTripleChecker+Invalid, 24 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 22 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:52,568 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [45 Valid, 242 Invalid, 24 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 22 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:52,569 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 138 states. [2025-02-05 15:50:52,578 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 138 to 138. [2025-02-05 15:50:52,578 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 138 states, 108 states have (on average 1.25) internal successors, (135), 115 states have internal predecessors, (135), 15 states have call successors, (15), 15 states have call predecessors, (15), 14 states have return successors, (17), 14 states have call predecessors, (17), 15 states have call successors, (17) [2025-02-05 15:50:52,579 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 138 states to 138 states and 167 transitions. [2025-02-05 15:50:52,579 INFO L78 Accepts]: Start accepts. Automaton has 138 states and 167 transitions. Word has length 39 [2025-02-05 15:50:52,579 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:52,579 INFO L471 AbstractCegarLoop]: Abstraction has 138 states and 167 transitions. [2025-02-05 15:50:52,579 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.8) internal successors, (34), 5 states have internal predecessors, (34), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:52,580 INFO L276 IsEmpty]: Start isEmpty. Operand 138 states and 167 transitions. [2025-02-05 15:50:52,580 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2025-02-05 15:50:52,580 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:52,580 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:52,581 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-02-05 15:50:52,581 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:52,581 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:52,581 INFO L85 PathProgramCache]: Analyzing trace with hash 729246559, now seen corresponding path program 1 times [2025-02-05 15:50:52,581 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:52,581 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2077615735] [2025-02-05 15:50:52,581 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:52,581 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:52,590 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 41 statements into 1 equivalence classes. [2025-02-05 15:50:52,597 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 41 of 41 statements. [2025-02-05 15:50:52,599 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:52,599 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:52,700 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:52,700 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:52,700 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2077615735] [2025-02-05 15:50:52,700 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2077615735] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:52,700 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:52,700 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-02-05 15:50:52,701 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [811672839] [2025-02-05 15:50:52,701 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:52,701 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-02-05 15:50:52,701 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:52,701 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-02-05 15:50:52,701 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-02-05 15:50:52,701 INFO L87 Difference]: Start difference. First operand 138 states and 167 transitions. Second operand has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:52,779 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:52,779 INFO L93 Difference]: Finished difference Result 392 states and 490 transitions. [2025-02-05 15:50:52,780 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-02-05 15:50:52,781 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 41 [2025-02-05 15:50:52,781 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:52,783 INFO L225 Difference]: With dead ends: 392 [2025-02-05 15:50:52,784 INFO L226 Difference]: Without dead ends: 261 [2025-02-05 15:50:52,784 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2025-02-05 15:50:52,785 INFO L435 NwaCegarLoop]: 68 mSDtfsCounter, 33 mSDsluCounter, 242 mSDsCounter, 0 mSdLazyCounter, 38 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 34 SdHoareTripleChecker+Valid, 310 SdHoareTripleChecker+Invalid, 40 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 38 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:52,785 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [34 Valid, 310 Invalid, 40 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 38 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:52,785 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 261 states. [2025-02-05 15:50:52,807 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 261 to 261. [2025-02-05 15:50:52,808 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 261 states, 202 states have (on average 1.2326732673267327) internal successors, (249), 215 states have internal predecessors, (249), 30 states have call successors, (30), 30 states have call predecessors, (30), 28 states have return successors, (37), 28 states have call predecessors, (37), 30 states have call successors, (37) [2025-02-05 15:50:52,809 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 261 states to 261 states and 316 transitions. [2025-02-05 15:50:52,810 INFO L78 Accepts]: Start accepts. Automaton has 261 states and 316 transitions. Word has length 41 [2025-02-05 15:50:52,810 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:52,810 INFO L471 AbstractCegarLoop]: Abstraction has 261 states and 316 transitions. [2025-02-05 15:50:52,810 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:52,810 INFO L276 IsEmpty]: Start isEmpty. Operand 261 states and 316 transitions. [2025-02-05 15:50:52,811 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2025-02-05 15:50:52,811 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:52,811 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:52,811 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-02-05 15:50:52,812 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:52,812 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:52,812 INFO L85 PathProgramCache]: Analyzing trace with hash 884687616, now seen corresponding path program 1 times [2025-02-05 15:50:52,812 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:52,812 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1339928761] [2025-02-05 15:50:52,812 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:52,812 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:52,820 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 45 statements into 1 equivalence classes. [2025-02-05 15:50:52,830 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 45 of 45 statements. [2025-02-05 15:50:52,831 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:52,831 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-02-05 15:50:52,831 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-02-05 15:50:52,833 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 45 statements into 1 equivalence classes. [2025-02-05 15:50:52,840 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 45 of 45 statements. [2025-02-05 15:50:52,840 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:52,840 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-02-05 15:50:52,861 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-02-05 15:50:52,862 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-02-05 15:50:52,862 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-02-05 15:50:52,863 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2025-02-05 15:50:52,865 INFO L422 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:52,907 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-02-05 15:50:52,911 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 05.02 03:50:52 BoogieIcfgContainer [2025-02-05 15:50:52,911 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-02-05 15:50:52,911 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-02-05 15:50:52,911 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-02-05 15:50:52,912 INFO L274 PluginConnector]: Witness Printer initialized [2025-02-05 15:50:52,913 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:50:51" (3/4) ... [2025-02-05 15:50:52,913 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-02-05 15:50:52,973 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 42. [2025-02-05 15:50:53,015 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-02-05 15:50:53,015 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.yml [2025-02-05 15:50:53,015 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-02-05 15:50:53,016 INFO L158 Benchmark]: Toolchain (without parser) took 2268.65ms. Allocated memory is still 142.6MB. Free memory was 111.0MB in the beginning and 107.3MB in the end (delta: 3.7MB). Peak memory consumption was 69.4MB. Max. memory is 16.1GB. [2025-02-05 15:50:53,016 INFO L158 Benchmark]: CDTParser took 0.17ms. Allocated memory is still 201.3MB. Free memory is still 126.6MB. There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:50:53,016 INFO L158 Benchmark]: CACSL2BoogieTranslator took 287.12ms. Allocated memory is still 142.6MB. Free memory was 111.0MB in the beginning and 92.5MB in the end (delta: 18.5MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-02-05 15:50:53,016 INFO L158 Benchmark]: Boogie Procedure Inliner took 30.99ms. Allocated memory is still 142.6MB. Free memory was 92.5MB in the beginning and 90.4MB in the end (delta: 2.1MB). There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:50:53,017 INFO L158 Benchmark]: Boogie Preprocessor took 38.97ms. Allocated memory is still 142.6MB. Free memory was 90.4MB in the beginning and 89.3MB in the end (delta: 1.2MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-02-05 15:50:53,017 INFO L158 Benchmark]: IcfgBuilder took 271.19ms. Allocated memory is still 142.6MB. Free memory was 89.3MB in the beginning and 72.5MB in the end (delta: 16.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-02-05 15:50:53,017 INFO L158 Benchmark]: TraceAbstraction took 1531.22ms. Allocated memory is still 142.6MB. Free memory was 72.5MB in the beginning and 48.2MB in the end (delta: 24.3MB). Peak memory consumption was 19.1MB. Max. memory is 16.1GB. [2025-02-05 15:50:53,017 INFO L158 Benchmark]: Witness Printer took 103.94ms. Allocated memory is still 142.6MB. Free memory was 48.2MB in the beginning and 107.3MB in the end (delta: -59.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-02-05 15:50:53,018 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.17ms. Allocated memory is still 201.3MB. Free memory is still 126.6MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 287.12ms. Allocated memory is still 142.6MB. Free memory was 111.0MB in the beginning and 92.5MB in the end (delta: 18.5MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 30.99ms. Allocated memory is still 142.6MB. Free memory was 92.5MB in the beginning and 90.4MB in the end (delta: 2.1MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 38.97ms. Allocated memory is still 142.6MB. Free memory was 90.4MB in the beginning and 89.3MB in the end (delta: 1.2MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * IcfgBuilder took 271.19ms. Allocated memory is still 142.6MB. Free memory was 89.3MB in the beginning and 72.5MB in the end (delta: 16.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 1531.22ms. Allocated memory is still 142.6MB. Free memory was 72.5MB in the beginning and 48.2MB in the end (delta: 24.3MB). Peak memory consumption was 19.1MB. Max. memory is 16.1GB. * Witness Printer took 103.94ms. Allocated memory is still 142.6MB. Free memory was 48.2MB in the beginning and 107.3MB in the end (delta: -59.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] - GenericResultAtLocation [Line: 153]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [153] - GenericResultAtLocation [Line: 519]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [519] - GenericResultAtLocation [Line: 528]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [528] - GenericResultAtLocation [Line: 627]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [627] - GenericResultAtLocation [Line: 695]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [695] - GenericResultAtLocation [Line: 859]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [859] - GenericResultAtLocation [Line: 885]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [885] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 524]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L50] int cleanupTimeShifts = 4; [L323] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; [L534] int waterLevel = 1; [L535] int methaneLevelCritical = 0; [L699] int pumpRunning = 0; [L700] int systemActive = 1; VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L131] int retValue_acc ; [L132] int tmp ; [L136] FCALL select_helpers() [L137] FCALL select_features() [L138] CALL, EXPR valid_product() [L912] int retValue_acc ; [L915] retValue_acc = 1 [L916] return (retValue_acc); VAL [\result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L138] RET, EXPR valid_product() [L138] tmp = valid_product() [L140] COND TRUE \read(tmp) [L142] FCALL setup() [L143] CALL runTest() [L122] CALL test() [L630] int splverifierCounter ; [L631] int tmp ; [L632] int tmp___0 ; [L633] int tmp___1 ; [L634] int tmp___2 ; [L637] splverifierCounter = 0 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L639] COND TRUE 1 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L641] COND TRUE splverifierCounter < 4 [L647] tmp = __VERIFIER_nondet_int() [L649] COND TRUE \read(tmp) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L651] CALL waterRise() VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L552] COND TRUE waterLevel < 2 [L553] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L651] RET waterRise() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L657] tmp___0 = __VERIFIER_nondet_int() [L659] COND TRUE \read(tmp___0) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L661] CALL changeMethaneLevel() VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L564] COND FALSE !(\read(methaneLevelCritical)) [L567] methaneLevelCritical = 1 VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L661] RET changeMethaneLevel() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L667] tmp___2 = __VERIFIER_nondet_int() [L669] COND TRUE \read(tmp___2) [L671] CALL startSystem() [L855] systemActive = 1 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L671] RET startSystem() [L684] CALL timeShift() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L707] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L714] COND TRUE \read(systemActive) [L716] CALL processEnvironment() [L736] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L739] COND TRUE ! pumpRunning [L741] CALL, EXPR isHighWaterLevel() [L833] int retValue_acc ; [L834] int tmp ; [L835] int tmp___0 ; [L839] CALL, EXPR isHighWaterSensorDry() [L614] int retValue_acc ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L617] COND FALSE !(waterLevel < 2) [L621] retValue_acc = 0 [L622] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L839] RET, EXPR isHighWaterSensorDry() [L839] tmp = isHighWaterSensorDry() [L841] COND FALSE !(\read(tmp)) [L844] tmp___0 = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L846] retValue_acc = tmp___0 [L847] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L741] RET, EXPR isHighWaterLevel() [L741] tmp = isHighWaterLevel() [L743] COND TRUE \read(tmp) [L745] CALL activatePump() [L764] pumpRunning = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L745] RET activatePump() [L716] RET processEnvironment() [L722] CALL __utac_acc__Specification1_spec__1() [L861] int tmp ; [L862] int tmp___0 ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L866] CALL, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L573] int retValue_acc ; [L576] retValue_acc = methaneLevelCritical [L577] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L866] RET, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L866] tmp = isMethaneLevelCritical() [L868] COND TRUE \read(tmp) [L870] CALL, EXPR isPumpRunning() [L788] int retValue_acc ; [L791] retValue_acc = pumpRunning [L792] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L870] RET, EXPR isPumpRunning() [L870] tmp___0 = isPumpRunning() [L872] COND TRUE \read(tmp___0) [L874] CALL __automaton_fail() [L524] reach_error() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 74 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 1.4s, OverallIterations: 10, TraceHistogramMax: 1, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.4s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 254 SdHoareTripleChecker+Valid, 0.1s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 250 mSDsluCounter, 1677 SdHoareTripleChecker+Invalid, 0.1s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1032 mSDsCounter, 9 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 114 IncrementalHoareTripleChecker+Invalid, 123 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 9 mSolverCounterUnsat, 645 mSDtfsCounter, 114 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 45 GetRequests, 20 SyntacticMatches, 0 SemanticMatches, 25 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5 ImplicationChecksByTransitivity, 0.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=261occurred in iteration=9, InterpolantAutomatonStates: 37, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.1s AutomataMinimizationTime, 9 MinimizatonAttempts, 4 StatesRemovedByMinimization, 2 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 0.6s InterpolantComputationTime, 344 NumberOfCodeBlocks, 344 NumberOfCodeBlocksAsserted, 10 NumberOfCheckSat, 290 ConstructedInterpolants, 0 QuantifiedInterpolants, 460 SizeOfPredicates, 0 NumberOfNonLiveVariables, 0 ConjunctsInSsa, 0 ConjunctsInUnsatCore, 9 InterpolantComputations, 9 PerfectInterpolantSequences, 0/0 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-02-05 15:50:53,033 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE