./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec1_product39.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version c00e63dc Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec1_product39.cil.c -s /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 1a60868809a0ad0cb359a526a1f66a469756e048a31d4d83c9a3de774ac0575c --- Real Ultimate output --- This is Ultimate 0.3.0-?-c00e63d-m [2025-02-05 15:50:52,472 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-02-05 15:50:52,555 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-02-05 15:50:52,561 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-02-05 15:50:52,561 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-02-05 15:50:52,589 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-02-05 15:50:52,591 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-02-05 15:50:52,591 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-02-05 15:50:52,592 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-02-05 15:50:52,592 INFO L153 SettingsManager]: * Use memory slicer=true [2025-02-05 15:50:52,593 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-02-05 15:50:52,593 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-02-05 15:50:52,593 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-02-05 15:50:52,593 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-02-05 15:50:52,594 INFO L153 SettingsManager]: * Use SBE=true [2025-02-05 15:50:52,595 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-02-05 15:50:52,595 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-02-05 15:50:52,595 INFO L153 SettingsManager]: * sizeof long=4 [2025-02-05 15:50:52,595 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-02-05 15:50:52,595 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-02-05 15:50:52,595 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-02-05 15:50:52,595 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-02-05 15:50:52,595 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-02-05 15:50:52,595 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-02-05 15:50:52,595 INFO L153 SettingsManager]: * sizeof long double=12 [2025-02-05 15:50:52,596 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-02-05 15:50:52,596 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-02-05 15:50:52,596 INFO L153 SettingsManager]: * Use constant arrays=true [2025-02-05 15:50:52,596 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-02-05 15:50:52,596 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-02-05 15:50:52,596 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-02-05 15:50:52,597 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-02-05 15:50:52,597 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-02-05 15:50:52,597 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-02-05 15:50:52,597 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-02-05 15:50:52,597 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-02-05 15:50:52,597 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-02-05 15:50:52,598 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-02-05 15:50:52,598 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-02-05 15:50:52,598 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-02-05 15:50:52,598 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-02-05 15:50:52,598 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-02-05 15:50:52,598 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-02-05 15:50:52,598 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 1a60868809a0ad0cb359a526a1f66a469756e048a31d4d83c9a3de774ac0575c [2025-02-05 15:50:52,904 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-02-05 15:50:52,915 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-02-05 15:50:52,917 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-02-05 15:50:52,920 INFO L270 PluginConnector]: Initializing CDTParser... [2025-02-05 15:50:52,921 INFO L274 PluginConnector]: CDTParser initialized [2025-02-05 15:50:52,923 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec1_product39.cil.c [2025-02-05 15:50:54,295 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/5ed930c9a/d7f057297f61428483aa78dcec35532b/FLAG043a06516 [2025-02-05 15:50:54,621 INFO L384 CDTParser]: Found 1 translation units. [2025-02-05 15:50:54,622 INFO L180 CDTParser]: Scanning /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product39.cil.c [2025-02-05 15:50:54,648 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/5ed930c9a/d7f057297f61428483aa78dcec35532b/FLAG043a06516 [2025-02-05 15:50:54,666 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/5ed930c9a/d7f057297f61428483aa78dcec35532b [2025-02-05 15:50:54,668 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-02-05 15:50:54,671 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-02-05 15:50:54,673 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-02-05 15:50:54,673 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-02-05 15:50:54,677 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-02-05 15:50:54,678 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 05.02 03:50:54" (1/1) ... [2025-02-05 15:50:54,680 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@26230816 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:54, skipping insertion in model container [2025-02-05 15:50:54,680 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 05.02 03:50:54" (1/1) ... [2025-02-05 15:50:54,713 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-02-05 15:50:54,917 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product39.cil.c[11731,11744] [2025-02-05 15:50:54,953 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-02-05 15:50:54,965 INFO L200 MainTranslator]: Completed pre-run [2025-02-05 15:50:54,973 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] [2025-02-05 15:50:54,974 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [415] [2025-02-05 15:50:54,975 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [444] [2025-02-05 15:50:54,975 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [453] [2025-02-05 15:50:54,976 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [553] [2025-02-05 15:50:54,976 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [623] [2025-02-05 15:50:54,976 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [819] [2025-02-05 15:50:54,976 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [857] [2025-02-05 15:50:55,008 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product39.cil.c[11731,11744] [2025-02-05 15:50:55,020 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-02-05 15:50:55,042 INFO L204 MainTranslator]: Completed translation [2025-02-05 15:50:55,043 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55 WrapperNode [2025-02-05 15:50:55,043 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-02-05 15:50:55,045 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-02-05 15:50:55,045 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-02-05 15:50:55,045 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-02-05 15:50:55,050 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,066 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,090 INFO L138 Inliner]: procedures = 54, calls = 99, calls flagged for inlining = 21, calls inlined = 18, statements flattened = 186 [2025-02-05 15:50:55,091 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-02-05 15:50:55,092 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-02-05 15:50:55,092 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-02-05 15:50:55,092 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-02-05 15:50:55,099 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,099 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,101 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,122 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-02-05 15:50:55,123 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,123 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,128 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,129 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,130 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,131 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,133 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-02-05 15:50:55,134 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-02-05 15:50:55,134 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-02-05 15:50:55,134 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-02-05 15:50:55,135 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,140 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-02-05 15:50:55,150 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-02-05 15:50:55,162 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-02-05 15:50:55,164 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-02-05 15:50:55,182 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-02-05 15:50:55,182 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2025-02-05 15:50:55,183 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2025-02-05 15:50:55,183 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-02-05 15:50:55,183 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-02-05 15:50:55,183 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-02-05 15:50:55,183 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-02-05 15:50:55,183 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2025-02-05 15:50:55,183 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2025-02-05 15:50:55,183 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2025-02-05 15:50:55,183 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2025-02-05 15:50:55,183 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-02-05 15:50:55,183 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-02-05 15:50:55,183 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2025-02-05 15:50:55,183 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2025-02-05 15:50:55,183 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-02-05 15:50:55,183 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-02-05 15:50:55,183 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-02-05 15:50:55,184 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-02-05 15:50:55,184 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-02-05 15:50:55,251 INFO L257 CfgBuilder]: Building ICFG [2025-02-05 15:50:55,253 INFO L287 CfgBuilder]: Building CFG for each procedure with an implementation [2025-02-05 15:50:55,332 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint cleanupFINAL: assume true; [2025-02-05 15:50:55,387 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L737-1: isMethaneAlarm_#res#1 := isMethaneAlarm_~retValue_acc~6#1; [2025-02-05 15:50:55,387 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L746-1: isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; [2025-02-05 15:50:55,391 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L504: #res := ~retValue_acc~3; [2025-02-05 15:50:55,464 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L950-1: main_#res#1 := main_~retValue_acc~11#1; [2025-02-05 15:50:55,465 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L854-1: valid_product_#res#1 := valid_product_~retValue_acc~10#1; [2025-02-05 15:50:55,498 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L801-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~8#1; [2025-02-05 15:50:55,498 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L550-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~5#1; [2025-02-05 15:50:55,524 INFO L? ?]: Removed 40 outVars from TransFormulas that were not future-live. [2025-02-05 15:50:55,524 INFO L308 CfgBuilder]: Performing block encoding [2025-02-05 15:50:55,537 INFO L332 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-02-05 15:50:55,537 INFO L337 CfgBuilder]: Removed 0 assume(true) statements. [2025-02-05 15:50:55,538 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:50:55 BoogieIcfgContainer [2025-02-05 15:50:55,538 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-02-05 15:50:55,540 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-02-05 15:50:55,540 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-02-05 15:50:55,545 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-02-05 15:50:55,545 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 05.02 03:50:54" (1/3) ... [2025-02-05 15:50:55,546 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@6e884711 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 05.02 03:50:55, skipping insertion in model container [2025-02-05 15:50:55,546 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (2/3) ... [2025-02-05 15:50:55,546 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@6e884711 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 05.02 03:50:55, skipping insertion in model container [2025-02-05 15:50:55,546 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:50:55" (3/3) ... [2025-02-05 15:50:55,547 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product39.cil.c [2025-02-05 15:50:55,562 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-02-05 15:50:55,564 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec1_product39.cil.c that has 9 procedures, 91 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-02-05 15:50:55,625 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-02-05 15:50:55,639 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@68f00e47, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-02-05 15:50:55,639 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-02-05 15:50:55,645 INFO L276 IsEmpty]: Start isEmpty. Operand has 90 states, 66 states have (on average 1.3636363636363635) internal successors, (90), 75 states have internal predecessors, (90), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2025-02-05 15:50:55,653 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2025-02-05 15:50:55,655 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:55,656 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:55,656 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:55,661 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:55,662 INFO L85 PathProgramCache]: Analyzing trace with hash -529125488, now seen corresponding path program 1 times [2025-02-05 15:50:55,669 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:55,672 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1371422061] [2025-02-05 15:50:55,672 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:55,673 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:55,744 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 23 statements into 1 equivalence classes. [2025-02-05 15:50:55,771 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 23 of 23 statements. [2025-02-05 15:50:55,773 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:55,773 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:55,828 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:55,829 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:55,829 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1371422061] [2025-02-05 15:50:55,830 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1371422061] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:55,830 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:55,830 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2025-02-05 15:50:55,831 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [482369514] [2025-02-05 15:50:55,832 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:55,835 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-02-05 15:50:55,835 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:55,859 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-02-05 15:50:55,860 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-02-05 15:50:55,865 INFO L87 Difference]: Start difference. First operand has 90 states, 66 states have (on average 1.3636363636363635) internal successors, (90), 75 states have internal predecessors, (90), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) Second operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:55,897 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:55,898 INFO L93 Difference]: Finished difference Result 164 states and 221 transitions. [2025-02-05 15:50:55,899 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-02-05 15:50:55,900 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2025-02-05 15:50:55,901 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:55,908 INFO L225 Difference]: With dead ends: 164 [2025-02-05 15:50:55,909 INFO L226 Difference]: Without dead ends: 82 [2025-02-05 15:50:55,914 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-02-05 15:50:55,917 INFO L435 NwaCegarLoop]: 111 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 111 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:55,920 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 111 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:55,933 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 82 states. [2025-02-05 15:50:55,957 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 82 to 82. [2025-02-05 15:50:55,959 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 82 states, 60 states have (on average 1.3166666666666667) internal successors, (79), 68 states have internal predecessors, (79), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2025-02-05 15:50:55,965 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 82 states to 82 states and 106 transitions. [2025-02-05 15:50:55,969 INFO L78 Accepts]: Start accepts. Automaton has 82 states and 106 transitions. Word has length 23 [2025-02-05 15:50:55,970 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:55,970 INFO L471 AbstractCegarLoop]: Abstraction has 82 states and 106 transitions. [2025-02-05 15:50:55,970 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:55,970 INFO L276 IsEmpty]: Start isEmpty. Operand 82 states and 106 transitions. [2025-02-05 15:50:55,972 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2025-02-05 15:50:55,972 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:55,972 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:55,972 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-02-05 15:50:55,972 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:55,974 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:55,974 INFO L85 PathProgramCache]: Analyzing trace with hash 869904391, now seen corresponding path program 1 times [2025-02-05 15:50:55,974 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:55,974 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1288396460] [2025-02-05 15:50:55,974 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:55,975 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:55,988 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 24 statements into 1 equivalence classes. [2025-02-05 15:50:56,000 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 24 of 24 statements. [2025-02-05 15:50:56,000 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:56,000 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:56,092 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:56,092 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:56,093 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1288396460] [2025-02-05 15:50:56,093 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1288396460] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:56,093 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:56,093 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-02-05 15:50:56,093 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [743548945] [2025-02-05 15:50:56,093 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:56,094 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:50:56,094 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:56,094 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:50:56,094 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:50:56,095 INFO L87 Difference]: Start difference. First operand 82 states and 106 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:56,108 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:56,109 INFO L93 Difference]: Finished difference Result 127 states and 163 transitions. [2025-02-05 15:50:56,109 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:50:56,109 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2025-02-05 15:50:56,109 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:56,111 INFO L225 Difference]: With dead ends: 127 [2025-02-05 15:50:56,111 INFO L226 Difference]: Without dead ends: 73 [2025-02-05 15:50:56,111 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:50:56,112 INFO L435 NwaCegarLoop]: 93 mSDtfsCounter, 15 mSDsluCounter, 73 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 19 SdHoareTripleChecker+Valid, 166 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:56,112 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [19 Valid, 166 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:56,113 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 73 states. [2025-02-05 15:50:56,123 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 73 to 73. [2025-02-05 15:50:56,123 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 73 states, 54 states have (on average 1.3333333333333333) internal successors, (72), 62 states have internal predecessors, (72), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 8 states have call predecessors, (11), 11 states have call successors, (11) [2025-02-05 15:50:56,124 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 73 states to 73 states and 94 transitions. [2025-02-05 15:50:56,124 INFO L78 Accepts]: Start accepts. Automaton has 73 states and 94 transitions. Word has length 24 [2025-02-05 15:50:56,127 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:56,127 INFO L471 AbstractCegarLoop]: Abstraction has 73 states and 94 transitions. [2025-02-05 15:50:56,127 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:56,127 INFO L276 IsEmpty]: Start isEmpty. Operand 73 states and 94 transitions. [2025-02-05 15:50:56,129 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2025-02-05 15:50:56,129 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:56,129 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:56,129 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-02-05 15:50:56,129 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:56,130 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:56,130 INFO L85 PathProgramCache]: Analyzing trace with hash 354479484, now seen corresponding path program 1 times [2025-02-05 15:50:56,130 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:56,130 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [44236849] [2025-02-05 15:50:56,130 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:56,130 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:56,143 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 27 statements into 1 equivalence classes. [2025-02-05 15:50:56,172 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 27 of 27 statements. [2025-02-05 15:50:56,172 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:56,172 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:56,313 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:56,313 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:56,313 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [44236849] [2025-02-05 15:50:56,313 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [44236849] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:56,313 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:56,313 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-02-05 15:50:56,314 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [421174229] [2025-02-05 15:50:56,314 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:56,314 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-02-05 15:50:56,314 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:56,316 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-02-05 15:50:56,316 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2025-02-05 15:50:56,316 INFO L87 Difference]: Start difference. First operand 73 states and 94 transitions. Second operand has 6 states, 6 states have (on average 4.0) internal successors, (24), 6 states have internal predecessors, (24), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:56,519 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:56,519 INFO L93 Difference]: Finished difference Result 245 states and 322 transitions. [2025-02-05 15:50:56,519 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2025-02-05 15:50:56,520 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.0) internal successors, (24), 6 states have internal predecessors, (24), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 27 [2025-02-05 15:50:56,520 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:56,521 INFO L225 Difference]: With dead ends: 245 [2025-02-05 15:50:56,521 INFO L226 Difference]: Without dead ends: 179 [2025-02-05 15:50:56,522 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=20, Invalid=36, Unknown=0, NotChecked=0, Total=56 [2025-02-05 15:50:56,523 INFO L435 NwaCegarLoop]: 105 mSDtfsCounter, 162 mSDsluCounter, 313 mSDsCounter, 0 mSdLazyCounter, 90 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 162 SdHoareTripleChecker+Valid, 418 SdHoareTripleChecker+Invalid, 91 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 90 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:56,523 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [162 Valid, 418 Invalid, 91 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 90 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-02-05 15:50:56,523 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 179 states. [2025-02-05 15:50:56,539 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 179 to 173. [2025-02-05 15:50:56,540 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 173 states, 126 states have (on average 1.3650793650793651) internal successors, (172), 144 states have internal predecessors, (172), 27 states have call successors, (27), 19 states have call predecessors, (27), 19 states have return successors, (28), 19 states have call predecessors, (28), 27 states have call successors, (28) [2025-02-05 15:50:56,541 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 173 states to 173 states and 227 transitions. [2025-02-05 15:50:56,541 INFO L78 Accepts]: Start accepts. Automaton has 173 states and 227 transitions. Word has length 27 [2025-02-05 15:50:56,542 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:56,542 INFO L471 AbstractCegarLoop]: Abstraction has 173 states and 227 transitions. [2025-02-05 15:50:56,542 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.0) internal successors, (24), 6 states have internal predecessors, (24), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:56,542 INFO L276 IsEmpty]: Start isEmpty. Operand 173 states and 227 transitions. [2025-02-05 15:50:56,543 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2025-02-05 15:50:56,543 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:56,543 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:56,543 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-02-05 15:50:56,543 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:56,543 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:56,543 INFO L85 PathProgramCache]: Analyzing trace with hash 1434224768, now seen corresponding path program 1 times [2025-02-05 15:50:56,544 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:56,544 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [740308124] [2025-02-05 15:50:56,544 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:56,544 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:56,550 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 31 statements into 1 equivalence classes. [2025-02-05 15:50:56,555 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 31 of 31 statements. [2025-02-05 15:50:56,555 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:56,555 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:56,670 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:56,670 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:56,670 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [740308124] [2025-02-05 15:50:56,670 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [740308124] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:56,670 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:56,670 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-02-05 15:50:56,670 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1273848178] [2025-02-05 15:50:56,670 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:56,670 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:50:56,671 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:56,671 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:50:56,671 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:50:56,671 INFO L87 Difference]: Start difference. First operand 173 states and 227 transitions. Second operand has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:56,769 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:56,769 INFO L93 Difference]: Finished difference Result 413 states and 557 transitions. [2025-02-05 15:50:56,772 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:50:56,772 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 31 [2025-02-05 15:50:56,772 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:56,775 INFO L225 Difference]: With dead ends: 413 [2025-02-05 15:50:56,778 INFO L226 Difference]: Without dead ends: 247 [2025-02-05 15:50:56,780 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-02-05 15:50:56,780 INFO L435 NwaCegarLoop]: 91 mSDtfsCounter, 48 mSDsluCounter, 238 mSDsCounter, 0 mSdLazyCounter, 30 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 48 SdHoareTripleChecker+Valid, 329 SdHoareTripleChecker+Invalid, 39 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 30 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:56,781 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [48 Valid, 329 Invalid, 39 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 30 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-02-05 15:50:56,782 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 247 states. [2025-02-05 15:50:56,833 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 247 to 245. [2025-02-05 15:50:56,836 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 245 states, 180 states have (on average 1.3111111111111111) internal successors, (236), 197 states have internal predecessors, (236), 34 states have call successors, (34), 30 states have call predecessors, (34), 30 states have return successors, (44), 31 states have call predecessors, (44), 34 states have call successors, (44) [2025-02-05 15:50:56,839 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 245 states to 245 states and 314 transitions. [2025-02-05 15:50:56,839 INFO L78 Accepts]: Start accepts. Automaton has 245 states and 314 transitions. Word has length 31 [2025-02-05 15:50:56,843 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:56,843 INFO L471 AbstractCegarLoop]: Abstraction has 245 states and 314 transitions. [2025-02-05 15:50:56,843 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:56,843 INFO L276 IsEmpty]: Start isEmpty. Operand 245 states and 314 transitions. [2025-02-05 15:50:56,844 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2025-02-05 15:50:56,844 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:56,844 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:56,844 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-02-05 15:50:56,845 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:56,845 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:56,845 INFO L85 PathProgramCache]: Analyzing trace with hash -473240776, now seen corresponding path program 1 times [2025-02-05 15:50:56,845 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:56,845 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1983483386] [2025-02-05 15:50:56,845 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:56,845 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:56,858 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 41 statements into 1 equivalence classes. [2025-02-05 15:50:56,872 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 41 of 41 statements. [2025-02-05 15:50:56,873 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:56,873 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:56,961 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:56,961 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:56,961 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1983483386] [2025-02-05 15:50:56,961 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1983483386] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:56,962 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:56,962 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-02-05 15:50:56,962 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [308782333] [2025-02-05 15:50:56,962 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:56,962 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:50:56,962 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:56,963 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:50:56,963 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:50:56,963 INFO L87 Difference]: Start difference. First operand 245 states and 314 transitions. Second operand has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2025-02-05 15:50:57,009 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:57,009 INFO L93 Difference]: Finished difference Result 489 states and 638 transitions. [2025-02-05 15:50:57,011 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:50:57,011 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) Word has length 41 [2025-02-05 15:50:57,012 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:57,014 INFO L225 Difference]: With dead ends: 489 [2025-02-05 15:50:57,014 INFO L226 Difference]: Without dead ends: 251 [2025-02-05 15:50:57,017 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:50:57,017 INFO L435 NwaCegarLoop]: 91 mSDtfsCounter, 0 mSDsluCounter, 267 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 358 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:57,018 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 358 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:57,018 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 251 states. [2025-02-05 15:50:57,059 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 251 to 251. [2025-02-05 15:50:57,062 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 251 states, 186 states have (on average 1.3010752688172043) internal successors, (242), 203 states have internal predecessors, (242), 34 states have call successors, (34), 30 states have call predecessors, (34), 30 states have return successors, (44), 31 states have call predecessors, (44), 34 states have call successors, (44) [2025-02-05 15:50:57,064 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 251 states to 251 states and 320 transitions. [2025-02-05 15:50:57,065 INFO L78 Accepts]: Start accepts. Automaton has 251 states and 320 transitions. Word has length 41 [2025-02-05 15:50:57,065 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:57,065 INFO L471 AbstractCegarLoop]: Abstraction has 251 states and 320 transitions. [2025-02-05 15:50:57,065 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2025-02-05 15:50:57,065 INFO L276 IsEmpty]: Start isEmpty. Operand 251 states and 320 transitions. [2025-02-05 15:50:57,070 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2025-02-05 15:50:57,071 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:57,071 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:57,071 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-02-05 15:50:57,071 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:57,072 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:57,072 INFO L85 PathProgramCache]: Analyzing trace with hash -1470313129, now seen corresponding path program 1 times [2025-02-05 15:50:57,072 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:57,072 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2085092115] [2025-02-05 15:50:57,072 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:57,072 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:57,084 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 41 statements into 1 equivalence classes. [2025-02-05 15:50:57,093 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 41 of 41 statements. [2025-02-05 15:50:57,093 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:57,093 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:57,190 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:57,190 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:57,190 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2085092115] [2025-02-05 15:50:57,191 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2085092115] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:57,191 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:57,191 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-02-05 15:50:57,191 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2092075841] [2025-02-05 15:50:57,191 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:57,191 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-02-05 15:50:57,191 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:57,192 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-02-05 15:50:57,192 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-02-05 15:50:57,192 INFO L87 Difference]: Start difference. First operand 251 states and 320 transitions. Second operand has 4 states, 4 states have (on average 9.0) internal successors, (36), 4 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2025-02-05 15:50:57,228 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:57,229 INFO L93 Difference]: Finished difference Result 499 states and 657 transitions. [2025-02-05 15:50:57,229 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-02-05 15:50:57,229 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 9.0) internal successors, (36), 4 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) Word has length 41 [2025-02-05 15:50:57,229 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:57,231 INFO L225 Difference]: With dead ends: 499 [2025-02-05 15:50:57,231 INFO L226 Difference]: Without dead ends: 255 [2025-02-05 15:50:57,232 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-02-05 15:50:57,236 INFO L435 NwaCegarLoop]: 92 mSDtfsCounter, 0 mSDsluCounter, 178 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 270 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:57,236 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 270 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:57,237 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 255 states. [2025-02-05 15:50:57,263 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 255 to 255. [2025-02-05 15:50:57,264 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 255 states, 190 states have (on average 1.2947368421052632) internal successors, (246), 207 states have internal predecessors, (246), 34 states have call successors, (34), 30 states have call predecessors, (34), 30 states have return successors, (44), 31 states have call predecessors, (44), 34 states have call successors, (44) [2025-02-05 15:50:57,266 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 255 states to 255 states and 324 transitions. [2025-02-05 15:50:57,266 INFO L78 Accepts]: Start accepts. Automaton has 255 states and 324 transitions. Word has length 41 [2025-02-05 15:50:57,267 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:57,267 INFO L471 AbstractCegarLoop]: Abstraction has 255 states and 324 transitions. [2025-02-05 15:50:57,267 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 9.0) internal successors, (36), 4 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2025-02-05 15:50:57,267 INFO L276 IsEmpty]: Start isEmpty. Operand 255 states and 324 transitions. [2025-02-05 15:50:57,268 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2025-02-05 15:50:57,268 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:57,268 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:57,269 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-02-05 15:50:57,269 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:57,269 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:57,269 INFO L85 PathProgramCache]: Analyzing trace with hash 2007005717, now seen corresponding path program 1 times [2025-02-05 15:50:57,269 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:57,270 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [499554618] [2025-02-05 15:50:57,270 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:57,270 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:57,281 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 41 statements into 1 equivalence classes. [2025-02-05 15:50:57,285 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 41 of 41 statements. [2025-02-05 15:50:57,286 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:57,286 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:57,377 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:57,378 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:57,378 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [499554618] [2025-02-05 15:50:57,378 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [499554618] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:57,378 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:57,378 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-02-05 15:50:57,378 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1871826644] [2025-02-05 15:50:57,378 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:57,378 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-02-05 15:50:57,378 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:57,379 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-02-05 15:50:57,379 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-02-05 15:50:57,379 INFO L87 Difference]: Start difference. First operand 255 states and 324 transitions. Second operand has 4 states, 4 states have (on average 9.0) internal successors, (36), 4 states have internal predecessors, (36), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2025-02-05 15:50:57,509 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:57,512 INFO L93 Difference]: Finished difference Result 861 states and 1132 transitions. [2025-02-05 15:50:57,512 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-02-05 15:50:57,513 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 9.0) internal successors, (36), 4 states have internal predecessors, (36), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) Word has length 41 [2025-02-05 15:50:57,513 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:57,517 INFO L225 Difference]: With dead ends: 861 [2025-02-05 15:50:57,521 INFO L226 Difference]: Without dead ends: 613 [2025-02-05 15:50:57,522 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-02-05 15:50:57,524 INFO L435 NwaCegarLoop]: 158 mSDtfsCounter, 125 mSDsluCounter, 149 mSDsCounter, 0 mSdLazyCounter, 53 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 125 SdHoareTripleChecker+Valid, 307 SdHoareTripleChecker+Invalid, 58 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 53 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:57,524 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [125 Valid, 307 Invalid, 58 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 53 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-02-05 15:50:57,525 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 613 states. [2025-02-05 15:50:57,602 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 613 to 599. [2025-02-05 15:50:57,604 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 599 states, 446 states have (on average 1.2690582959641257) internal successors, (566), 480 states have internal predecessors, (566), 79 states have call successors, (79), 71 states have call predecessors, (79), 73 states have return successors, (122), 75 states have call predecessors, (122), 79 states have call successors, (122) [2025-02-05 15:50:57,614 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 599 states to 599 states and 767 transitions. [2025-02-05 15:50:57,614 INFO L78 Accepts]: Start accepts. Automaton has 599 states and 767 transitions. Word has length 41 [2025-02-05 15:50:57,615 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:57,615 INFO L471 AbstractCegarLoop]: Abstraction has 599 states and 767 transitions. [2025-02-05 15:50:57,615 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 9.0) internal successors, (36), 4 states have internal predecessors, (36), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2025-02-05 15:50:57,615 INFO L276 IsEmpty]: Start isEmpty. Operand 599 states and 767 transitions. [2025-02-05 15:50:57,616 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2025-02-05 15:50:57,618 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:57,619 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:57,619 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-02-05 15:50:57,619 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:57,619 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:57,619 INFO L85 PathProgramCache]: Analyzing trace with hash 758980727, now seen corresponding path program 1 times [2025-02-05 15:50:57,619 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:57,619 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1677110664] [2025-02-05 15:50:57,620 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:57,620 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:57,627 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 45 statements into 1 equivalence classes. [2025-02-05 15:50:57,633 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 45 of 45 statements. [2025-02-05 15:50:57,633 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:57,633 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:57,724 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:57,725 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:57,725 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1677110664] [2025-02-05 15:50:57,727 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1677110664] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:57,727 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:57,727 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-02-05 15:50:57,727 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1062397234] [2025-02-05 15:50:57,727 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:57,728 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-02-05 15:50:57,728 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:57,728 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-02-05 15:50:57,728 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-02-05 15:50:57,729 INFO L87 Difference]: Start difference. First operand 599 states and 767 transitions. Second operand has 6 states, 6 states have (on average 6.333333333333333) internal successors, (38), 5 states have internal predecessors, (38), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2025-02-05 15:50:57,911 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:57,911 INFO L93 Difference]: Finished difference Result 1755 states and 2319 transitions. [2025-02-05 15:50:57,912 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-02-05 15:50:57,912 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.333333333333333) internal successors, (38), 5 states have internal predecessors, (38), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 45 [2025-02-05 15:50:57,912 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:57,923 INFO L225 Difference]: With dead ends: 1755 [2025-02-05 15:50:57,923 INFO L226 Difference]: Without dead ends: 1163 [2025-02-05 15:50:57,929 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2025-02-05 15:50:57,929 INFO L435 NwaCegarLoop]: 92 mSDtfsCounter, 64 mSDsluCounter, 324 mSDsCounter, 0 mSdLazyCounter, 50 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 66 SdHoareTripleChecker+Valid, 416 SdHoareTripleChecker+Invalid, 54 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 50 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:57,930 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [66 Valid, 416 Invalid, 54 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 50 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-02-05 15:50:57,931 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1163 states. [2025-02-05 15:50:58,059 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1163 to 1163. [2025-02-05 15:50:58,061 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1163 states, 858 states have (on average 1.2447552447552448) internal successors, (1068), 925 states have internal predecessors, (1068), 158 states have call successors, (158), 142 states have call predecessors, (158), 146 states have return successors, (257), 150 states have call predecessors, (257), 158 states have call successors, (257) [2025-02-05 15:50:58,070 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1163 states to 1163 states and 1483 transitions. [2025-02-05 15:50:58,071 INFO L78 Accepts]: Start accepts. Automaton has 1163 states and 1483 transitions. Word has length 45 [2025-02-05 15:50:58,071 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:58,071 INFO L471 AbstractCegarLoop]: Abstraction has 1163 states and 1483 transitions. [2025-02-05 15:50:58,073 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.333333333333333) internal successors, (38), 5 states have internal predecessors, (38), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2025-02-05 15:50:58,073 INFO L276 IsEmpty]: Start isEmpty. Operand 1163 states and 1483 transitions. [2025-02-05 15:50:58,074 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2025-02-05 15:50:58,074 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:58,074 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:58,074 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-02-05 15:50:58,074 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:58,075 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:58,075 INFO L85 PathProgramCache]: Analyzing trace with hash 42458552, now seen corresponding path program 1 times [2025-02-05 15:50:58,075 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:58,075 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1738786995] [2025-02-05 15:50:58,075 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:58,075 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:58,083 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 49 statements into 1 equivalence classes. [2025-02-05 15:50:58,089 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 49 of 49 statements. [2025-02-05 15:50:58,090 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:58,090 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-02-05 15:50:58,090 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-02-05 15:50:58,092 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 49 statements into 1 equivalence classes. [2025-02-05 15:50:58,097 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 49 of 49 statements. [2025-02-05 15:50:58,098 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:58,098 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-02-05 15:50:58,123 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-02-05 15:50:58,124 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-02-05 15:50:58,125 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-02-05 15:50:58,126 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-02-05 15:50:58,128 INFO L422 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:58,167 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-02-05 15:50:58,169 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 05.02 03:50:58 BoogieIcfgContainer [2025-02-05 15:50:58,169 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-02-05 15:50:58,170 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-02-05 15:50:58,170 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-02-05 15:50:58,171 INFO L274 PluginConnector]: Witness Printer initialized [2025-02-05 15:50:58,171 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:50:55" (3/4) ... [2025-02-05 15:50:58,172 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-02-05 15:50:58,223 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 43. [2025-02-05 15:50:58,304 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-02-05 15:50:58,304 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.yml [2025-02-05 15:50:58,304 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-02-05 15:50:58,305 INFO L158 Benchmark]: Toolchain (without parser) took 3635.64ms. Allocated memory is still 142.6MB. Free memory was 110.4MB in the beginning and 68.9MB in the end (delta: 41.5MB). Peak memory consumption was 38.0MB. Max. memory is 16.1GB. [2025-02-05 15:50:58,305 INFO L158 Benchmark]: CDTParser took 0.35ms. Allocated memory is still 201.3MB. Free memory is still 124.2MB. There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:50:58,305 INFO L158 Benchmark]: CACSL2BoogieTranslator took 371.67ms. Allocated memory is still 142.6MB. Free memory was 110.0MB in the beginning and 91.7MB in the end (delta: 18.3MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-02-05 15:50:58,306 INFO L158 Benchmark]: Boogie Procedure Inliner took 46.57ms. Allocated memory is still 142.6MB. Free memory was 91.7MB in the beginning and 90.1MB in the end (delta: 1.6MB). There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:50:58,306 INFO L158 Benchmark]: Boogie Preprocessor took 40.96ms. Allocated memory is still 142.6MB. Free memory was 89.8MB in the beginning and 88.6MB in the end (delta: 1.2MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-02-05 15:50:58,306 INFO L158 Benchmark]: IcfgBuilder took 404.01ms. Allocated memory is still 142.6MB. Free memory was 88.2MB in the beginning and 70.8MB in the end (delta: 17.4MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-02-05 15:50:58,306 INFO L158 Benchmark]: TraceAbstraction took 2629.64ms. Allocated memory is still 142.6MB. Free memory was 70.2MB in the beginning and 78.4MB in the end (delta: -8.2MB). There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:50:58,306 INFO L158 Benchmark]: Witness Printer took 134.11ms. Allocated memory is still 142.6MB. Free memory was 77.3MB in the beginning and 68.9MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-02-05 15:50:58,307 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.35ms. Allocated memory is still 201.3MB. Free memory is still 124.2MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 371.67ms. Allocated memory is still 142.6MB. Free memory was 110.0MB in the beginning and 91.7MB in the end (delta: 18.3MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 46.57ms. Allocated memory is still 142.6MB. Free memory was 91.7MB in the beginning and 90.1MB in the end (delta: 1.6MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 40.96ms. Allocated memory is still 142.6MB. Free memory was 89.8MB in the beginning and 88.6MB in the end (delta: 1.2MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * IcfgBuilder took 404.01ms. Allocated memory is still 142.6MB. Free memory was 88.2MB in the beginning and 70.8MB in the end (delta: 17.4MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 2629.64ms. Allocated memory is still 142.6MB. Free memory was 70.2MB in the beginning and 78.4MB in the end (delta: -8.2MB). There was no memory consumed. Max. memory is 16.1GB. * Witness Printer took 134.11ms. Allocated memory is still 142.6MB. Free memory was 77.3MB in the beginning and 68.9MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] - GenericResultAtLocation [Line: 415]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [415] - GenericResultAtLocation [Line: 444]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [444] - GenericResultAtLocation [Line: 453]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [453] - GenericResultAtLocation [Line: 553]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [553] - GenericResultAtLocation [Line: 623]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [623] - GenericResultAtLocation [Line: 819]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [819] - GenericResultAtLocation [Line: 857]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [857] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 449]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L219] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; [L460] int waterLevel = 1; [L461] int methaneLevelCritical = 0; [L627] int pumpRunning = 0; [L628] int systemActive = 1; [L858] int cleanupTimeShifts = 4; VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L931] int retValue_acc ; [L932] int tmp ; [L936] FCALL select_helpers() [L937] FCALL select_features() [L938] CALL, EXPR valid_product() [L849] int retValue_acc ; [L852] retValue_acc = 1 [L853] return (retValue_acc); VAL [\result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L938] RET, EXPR valid_product() [L938] tmp = valid_product() [L940] COND TRUE \read(tmp) [L942] FCALL setup() [L943] CALL runTest() [L925] CALL test() [L558] int splverifierCounter ; [L559] int tmp ; [L560] int tmp___0 ; [L561] int tmp___1 ; [L562] int tmp___2 ; [L565] splverifierCounter = 0 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L567] COND TRUE 1 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L569] COND TRUE splverifierCounter < 4 [L575] tmp = __VERIFIER_nondet_int() [L577] COND TRUE \read(tmp) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L579] CALL waterRise() VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L478] COND TRUE waterLevel < 2 [L479] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L579] RET waterRise() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L585] tmp___0 = __VERIFIER_nondet_int() [L587] COND TRUE \read(tmp___0) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L589] CALL changeMethaneLevel() VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L490] COND FALSE !(\read(methaneLevelCritical)) [L493] methaneLevelCritical = 1 VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L589] RET changeMethaneLevel() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L595] tmp___2 = __VERIFIER_nondet_int() [L597] COND TRUE \read(tmp___2) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L612] CALL timeShift() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L634] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L641] COND TRUE \read(systemActive) [L643] CALL processEnvironment() [L689] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L692] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L707] CALL processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L663] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L666] COND TRUE ! pumpRunning [L668] CALL, EXPR isHighWaterLevel() [L786] int retValue_acc ; [L787] int tmp ; [L788] int tmp___0 ; [L792] CALL, EXPR isHighWaterSensorDry() [L540] int retValue_acc ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L543] COND FALSE !(waterLevel < 2) [L547] retValue_acc = 0 [L548] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L792] RET, EXPR isHighWaterSensorDry() [L792] tmp = isHighWaterSensorDry() [L794] COND FALSE !(\read(tmp)) [L797] tmp___0 = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L799] retValue_acc = tmp___0 [L800] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L668] RET, EXPR isHighWaterLevel() [L668] tmp = isHighWaterLevel() [L670] COND TRUE \read(tmp) [L672] CALL activatePump() [L717] pumpRunning = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L672] RET activatePump() [L707] RET processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L643] RET processEnvironment() [L649] CALL __utac_acc__Specification1_spec__1() [L420] int tmp ; [L421] int tmp___0 ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L425] CALL, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L499] int retValue_acc ; [L502] retValue_acc = methaneLevelCritical [L503] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L425] RET, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L425] tmp = isMethaneLevelCritical() [L427] COND TRUE \read(tmp) [L429] CALL, EXPR isPumpRunning() [L741] int retValue_acc ; [L744] retValue_acc = pumpRunning [L745] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L429] RET, EXPR isPumpRunning() [L429] tmp___0 = isPumpRunning() [L431] COND TRUE \read(tmp___0) [L433] CALL __automaton_fail() [L449] reach_error() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 91 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 2.5s, OverallIterations: 9, TraceHistogramMax: 1, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.9s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 420 SdHoareTripleChecker+Valid, 0.4s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 414 mSDsluCounter, 2375 SdHoareTripleChecker+Invalid, 0.3s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1542 mSDsCounter, 19 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 252 IncrementalHoareTripleChecker+Invalid, 271 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 19 mSolverCounterUnsat, 833 mSDtfsCounter, 252 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 44 GetRequests, 18 SyntacticMatches, 0 SemanticMatches, 26 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5 ImplicationChecksByTransitivity, 0.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1163occurred in iteration=8, InterpolantAutomatonStates: 36, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 8 MinimizatonAttempts, 22 StatesRemovedByMinimization, 3 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 0.8s InterpolantComputationTime, 322 NumberOfCodeBlocks, 322 NumberOfCodeBlocksAsserted, 9 NumberOfCheckSat, 265 ConstructedInterpolants, 0 QuantifiedInterpolants, 496 SizeOfPredicates, 0 NumberOfNonLiveVariables, 0 ConjunctsInSsa, 0 ConjunctsInUnsatCore, 8 InterpolantComputations, 8 PerfectInterpolantSequences, 0/0 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-02-05 15:50:58,329 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE