./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec1_product43.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version c00e63dc Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec1_product43.cil.c -s /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 01b43f7e7ecd5c44c6b49183e9415dee9518d36285d69624307f5a03549da1bb --- Real Ultimate output --- This is Ultimate 0.3.0-?-c00e63d-m [2025-02-05 15:50:53,571 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-02-05 15:50:53,607 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-02-05 15:50:53,611 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-02-05 15:50:53,611 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-02-05 15:50:53,627 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-02-05 15:50:53,627 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-02-05 15:50:53,627 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-02-05 15:50:53,627 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-02-05 15:50:53,627 INFO L153 SettingsManager]: * Use memory slicer=true [2025-02-05 15:50:53,627 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-02-05 15:50:53,627 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-02-05 15:50:53,628 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-02-05 15:50:53,628 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-02-05 15:50:53,628 INFO L153 SettingsManager]: * Use SBE=true [2025-02-05 15:50:53,628 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-02-05 15:50:53,628 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-02-05 15:50:53,628 INFO L153 SettingsManager]: * sizeof long=4 [2025-02-05 15:50:53,628 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-02-05 15:50:53,628 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-02-05 15:50:53,628 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-02-05 15:50:53,628 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-02-05 15:50:53,628 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-02-05 15:50:53,628 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-02-05 15:50:53,628 INFO L153 SettingsManager]: * sizeof long double=12 [2025-02-05 15:50:53,628 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-02-05 15:50:53,628 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-02-05 15:50:53,628 INFO L153 SettingsManager]: * Use constant arrays=true [2025-02-05 15:50:53,629 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-02-05 15:50:53,629 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-02-05 15:50:53,629 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-02-05 15:50:53,629 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-02-05 15:50:53,629 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-02-05 15:50:53,629 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-02-05 15:50:53,629 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-02-05 15:50:53,629 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-02-05 15:50:53,629 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-02-05 15:50:53,629 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-02-05 15:50:53,629 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-02-05 15:50:53,629 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-02-05 15:50:53,629 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-02-05 15:50:53,629 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-02-05 15:50:53,629 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-02-05 15:50:53,629 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 01b43f7e7ecd5c44c6b49183e9415dee9518d36285d69624307f5a03549da1bb [2025-02-05 15:50:53,865 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-02-05 15:50:53,872 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-02-05 15:50:53,874 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-02-05 15:50:53,874 INFO L270 PluginConnector]: Initializing CDTParser... [2025-02-05 15:50:53,875 INFO L274 PluginConnector]: CDTParser initialized [2025-02-05 15:50:53,876 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec1_product43.cil.c [2025-02-05 15:50:55,076 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/1eb605007/63e5539fa2d046f9bd18ad013307253a/FLAG72bb40e57 [2025-02-05 15:50:55,330 INFO L384 CDTParser]: Found 1 translation units. [2025-02-05 15:50:55,331 INFO L180 CDTParser]: Scanning /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product43.cil.c [2025-02-05 15:50:55,344 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/1eb605007/63e5539fa2d046f9bd18ad013307253a/FLAG72bb40e57 [2025-02-05 15:50:55,362 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/1eb605007/63e5539fa2d046f9bd18ad013307253a [2025-02-05 15:50:55,364 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-02-05 15:50:55,365 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-02-05 15:50:55,367 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-02-05 15:50:55,367 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-02-05 15:50:55,373 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-02-05 15:50:55,373 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,374 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@7c299b37 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55, skipping insertion in model container [2025-02-05 15:50:55,374 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,405 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-02-05 15:50:55,553 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product43.cil.c[6381,6394] [2025-02-05 15:50:55,594 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-02-05 15:50:55,601 INFO L200 MainTranslator]: Completed pre-run [2025-02-05 15:50:55,607 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2025-02-05 15:50:55,608 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [150] [2025-02-05 15:50:55,608 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [342] [2025-02-05 15:50:55,608 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [410] [2025-02-05 15:50:55,608 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [419] [2025-02-05 15:50:55,608 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [445] [2025-02-05 15:50:55,608 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [544] [2025-02-05 15:50:55,608 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [910] [2025-02-05 15:50:55,632 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product43.cil.c[6381,6394] [2025-02-05 15:50:55,673 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-02-05 15:50:55,692 INFO L204 MainTranslator]: Completed translation [2025-02-05 15:50:55,694 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55 WrapperNode [2025-02-05 15:50:55,694 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-02-05 15:50:55,695 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-02-05 15:50:55,695 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-02-05 15:50:55,695 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-02-05 15:50:55,703 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,714 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,736 INFO L138 Inliner]: procedures = 54, calls = 97, calls flagged for inlining = 23, calls inlined = 20, statements flattened = 185 [2025-02-05 15:50:55,738 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-02-05 15:50:55,739 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-02-05 15:50:55,739 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-02-05 15:50:55,739 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-02-05 15:50:55,746 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,747 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,751 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,769 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-02-05 15:50:55,769 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,769 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,777 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,778 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,778 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,781 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,782 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-02-05 15:50:55,783 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-02-05 15:50:55,783 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-02-05 15:50:55,783 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-02-05 15:50:55,784 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (1/1) ... [2025-02-05 15:50:55,789 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-02-05 15:50:55,799 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-02-05 15:50:55,811 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-02-05 15:50:55,813 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-02-05 15:50:55,832 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-02-05 15:50:55,832 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2025-02-05 15:50:55,832 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2025-02-05 15:50:55,832 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-02-05 15:50:55,832 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-02-05 15:50:55,832 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-02-05 15:50:55,832 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-02-05 15:50:55,832 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2025-02-05 15:50:55,832 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2025-02-05 15:50:55,832 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-02-05 15:50:55,832 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-02-05 15:50:55,832 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-02-05 15:50:55,832 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-02-05 15:50:55,832 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-02-05 15:50:55,832 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-02-05 15:50:55,832 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-02-05 15:50:55,895 INFO L257 CfgBuilder]: Building ICFG [2025-02-05 15:50:55,897 INFO L287 CfgBuilder]: Building CFG for each procedure with an implementation [2025-02-05 15:50:55,959 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint cleanupFINAL: assume true; [2025-02-05 15:50:56,012 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L147-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~2#1; [2025-02-05 15:50:56,012 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L260-1: isMethaneAlarm_#res#1 := isMethaneAlarm_~retValue_acc~3#1; [2025-02-05 15:50:56,012 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L269-1: isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~4#1; [2025-02-05 15:50:56,012 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L324-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~5#1; [2025-02-05 15:50:56,015 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L101: #res := ~retValue_acc~0; [2025-02-05 15:50:56,085 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L541-1: main_#res#1 := main_~retValue_acc~6#1; [2025-02-05 15:50:56,086 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L942-1: valid_product_#res#1 := valid_product_~retValue_acc~11#1; [2025-02-05 15:50:56,102 INFO L? ?]: Removed 40 outVars from TransFormulas that were not future-live. [2025-02-05 15:50:56,102 INFO L308 CfgBuilder]: Performing block encoding [2025-02-05 15:50:56,113 INFO L332 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-02-05 15:50:56,114 INFO L337 CfgBuilder]: Removed 0 assume(true) statements. [2025-02-05 15:50:56,114 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:50:56 BoogieIcfgContainer [2025-02-05 15:50:56,114 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-02-05 15:50:56,118 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-02-05 15:50:56,118 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-02-05 15:50:56,122 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-02-05 15:50:56,122 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 05.02 03:50:55" (1/3) ... [2025-02-05 15:50:56,122 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@45ffebe7 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 05.02 03:50:56, skipping insertion in model container [2025-02-05 15:50:56,122 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:55" (2/3) ... [2025-02-05 15:50:56,123 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@45ffebe7 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 05.02 03:50:56, skipping insertion in model container [2025-02-05 15:50:56,123 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:50:56" (3/3) ... [2025-02-05 15:50:56,123 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product43.cil.c [2025-02-05 15:50:56,133 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-02-05 15:50:56,134 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec1_product43.cil.c that has 7 procedures, 82 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-02-05 15:50:56,172 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-02-05 15:50:56,179 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@fe6ea2c, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-02-05 15:50:56,180 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-02-05 15:50:56,184 INFO L276 IsEmpty]: Start isEmpty. Operand has 81 states, 63 states have (on average 1.3650793650793651) internal successors, (86), 69 states have internal predecessors, (86), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2025-02-05 15:50:56,189 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2025-02-05 15:50:56,190 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:56,190 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:56,190 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:56,195 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:56,196 INFO L85 PathProgramCache]: Analyzing trace with hash -1024102652, now seen corresponding path program 1 times [2025-02-05 15:50:56,200 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:56,201 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1537388609] [2025-02-05 15:50:56,201 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:56,201 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:56,262 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 23 statements into 1 equivalence classes. [2025-02-05 15:50:56,281 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 23 of 23 statements. [2025-02-05 15:50:56,281 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:56,282 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:56,338 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:56,338 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:56,338 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1537388609] [2025-02-05 15:50:56,339 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1537388609] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:56,339 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:56,339 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2025-02-05 15:50:56,341 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [340260714] [2025-02-05 15:50:56,342 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:56,344 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-02-05 15:50:56,345 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:56,358 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-02-05 15:50:56,358 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-02-05 15:50:56,360 INFO L87 Difference]: Start difference. First operand has 81 states, 63 states have (on average 1.3650793650793651) internal successors, (86), 69 states have internal predecessors, (86), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) Second operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:56,384 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:56,385 INFO L93 Difference]: Finished difference Result 146 states and 197 transitions. [2025-02-05 15:50:56,385 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-02-05 15:50:56,387 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2025-02-05 15:50:56,387 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:56,394 INFO L225 Difference]: With dead ends: 146 [2025-02-05 15:50:56,394 INFO L226 Difference]: Without dead ends: 73 [2025-02-05 15:50:56,399 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-02-05 15:50:56,401 INFO L435 NwaCegarLoop]: 99 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 99 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:56,401 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 99 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:56,412 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 73 states. [2025-02-05 15:50:56,424 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 73 to 73. [2025-02-05 15:50:56,425 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 73 states, 57 states have (on average 1.3157894736842106) internal successors, (75), 62 states have internal predecessors, (75), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2025-02-05 15:50:56,427 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 73 states to 73 states and 94 transitions. [2025-02-05 15:50:56,428 INFO L78 Accepts]: Start accepts. Automaton has 73 states and 94 transitions. Word has length 23 [2025-02-05 15:50:56,428 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:56,429 INFO L471 AbstractCegarLoop]: Abstraction has 73 states and 94 transitions. [2025-02-05 15:50:56,429 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:56,429 INFO L276 IsEmpty]: Start isEmpty. Operand 73 states and 94 transitions. [2025-02-05 15:50:56,430 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2025-02-05 15:50:56,430 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:56,430 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:56,430 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-02-05 15:50:56,430 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:56,431 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:56,431 INFO L85 PathProgramCache]: Analyzing trace with hash -831194327, now seen corresponding path program 1 times [2025-02-05 15:50:56,431 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:56,431 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [835165447] [2025-02-05 15:50:56,431 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:56,431 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:56,440 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 24 statements into 1 equivalence classes. [2025-02-05 15:50:56,453 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 24 of 24 statements. [2025-02-05 15:50:56,453 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:56,453 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:56,506 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:56,506 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:56,506 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [835165447] [2025-02-05 15:50:56,506 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [835165447] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:56,506 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:56,506 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-02-05 15:50:56,506 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1432488999] [2025-02-05 15:50:56,506 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:56,507 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:50:56,507 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:56,508 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:50:56,508 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:50:56,510 INFO L87 Difference]: Start difference. First operand 73 states and 94 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:56,519 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:56,519 INFO L93 Difference]: Finished difference Result 109 states and 140 transitions. [2025-02-05 15:50:56,519 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:50:56,519 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2025-02-05 15:50:56,519 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:56,520 INFO L225 Difference]: With dead ends: 109 [2025-02-05 15:50:56,520 INFO L226 Difference]: Without dead ends: 64 [2025-02-05 15:50:56,520 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:50:56,521 INFO L435 NwaCegarLoop]: 81 mSDtfsCounter, 16 mSDsluCounter, 61 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 19 SdHoareTripleChecker+Valid, 142 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:56,521 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [19 Valid, 142 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:56,521 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 64 states. [2025-02-05 15:50:56,524 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 64 to 64. [2025-02-05 15:50:56,525 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 64 states, 51 states have (on average 1.3333333333333333) internal successors, (68), 56 states have internal predecessors, (68), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2025-02-05 15:50:56,525 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 64 states to 64 states and 82 transitions. [2025-02-05 15:50:56,525 INFO L78 Accepts]: Start accepts. Automaton has 64 states and 82 transitions. Word has length 24 [2025-02-05 15:50:56,525 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:56,526 INFO L471 AbstractCegarLoop]: Abstraction has 64 states and 82 transitions. [2025-02-05 15:50:56,526 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:56,526 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 82 transitions. [2025-02-05 15:50:56,526 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2025-02-05 15:50:56,526 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:56,526 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:56,526 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-02-05 15:50:56,526 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:56,527 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:56,527 INFO L85 PathProgramCache]: Analyzing trace with hash 213067380, now seen corresponding path program 1 times [2025-02-05 15:50:56,527 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:56,527 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1260727543] [2025-02-05 15:50:56,527 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:56,527 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:56,533 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 27 statements into 1 equivalence classes. [2025-02-05 15:50:56,539 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 27 of 27 statements. [2025-02-05 15:50:56,539 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:56,539 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:56,685 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:56,686 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:56,686 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1260727543] [2025-02-05 15:50:56,686 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1260727543] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:56,686 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:56,686 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-02-05 15:50:56,686 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [319536106] [2025-02-05 15:50:56,686 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:56,686 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-02-05 15:50:56,686 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:56,687 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-02-05 15:50:56,687 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2025-02-05 15:50:56,687 INFO L87 Difference]: Start difference. First operand 64 states and 82 transitions. Second operand has 6 states, 6 states have (on average 4.0) internal successors, (24), 6 states have internal predecessors, (24), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:56,841 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:56,841 INFO L93 Difference]: Finished difference Result 215 states and 283 transitions. [2025-02-05 15:50:56,843 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2025-02-05 15:50:56,843 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.0) internal successors, (24), 6 states have internal predecessors, (24), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 27 [2025-02-05 15:50:56,844 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:56,845 INFO L225 Difference]: With dead ends: 215 [2025-02-05 15:50:56,845 INFO L226 Difference]: Without dead ends: 158 [2025-02-05 15:50:56,845 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=20, Invalid=36, Unknown=0, NotChecked=0, Total=56 [2025-02-05 15:50:56,846 INFO L435 NwaCegarLoop]: 94 mSDtfsCounter, 190 mSDsluCounter, 256 mSDsCounter, 0 mSdLazyCounter, 62 mSolverCounterSat, 14 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 190 SdHoareTripleChecker+Valid, 350 SdHoareTripleChecker+Invalid, 76 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 14 IncrementalHoareTripleChecker+Valid, 62 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:56,846 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [190 Valid, 350 Invalid, 76 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [14 Valid, 62 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-02-05 15:50:56,849 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 158 states. [2025-02-05 15:50:56,871 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 158 to 148. [2025-02-05 15:50:56,872 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 148 states, 115 states have (on average 1.3652173913043477) internal successors, (157), 126 states have internal predecessors, (157), 18 states have call successors, (18), 14 states have call predecessors, (18), 14 states have return successors, (19), 16 states have call predecessors, (19), 18 states have call successors, (19) [2025-02-05 15:50:56,874 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 148 states to 148 states and 194 transitions. [2025-02-05 15:50:56,877 INFO L78 Accepts]: Start accepts. Automaton has 148 states and 194 transitions. Word has length 27 [2025-02-05 15:50:56,877 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:56,877 INFO L471 AbstractCegarLoop]: Abstraction has 148 states and 194 transitions. [2025-02-05 15:50:56,877 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.0) internal successors, (24), 6 states have internal predecessors, (24), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:56,877 INFO L276 IsEmpty]: Start isEmpty. Operand 148 states and 194 transitions. [2025-02-05 15:50:56,878 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2025-02-05 15:50:56,878 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:56,878 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:56,878 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-02-05 15:50:56,878 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:56,879 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:56,879 INFO L85 PathProgramCache]: Analyzing trace with hash 1814579480, now seen corresponding path program 1 times [2025-02-05 15:50:56,879 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:56,879 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1755440908] [2025-02-05 15:50:56,879 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:56,879 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:56,888 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 31 statements into 1 equivalence classes. [2025-02-05 15:50:56,897 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 31 of 31 statements. [2025-02-05 15:50:56,897 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:56,897 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:56,948 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:56,949 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:56,949 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1755440908] [2025-02-05 15:50:56,949 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1755440908] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:56,949 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:56,949 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-02-05 15:50:56,950 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [533145000] [2025-02-05 15:50:56,950 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:56,950 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:50:56,951 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:56,951 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:50:56,951 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:50:56,952 INFO L87 Difference]: Start difference. First operand 148 states and 194 transitions. Second operand has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:57,007 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:57,008 INFO L93 Difference]: Finished difference Result 360 states and 481 transitions. [2025-02-05 15:50:57,008 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:50:57,008 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 31 [2025-02-05 15:50:57,008 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:57,010 INFO L225 Difference]: With dead ends: 360 [2025-02-05 15:50:57,010 INFO L226 Difference]: Without dead ends: 219 [2025-02-05 15:50:57,011 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-02-05 15:50:57,011 INFO L435 NwaCegarLoop]: 76 mSDtfsCounter, 65 mSDsluCounter, 196 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 7 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 65 SdHoareTripleChecker+Valid, 272 SdHoareTripleChecker+Invalid, 32 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 7 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:57,011 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [65 Valid, 272 Invalid, 32 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [7 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:57,012 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 219 states. [2025-02-05 15:50:57,040 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 219 to 219. [2025-02-05 15:50:57,041 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 219 states, 168 states have (on average 1.3154761904761905) internal successors, (221), 183 states have internal predecessors, (221), 26 states have call successors, (26), 24 states have call predecessors, (26), 24 states have return successors, (32), 26 states have call predecessors, (32), 26 states have call successors, (32) [2025-02-05 15:50:57,046 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 219 states to 219 states and 279 transitions. [2025-02-05 15:50:57,047 INFO L78 Accepts]: Start accepts. Automaton has 219 states and 279 transitions. Word has length 31 [2025-02-05 15:50:57,047 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:57,047 INFO L471 AbstractCegarLoop]: Abstraction has 219 states and 279 transitions. [2025-02-05 15:50:57,047 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:57,047 INFO L276 IsEmpty]: Start isEmpty. Operand 219 states and 279 transitions. [2025-02-05 15:50:57,048 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2025-02-05 15:50:57,048 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:57,048 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:57,048 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-02-05 15:50:57,048 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:57,049 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:57,049 INFO L85 PathProgramCache]: Analyzing trace with hash 265241871, now seen corresponding path program 1 times [2025-02-05 15:50:57,049 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:57,049 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1544408058] [2025-02-05 15:50:57,049 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:57,049 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:57,055 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 44 statements into 1 equivalence classes. [2025-02-05 15:50:57,059 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 44 of 44 statements. [2025-02-05 15:50:57,059 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:57,059 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:57,116 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-02-05 15:50:57,116 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:57,116 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1544408058] [2025-02-05 15:50:57,117 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1544408058] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:57,117 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:57,117 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-02-05 15:50:57,117 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1139864794] [2025-02-05 15:50:57,117 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:57,117 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:50:57,117 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:57,117 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:50:57,117 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:50:57,118 INFO L87 Difference]: Start difference. First operand 219 states and 279 transitions. Second operand has 5 states, 5 states have (on average 7.4) internal successors, (37), 5 states have internal predecessors, (37), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:57,145 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:57,145 INFO L93 Difference]: Finished difference Result 437 states and 569 transitions. [2025-02-05 15:50:57,146 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:50:57,146 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.4) internal successors, (37), 5 states have internal predecessors, (37), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 44 [2025-02-05 15:50:57,146 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:57,147 INFO L225 Difference]: With dead ends: 437 [2025-02-05 15:50:57,147 INFO L226 Difference]: Without dead ends: 225 [2025-02-05 15:50:57,148 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:50:57,151 INFO L435 NwaCegarLoop]: 79 mSDtfsCounter, 0 mSDsluCounter, 230 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 309 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:57,151 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 309 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:57,152 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 225 states. [2025-02-05 15:50:57,172 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 225 to 225. [2025-02-05 15:50:57,173 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 225 states, 174 states have (on average 1.3045977011494252) internal successors, (227), 189 states have internal predecessors, (227), 26 states have call successors, (26), 24 states have call predecessors, (26), 24 states have return successors, (32), 26 states have call predecessors, (32), 26 states have call successors, (32) [2025-02-05 15:50:57,174 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 225 states to 225 states and 285 transitions. [2025-02-05 15:50:57,174 INFO L78 Accepts]: Start accepts. Automaton has 225 states and 285 transitions. Word has length 44 [2025-02-05 15:50:57,174 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:57,174 INFO L471 AbstractCegarLoop]: Abstraction has 225 states and 285 transitions. [2025-02-05 15:50:57,175 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.4) internal successors, (37), 5 states have internal predecessors, (37), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:57,175 INFO L276 IsEmpty]: Start isEmpty. Operand 225 states and 285 transitions. [2025-02-05 15:50:57,176 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2025-02-05 15:50:57,176 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:57,176 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:57,176 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-02-05 15:50:57,176 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:57,176 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:57,176 INFO L85 PathProgramCache]: Analyzing trace with hash 198235118, now seen corresponding path program 1 times [2025-02-05 15:50:57,176 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:57,176 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2033510084] [2025-02-05 15:50:57,176 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:57,177 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:57,187 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 44 statements into 1 equivalence classes. [2025-02-05 15:50:57,194 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 44 of 44 statements. [2025-02-05 15:50:57,194 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:57,194 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:57,257 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-02-05 15:50:57,258 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:57,258 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2033510084] [2025-02-05 15:50:57,258 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2033510084] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:57,258 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:57,258 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-02-05 15:50:57,258 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1531858594] [2025-02-05 15:50:57,259 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:57,259 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-02-05 15:50:57,259 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:57,259 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-02-05 15:50:57,260 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-02-05 15:50:57,260 INFO L87 Difference]: Start difference. First operand 225 states and 285 transitions. Second operand has 4 states, 4 states have (on average 9.25) internal successors, (37), 4 states have internal predecessors, (37), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:57,288 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:57,289 INFO L93 Difference]: Finished difference Result 447 states and 579 transitions. [2025-02-05 15:50:57,289 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-02-05 15:50:57,289 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 9.25) internal successors, (37), 4 states have internal predecessors, (37), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 44 [2025-02-05 15:50:57,291 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:57,292 INFO L225 Difference]: With dead ends: 447 [2025-02-05 15:50:57,292 INFO L226 Difference]: Without dead ends: 229 [2025-02-05 15:50:57,293 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-02-05 15:50:57,293 INFO L435 NwaCegarLoop]: 80 mSDtfsCounter, 0 mSDsluCounter, 154 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 234 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:57,293 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 234 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:57,294 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 229 states. [2025-02-05 15:50:57,306 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 229 to 229. [2025-02-05 15:50:57,307 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 229 states, 178 states have (on average 1.297752808988764) internal successors, (231), 193 states have internal predecessors, (231), 26 states have call successors, (26), 24 states have call predecessors, (26), 24 states have return successors, (32), 26 states have call predecessors, (32), 26 states have call successors, (32) [2025-02-05 15:50:57,308 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 229 states to 229 states and 289 transitions. [2025-02-05 15:50:57,308 INFO L78 Accepts]: Start accepts. Automaton has 229 states and 289 transitions. Word has length 44 [2025-02-05 15:50:57,308 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:57,308 INFO L471 AbstractCegarLoop]: Abstraction has 229 states and 289 transitions. [2025-02-05 15:50:57,308 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 9.25) internal successors, (37), 4 states have internal predecessors, (37), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:57,309 INFO L276 IsEmpty]: Start isEmpty. Operand 229 states and 289 transitions. [2025-02-05 15:50:57,309 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2025-02-05 15:50:57,309 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:57,313 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:57,313 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-02-05 15:50:57,313 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:57,314 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:57,314 INFO L85 PathProgramCache]: Analyzing trace with hash 260274732, now seen corresponding path program 1 times [2025-02-05 15:50:57,314 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:57,314 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [605306110] [2025-02-05 15:50:57,314 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:57,314 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:57,322 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 44 statements into 1 equivalence classes. [2025-02-05 15:50:57,328 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 44 of 44 statements. [2025-02-05 15:50:57,329 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:57,329 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:57,395 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-02-05 15:50:57,395 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:57,395 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [605306110] [2025-02-05 15:50:57,395 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [605306110] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:57,395 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:57,395 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-02-05 15:50:57,395 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [273436423] [2025-02-05 15:50:57,395 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:57,396 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:50:57,396 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:57,396 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:50:57,397 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:50:57,398 INFO L87 Difference]: Start difference. First operand 229 states and 289 transitions. Second operand has 3 states, 3 states have (on average 12.333333333333334) internal successors, (37), 3 states have internal predecessors, (37), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:57,424 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:57,425 INFO L93 Difference]: Finished difference Result 563 states and 720 transitions. [2025-02-05 15:50:57,426 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:50:57,426 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 12.333333333333334) internal successors, (37), 3 states have internal predecessors, (37), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 44 [2025-02-05 15:50:57,426 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:57,428 INFO L225 Difference]: With dead ends: 563 [2025-02-05 15:50:57,429 INFO L226 Difference]: Without dead ends: 341 [2025-02-05 15:50:57,430 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:50:57,431 INFO L435 NwaCegarLoop]: 80 mSDtfsCounter, 38 mSDsluCounter, 69 mSDsCounter, 0 mSdLazyCounter, 8 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 38 SdHoareTripleChecker+Valid, 149 SdHoareTripleChecker+Invalid, 9 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 8 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:57,431 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [38 Valid, 149 Invalid, 9 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 8 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:57,433 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 341 states. [2025-02-05 15:50:57,453 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 341 to 341. [2025-02-05 15:50:57,454 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 341 states, 265 states have (on average 1.271698113207547) internal successors, (337), 283 states have internal predecessors, (337), 40 states have call successors, (40), 38 states have call predecessors, (40), 35 states have return successors, (47), 37 states have call predecessors, (47), 40 states have call successors, (47) [2025-02-05 15:50:57,456 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 341 states to 341 states and 424 transitions. [2025-02-05 15:50:57,457 INFO L78 Accepts]: Start accepts. Automaton has 341 states and 424 transitions. Word has length 44 [2025-02-05 15:50:57,457 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:57,457 INFO L471 AbstractCegarLoop]: Abstraction has 341 states and 424 transitions. [2025-02-05 15:50:57,457 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 12.333333333333334) internal successors, (37), 3 states have internal predecessors, (37), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:57,457 INFO L276 IsEmpty]: Start isEmpty. Operand 341 states and 424 transitions. [2025-02-05 15:50:57,459 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 49 [2025-02-05 15:50:57,459 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:57,459 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:57,461 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-02-05 15:50:57,461 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:57,461 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:57,461 INFO L85 PathProgramCache]: Analyzing trace with hash 170794378, now seen corresponding path program 1 times [2025-02-05 15:50:57,461 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:57,461 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [64657785] [2025-02-05 15:50:57,461 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:57,461 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:57,467 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 48 statements into 1 equivalence classes. [2025-02-05 15:50:57,473 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 48 of 48 statements. [2025-02-05 15:50:57,473 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:57,473 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:57,557 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2025-02-05 15:50:57,557 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:57,557 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [64657785] [2025-02-05 15:50:57,557 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [64657785] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:57,557 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:57,557 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-02-05 15:50:57,558 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [530404274] [2025-02-05 15:50:57,558 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:57,558 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-02-05 15:50:57,558 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:57,558 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-02-05 15:50:57,558 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-02-05 15:50:57,559 INFO L87 Difference]: Start difference. First operand 341 states and 424 transitions. Second operand has 6 states, 6 states have (on average 6.833333333333333) internal successors, (41), 5 states have internal predecessors, (41), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2025-02-05 15:50:57,667 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:57,670 INFO L93 Difference]: Finished difference Result 991 states and 1270 transitions. [2025-02-05 15:50:57,670 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-02-05 15:50:57,671 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.833333333333333) internal successors, (41), 5 states have internal predecessors, (41), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 48 [2025-02-05 15:50:57,671 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:57,674 INFO L225 Difference]: With dead ends: 991 [2025-02-05 15:50:57,674 INFO L226 Difference]: Without dead ends: 657 [2025-02-05 15:50:57,674 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2025-02-05 15:50:57,675 INFO L435 NwaCegarLoop]: 80 mSDtfsCounter, 42 mSDsluCounter, 284 mSDsCounter, 0 mSdLazyCounter, 42 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 43 SdHoareTripleChecker+Valid, 364 SdHoareTripleChecker+Invalid, 46 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 42 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:57,675 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [43 Valid, 364 Invalid, 46 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 42 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:57,678 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 657 states. [2025-02-05 15:50:57,712 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 657 to 657. [2025-02-05 15:50:57,713 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 657 states, 506 states have (on average 1.2490118577075098) internal successors, (632), 541 states have internal predecessors, (632), 80 states have call successors, (80), 76 states have call predecessors, (80), 70 states have return successors, (102), 74 states have call predecessors, (102), 80 states have call successors, (102) [2025-02-05 15:50:57,719 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 657 states to 657 states and 814 transitions. [2025-02-05 15:50:57,719 INFO L78 Accepts]: Start accepts. Automaton has 657 states and 814 transitions. Word has length 48 [2025-02-05 15:50:57,719 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:57,719 INFO L471 AbstractCegarLoop]: Abstraction has 657 states and 814 transitions. [2025-02-05 15:50:57,720 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.833333333333333) internal successors, (41), 5 states have internal predecessors, (41), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2025-02-05 15:50:57,720 INFO L276 IsEmpty]: Start isEmpty. Operand 657 states and 814 transitions. [2025-02-05 15:50:57,721 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2025-02-05 15:50:57,721 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:57,721 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:57,721 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-02-05 15:50:57,721 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:57,721 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:57,722 INFO L85 PathProgramCache]: Analyzing trace with hash 818149673, now seen corresponding path program 1 times [2025-02-05 15:50:57,722 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:57,722 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1603376891] [2025-02-05 15:50:57,722 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:57,722 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:57,730 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 52 statements into 1 equivalence classes. [2025-02-05 15:50:57,736 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 52 of 52 statements. [2025-02-05 15:50:57,736 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:57,736 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:57,818 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2025-02-05 15:50:57,818 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:57,818 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1603376891] [2025-02-05 15:50:57,818 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1603376891] provided 0 perfect and 1 imperfect interpolant sequences [2025-02-05 15:50:57,818 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1493542646] [2025-02-05 15:50:57,818 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:57,818 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-02-05 15:50:57,819 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-02-05 15:50:57,821 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-02-05 15:50:57,829 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-02-05 15:50:57,866 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 52 statements into 1 equivalence classes. [2025-02-05 15:50:57,891 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 52 of 52 statements. [2025-02-05 15:50:57,891 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:57,891 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:57,893 INFO L256 TraceCheckSpWp]: Trace formula consists of 217 conjuncts, 8 conjuncts are in the unsatisfiable core [2025-02-05 15:50:57,896 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-02-05 15:50:58,001 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 3 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:58,001 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-02-05 15:50:58,002 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1493542646] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:58,002 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-02-05 15:50:58,002 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [7] total 12 [2025-02-05 15:50:58,002 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [997910239] [2025-02-05 15:50:58,002 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:58,002 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2025-02-05 15:50:58,002 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:58,003 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2025-02-05 15:50:58,003 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=26, Invalid=106, Unknown=0, NotChecked=0, Total=132 [2025-02-05 15:50:58,003 INFO L87 Difference]: Start difference. First operand 657 states and 814 transitions. Second operand has 7 states, 7 states have (on average 6.142857142857143) internal successors, (43), 6 states have internal predecessors, (43), 3 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (4), 4 states have call predecessors, (4), 3 states have call successors, (4) [2025-02-05 15:50:58,115 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:58,115 INFO L93 Difference]: Finished difference Result 1303 states and 1619 transitions. [2025-02-05 15:50:58,116 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-02-05 15:50:58,116 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.142857142857143) internal successors, (43), 6 states have internal predecessors, (43), 3 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (4), 4 states have call predecessors, (4), 3 states have call successors, (4) Word has length 52 [2025-02-05 15:50:58,116 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:58,119 INFO L225 Difference]: With dead ends: 1303 [2025-02-05 15:50:58,119 INFO L226 Difference]: Without dead ends: 653 [2025-02-05 15:50:58,121 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 61 GetRequests, 48 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 13 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=38, Invalid=172, Unknown=0, NotChecked=0, Total=210 [2025-02-05 15:50:58,122 INFO L435 NwaCegarLoop]: 142 mSDtfsCounter, 52 mSDsluCounter, 607 mSDsCounter, 0 mSdLazyCounter, 57 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 54 SdHoareTripleChecker+Valid, 749 SdHoareTripleChecker+Invalid, 58 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 57 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:58,122 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [54 Valid, 749 Invalid, 58 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 57 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-02-05 15:50:58,123 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 653 states. [2025-02-05 15:50:58,157 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 653 to 653. [2025-02-05 15:50:58,159 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 653 states, 502 states have (on average 1.2310756972111554) internal successors, (618), 535 states have internal predecessors, (618), 80 states have call successors, (80), 76 states have call predecessors, (80), 70 states have return successors, (91), 74 states have call predecessors, (91), 80 states have call successors, (91) [2025-02-05 15:50:58,162 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 653 states to 653 states and 789 transitions. [2025-02-05 15:50:58,163 INFO L78 Accepts]: Start accepts. Automaton has 653 states and 789 transitions. Word has length 52 [2025-02-05 15:50:58,163 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:58,163 INFO L471 AbstractCegarLoop]: Abstraction has 653 states and 789 transitions. [2025-02-05 15:50:58,163 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.142857142857143) internal successors, (43), 6 states have internal predecessors, (43), 3 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (4), 4 states have call predecessors, (4), 3 states have call successors, (4) [2025-02-05 15:50:58,163 INFO L276 IsEmpty]: Start isEmpty. Operand 653 states and 789 transitions. [2025-02-05 15:50:58,166 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 80 [2025-02-05 15:50:58,166 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:58,167 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:58,174 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2025-02-05 15:50:58,371 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,2 /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-02-05 15:50:58,371 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:58,371 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:58,371 INFO L85 PathProgramCache]: Analyzing trace with hash -935716311, now seen corresponding path program 1 times [2025-02-05 15:50:58,371 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:58,371 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1139759753] [2025-02-05 15:50:58,372 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:58,372 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:58,378 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 79 statements into 1 equivalence classes. [2025-02-05 15:50:58,384 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 79 of 79 statements. [2025-02-05 15:50:58,384 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:58,384 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-02-05 15:50:58,384 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-02-05 15:50:58,386 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 79 statements into 1 equivalence classes. [2025-02-05 15:50:58,394 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 79 of 79 statements. [2025-02-05 15:50:58,395 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:58,395 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-02-05 15:50:58,417 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-02-05 15:50:58,417 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-02-05 15:50:58,418 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-02-05 15:50:58,419 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2025-02-05 15:50:58,421 INFO L422 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:58,466 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-02-05 15:50:58,468 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 05.02 03:50:58 BoogieIcfgContainer [2025-02-05 15:50:58,469 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-02-05 15:50:58,469 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-02-05 15:50:58,469 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-02-05 15:50:58,469 INFO L274 PluginConnector]: Witness Printer initialized [2025-02-05 15:50:58,470 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:50:56" (3/4) ... [2025-02-05 15:50:58,470 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-02-05 15:50:58,539 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 67. [2025-02-05 15:50:58,605 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-02-05 15:50:58,605 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.yml [2025-02-05 15:50:58,605 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-02-05 15:50:58,610 INFO L158 Benchmark]: Toolchain (without parser) took 3240.46ms. Allocated memory is still 142.6MB. Free memory was 112.2MB in the beginning and 53.6MB in the end (delta: 58.6MB). Peak memory consumption was 54.1MB. Max. memory is 16.1GB. [2025-02-05 15:50:58,610 INFO L158 Benchmark]: CDTParser took 0.22ms. Allocated memory is still 201.3MB. Free memory is still 123.5MB. There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:50:58,610 INFO L158 Benchmark]: CACSL2BoogieTranslator took 327.67ms. Allocated memory is still 142.6MB. Free memory was 111.8MB in the beginning and 93.5MB in the end (delta: 18.2MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-02-05 15:50:58,611 INFO L158 Benchmark]: Boogie Procedure Inliner took 43.71ms. Allocated memory is still 142.6MB. Free memory was 93.5MB in the beginning and 91.7MB in the end (delta: 1.8MB). There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:50:58,611 INFO L158 Benchmark]: Boogie Preprocessor took 43.36ms. Allocated memory is still 142.6MB. Free memory was 91.7MB in the beginning and 90.1MB in the end (delta: 1.6MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-02-05 15:50:58,611 INFO L158 Benchmark]: IcfgBuilder took 331.50ms. Allocated memory is still 142.6MB. Free memory was 90.1MB in the beginning and 72.9MB in the end (delta: 17.2MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-02-05 15:50:58,611 INFO L158 Benchmark]: TraceAbstraction took 2351.13ms. Allocated memory is still 142.6MB. Free memory was 72.5MB in the beginning and 64.0MB in the end (delta: 8.4MB). Peak memory consumption was 3.8MB. Max. memory is 16.1GB. [2025-02-05 15:50:58,611 INFO L158 Benchmark]: Witness Printer took 135.78ms. Allocated memory is still 142.6MB. Free memory was 64.0MB in the beginning and 53.6MB in the end (delta: 10.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-02-05 15:50:58,612 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.22ms. Allocated memory is still 201.3MB. Free memory is still 123.5MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 327.67ms. Allocated memory is still 142.6MB. Free memory was 111.8MB in the beginning and 93.5MB in the end (delta: 18.2MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 43.71ms. Allocated memory is still 142.6MB. Free memory was 93.5MB in the beginning and 91.7MB in the end (delta: 1.8MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 43.36ms. Allocated memory is still 142.6MB. Free memory was 91.7MB in the beginning and 90.1MB in the end (delta: 1.6MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * IcfgBuilder took 331.50ms. Allocated memory is still 142.6MB. Free memory was 90.1MB in the beginning and 72.9MB in the end (delta: 17.2MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 2351.13ms. Allocated memory is still 142.6MB. Free memory was 72.5MB in the beginning and 64.0MB in the end (delta: 8.4MB). Peak memory consumption was 3.8MB. Max. memory is 16.1GB. * Witness Printer took 135.78ms. Allocated memory is still 142.6MB. Free memory was 64.0MB in the beginning and 53.6MB in the end (delta: 10.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 150]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [150] - GenericResultAtLocation [Line: 342]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [342] - GenericResultAtLocation [Line: 410]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [410] - GenericResultAtLocation [Line: 419]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [419] - GenericResultAtLocation [Line: 445]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [445] - GenericResultAtLocation [Line: 544]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [544] - GenericResultAtLocation [Line: 910]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [910] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 415]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L57] int waterLevel = 1; [L58] int methaneLevelCritical = 0; [L157] int pumpRunning = 0; [L158] int systemActive = 1; [L446] int cleanupTimeShifts = 4; [L714] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L522] int retValue_acc ; [L523] int tmp ; [L527] FCALL select_helpers() [L528] FCALL select_features() [L529] CALL, EXPR valid_product() [L937] int retValue_acc ; [L940] retValue_acc = 1 [L941] return (retValue_acc); VAL [\result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L529] RET, EXPR valid_product() [L529] tmp = valid_product() [L531] COND TRUE \read(tmp) [L533] FCALL setup() [L534] CALL runTest() [L513] CALL test() [L345] int splverifierCounter ; [L346] int tmp ; [L347] int tmp___0 ; [L348] int tmp___1 ; [L349] int tmp___2 ; [L352] splverifierCounter = 0 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L354] COND TRUE 1 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L356] COND TRUE splverifierCounter < 4 [L362] tmp = __VERIFIER_nondet_int() [L364] COND TRUE \read(tmp) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L366] CALL waterRise() VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L75] COND TRUE waterLevel < 2 [L76] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L366] RET waterRise() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L372] tmp___0 = __VERIFIER_nondet_int() [L374] COND FALSE !(\read(tmp___0)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L382] tmp___2 = __VERIFIER_nondet_int() [L384] COND TRUE \read(tmp___2) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L399] CALL timeShift() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L165] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L172] COND TRUE \read(systemActive) [L174] CALL processEnvironment() [L194] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L197] COND TRUE ! pumpRunning [L199] CALL, EXPR isHighWaterLevel() [L309] int retValue_acc ; [L310] int tmp ; [L311] int tmp___0 ; [L315] CALL, EXPR isHighWaterSensorDry() [L137] int retValue_acc ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L140] COND FALSE !(waterLevel < 2) [L144] retValue_acc = 0 [L145] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L315] RET, EXPR isHighWaterSensorDry() [L315] tmp = isHighWaterSensorDry() [L317] COND FALSE !(\read(tmp)) [L320] tmp___0 = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L322] retValue_acc = tmp___0 [L323] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L199] RET, EXPR isHighWaterLevel() [L199] tmp = isHighWaterLevel() [L201] COND TRUE \read(tmp) [L203] CALL activatePump() [L228] int tmp ; [L232] CALL, EXPR isMethaneAlarm() [L253] int retValue_acc ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L257] CALL, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L96] int retValue_acc ; [L99] retValue_acc = methaneLevelCritical [L100] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L257] RET, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L257] retValue_acc = isMethaneLevelCritical() [L259] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L232] RET, EXPR isMethaneAlarm() [L232] tmp = isMethaneAlarm() [L234] COND FALSE !(\read(tmp)) [L238] CALL activatePump__wrappee__highWaterSensor() [L222] pumpRunning = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L238] RET activatePump__wrappee__highWaterSensor() [L203] RET activatePump() [L174] RET processEnvironment() [L180] CALL __utac_acc__Specification1_spec__1() [L421] int tmp ; [L422] int tmp___0 ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L426] CALL, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L96] int retValue_acc ; [L99] retValue_acc = methaneLevelCritical [L100] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L426] RET, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L426] tmp = isMethaneLevelCritical() [L428] COND FALSE !(\read(tmp)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L180] RET __utac_acc__Specification1_spec__1() [L399] RET timeShift() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L354] COND TRUE 1 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L356] COND TRUE splverifierCounter < 4 [L362] tmp = __VERIFIER_nondet_int() [L364] COND FALSE !(\read(tmp)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L372] tmp___0 = __VERIFIER_nondet_int() [L374] COND TRUE \read(tmp___0) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L376] CALL changeMethaneLevel() VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L87] COND FALSE !(\read(methaneLevelCritical)) [L90] methaneLevelCritical = 1 VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L376] RET changeMethaneLevel() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L382] tmp___2 = __VERIFIER_nondet_int() [L384] COND TRUE \read(tmp___2) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L399] CALL timeShift() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L165] COND TRUE \read(pumpRunning) [L167] CALL lowerWaterLevel() [L63] COND TRUE waterLevel > 0 [L64] waterLevel = waterLevel - 1 VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L167] RET lowerWaterLevel() [L172] COND TRUE \read(systemActive) [L174] CALL processEnvironment() [L194] int tmp ; VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L197] COND FALSE !(! pumpRunning) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L212] FCALL processEnvironment__wrappee__base() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L174] RET processEnvironment() [L180] CALL __utac_acc__Specification1_spec__1() [L421] int tmp ; [L422] int tmp___0 ; VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L426] CALL, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L96] int retValue_acc ; [L99] retValue_acc = methaneLevelCritical [L100] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L426] RET, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L426] tmp = isMethaneLevelCritical() [L428] COND TRUE \read(tmp) [L430] CALL, EXPR isPumpRunning() [L264] int retValue_acc ; [L267] retValue_acc = pumpRunning [L268] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L430] RET, EXPR isPumpRunning() [L430] tmp___0 = isPumpRunning() [L432] COND TRUE \read(tmp___0) [L434] CALL __automaton_fail() [L415] reach_error() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 82 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 2.3s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.6s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 409 SdHoareTripleChecker+Valid, 0.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 403 mSDsluCounter, 2668 SdHoareTripleChecker+Invalid, 0.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1857 mSDsCounter, 27 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 224 IncrementalHoareTripleChecker+Invalid, 251 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 27 mSolverCounterUnsat, 811 mSDtfsCounter, 224 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 103 GetRequests, 65 SyntacticMatches, 0 SemanticMatches, 38 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 18 ImplicationChecksByTransitivity, 0.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=657occurred in iteration=8, InterpolantAutomatonStates: 42, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 9 MinimizatonAttempts, 10 StatesRemovedByMinimization, 1 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 0.8s InterpolantComputationTime, 468 NumberOfCodeBlocks, 468 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 379 ConstructedInterpolants, 0 QuantifiedInterpolants, 660 SizeOfPredicates, 1 NumberOfNonLiveVariables, 217 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 10 InterpolantComputations, 9 PerfectInterpolantSequences, 16/18 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-02-05 15:50:58,629 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE