./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec1_product42.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version c00e63dc Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec1_product42.cil.c -s /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash f8aef606697b9aeff574acbbe43b28a142b9105524bb5bbab5e1458056090146 --- Real Ultimate output --- This is Ultimate 0.3.0-?-c00e63d-m [2025-02-05 15:50:52,906 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-02-05 15:50:52,970 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-02-05 15:50:52,974 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-02-05 15:50:52,975 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-02-05 15:50:52,995 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-02-05 15:50:52,996 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-02-05 15:50:52,996 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-02-05 15:50:52,996 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-02-05 15:50:52,996 INFO L153 SettingsManager]: * Use memory slicer=true [2025-02-05 15:50:52,997 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-02-05 15:50:52,997 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-02-05 15:50:52,997 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-02-05 15:50:52,997 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-02-05 15:50:52,998 INFO L153 SettingsManager]: * Use SBE=true [2025-02-05 15:50:52,998 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-02-05 15:50:52,998 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-02-05 15:50:52,998 INFO L153 SettingsManager]: * sizeof long=4 [2025-02-05 15:50:52,998 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-02-05 15:50:52,998 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-02-05 15:50:52,998 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-02-05 15:50:52,998 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-02-05 15:50:52,998 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-02-05 15:50:52,998 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-02-05 15:50:52,998 INFO L153 SettingsManager]: * sizeof long double=12 [2025-02-05 15:50:52,998 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-02-05 15:50:52,998 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-02-05 15:50:52,999 INFO L153 SettingsManager]: * Use constant arrays=true [2025-02-05 15:50:52,999 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-02-05 15:50:52,999 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-02-05 15:50:52,999 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-02-05 15:50:52,999 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-02-05 15:50:52,999 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-02-05 15:50:52,999 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-02-05 15:50:52,999 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-02-05 15:50:52,999 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-02-05 15:50:52,999 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-02-05 15:50:52,999 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-02-05 15:50:52,999 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-02-05 15:50:52,999 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-02-05 15:50:52,999 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-02-05 15:50:52,999 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-02-05 15:50:53,000 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-02-05 15:50:53,000 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> f8aef606697b9aeff574acbbe43b28a142b9105524bb5bbab5e1458056090146 [2025-02-05 15:50:53,210 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-02-05 15:50:53,215 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-02-05 15:50:53,220 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-02-05 15:50:53,221 INFO L270 PluginConnector]: Initializing CDTParser... [2025-02-05 15:50:53,221 INFO L274 PluginConnector]: CDTParser initialized [2025-02-05 15:50:53,222 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec1_product42.cil.c [2025-02-05 15:50:54,372 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/0804b5c05/8b80e509679f4db198cc81af131783d7/FLAG9ded2aaea [2025-02-05 15:50:54,655 INFO L384 CDTParser]: Found 1 translation units. [2025-02-05 15:50:54,655 INFO L180 CDTParser]: Scanning /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product42.cil.c [2025-02-05 15:50:54,667 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/0804b5c05/8b80e509679f4db198cc81af131783d7/FLAG9ded2aaea [2025-02-05 15:50:54,949 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/0804b5c05/8b80e509679f4db198cc81af131783d7 [2025-02-05 15:50:54,950 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-02-05 15:50:54,953 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-02-05 15:50:54,955 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-02-05 15:50:54,955 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-02-05 15:50:54,958 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-02-05 15:50:54,959 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 05.02 03:50:54" (1/1) ... [2025-02-05 15:50:54,960 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@5867074e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:54, skipping insertion in model container [2025-02-05 15:50:54,961 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 05.02 03:50:54" (1/1) ... [2025-02-05 15:50:54,988 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-02-05 15:50:55,190 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product42.cil.c[15994,16007] [2025-02-05 15:50:55,203 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-02-05 15:50:55,216 INFO L200 MainTranslator]: Completed pre-run [2025-02-05 15:50:55,222 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] [2025-02-05 15:50:55,223 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [415] [2025-02-05 15:50:55,224 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [516] [2025-02-05 15:50:55,224 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [586] [2025-02-05 15:50:55,224 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [769] [2025-02-05 15:50:55,224 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [778] [2025-02-05 15:50:55,224 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [804] [2025-02-05 15:50:55,224 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [842] [2025-02-05 15:50:55,266 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product42.cil.c[15994,16007] [2025-02-05 15:50:55,269 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-02-05 15:50:55,282 INFO L204 MainTranslator]: Completed translation [2025-02-05 15:50:55,283 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55 WrapperNode [2025-02-05 15:50:55,283 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-02-05 15:50:55,284 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-02-05 15:50:55,284 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-02-05 15:50:55,284 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-02-05 15:50:55,288 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,302 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,325 INFO L138 Inliner]: procedures = 54, calls = 96, calls flagged for inlining = 22, calls inlined = 19, statements flattened = 181 [2025-02-05 15:50:55,328 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-02-05 15:50:55,329 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-02-05 15:50:55,329 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-02-05 15:50:55,329 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-02-05 15:50:55,335 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,336 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,342 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,360 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-02-05 15:50:55,361 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,361 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,367 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,368 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,368 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,369 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,370 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-02-05 15:50:55,371 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-02-05 15:50:55,371 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-02-05 15:50:55,371 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-02-05 15:50:55,372 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,376 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-02-05 15:50:55,384 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-02-05 15:50:55,395 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-02-05 15:50:55,397 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-02-05 15:50:55,414 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-02-05 15:50:55,414 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2025-02-05 15:50:55,414 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2025-02-05 15:50:55,414 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-02-05 15:50:55,414 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-02-05 15:50:55,414 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-02-05 15:50:55,414 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-02-05 15:50:55,414 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2025-02-05 15:50:55,414 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2025-02-05 15:50:55,414 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-02-05 15:50:55,415 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-02-05 15:50:55,415 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-02-05 15:50:55,415 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-02-05 15:50:55,415 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-02-05 15:50:55,415 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-02-05 15:50:55,415 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-02-05 15:50:55,474 INFO L257 CfgBuilder]: Building ICFG [2025-02-05 15:50:55,475 INFO L287 CfgBuilder]: Building CFG for each procedure with an implementation [2025-02-05 15:50:55,545 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint cleanupFINAL: assume true; [2025-02-05 15:50:55,633 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L758-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~8#1; [2025-02-05 15:50:55,633 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L694-1: isMethaneAlarm_#res#1 := isMethaneAlarm_~retValue_acc~6#1; [2025-02-05 15:50:55,633 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L513-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~5#1; [2025-02-05 15:50:55,633 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L703-1: isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; [2025-02-05 15:50:55,636 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L467: #res := ~retValue_acc~3; [2025-02-05 15:50:55,699 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L839-1: valid_product_#res#1 := valid_product_~retValue_acc~10#1; [2025-02-05 15:50:55,699 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L935-1: main_#res#1 := main_~retValue_acc~11#1; [2025-02-05 15:50:55,721 INFO L? ?]: Removed 40 outVars from TransFormulas that were not future-live. [2025-02-05 15:50:55,725 INFO L308 CfgBuilder]: Performing block encoding [2025-02-05 15:50:55,734 INFO L332 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-02-05 15:50:55,735 INFO L337 CfgBuilder]: Removed 0 assume(true) statements. [2025-02-05 15:50:55,735 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:50:55 BoogieIcfgContainer [2025-02-05 15:50:55,735 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-02-05 15:50:55,737 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-02-05 15:50:55,737 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-02-05 15:50:55,740 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-02-05 15:50:55,740 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 05.02 03:50:54" (1/3) ... [2025-02-05 15:50:55,741 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2c75cb86 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 05.02 03:50:55, skipping insertion in model container [2025-02-05 15:50:55,741 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (2/3) ... [2025-02-05 15:50:55,741 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2c75cb86 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 05.02 03:50:55, skipping insertion in model container [2025-02-05 15:50:55,741 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:50:55" (3/3) ... [2025-02-05 15:50:55,742 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product42.cil.c [2025-02-05 15:50:55,753 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-02-05 15:50:55,754 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec1_product42.cil.c that has 7 procedures, 79 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-02-05 15:50:55,794 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-02-05 15:50:55,801 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@59b71ead, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-02-05 15:50:55,802 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-02-05 15:50:55,804 INFO L276 IsEmpty]: Start isEmpty. Operand has 78 states, 60 states have (on average 1.3666666666666667) internal successors, (82), 66 states have internal predecessors, (82), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2025-02-05 15:50:55,811 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2025-02-05 15:50:55,811 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:55,811 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:55,812 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:55,816 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:55,816 INFO L85 PathProgramCache]: Analyzing trace with hash -1137952870, now seen corresponding path program 1 times [2025-02-05 15:50:55,821 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:55,821 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1951603592] [2025-02-05 15:50:55,822 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:55,823 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:55,888 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 23 statements into 1 equivalence classes. [2025-02-05 15:50:55,903 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 23 of 23 statements. [2025-02-05 15:50:55,903 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:55,903 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:55,953 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:55,954 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:55,954 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1951603592] [2025-02-05 15:50:55,955 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1951603592] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:55,955 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:55,955 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2025-02-05 15:50:55,956 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [370170903] [2025-02-05 15:50:55,956 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:55,959 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-02-05 15:50:55,959 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:55,972 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-02-05 15:50:55,973 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-02-05 15:50:55,975 INFO L87 Difference]: Start difference. First operand has 78 states, 60 states have (on average 1.3666666666666667) internal successors, (82), 66 states have internal predecessors, (82), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) Second operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:55,996 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:55,997 INFO L93 Difference]: Finished difference Result 140 states and 189 transitions. [2025-02-05 15:50:55,997 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-02-05 15:50:55,998 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2025-02-05 15:50:55,998 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:56,003 INFO L225 Difference]: With dead ends: 140 [2025-02-05 15:50:56,003 INFO L226 Difference]: Without dead ends: 70 [2025-02-05 15:50:56,005 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-02-05 15:50:56,007 INFO L435 NwaCegarLoop]: 95 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 95 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:56,007 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 95 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:56,016 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 70 states. [2025-02-05 15:50:56,029 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 70 to 70. [2025-02-05 15:50:56,030 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 70 states, 54 states have (on average 1.3148148148148149) internal successors, (71), 59 states have internal predecessors, (71), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2025-02-05 15:50:56,032 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 70 states to 70 states and 90 transitions. [2025-02-05 15:50:56,037 INFO L78 Accepts]: Start accepts. Automaton has 70 states and 90 transitions. Word has length 23 [2025-02-05 15:50:56,037 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:56,037 INFO L471 AbstractCegarLoop]: Abstraction has 70 states and 90 transitions. [2025-02-05 15:50:56,037 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:56,037 INFO L276 IsEmpty]: Start isEmpty. Operand 70 states and 90 transitions. [2025-02-05 15:50:56,038 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2025-02-05 15:50:56,038 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:56,038 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:56,039 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-02-05 15:50:56,039 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:56,039 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:56,039 INFO L85 PathProgramCache]: Analyzing trace with hash -610010780, now seen corresponding path program 1 times [2025-02-05 15:50:56,039 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:56,039 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [761418105] [2025-02-05 15:50:56,039 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:56,040 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:56,047 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 24 statements into 1 equivalence classes. [2025-02-05 15:50:56,052 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 24 of 24 statements. [2025-02-05 15:50:56,053 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:56,053 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:56,116 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:56,117 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:56,117 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [761418105] [2025-02-05 15:50:56,117 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [761418105] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:56,117 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:56,117 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-02-05 15:50:56,117 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [154427889] [2025-02-05 15:50:56,117 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:56,118 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:50:56,118 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:56,119 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:50:56,119 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:50:56,119 INFO L87 Difference]: Start difference. First operand 70 states and 90 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:56,131 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:56,131 INFO L93 Difference]: Finished difference Result 106 states and 136 transitions. [2025-02-05 15:50:56,132 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:50:56,132 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2025-02-05 15:50:56,132 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:56,133 INFO L225 Difference]: With dead ends: 106 [2025-02-05 15:50:56,133 INFO L226 Difference]: Without dead ends: 61 [2025-02-05 15:50:56,134 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:50:56,134 INFO L435 NwaCegarLoop]: 77 mSDtfsCounter, 12 mSDsluCounter, 61 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 138 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:56,135 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [15 Valid, 138 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:56,135 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 61 states. [2025-02-05 15:50:56,138 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 61 to 61. [2025-02-05 15:50:56,138 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 61 states, 48 states have (on average 1.3333333333333333) internal successors, (64), 53 states have internal predecessors, (64), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2025-02-05 15:50:56,139 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 61 states to 61 states and 78 transitions. [2025-02-05 15:50:56,139 INFO L78 Accepts]: Start accepts. Automaton has 61 states and 78 transitions. Word has length 24 [2025-02-05 15:50:56,139 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:56,139 INFO L471 AbstractCegarLoop]: Abstraction has 61 states and 78 transitions. [2025-02-05 15:50:56,140 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:56,140 INFO L276 IsEmpty]: Start isEmpty. Operand 61 states and 78 transitions. [2025-02-05 15:50:56,140 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2025-02-05 15:50:56,140 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:56,140 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:56,141 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-02-05 15:50:56,141 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:56,141 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:56,141 INFO L85 PathProgramCache]: Analyzing trace with hash -508716584, now seen corresponding path program 1 times [2025-02-05 15:50:56,141 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:56,141 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1073072882] [2025-02-05 15:50:56,142 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:56,142 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:56,148 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 28 statements into 1 equivalence classes. [2025-02-05 15:50:56,155 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 28 of 28 statements. [2025-02-05 15:50:56,155 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:56,156 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:56,251 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:56,252 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:56,252 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1073072882] [2025-02-05 15:50:56,252 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1073072882] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:56,252 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:56,252 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-02-05 15:50:56,252 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1681247168] [2025-02-05 15:50:56,252 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:56,253 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:50:56,253 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:56,253 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:50:56,253 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:50:56,253 INFO L87 Difference]: Start difference. First operand 61 states and 78 transitions. Second operand has 5 states, 5 states have (on average 5.0) internal successors, (25), 5 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:56,302 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:56,302 INFO L93 Difference]: Finished difference Result 115 states and 150 transitions. [2025-02-05 15:50:56,306 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:50:56,306 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.0) internal successors, (25), 5 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 28 [2025-02-05 15:50:56,306 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:56,307 INFO L225 Difference]: With dead ends: 115 [2025-02-05 15:50:56,307 INFO L226 Difference]: Without dead ends: 61 [2025-02-05 15:50:56,307 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-02-05 15:50:56,308 INFO L435 NwaCegarLoop]: 74 mSDtfsCounter, 72 mSDsluCounter, 146 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 72 SdHoareTripleChecker+Valid, 220 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:56,308 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [72 Valid, 220 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:56,308 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 61 states. [2025-02-05 15:50:56,314 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 61 to 61. [2025-02-05 15:50:56,314 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 61 states, 48 states have (on average 1.3125) internal successors, (63), 53 states have internal predecessors, (63), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2025-02-05 15:50:56,318 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 61 states to 61 states and 77 transitions. [2025-02-05 15:50:56,318 INFO L78 Accepts]: Start accepts. Automaton has 61 states and 77 transitions. Word has length 28 [2025-02-05 15:50:56,318 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:56,318 INFO L471 AbstractCegarLoop]: Abstraction has 61 states and 77 transitions. [2025-02-05 15:50:56,318 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.0) internal successors, (25), 5 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:56,318 INFO L276 IsEmpty]: Start isEmpty. Operand 61 states and 77 transitions. [2025-02-05 15:50:56,319 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2025-02-05 15:50:56,319 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:56,319 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:56,319 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-02-05 15:50:56,319 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:56,319 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:56,320 INFO L85 PathProgramCache]: Analyzing trace with hash -238061497, now seen corresponding path program 1 times [2025-02-05 15:50:56,320 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:56,320 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1373561841] [2025-02-05 15:50:56,320 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:56,320 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:56,326 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 33 statements into 1 equivalence classes. [2025-02-05 15:50:56,336 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 33 of 33 statements. [2025-02-05 15:50:56,336 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:56,336 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:56,372 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:56,372 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:56,372 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1373561841] [2025-02-05 15:50:56,375 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1373561841] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:56,375 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:56,376 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-02-05 15:50:56,376 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [443360164] [2025-02-05 15:50:56,376 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:56,376 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:50:56,376 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:56,376 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:50:56,376 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:50:56,376 INFO L87 Difference]: Start difference. First operand 61 states and 77 transitions. Second operand has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:56,412 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:56,412 INFO L93 Difference]: Finished difference Result 154 states and 198 transitions. [2025-02-05 15:50:56,413 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:50:56,413 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2025-02-05 15:50:56,413 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:56,414 INFO L225 Difference]: With dead ends: 154 [2025-02-05 15:50:56,414 INFO L226 Difference]: Without dead ends: 100 [2025-02-05 15:50:56,414 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:50:56,415 INFO L435 NwaCegarLoop]: 85 mSDtfsCounter, 66 mSDsluCounter, 48 mSDsCounter, 0 mSdLazyCounter, 7 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 66 SdHoareTripleChecker+Valid, 133 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 7 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:56,415 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [66 Valid, 133 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 7 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:56,415 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 100 states. [2025-02-05 15:50:56,428 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 100 to 98. [2025-02-05 15:50:56,428 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 98 states, 76 states have (on average 1.3026315789473684) internal successors, (99), 83 states have internal predecessors, (99), 11 states have call successors, (11), 10 states have call predecessors, (11), 10 states have return successors, (13), 11 states have call predecessors, (13), 11 states have call successors, (13) [2025-02-05 15:50:56,429 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 98 states to 98 states and 123 transitions. [2025-02-05 15:50:56,429 INFO L78 Accepts]: Start accepts. Automaton has 98 states and 123 transitions. Word has length 33 [2025-02-05 15:50:56,431 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:56,431 INFO L471 AbstractCegarLoop]: Abstraction has 98 states and 123 transitions. [2025-02-05 15:50:56,432 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:56,432 INFO L276 IsEmpty]: Start isEmpty. Operand 98 states and 123 transitions. [2025-02-05 15:50:56,432 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 40 [2025-02-05 15:50:56,433 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:56,434 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:56,434 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-02-05 15:50:56,434 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:56,434 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:56,434 INFO L85 PathProgramCache]: Analyzing trace with hash -1657906749, now seen corresponding path program 1 times [2025-02-05 15:50:56,434 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:56,434 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [563124148] [2025-02-05 15:50:56,435 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:56,435 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:56,443 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 39 statements into 1 equivalence classes. [2025-02-05 15:50:56,450 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 39 of 39 statements. [2025-02-05 15:50:56,450 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:56,450 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:56,517 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:56,517 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:56,517 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [563124148] [2025-02-05 15:50:56,517 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [563124148] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:56,517 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:56,517 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-02-05 15:50:56,517 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [713150930] [2025-02-05 15:50:56,517 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:56,517 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:50:56,517 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:56,518 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:50:56,518 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:50:56,518 INFO L87 Difference]: Start difference. First operand 98 states and 123 transitions. Second operand has 5 states, 5 states have (on average 6.8) internal successors, (34), 5 states have internal predecessors, (34), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:56,557 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:56,557 INFO L93 Difference]: Finished difference Result 100 states and 124 transitions. [2025-02-05 15:50:56,557 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:50:56,558 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.8) internal successors, (34), 5 states have internal predecessors, (34), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 39 [2025-02-05 15:50:56,558 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:56,558 INFO L225 Difference]: With dead ends: 100 [2025-02-05 15:50:56,559 INFO L226 Difference]: Without dead ends: 98 [2025-02-05 15:50:56,559 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-02-05 15:50:56,559 INFO L435 NwaCegarLoop]: 81 mSDtfsCounter, 52 mSDsluCounter, 202 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 52 SdHoareTripleChecker+Valid, 283 SdHoareTripleChecker+Invalid, 27 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:56,559 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [52 Valid, 283 Invalid, 27 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:56,560 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 98 states. [2025-02-05 15:50:56,566 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 98 to 98. [2025-02-05 15:50:56,566 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 98 states, 76 states have (on average 1.2894736842105263) internal successors, (98), 83 states have internal predecessors, (98), 11 states have call successors, (11), 10 states have call predecessors, (11), 10 states have return successors, (13), 11 states have call predecessors, (13), 11 states have call successors, (13) [2025-02-05 15:50:56,567 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 98 states to 98 states and 122 transitions. [2025-02-05 15:50:56,567 INFO L78 Accepts]: Start accepts. Automaton has 98 states and 122 transitions. Word has length 39 [2025-02-05 15:50:56,567 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:56,567 INFO L471 AbstractCegarLoop]: Abstraction has 98 states and 122 transitions. [2025-02-05 15:50:56,567 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.8) internal successors, (34), 5 states have internal predecessors, (34), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:56,567 INFO L276 IsEmpty]: Start isEmpty. Operand 98 states and 122 transitions. [2025-02-05 15:50:56,568 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2025-02-05 15:50:56,568 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:56,568 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:56,568 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-02-05 15:50:56,569 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:56,569 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:56,569 INFO L85 PathProgramCache]: Analyzing trace with hash 1417885707, now seen corresponding path program 1 times [2025-02-05 15:50:56,569 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:56,569 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1832913749] [2025-02-05 15:50:56,569 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:56,569 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:56,575 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 45 statements into 1 equivalence classes. [2025-02-05 15:50:56,580 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 45 of 45 statements. [2025-02-05 15:50:56,580 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:56,580 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:56,638 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-02-05 15:50:56,638 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:56,638 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1832913749] [2025-02-05 15:50:56,639 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1832913749] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:56,640 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:56,640 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-02-05 15:50:56,640 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [818313106] [2025-02-05 15:50:56,640 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:56,640 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:50:56,640 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:56,640 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:50:56,641 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:50:56,641 INFO L87 Difference]: Start difference. First operand 98 states and 122 transitions. Second operand has 5 states, 5 states have (on average 7.6) internal successors, (38), 5 states have internal predecessors, (38), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:56,671 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:56,671 INFO L93 Difference]: Finished difference Result 192 states and 245 transitions. [2025-02-05 15:50:56,671 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:50:56,672 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.6) internal successors, (38), 5 states have internal predecessors, (38), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 45 [2025-02-05 15:50:56,672 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:56,673 INFO L225 Difference]: With dead ends: 192 [2025-02-05 15:50:56,675 INFO L226 Difference]: Without dead ends: 101 [2025-02-05 15:50:56,675 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:50:56,676 INFO L435 NwaCegarLoop]: 74 mSDtfsCounter, 0 mSDsluCounter, 215 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 289 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:56,678 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 289 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:56,678 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 101 states. [2025-02-05 15:50:56,686 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 101 to 101. [2025-02-05 15:50:56,687 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 101 states, 79 states have (on average 1.2784810126582278) internal successors, (101), 86 states have internal predecessors, (101), 11 states have call successors, (11), 10 states have call predecessors, (11), 10 states have return successors, (13), 11 states have call predecessors, (13), 11 states have call successors, (13) [2025-02-05 15:50:56,688 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 101 states to 101 states and 125 transitions. [2025-02-05 15:50:56,690 INFO L78 Accepts]: Start accepts. Automaton has 101 states and 125 transitions. Word has length 45 [2025-02-05 15:50:56,691 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:56,691 INFO L471 AbstractCegarLoop]: Abstraction has 101 states and 125 transitions. [2025-02-05 15:50:56,691 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.6) internal successors, (38), 5 states have internal predecessors, (38), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:56,691 INFO L276 IsEmpty]: Start isEmpty. Operand 101 states and 125 transitions. [2025-02-05 15:50:56,692 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2025-02-05 15:50:56,692 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:56,692 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:56,692 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-02-05 15:50:56,692 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:56,692 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:56,692 INFO L85 PathProgramCache]: Analyzing trace with hash 1350878954, now seen corresponding path program 1 times [2025-02-05 15:50:56,692 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:56,693 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1652249171] [2025-02-05 15:50:56,694 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:56,694 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:56,701 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 45 statements into 1 equivalence classes. [2025-02-05 15:50:56,704 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 45 of 45 statements. [2025-02-05 15:50:56,707 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:56,707 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:56,770 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-02-05 15:50:56,770 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:56,770 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1652249171] [2025-02-05 15:50:56,771 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1652249171] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:56,771 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:56,771 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-02-05 15:50:56,771 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [563412460] [2025-02-05 15:50:56,771 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:56,771 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-02-05 15:50:56,771 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:56,772 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-02-05 15:50:56,772 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-02-05 15:50:56,772 INFO L87 Difference]: Start difference. First operand 101 states and 125 transitions. Second operand has 4 states, 4 states have (on average 9.5) internal successors, (38), 4 states have internal predecessors, (38), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:56,799 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:56,799 INFO L93 Difference]: Finished difference Result 197 states and 250 transitions. [2025-02-05 15:50:56,799 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-02-05 15:50:56,800 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 9.5) internal successors, (38), 4 states have internal predecessors, (38), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 45 [2025-02-05 15:50:56,800 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:56,801 INFO L225 Difference]: With dead ends: 197 [2025-02-05 15:50:56,802 INFO L226 Difference]: Without dead ends: 103 [2025-02-05 15:50:56,802 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-02-05 15:50:56,803 INFO L435 NwaCegarLoop]: 75 mSDtfsCounter, 0 mSDsluCounter, 144 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 219 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:56,804 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 219 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:56,805 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 103 states. [2025-02-05 15:50:56,813 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 103 to 103. [2025-02-05 15:50:56,816 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 103 states, 81 states have (on average 1.271604938271605) internal successors, (103), 88 states have internal predecessors, (103), 11 states have call successors, (11), 10 states have call predecessors, (11), 10 states have return successors, (13), 11 states have call predecessors, (13), 11 states have call successors, (13) [2025-02-05 15:50:56,817 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 103 states to 103 states and 127 transitions. [2025-02-05 15:50:56,817 INFO L78 Accepts]: Start accepts. Automaton has 103 states and 127 transitions. Word has length 45 [2025-02-05 15:50:56,817 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:56,817 INFO L471 AbstractCegarLoop]: Abstraction has 103 states and 127 transitions. [2025-02-05 15:50:56,817 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 9.5) internal successors, (38), 4 states have internal predecessors, (38), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:56,818 INFO L276 IsEmpty]: Start isEmpty. Operand 103 states and 127 transitions. [2025-02-05 15:50:56,818 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2025-02-05 15:50:56,819 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:56,820 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:56,820 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-02-05 15:50:56,820 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:56,820 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:56,821 INFO L85 PathProgramCache]: Analyzing trace with hash 1412918568, now seen corresponding path program 1 times [2025-02-05 15:50:56,821 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:56,821 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1652664571] [2025-02-05 15:50:56,821 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:56,821 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:56,829 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 45 statements into 1 equivalence classes. [2025-02-05 15:50:56,834 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 45 of 45 statements. [2025-02-05 15:50:56,834 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:56,834 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:56,876 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-02-05 15:50:56,877 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:56,877 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1652664571] [2025-02-05 15:50:56,877 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1652664571] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:56,877 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:56,877 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-02-05 15:50:56,877 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1510636287] [2025-02-05 15:50:56,877 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:56,877 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:50:56,877 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:56,877 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:50:56,878 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:50:56,878 INFO L87 Difference]: Start difference. First operand 103 states and 127 transitions. Second operand has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:56,897 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:56,898 INFO L93 Difference]: Finished difference Result 240 states and 300 transitions. [2025-02-05 15:50:56,900 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:50:56,901 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 45 [2025-02-05 15:50:56,901 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:56,902 INFO L225 Difference]: With dead ends: 240 [2025-02-05 15:50:56,902 INFO L226 Difference]: Without dead ends: 144 [2025-02-05 15:50:56,902 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:50:56,902 INFO L435 NwaCegarLoop]: 77 mSDtfsCounter, 34 mSDsluCounter, 64 mSDsCounter, 0 mSdLazyCounter, 8 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 34 SdHoareTripleChecker+Valid, 141 SdHoareTripleChecker+Invalid, 9 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 8 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:56,903 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [34 Valid, 141 Invalid, 9 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 8 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:56,903 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 144 states. [2025-02-05 15:50:56,912 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 144 to 144. [2025-02-05 15:50:56,912 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 144 states, 113 states have (on average 1.247787610619469) internal successors, (141), 121 states have internal predecessors, (141), 16 states have call successors, (16), 15 states have call predecessors, (16), 14 states have return successors, (18), 15 states have call predecessors, (18), 16 states have call successors, (18) [2025-02-05 15:50:56,913 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 144 states to 144 states and 175 transitions. [2025-02-05 15:50:56,913 INFO L78 Accepts]: Start accepts. Automaton has 144 states and 175 transitions. Word has length 45 [2025-02-05 15:50:56,913 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:56,913 INFO L471 AbstractCegarLoop]: Abstraction has 144 states and 175 transitions. [2025-02-05 15:50:56,913 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:56,913 INFO L276 IsEmpty]: Start isEmpty. Operand 144 states and 175 transitions. [2025-02-05 15:50:56,914 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2025-02-05 15:50:56,914 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:56,914 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:56,914 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-02-05 15:50:56,914 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:56,914 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:56,914 INFO L85 PathProgramCache]: Analyzing trace with hash -1518106934, now seen corresponding path program 1 times [2025-02-05 15:50:56,914 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:56,914 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1758736812] [2025-02-05 15:50:56,914 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:56,915 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:56,920 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 49 statements into 1 equivalence classes. [2025-02-05 15:50:56,924 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 49 of 49 statements. [2025-02-05 15:50:56,925 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:56,926 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:57,033 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-02-05 15:50:57,034 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:57,034 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1758736812] [2025-02-05 15:50:57,034 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1758736812] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:57,034 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:57,035 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2025-02-05 15:50:57,035 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1220744444] [2025-02-05 15:50:57,035 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:57,035 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2025-02-05 15:50:57,035 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:57,035 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2025-02-05 15:50:57,035 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=57, Unknown=0, NotChecked=0, Total=72 [2025-02-05 15:50:57,036 INFO L87 Difference]: Start difference. First operand 144 states and 175 transitions. Second operand has 9 states, 9 states have (on average 4.444444444444445) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2025-02-05 15:50:57,197 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:57,197 INFO L93 Difference]: Finished difference Result 407 states and 514 transitions. [2025-02-05 15:50:57,198 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2025-02-05 15:50:57,198 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 4.444444444444445) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) Word has length 49 [2025-02-05 15:50:57,198 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:57,200 INFO L225 Difference]: With dead ends: 407 [2025-02-05 15:50:57,200 INFO L226 Difference]: Without dead ends: 270 [2025-02-05 15:50:57,200 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=39, Invalid=171, Unknown=0, NotChecked=0, Total=210 [2025-02-05 15:50:57,201 INFO L435 NwaCegarLoop]: 71 mSDtfsCounter, 62 mSDsluCounter, 411 mSDsCounter, 0 mSdLazyCounter, 133 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 64 SdHoareTripleChecker+Valid, 482 SdHoareTripleChecker+Invalid, 137 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 133 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:57,201 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [64 Valid, 482 Invalid, 137 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 133 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-02-05 15:50:57,201 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 270 states. [2025-02-05 15:50:57,223 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 270 to 270. [2025-02-05 15:50:57,224 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 270 states, 209 states have (on average 1.229665071770335) internal successors, (257), 222 states have internal predecessors, (257), 32 states have call successors, (32), 30 states have call predecessors, (32), 28 states have return successors, (40), 30 states have call predecessors, (40), 32 states have call successors, (40) [2025-02-05 15:50:57,225 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 270 states to 270 states and 329 transitions. [2025-02-05 15:50:57,225 INFO L78 Accepts]: Start accepts. Automaton has 270 states and 329 transitions. Word has length 49 [2025-02-05 15:50:57,225 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:57,226 INFO L471 AbstractCegarLoop]: Abstraction has 270 states and 329 transitions. [2025-02-05 15:50:57,226 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 4.444444444444445) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2025-02-05 15:50:57,226 INFO L276 IsEmpty]: Start isEmpty. Operand 270 states and 329 transitions. [2025-02-05 15:50:57,227 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 86 [2025-02-05 15:50:57,227 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:57,227 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:57,228 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-02-05 15:50:57,228 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:57,228 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:57,228 INFO L85 PathProgramCache]: Analyzing trace with hash -1731542534, now seen corresponding path program 1 times [2025-02-05 15:50:57,228 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:57,228 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [625326289] [2025-02-05 15:50:57,228 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:57,228 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:57,236 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 85 statements into 1 equivalence classes. [2025-02-05 15:50:57,240 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 85 of 85 statements. [2025-02-05 15:50:57,240 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:57,240 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:57,367 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 18 proven. 6 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2025-02-05 15:50:57,367 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:57,367 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [625326289] [2025-02-05 15:50:57,367 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [625326289] provided 0 perfect and 1 imperfect interpolant sequences [2025-02-05 15:50:57,368 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1672056610] [2025-02-05 15:50:57,368 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:57,368 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-02-05 15:50:57,368 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-02-05 15:50:57,370 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-02-05 15:50:57,371 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-02-05 15:50:57,410 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 85 statements into 1 equivalence classes. [2025-02-05 15:50:57,440 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 85 of 85 statements. [2025-02-05 15:50:57,441 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:57,441 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:57,443 INFO L256 TraceCheckSpWp]: Trace formula consists of 288 conjuncts, 8 conjuncts are in the unsatisfiable core [2025-02-05 15:50:57,447 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-02-05 15:50:57,592 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 22 proven. 0 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2025-02-05 15:50:57,592 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-02-05 15:50:57,593 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1672056610] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:57,593 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-02-05 15:50:57,593 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [11] total 16 [2025-02-05 15:50:57,593 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [630750072] [2025-02-05 15:50:57,593 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:57,594 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2025-02-05 15:50:57,594 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:57,594 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2025-02-05 15:50:57,594 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=40, Invalid=200, Unknown=0, NotChecked=0, Total=240 [2025-02-05 15:50:57,595 INFO L87 Difference]: Start difference. First operand 270 states and 329 transitions. Second operand has 7 states, 7 states have (on average 9.0) internal successors, (63), 6 states have internal predecessors, (63), 3 states have call successors, (8), 3 states have call predecessors, (8), 4 states have return successors, (7), 4 states have call predecessors, (7), 3 states have call successors, (7) [2025-02-05 15:50:57,700 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:57,701 INFO L93 Difference]: Finished difference Result 533 states and 651 transitions. [2025-02-05 15:50:57,701 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-02-05 15:50:57,701 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 9.0) internal successors, (63), 6 states have internal predecessors, (63), 3 states have call successors, (8), 3 states have call predecessors, (8), 4 states have return successors, (7), 4 states have call predecessors, (7), 3 states have call successors, (7) Word has length 85 [2025-02-05 15:50:57,702 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:57,703 INFO L225 Difference]: With dead ends: 533 [2025-02-05 15:50:57,703 INFO L226 Difference]: Without dead ends: 270 [2025-02-05 15:50:57,704 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 96 GetRequests, 82 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 13 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=40, Invalid=200, Unknown=0, NotChecked=0, Total=240 [2025-02-05 15:50:57,705 INFO L435 NwaCegarLoop]: 131 mSDtfsCounter, 44 mSDsluCounter, 445 mSDsCounter, 0 mSdLazyCounter, 100 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 45 SdHoareTripleChecker+Valid, 576 SdHoareTripleChecker+Invalid, 101 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 100 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:57,705 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [45 Valid, 576 Invalid, 101 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 100 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-02-05 15:50:57,705 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 270 states. [2025-02-05 15:50:57,726 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 270 to 270. [2025-02-05 15:50:57,727 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 270 states, 209 states have (on average 1.2105263157894737) internal successors, (253), 222 states have internal predecessors, (253), 32 states have call successors, (32), 30 states have call predecessors, (32), 28 states have return successors, (35), 30 states have call predecessors, (35), 32 states have call successors, (35) [2025-02-05 15:50:57,728 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 270 states to 270 states and 320 transitions. [2025-02-05 15:50:57,728 INFO L78 Accepts]: Start accepts. Automaton has 270 states and 320 transitions. Word has length 85 [2025-02-05 15:50:57,729 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:57,729 INFO L471 AbstractCegarLoop]: Abstraction has 270 states and 320 transitions. [2025-02-05 15:50:57,729 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 9.0) internal successors, (63), 6 states have internal predecessors, (63), 3 states have call successors, (8), 3 states have call predecessors, (8), 4 states have return successors, (7), 4 states have call predecessors, (7), 3 states have call successors, (7) [2025-02-05 15:50:57,729 INFO L276 IsEmpty]: Start isEmpty. Operand 270 states and 320 transitions. [2025-02-05 15:50:57,730 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 82 [2025-02-05 15:50:57,730 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:57,731 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:57,737 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2025-02-05 15:50:57,935 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2025-02-05 15:50:57,935 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:57,936 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:57,936 INFO L85 PathProgramCache]: Analyzing trace with hash -1966185511, now seen corresponding path program 1 times [2025-02-05 15:50:57,936 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:57,936 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1436927615] [2025-02-05 15:50:57,936 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:57,936 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:57,946 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 81 statements into 1 equivalence classes. [2025-02-05 15:50:57,959 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 81 of 81 statements. [2025-02-05 15:50:57,959 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:57,959 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-02-05 15:50:57,959 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-02-05 15:50:57,965 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 81 statements into 1 equivalence classes. [2025-02-05 15:50:57,972 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 81 of 81 statements. [2025-02-05 15:50:57,972 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:57,972 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-02-05 15:50:57,998 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-02-05 15:50:57,998 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-02-05 15:50:57,999 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-02-05 15:50:58,000 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2025-02-05 15:50:58,003 INFO L422 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:58,064 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-02-05 15:50:58,067 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 05.02 03:50:58 BoogieIcfgContainer [2025-02-05 15:50:58,067 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-02-05 15:50:58,068 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-02-05 15:50:58,068 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-02-05 15:50:58,068 INFO L274 PluginConnector]: Witness Printer initialized [2025-02-05 15:50:58,069 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:50:55" (3/4) ... [2025-02-05 15:50:58,069 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-02-05 15:50:58,141 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 71. [2025-02-05 15:50:58,220 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-02-05 15:50:58,220 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.yml [2025-02-05 15:50:58,220 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-02-05 15:50:58,221 INFO L158 Benchmark]: Toolchain (without parser) took 3269.26ms. Allocated memory was 142.6MB in the beginning and 369.1MB in the end (delta: 226.5MB). Free memory was 111.4MB in the beginning and 228.2MB in the end (delta: -116.9MB). Peak memory consumption was 111.4MB. Max. memory is 16.1GB. [2025-02-05 15:50:58,221 INFO L158 Benchmark]: CDTParser took 0.14ms. Allocated memory is still 201.3MB. Free memory is still 122.8MB. There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:50:58,221 INFO L158 Benchmark]: CACSL2BoogieTranslator took 328.74ms. Allocated memory is still 142.6MB. Free memory was 111.4MB in the beginning and 92.8MB in the end (delta: 18.6MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-02-05 15:50:58,221 INFO L158 Benchmark]: Boogie Procedure Inliner took 44.43ms. Allocated memory is still 142.6MB. Free memory was 92.8MB in the beginning and 91.4MB in the end (delta: 1.4MB). There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:50:58,221 INFO L158 Benchmark]: Boogie Preprocessor took 41.36ms. Allocated memory is still 142.6MB. Free memory was 91.4MB in the beginning and 89.7MB in the end (delta: 1.7MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-02-05 15:50:58,225 INFO L158 Benchmark]: IcfgBuilder took 364.67ms. Allocated memory is still 142.6MB. Free memory was 89.7MB in the beginning and 72.5MB in the end (delta: 17.2MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-02-05 15:50:58,225 INFO L158 Benchmark]: TraceAbstraction took 2330.72ms. Allocated memory was 142.6MB in the beginning and 369.1MB in the end (delta: 226.5MB). Free memory was 72.0MB in the beginning and 238.7MB in the end (delta: -166.7MB). Peak memory consumption was 61.1MB. Max. memory is 16.1GB. [2025-02-05 15:50:58,225 INFO L158 Benchmark]: Witness Printer took 152.13ms. Allocated memory is still 369.1MB. Free memory was 238.7MB in the beginning and 228.2MB in the end (delta: 10.5MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-02-05 15:50:58,226 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.14ms. Allocated memory is still 201.3MB. Free memory is still 122.8MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 328.74ms. Allocated memory is still 142.6MB. Free memory was 111.4MB in the beginning and 92.8MB in the end (delta: 18.6MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 44.43ms. Allocated memory is still 142.6MB. Free memory was 92.8MB in the beginning and 91.4MB in the end (delta: 1.4MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 41.36ms. Allocated memory is still 142.6MB. Free memory was 91.4MB in the beginning and 89.7MB in the end (delta: 1.7MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * IcfgBuilder took 364.67ms. Allocated memory is still 142.6MB. Free memory was 89.7MB in the beginning and 72.5MB in the end (delta: 17.2MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 2330.72ms. Allocated memory was 142.6MB in the beginning and 369.1MB in the end (delta: 226.5MB). Free memory was 72.0MB in the beginning and 238.7MB in the end (delta: -166.7MB). Peak memory consumption was 61.1MB. Max. memory is 16.1GB. * Witness Printer took 152.13ms. Allocated memory is still 369.1MB. Free memory was 238.7MB in the beginning and 228.2MB in the end (delta: 10.5MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] - GenericResultAtLocation [Line: 415]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [415] - GenericResultAtLocation [Line: 516]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [516] - GenericResultAtLocation [Line: 586]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [586] - GenericResultAtLocation [Line: 769]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [769] - GenericResultAtLocation [Line: 778]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [778] - GenericResultAtLocation [Line: 804]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [804] - GenericResultAtLocation [Line: 842]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [842] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 774]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L219] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; [L423] int waterLevel = 1; [L424] int methaneLevelCritical = 0; [L591] int pumpRunning = 0; [L592] int systemActive = 1; [L843] int cleanupTimeShifts = 4; VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L916] int retValue_acc ; [L917] int tmp ; [L921] FCALL select_helpers() [L922] FCALL select_features() [L923] CALL, EXPR valid_product() [L834] int retValue_acc ; [L837] retValue_acc = 1 [L838] return (retValue_acc); VAL [\result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L923] RET, EXPR valid_product() [L923] tmp = valid_product() [L925] COND TRUE \read(tmp) [L927] FCALL setup() [L928] CALL runTest() [L910] CALL test() [L521] int splverifierCounter ; [L522] int tmp ; [L523] int tmp___0 ; [L524] int tmp___1 ; [L525] int tmp___2 ; [L528] splverifierCounter = 0 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L530] COND TRUE 1 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L532] COND TRUE splverifierCounter < 4 [L538] tmp = __VERIFIER_nondet_int() [L540] COND TRUE \read(tmp) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L542] CALL waterRise() VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L441] COND TRUE waterLevel < 2 [L442] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L542] RET waterRise() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L548] tmp___0 = __VERIFIER_nondet_int() [L550] COND FALSE !(\read(tmp___0)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L558] tmp___2 = __VERIFIER_nondet_int() [L560] COND TRUE \read(tmp___2) [L562] CALL startSystem() [L765] systemActive = 1 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L562] RET startSystem() [L575] CALL timeShift() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L599] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L606] COND TRUE \read(systemActive) [L608] CALL processEnvironment() [L628] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L631] COND TRUE ! pumpRunning [L633] CALL, EXPR isHighWaterLevel() [L743] int retValue_acc ; [L744] int tmp ; [L745] int tmp___0 ; [L749] CALL, EXPR isHighWaterSensorDry() [L503] int retValue_acc ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L506] COND FALSE !(waterLevel < 2) [L510] retValue_acc = 0 [L511] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L749] RET, EXPR isHighWaterSensorDry() [L749] tmp = isHighWaterSensorDry() [L751] COND FALSE !(\read(tmp)) [L754] tmp___0 = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L756] retValue_acc = tmp___0 [L757] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L633] RET, EXPR isHighWaterLevel() [L633] tmp = isHighWaterLevel() [L635] COND TRUE \read(tmp) [L637] CALL activatePump() [L662] int tmp ; [L666] CALL, EXPR isMethaneAlarm() [L687] int retValue_acc ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L691] CALL, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L462] int retValue_acc ; [L465] retValue_acc = methaneLevelCritical [L466] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L691] RET, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L691] retValue_acc = isMethaneLevelCritical() [L693] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L666] RET, EXPR isMethaneAlarm() [L666] tmp = isMethaneAlarm() [L668] COND FALSE !(\read(tmp)) [L672] CALL activatePump__wrappee__highWaterSensor() [L656] pumpRunning = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L672] RET activatePump__wrappee__highWaterSensor() [L637] RET activatePump() [L608] RET processEnvironment() [L614] CALL __utac_acc__Specification1_spec__1() [L780] int tmp ; [L781] int tmp___0 ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L785] CALL, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L462] int retValue_acc ; [L465] retValue_acc = methaneLevelCritical [L466] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L785] RET, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L785] tmp = isMethaneLevelCritical() [L787] COND FALSE !(\read(tmp)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L614] RET __utac_acc__Specification1_spec__1() [L575] RET timeShift() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L530] COND TRUE 1 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L532] COND TRUE splverifierCounter < 4 [L538] tmp = __VERIFIER_nondet_int() [L540] COND FALSE !(\read(tmp)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L548] tmp___0 = __VERIFIER_nondet_int() [L550] COND TRUE \read(tmp___0) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L552] CALL changeMethaneLevel() VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L453] COND FALSE !(\read(methaneLevelCritical)) [L456] methaneLevelCritical = 1 VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L552] RET changeMethaneLevel() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L558] tmp___2 = __VERIFIER_nondet_int() [L560] COND TRUE \read(tmp___2) [L562] CALL startSystem() [L765] systemActive = 1 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L562] RET startSystem() [L575] CALL timeShift() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L599] COND TRUE \read(pumpRunning) [L601] CALL lowerWaterLevel() [L429] COND TRUE waterLevel > 0 [L430] waterLevel = waterLevel - 1 VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L601] RET lowerWaterLevel() [L606] COND TRUE \read(systemActive) [L608] CALL processEnvironment() [L628] int tmp ; VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L631] COND FALSE !(! pumpRunning) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L646] FCALL processEnvironment__wrappee__base() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L608] RET processEnvironment() [L614] CALL __utac_acc__Specification1_spec__1() [L780] int tmp ; [L781] int tmp___0 ; VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L785] CALL, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L462] int retValue_acc ; [L465] retValue_acc = methaneLevelCritical [L466] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L785] RET, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L785] tmp = isMethaneLevelCritical() [L787] COND TRUE \read(tmp) [L789] CALL, EXPR isPumpRunning() [L698] int retValue_acc ; [L701] retValue_acc = pumpRunning [L702] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L789] RET, EXPR isPumpRunning() [L789] tmp___0 = isPumpRunning() [L791] COND TRUE \read(tmp___0) [L793] CALL __automaton_fail() [L774] reach_error() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 79 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 2.2s, OverallIterations: 11, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.6s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 348 SdHoareTripleChecker+Valid, 0.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 342 mSDsluCounter, 2576 SdHoareTripleChecker+Invalid, 0.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1736 mSDsCounter, 12 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 312 IncrementalHoareTripleChecker+Invalid, 324 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 12 mSolverCounterUnsat, 840 mSDtfsCounter, 312 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 148 GetRequests, 103 SyntacticMatches, 0 SemanticMatches, 45 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 30 ImplicationChecksByTransitivity, 0.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=270occurred in iteration=9, InterpolantAutomatonStates: 50, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.1s AutomataMinimizationTime, 10 MinimizatonAttempts, 2 StatesRemovedByMinimization, 1 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 0.9s InterpolantComputationTime, 582 NumberOfCodeBlocks, 582 NumberOfCodeBlocksAsserted, 12 NumberOfCheckSat, 490 ConstructedInterpolants, 0 QuantifiedInterpolants, 736 SizeOfPredicates, 0 NumberOfNonLiveVariables, 288 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 11 InterpolantComputations, 10 PerfectInterpolantSequences, 66/72 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-02-05 15:50:58,246 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE