./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec1_product44.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version c00e63dc Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec1_product44.cil.c -s /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash cb53e49317620dbde25b1d7f6fa7078b4950e13e4d138c624b27be1c4ee0f3ad --- Real Ultimate output --- This is Ultimate 0.3.0-?-c00e63d-m [2025-02-05 15:50:55,519 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-02-05 15:50:55,556 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-02-05 15:50:55,560 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-02-05 15:50:55,560 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-02-05 15:50:55,574 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-02-05 15:50:55,575 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-02-05 15:50:55,575 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-02-05 15:50:55,575 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-02-05 15:50:55,575 INFO L153 SettingsManager]: * Use memory slicer=true [2025-02-05 15:50:55,575 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-02-05 15:50:55,575 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-02-05 15:50:55,576 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-02-05 15:50:55,576 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-02-05 15:50:55,576 INFO L153 SettingsManager]: * Use SBE=true [2025-02-05 15:50:55,576 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-02-05 15:50:55,576 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-02-05 15:50:55,576 INFO L153 SettingsManager]: * sizeof long=4 [2025-02-05 15:50:55,576 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-02-05 15:50:55,576 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-02-05 15:50:55,577 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-02-05 15:50:55,577 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-02-05 15:50:55,577 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-02-05 15:50:55,577 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-02-05 15:50:55,577 INFO L153 SettingsManager]: * sizeof long double=12 [2025-02-05 15:50:55,577 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-02-05 15:50:55,577 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-02-05 15:50:55,577 INFO L153 SettingsManager]: * Use constant arrays=true [2025-02-05 15:50:55,577 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-02-05 15:50:55,577 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-02-05 15:50:55,577 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-02-05 15:50:55,578 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-02-05 15:50:55,578 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-02-05 15:50:55,578 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-02-05 15:50:55,578 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-02-05 15:50:55,578 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-02-05 15:50:55,578 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-02-05 15:50:55,578 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-02-05 15:50:55,578 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-02-05 15:50:55,578 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-02-05 15:50:55,578 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-02-05 15:50:55,579 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-02-05 15:50:55,579 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-02-05 15:50:55,579 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> cb53e49317620dbde25b1d7f6fa7078b4950e13e4d138c624b27be1c4ee0f3ad [2025-02-05 15:50:55,802 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-02-05 15:50:55,811 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-02-05 15:50:55,813 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-02-05 15:50:55,814 INFO L270 PluginConnector]: Initializing CDTParser... [2025-02-05 15:50:55,814 INFO L274 PluginConnector]: CDTParser initialized [2025-02-05 15:50:55,815 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec1_product44.cil.c [2025-02-05 15:50:57,094 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/fde0221d0/0a5281c73b794edf85dbc024a5876833/FLAG55daf1816 [2025-02-05 15:50:57,316 INFO L384 CDTParser]: Found 1 translation units. [2025-02-05 15:50:57,317 INFO L180 CDTParser]: Scanning /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product44.cil.c [2025-02-05 15:50:57,328 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/fde0221d0/0a5281c73b794edf85dbc024a5876833/FLAG55daf1816 [2025-02-05 15:50:57,338 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/fde0221d0/0a5281c73b794edf85dbc024a5876833 [2025-02-05 15:50:57,340 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-02-05 15:50:57,341 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-02-05 15:50:57,342 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-02-05 15:50:57,342 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-02-05 15:50:57,345 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-02-05 15:50:57,345 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 05.02 03:50:57" (1/1) ... [2025-02-05 15:50:57,346 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@1441f507 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:57, skipping insertion in model container [2025-02-05 15:50:57,346 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 05.02 03:50:57" (1/1) ... [2025-02-05 15:50:57,363 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-02-05 15:50:57,454 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product44.cil.c[1605,1618] [2025-02-05 15:50:57,517 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-02-05 15:50:57,526 INFO L200 MainTranslator]: Completed pre-run [2025-02-05 15:50:57,532 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [49] [2025-02-05 15:50:57,533 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [58] [2025-02-05 15:50:57,533 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [424] [2025-02-05 15:50:57,533 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [499] [2025-02-05 15:50:57,533 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [701] [2025-02-05 15:50:57,533 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [796] [2025-02-05 15:50:57,533 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [822] [2025-02-05 15:50:57,533 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [860] [2025-02-05 15:50:57,535 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product44.cil.c[1605,1618] [2025-02-05 15:50:57,564 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-02-05 15:50:57,576 INFO L204 MainTranslator]: Completed translation [2025-02-05 15:50:57,576 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:57 WrapperNode [2025-02-05 15:50:57,576 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-02-05 15:50:57,577 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-02-05 15:50:57,577 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-02-05 15:50:57,577 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-02-05 15:50:57,582 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:57" (1/1) ... [2025-02-05 15:50:57,593 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:57" (1/1) ... [2025-02-05 15:50:57,611 INFO L138 Inliner]: procedures = 55, calls = 98, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 188 [2025-02-05 15:50:57,614 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-02-05 15:50:57,614 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-02-05 15:50:57,614 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-02-05 15:50:57,615 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-02-05 15:50:57,620 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:57" (1/1) ... [2025-02-05 15:50:57,621 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:57" (1/1) ... [2025-02-05 15:50:57,627 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:57" (1/1) ... [2025-02-05 15:50:57,642 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-02-05 15:50:57,645 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:57" (1/1) ... [2025-02-05 15:50:57,645 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:57" (1/1) ... [2025-02-05 15:50:57,651 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:57" (1/1) ... [2025-02-05 15:50:57,652 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:57" (1/1) ... [2025-02-05 15:50:57,653 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:57" (1/1) ... [2025-02-05 15:50:57,657 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:57" (1/1) ... [2025-02-05 15:50:57,658 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-02-05 15:50:57,659 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-02-05 15:50:57,659 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-02-05 15:50:57,659 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-02-05 15:50:57,659 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:57" (1/1) ... [2025-02-05 15:50:57,666 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-02-05 15:50:57,675 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-02-05 15:50:57,685 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-02-05 15:50:57,690 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-02-05 15:50:57,705 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-02-05 15:50:57,705 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2025-02-05 15:50:57,705 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2025-02-05 15:50:57,705 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2025-02-05 15:50:57,705 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2025-02-05 15:50:57,705 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-02-05 15:50:57,705 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-02-05 15:50:57,705 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-02-05 15:50:57,705 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-02-05 15:50:57,705 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-02-05 15:50:57,705 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-02-05 15:50:57,705 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-02-05 15:50:57,705 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-02-05 15:50:57,705 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-02-05 15:50:57,705 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-02-05 15:50:57,705 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-02-05 15:50:57,757 INFO L257 CfgBuilder]: Building ICFG [2025-02-05 15:50:57,758 INFO L287 CfgBuilder]: Building CFG for each procedure with an implementation [2025-02-05 15:50:57,785 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L747: #res := ~retValue_acc~6; [2025-02-05 15:50:57,804 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint cleanupFINAL: assume true; [2025-02-05 15:50:57,881 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L611-1: isMethaneAlarm_#res#1 := isMethaneAlarm_~retValue_acc~3#1; [2025-02-05 15:50:57,881 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L793-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~8#1; [2025-02-05 15:50:57,881 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L620-1: isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~4#1; [2025-02-05 15:50:57,881 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L675-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~5#1; [2025-02-05 15:50:57,954 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L857-1: valid_product_#res#1 := valid_product_~retValue_acc~10#1; [2025-02-05 15:50:57,954 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L953-1: main_#res#1 := main_~retValue_acc~11#1; [2025-02-05 15:50:57,981 INFO L? ?]: Removed 40 outVars from TransFormulas that were not future-live. [2025-02-05 15:50:57,982 INFO L308 CfgBuilder]: Performing block encoding [2025-02-05 15:50:57,994 INFO L332 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-02-05 15:50:57,994 INFO L337 CfgBuilder]: Removed 0 assume(true) statements. [2025-02-05 15:50:57,995 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:50:57 BoogieIcfgContainer [2025-02-05 15:50:57,995 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-02-05 15:50:57,996 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-02-05 15:50:57,996 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-02-05 15:50:57,999 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-02-05 15:50:57,999 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 05.02 03:50:57" (1/3) ... [2025-02-05 15:50:58,000 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3537776 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 05.02 03:50:57, skipping insertion in model container [2025-02-05 15:50:58,000 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:50:57" (2/3) ... [2025-02-05 15:50:58,001 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3537776 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 05.02 03:50:58, skipping insertion in model container [2025-02-05 15:50:58,001 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:50:57" (3/3) ... [2025-02-05 15:50:58,002 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product44.cil.c [2025-02-05 15:50:58,015 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-02-05 15:50:58,016 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec1_product44.cil.c that has 7 procedures, 83 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-02-05 15:50:58,070 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-02-05 15:50:58,081 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@7c7fdf58, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-02-05 15:50:58,081 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-02-05 15:50:58,084 INFO L276 IsEmpty]: Start isEmpty. Operand has 82 states, 64 states have (on average 1.359375) internal successors, (87), 70 states have internal predecessors, (87), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2025-02-05 15:50:58,090 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2025-02-05 15:50:58,093 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:58,093 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:58,093 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:58,097 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:58,098 INFO L85 PathProgramCache]: Analyzing trace with hash -758628955, now seen corresponding path program 1 times [2025-02-05 15:50:58,103 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:58,104 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1981450889] [2025-02-05 15:50:58,104 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:58,106 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:58,158 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 23 statements into 1 equivalence classes. [2025-02-05 15:50:58,180 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 23 of 23 statements. [2025-02-05 15:50:58,185 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:58,185 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:58,242 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:58,242 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:58,242 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1981450889] [2025-02-05 15:50:58,242 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1981450889] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:58,242 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:58,243 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2025-02-05 15:50:58,243 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [118202396] [2025-02-05 15:50:58,244 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:58,246 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-02-05 15:50:58,247 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:58,258 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-02-05 15:50:58,259 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-02-05 15:50:58,262 INFO L87 Difference]: Start difference. First operand has 82 states, 64 states have (on average 1.359375) internal successors, (87), 70 states have internal predecessors, (87), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) Second operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:58,284 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:58,286 INFO L93 Difference]: Finished difference Result 148 states and 199 transitions. [2025-02-05 15:50:58,286 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-02-05 15:50:58,287 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2025-02-05 15:50:58,288 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:58,293 INFO L225 Difference]: With dead ends: 148 [2025-02-05 15:50:58,293 INFO L226 Difference]: Without dead ends: 74 [2025-02-05 15:50:58,296 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-02-05 15:50:58,298 INFO L435 NwaCegarLoop]: 100 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 100 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:58,299 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 100 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:58,310 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 74 states. [2025-02-05 15:50:58,325 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 74 to 74. [2025-02-05 15:50:58,327 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 74 states, 58 states have (on average 1.3103448275862069) internal successors, (76), 63 states have internal predecessors, (76), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2025-02-05 15:50:58,334 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 74 states to 74 states and 95 transitions. [2025-02-05 15:50:58,336 INFO L78 Accepts]: Start accepts. Automaton has 74 states and 95 transitions. Word has length 23 [2025-02-05 15:50:58,336 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:58,336 INFO L471 AbstractCegarLoop]: Abstraction has 74 states and 95 transitions. [2025-02-05 15:50:58,336 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:58,336 INFO L276 IsEmpty]: Start isEmpty. Operand 74 states and 95 transitions. [2025-02-05 15:50:58,337 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2025-02-05 15:50:58,337 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:58,337 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:58,337 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-02-05 15:50:58,337 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:58,338 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:58,338 INFO L85 PathProgramCache]: Analyzing trace with hash -699734136, now seen corresponding path program 1 times [2025-02-05 15:50:58,338 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:58,338 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [316357581] [2025-02-05 15:50:58,338 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:58,338 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:58,345 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 24 statements into 1 equivalence classes. [2025-02-05 15:50:58,354 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 24 of 24 statements. [2025-02-05 15:50:58,354 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:58,354 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:58,415 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:58,415 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:58,415 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [316357581] [2025-02-05 15:50:58,415 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [316357581] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:58,416 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:58,416 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-02-05 15:50:58,416 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1769621431] [2025-02-05 15:50:58,416 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:58,417 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:50:58,417 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:58,417 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:50:58,418 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:50:58,418 INFO L87 Difference]: Start difference. First operand 74 states and 95 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:58,428 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:58,429 INFO L93 Difference]: Finished difference Result 110 states and 141 transitions. [2025-02-05 15:50:58,429 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:50:58,429 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2025-02-05 15:50:58,429 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:58,430 INFO L225 Difference]: With dead ends: 110 [2025-02-05 15:50:58,430 INFO L226 Difference]: Without dead ends: 65 [2025-02-05 15:50:58,431 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:50:58,431 INFO L435 NwaCegarLoop]: 82 mSDtfsCounter, 17 mSDsluCounter, 61 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 143 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:58,432 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [20 Valid, 143 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:58,432 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 65 states. [2025-02-05 15:50:58,437 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 65 to 65. [2025-02-05 15:50:58,437 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 65 states, 52 states have (on average 1.3269230769230769) internal successors, (69), 57 states have internal predecessors, (69), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2025-02-05 15:50:58,438 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 65 states to 65 states and 83 transitions. [2025-02-05 15:50:58,438 INFO L78 Accepts]: Start accepts. Automaton has 65 states and 83 transitions. Word has length 24 [2025-02-05 15:50:58,438 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:58,438 INFO L471 AbstractCegarLoop]: Abstraction has 65 states and 83 transitions. [2025-02-05 15:50:58,439 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:58,439 INFO L276 IsEmpty]: Start isEmpty. Operand 65 states and 83 transitions. [2025-02-05 15:50:58,439 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2025-02-05 15:50:58,440 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:58,440 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:58,440 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-02-05 15:50:58,440 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:58,440 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:58,440 INFO L85 PathProgramCache]: Analyzing trace with hash -905503369, now seen corresponding path program 1 times [2025-02-05 15:50:58,440 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:58,441 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1211380247] [2025-02-05 15:50:58,441 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:58,441 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:58,449 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 28 statements into 1 equivalence classes. [2025-02-05 15:50:58,459 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 28 of 28 statements. [2025-02-05 15:50:58,460 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:58,460 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:58,524 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:58,524 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:58,524 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1211380247] [2025-02-05 15:50:58,524 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1211380247] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:58,524 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:58,524 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-02-05 15:50:58,525 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2099701364] [2025-02-05 15:50:58,525 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:58,525 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:50:58,525 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:58,525 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:50:58,525 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:50:58,526 INFO L87 Difference]: Start difference. First operand 65 states and 83 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:58,545 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:58,545 INFO L93 Difference]: Finished difference Result 179 states and 234 transitions. [2025-02-05 15:50:58,545 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:50:58,545 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 28 [2025-02-05 15:50:58,546 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:58,547 INFO L225 Difference]: With dead ends: 179 [2025-02-05 15:50:58,547 INFO L226 Difference]: Without dead ends: 121 [2025-02-05 15:50:58,547 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:50:58,548 INFO L435 NwaCegarLoop]: 97 mSDtfsCounter, 62 mSDsluCounter, 71 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 62 SdHoareTripleChecker+Valid, 168 SdHoareTripleChecker+Invalid, 6 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:58,548 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [62 Valid, 168 Invalid, 6 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:58,548 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 121 states. [2025-02-05 15:50:58,566 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 121 to 116. [2025-02-05 15:50:58,566 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 116 states, 91 states have (on average 1.3516483516483517) internal successors, (123), 100 states have internal predecessors, (123), 14 states have call successors, (14), 10 states have call predecessors, (14), 10 states have return successors, (14), 12 states have call predecessors, (14), 14 states have call successors, (14) [2025-02-05 15:50:58,567 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 116 states to 116 states and 151 transitions. [2025-02-05 15:50:58,567 INFO L78 Accepts]: Start accepts. Automaton has 116 states and 151 transitions. Word has length 28 [2025-02-05 15:50:58,568 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:58,568 INFO L471 AbstractCegarLoop]: Abstraction has 116 states and 151 transitions. [2025-02-05 15:50:58,568 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:58,568 INFO L276 IsEmpty]: Start isEmpty. Operand 116 states and 151 transitions. [2025-02-05 15:50:58,569 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2025-02-05 15:50:58,569 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:58,569 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:58,569 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-02-05 15:50:58,569 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:58,569 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:58,570 INFO L85 PathProgramCache]: Analyzing trace with hash -1563861255, now seen corresponding path program 1 times [2025-02-05 15:50:58,570 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:58,570 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [456205612] [2025-02-05 15:50:58,570 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:58,570 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:58,577 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 31 statements into 1 equivalence classes. [2025-02-05 15:50:58,582 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 31 of 31 statements. [2025-02-05 15:50:58,583 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:58,583 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:58,642 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:50:58,643 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:58,643 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [456205612] [2025-02-05 15:50:58,643 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [456205612] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:58,643 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:58,643 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-02-05 15:50:58,643 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1078958932] [2025-02-05 15:50:58,643 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:58,643 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:50:58,643 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:58,643 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:50:58,643 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:50:58,644 INFO L87 Difference]: Start difference. First operand 116 states and 151 transitions. Second operand has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:58,703 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:58,703 INFO L93 Difference]: Finished difference Result 299 states and 397 transitions. [2025-02-05 15:50:58,703 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:50:58,704 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 31 [2025-02-05 15:50:58,704 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:58,705 INFO L225 Difference]: With dead ends: 299 [2025-02-05 15:50:58,705 INFO L226 Difference]: Without dead ends: 190 [2025-02-05 15:50:58,706 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-02-05 15:50:58,706 INFO L435 NwaCegarLoop]: 77 mSDtfsCounter, 66 mSDsluCounter, 200 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 7 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 66 SdHoareTripleChecker+Valid, 277 SdHoareTripleChecker+Invalid, 32 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 7 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:58,707 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [66 Valid, 277 Invalid, 32 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [7 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:58,707 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 190 states. [2025-02-05 15:50:58,721 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 190 to 190. [2025-02-05 15:50:58,721 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 190 states, 147 states have (on average 1.3197278911564625) internal successors, (194), 160 states have internal predecessors, (194), 22 states have call successors, (22), 20 states have call predecessors, (22), 20 states have return successors, (26), 22 states have call predecessors, (26), 22 states have call successors, (26) [2025-02-05 15:50:58,722 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 190 states to 190 states and 242 transitions. [2025-02-05 15:50:58,723 INFO L78 Accepts]: Start accepts. Automaton has 190 states and 242 transitions. Word has length 31 [2025-02-05 15:50:58,723 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:58,723 INFO L471 AbstractCegarLoop]: Abstraction has 190 states and 242 transitions. [2025-02-05 15:50:58,723 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:50:58,723 INFO L276 IsEmpty]: Start isEmpty. Operand 190 states and 242 transitions. [2025-02-05 15:50:58,724 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2025-02-05 15:50:58,724 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:58,724 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:58,724 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-02-05 15:50:58,724 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:58,725 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:58,725 INFO L85 PathProgramCache]: Analyzing trace with hash -125777809, now seen corresponding path program 1 times [2025-02-05 15:50:58,725 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:58,725 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1382668346] [2025-02-05 15:50:58,725 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:58,725 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:58,732 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 45 statements into 1 equivalence classes. [2025-02-05 15:50:58,736 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 45 of 45 statements. [2025-02-05 15:50:58,737 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:58,737 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:58,799 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-02-05 15:50:58,799 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:58,799 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1382668346] [2025-02-05 15:50:58,800 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1382668346] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:58,800 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:58,800 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-02-05 15:50:58,800 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [637539576] [2025-02-05 15:50:58,800 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:58,800 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:50:58,800 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:58,801 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:50:58,801 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:50:58,801 INFO L87 Difference]: Start difference. First operand 190 states and 242 transitions. Second operand has 5 states, 5 states have (on average 7.6) internal successors, (38), 5 states have internal predecessors, (38), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:58,834 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:58,834 INFO L93 Difference]: Finished difference Result 379 states and 493 transitions. [2025-02-05 15:50:58,835 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:50:58,835 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.6) internal successors, (38), 5 states have internal predecessors, (38), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 45 [2025-02-05 15:50:58,835 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:58,836 INFO L225 Difference]: With dead ends: 379 [2025-02-05 15:50:58,836 INFO L226 Difference]: Without dead ends: 196 [2025-02-05 15:50:58,837 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:50:58,837 INFO L435 NwaCegarLoop]: 80 mSDtfsCounter, 0 mSDsluCounter, 233 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 313 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:58,838 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 313 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:58,838 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 196 states. [2025-02-05 15:50:58,851 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 196 to 196. [2025-02-05 15:50:58,851 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 196 states, 153 states have (on average 1.3071895424836601) internal successors, (200), 166 states have internal predecessors, (200), 22 states have call successors, (22), 20 states have call predecessors, (22), 20 states have return successors, (26), 22 states have call predecessors, (26), 22 states have call successors, (26) [2025-02-05 15:50:58,853 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 196 states to 196 states and 248 transitions. [2025-02-05 15:50:58,853 INFO L78 Accepts]: Start accepts. Automaton has 196 states and 248 transitions. Word has length 45 [2025-02-05 15:50:58,853 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:58,853 INFO L471 AbstractCegarLoop]: Abstraction has 196 states and 248 transitions. [2025-02-05 15:50:58,853 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.6) internal successors, (38), 5 states have internal predecessors, (38), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:58,853 INFO L276 IsEmpty]: Start isEmpty. Operand 196 states and 248 transitions. [2025-02-05 15:50:58,854 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2025-02-05 15:50:58,854 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:58,854 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:58,855 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-02-05 15:50:58,855 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:58,855 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:58,855 INFO L85 PathProgramCache]: Analyzing trace with hash -192784562, now seen corresponding path program 1 times [2025-02-05 15:50:58,855 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:58,855 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1736305526] [2025-02-05 15:50:58,855 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:58,855 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:58,862 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 45 statements into 1 equivalence classes. [2025-02-05 15:50:58,867 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 45 of 45 statements. [2025-02-05 15:50:58,867 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:58,867 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:58,925 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-02-05 15:50:58,926 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:58,926 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1736305526] [2025-02-05 15:50:58,926 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1736305526] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:58,926 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:58,926 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-02-05 15:50:58,926 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1488434281] [2025-02-05 15:50:58,926 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:58,926 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-02-05 15:50:58,927 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:58,927 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-02-05 15:50:58,927 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-02-05 15:50:58,927 INFO L87 Difference]: Start difference. First operand 196 states and 248 transitions. Second operand has 4 states, 4 states have (on average 9.5) internal successors, (38), 4 states have internal predecessors, (38), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:58,968 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:58,968 INFO L93 Difference]: Finished difference Result 389 states and 503 transitions. [2025-02-05 15:50:58,968 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-02-05 15:50:58,969 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 9.5) internal successors, (38), 4 states have internal predecessors, (38), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 45 [2025-02-05 15:50:58,969 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:58,970 INFO L225 Difference]: With dead ends: 389 [2025-02-05 15:50:58,970 INFO L226 Difference]: Without dead ends: 200 [2025-02-05 15:50:58,971 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-02-05 15:50:58,972 INFO L435 NwaCegarLoop]: 81 mSDtfsCounter, 0 mSDsluCounter, 156 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 237 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:58,972 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 237 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:58,973 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 200 states. [2025-02-05 15:50:58,985 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 200 to 200. [2025-02-05 15:50:58,985 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 200 states, 157 states have (on average 1.2993630573248407) internal successors, (204), 170 states have internal predecessors, (204), 22 states have call successors, (22), 20 states have call predecessors, (22), 20 states have return successors, (26), 22 states have call predecessors, (26), 22 states have call successors, (26) [2025-02-05 15:50:58,986 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 200 states to 200 states and 252 transitions. [2025-02-05 15:50:58,987 INFO L78 Accepts]: Start accepts. Automaton has 200 states and 252 transitions. Word has length 45 [2025-02-05 15:50:58,987 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:58,987 INFO L471 AbstractCegarLoop]: Abstraction has 200 states and 252 transitions. [2025-02-05 15:50:58,987 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 9.5) internal successors, (38), 4 states have internal predecessors, (38), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:58,987 INFO L276 IsEmpty]: Start isEmpty. Operand 200 states and 252 transitions. [2025-02-05 15:50:58,988 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2025-02-05 15:50:58,988 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:58,988 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:58,988 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-02-05 15:50:58,988 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:58,989 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:58,989 INFO L85 PathProgramCache]: Analyzing trace with hash -130744948, now seen corresponding path program 1 times [2025-02-05 15:50:58,989 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:58,989 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [85720442] [2025-02-05 15:50:58,989 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:58,989 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:58,996 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 45 statements into 1 equivalence classes. [2025-02-05 15:50:59,001 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 45 of 45 statements. [2025-02-05 15:50:59,001 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:59,001 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:59,061 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-02-05 15:50:59,062 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:59,062 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [85720442] [2025-02-05 15:50:59,062 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [85720442] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:59,062 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:59,062 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-02-05 15:50:59,062 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [855416301] [2025-02-05 15:50:59,062 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:59,062 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:50:59,063 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:59,063 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:50:59,063 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:50:59,063 INFO L87 Difference]: Start difference. First operand 200 states and 252 transitions. Second operand has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:59,089 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:59,090 INFO L93 Difference]: Finished difference Result 477 states and 606 transitions. [2025-02-05 15:50:59,090 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:50:59,090 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 45 [2025-02-05 15:50:59,090 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:59,092 INFO L225 Difference]: With dead ends: 477 [2025-02-05 15:50:59,092 INFO L226 Difference]: Without dead ends: 284 [2025-02-05 15:50:59,093 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:50:59,093 INFO L435 NwaCegarLoop]: 81 mSDtfsCounter, 38 mSDsluCounter, 70 mSDsCounter, 0 mSdLazyCounter, 8 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 38 SdHoareTripleChecker+Valid, 151 SdHoareTripleChecker+Invalid, 9 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 8 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:59,093 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [38 Valid, 151 Invalid, 9 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 8 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:50:59,094 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 284 states. [2025-02-05 15:50:59,113 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 284 to 284. [2025-02-05 15:50:59,113 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 284 states, 223 states have (on average 1.2690582959641257) internal successors, (283), 238 states have internal predecessors, (283), 32 states have call successors, (32), 30 states have call predecessors, (32), 28 states have return successors, (36), 30 states have call predecessors, (36), 32 states have call successors, (36) [2025-02-05 15:50:59,115 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 284 states to 284 states and 351 transitions. [2025-02-05 15:50:59,115 INFO L78 Accepts]: Start accepts. Automaton has 284 states and 351 transitions. Word has length 45 [2025-02-05 15:50:59,116 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:59,116 INFO L471 AbstractCegarLoop]: Abstraction has 284 states and 351 transitions. [2025-02-05 15:50:59,116 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:50:59,116 INFO L276 IsEmpty]: Start isEmpty. Operand 284 states and 351 transitions. [2025-02-05 15:50:59,117 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2025-02-05 15:50:59,117 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:59,117 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:59,117 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-02-05 15:50:59,117 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:59,118 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:59,118 INFO L85 PathProgramCache]: Analyzing trace with hash 594191726, now seen corresponding path program 1 times [2025-02-05 15:50:59,118 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:59,118 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2044226948] [2025-02-05 15:50:59,118 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:59,118 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:59,125 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 49 statements into 1 equivalence classes. [2025-02-05 15:50:59,131 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 49 of 49 statements. [2025-02-05 15:50:59,132 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:59,132 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:59,270 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-02-05 15:50:59,270 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:59,270 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2044226948] [2025-02-05 15:50:59,270 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2044226948] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:59,270 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:59,270 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2025-02-05 15:50:59,271 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1099913604] [2025-02-05 15:50:59,271 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:59,271 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2025-02-05 15:50:59,271 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:59,272 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2025-02-05 15:50:59,272 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=57, Unknown=0, NotChecked=0, Total=72 [2025-02-05 15:50:59,272 INFO L87 Difference]: Start difference. First operand 284 states and 351 transitions. Second operand has 9 states, 9 states have (on average 4.444444444444445) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2025-02-05 15:50:59,473 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:59,473 INFO L93 Difference]: Finished difference Result 818 states and 1046 transitions. [2025-02-05 15:50:59,476 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2025-02-05 15:50:59,476 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 4.444444444444445) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) Word has length 49 [2025-02-05 15:50:59,476 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:59,480 INFO L225 Difference]: With dead ends: 818 [2025-02-05 15:50:59,480 INFO L226 Difference]: Without dead ends: 541 [2025-02-05 15:50:59,481 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=39, Invalid=171, Unknown=0, NotChecked=0, Total=210 [2025-02-05 15:50:59,482 INFO L435 NwaCegarLoop]: 77 mSDtfsCounter, 68 mSDsluCounter, 453 mSDsCounter, 0 mSdLazyCounter, 133 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 70 SdHoareTripleChecker+Valid, 530 SdHoareTripleChecker+Invalid, 137 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 133 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:59,482 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [70 Valid, 530 Invalid, 137 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 133 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-02-05 15:50:59,483 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 541 states. [2025-02-05 15:50:59,527 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 541 to 541. [2025-02-05 15:50:59,528 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 541 states, 420 states have (on average 1.2476190476190476) internal successors, (524), 445 states have internal predecessors, (524), 64 states have call successors, (64), 60 states have call predecessors, (64), 56 states have return successors, (80), 60 states have call predecessors, (80), 64 states have call successors, (80) [2025-02-05 15:50:59,532 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 541 states to 541 states and 668 transitions. [2025-02-05 15:50:59,533 INFO L78 Accepts]: Start accepts. Automaton has 541 states and 668 transitions. Word has length 49 [2025-02-05 15:50:59,533 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:59,533 INFO L471 AbstractCegarLoop]: Abstraction has 541 states and 668 transitions. [2025-02-05 15:50:59,533 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 4.444444444444445) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2025-02-05 15:50:59,533 INFO L276 IsEmpty]: Start isEmpty. Operand 541 states and 668 transitions. [2025-02-05 15:50:59,536 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 80 [2025-02-05 15:50:59,537 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:59,537 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:59,537 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-02-05 15:50:59,537 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:59,537 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:59,537 INFO L85 PathProgramCache]: Analyzing trace with hash 650745866, now seen corresponding path program 1 times [2025-02-05 15:50:59,538 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:59,538 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2006518208] [2025-02-05 15:50:59,538 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:59,538 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:59,547 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 79 statements into 1 equivalence classes. [2025-02-05 15:50:59,552 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 79 of 79 statements. [2025-02-05 15:50:59,552 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:59,552 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:50:59,599 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 15 proven. 0 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2025-02-05 15:50:59,600 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:50:59,600 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2006518208] [2025-02-05 15:50:59,600 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2006518208] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:50:59,600 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:50:59,600 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-02-05 15:50:59,600 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1673341070] [2025-02-05 15:50:59,600 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:50:59,600 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-02-05 15:50:59,600 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:50:59,605 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-02-05 15:50:59,605 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-02-05 15:50:59,605 INFO L87 Difference]: Start difference. First operand 541 states and 668 transitions. Second operand has 4 states, 4 states have (on average 15.5) internal successors, (62), 4 states have internal predecessors, (62), 4 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2025-02-05 15:50:59,731 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:50:59,734 INFO L93 Difference]: Finished difference Result 944 states and 1168 transitions. [2025-02-05 15:50:59,735 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-02-05 15:50:59,735 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 15.5) internal successors, (62), 4 states have internal predecessors, (62), 4 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) Word has length 79 [2025-02-05 15:50:59,735 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:50:59,738 INFO L225 Difference]: With dead ends: 944 [2025-02-05 15:50:59,738 INFO L226 Difference]: Without dead ends: 410 [2025-02-05 15:50:59,744 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-02-05 15:50:59,745 INFO L435 NwaCegarLoop]: 120 mSDtfsCounter, 95 mSDsluCounter, 93 mSDsCounter, 0 mSdLazyCounter, 31 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 95 SdHoareTripleChecker+Valid, 213 SdHoareTripleChecker+Invalid, 35 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 31 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-02-05 15:50:59,749 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [95 Valid, 213 Invalid, 35 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 31 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-02-05 15:50:59,750 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 410 states. [2025-02-05 15:50:59,798 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 410 to 402. [2025-02-05 15:50:59,800 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 402 states, 311 states have (on average 1.2315112540192925) internal successors, (383), 330 states have internal predecessors, (383), 48 states have call successors, (48), 46 states have call predecessors, (48), 42 states have return successors, (58), 44 states have call predecessors, (58), 48 states have call successors, (58) [2025-02-05 15:50:59,805 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 402 states to 402 states and 489 transitions. [2025-02-05 15:50:59,808 INFO L78 Accepts]: Start accepts. Automaton has 402 states and 489 transitions. Word has length 79 [2025-02-05 15:50:59,810 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:50:59,810 INFO L471 AbstractCegarLoop]: Abstraction has 402 states and 489 transitions. [2025-02-05 15:50:59,810 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 15.5) internal successors, (62), 4 states have internal predecessors, (62), 4 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2025-02-05 15:50:59,811 INFO L276 IsEmpty]: Start isEmpty. Operand 402 states and 489 transitions. [2025-02-05 15:50:59,817 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 86 [2025-02-05 15:50:59,818 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:50:59,818 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:50:59,818 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-02-05 15:50:59,818 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:50:59,818 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:50:59,818 INFO L85 PathProgramCache]: Analyzing trace with hash 707597076, now seen corresponding path program 1 times [2025-02-05 15:50:59,819 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:50:59,819 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1867500544] [2025-02-05 15:50:59,819 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:50:59,819 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:50:59,832 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 85 statements into 1 equivalence classes. [2025-02-05 15:50:59,843 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 85 of 85 statements. [2025-02-05 15:50:59,846 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:50:59,846 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:51:00,102 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 18 proven. 6 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2025-02-05 15:51:00,102 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:51:00,102 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1867500544] [2025-02-05 15:51:00,102 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1867500544] provided 0 perfect and 1 imperfect interpolant sequences [2025-02-05 15:51:00,102 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [440861650] [2025-02-05 15:51:00,102 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:51:00,103 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-02-05 15:51:00,103 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-02-05 15:51:00,107 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-02-05 15:51:00,108 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-02-05 15:51:00,172 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 85 statements into 1 equivalence classes. [2025-02-05 15:51:00,213 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 85 of 85 statements. [2025-02-05 15:51:00,213 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:00,213 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:51:00,215 INFO L256 TraceCheckSpWp]: Trace formula consists of 292 conjuncts, 8 conjuncts are in the unsatisfiable core [2025-02-05 15:51:00,223 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-02-05 15:51:00,352 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 22 proven. 0 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2025-02-05 15:51:00,356 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-02-05 15:51:00,357 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [440861650] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:51:00,357 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-02-05 15:51:00,357 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [11] total 16 [2025-02-05 15:51:00,357 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [716109602] [2025-02-05 15:51:00,357 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:51:00,357 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2025-02-05 15:51:00,357 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:51:00,358 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2025-02-05 15:51:00,358 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=38, Invalid=202, Unknown=0, NotChecked=0, Total=240 [2025-02-05 15:51:00,358 INFO L87 Difference]: Start difference. First operand 402 states and 489 transitions. Second operand has 7 states, 7 states have (on average 9.0) internal successors, (63), 6 states have internal predecessors, (63), 3 states have call successors, (8), 3 states have call predecessors, (8), 4 states have return successors, (7), 4 states have call predecessors, (7), 3 states have call successors, (7) [2025-02-05 15:51:00,476 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:51:00,476 INFO L93 Difference]: Finished difference Result 797 states and 971 transitions. [2025-02-05 15:51:00,476 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-02-05 15:51:00,477 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 9.0) internal successors, (63), 6 states have internal predecessors, (63), 3 states have call successors, (8), 3 states have call predecessors, (8), 4 states have return successors, (7), 4 states have call predecessors, (7), 3 states have call successors, (7) Word has length 85 [2025-02-05 15:51:00,477 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:51:00,479 INFO L225 Difference]: With dead ends: 797 [2025-02-05 15:51:00,481 INFO L226 Difference]: Without dead ends: 402 [2025-02-05 15:51:00,482 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 95 GetRequests, 81 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 32 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=38, Invalid=202, Unknown=0, NotChecked=0, Total=240 [2025-02-05 15:51:00,482 INFO L435 NwaCegarLoop]: 143 mSDtfsCounter, 50 mSDsluCounter, 421 mSDsCounter, 0 mSdLazyCounter, 97 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 51 SdHoareTripleChecker+Valid, 564 SdHoareTripleChecker+Invalid, 98 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 97 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-02-05 15:51:00,483 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [51 Valid, 564 Invalid, 98 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 97 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-02-05 15:51:00,484 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 402 states. [2025-02-05 15:51:00,517 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 402 to 402. [2025-02-05 15:51:00,518 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 402 states, 311 states have (on average 1.212218649517685) internal successors, (377), 330 states have internal predecessors, (377), 48 states have call successors, (48), 46 states have call predecessors, (48), 42 states have return successors, (51), 44 states have call predecessors, (51), 48 states have call successors, (51) [2025-02-05 15:51:00,520 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 402 states to 402 states and 476 transitions. [2025-02-05 15:51:00,521 INFO L78 Accepts]: Start accepts. Automaton has 402 states and 476 transitions. Word has length 85 [2025-02-05 15:51:00,522 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:51:00,522 INFO L471 AbstractCegarLoop]: Abstraction has 402 states and 476 transitions. [2025-02-05 15:51:00,522 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 9.0) internal successors, (63), 6 states have internal predecessors, (63), 3 states have call successors, (8), 3 states have call predecessors, (8), 4 states have return successors, (7), 4 states have call predecessors, (7), 3 states have call successors, (7) [2025-02-05 15:51:00,522 INFO L276 IsEmpty]: Start isEmpty. Operand 402 states and 476 transitions. [2025-02-05 15:51:00,525 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 82 [2025-02-05 15:51:00,527 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:51:00,528 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:51:00,535 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2025-02-05 15:51:00,728 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2025-02-05 15:51:00,729 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:51:00,729 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:51:00,729 INFO L85 PathProgramCache]: Analyzing trace with hash -1966239853, now seen corresponding path program 1 times [2025-02-05 15:51:00,729 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:51:00,732 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [393155719] [2025-02-05 15:51:00,732 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:51:00,732 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:51:00,757 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 81 statements into 1 equivalence classes. [2025-02-05 15:51:00,768 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 81 of 81 statements. [2025-02-05 15:51:00,768 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:00,768 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-02-05 15:51:00,768 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-02-05 15:51:00,772 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 81 statements into 1 equivalence classes. [2025-02-05 15:51:00,784 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 81 of 81 statements. [2025-02-05 15:51:00,784 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:00,784 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-02-05 15:51:00,800 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-02-05 15:51:00,800 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-02-05 15:51:00,801 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-02-05 15:51:00,802 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2025-02-05 15:51:00,803 INFO L422 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:51:00,835 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-02-05 15:51:00,837 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 05.02 03:51:00 BoogieIcfgContainer [2025-02-05 15:51:00,837 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-02-05 15:51:00,838 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-02-05 15:51:00,838 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-02-05 15:51:00,838 INFO L274 PluginConnector]: Witness Printer initialized [2025-02-05 15:51:00,838 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:50:57" (3/4) ... [2025-02-05 15:51:00,839 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-02-05 15:51:00,896 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 69. [2025-02-05 15:51:00,951 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-02-05 15:51:00,951 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.yml [2025-02-05 15:51:00,951 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-02-05 15:51:00,952 INFO L158 Benchmark]: Toolchain (without parser) took 3611.03ms. Allocated memory is still 142.6MB. Free memory was 111.2MB in the beginning and 90.9MB in the end (delta: 20.3MB). Peak memory consumption was 19.0MB. Max. memory is 16.1GB. [2025-02-05 15:51:00,952 INFO L158 Benchmark]: CDTParser took 0.82ms. Allocated memory is still 201.3MB. Free memory is still 124.7MB. There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:51:00,952 INFO L158 Benchmark]: CACSL2BoogieTranslator took 234.64ms. Allocated memory is still 142.6MB. Free memory was 110.7MB in the beginning and 92.6MB in the end (delta: 18.1MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-02-05 15:51:00,952 INFO L158 Benchmark]: Boogie Procedure Inliner took 36.87ms. Allocated memory is still 142.6MB. Free memory was 92.6MB in the beginning and 90.7MB in the end (delta: 1.9MB). There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:51:00,952 INFO L158 Benchmark]: Boogie Preprocessor took 44.14ms. Allocated memory is still 142.6MB. Free memory was 90.7MB in the beginning and 89.1MB in the end (delta: 1.5MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-02-05 15:51:00,953 INFO L158 Benchmark]: IcfgBuilder took 335.96ms. Allocated memory is still 142.6MB. Free memory was 89.1MB in the beginning and 71.4MB in the end (delta: 17.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-02-05 15:51:00,953 INFO L158 Benchmark]: TraceAbstraction took 2841.20ms. Allocated memory is still 142.6MB. Free memory was 70.9MB in the beginning and 102.0MB in the end (delta: -31.1MB). There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:51:00,953 INFO L158 Benchmark]: Witness Printer took 113.58ms. Allocated memory is still 142.6MB. Free memory was 102.0MB in the beginning and 90.9MB in the end (delta: 11.1MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-02-05 15:51:00,954 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.82ms. Allocated memory is still 201.3MB. Free memory is still 124.7MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 234.64ms. Allocated memory is still 142.6MB. Free memory was 110.7MB in the beginning and 92.6MB in the end (delta: 18.1MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 36.87ms. Allocated memory is still 142.6MB. Free memory was 92.6MB in the beginning and 90.7MB in the end (delta: 1.9MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 44.14ms. Allocated memory is still 142.6MB. Free memory was 90.7MB in the beginning and 89.1MB in the end (delta: 1.5MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * IcfgBuilder took 335.96ms. Allocated memory is still 142.6MB. Free memory was 89.1MB in the beginning and 71.4MB in the end (delta: 17.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 2841.20ms. Allocated memory is still 142.6MB. Free memory was 70.9MB in the beginning and 102.0MB in the end (delta: -31.1MB). There was no memory consumed. Max. memory is 16.1GB. * Witness Printer took 113.58ms. Allocated memory is still 142.6MB. Free memory was 102.0MB in the beginning and 90.9MB in the end (delta: 11.1MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [49] - GenericResultAtLocation [Line: 58]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [58] - GenericResultAtLocation [Line: 424]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [424] - GenericResultAtLocation [Line: 499]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [499] - GenericResultAtLocation [Line: 701]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [701] - GenericResultAtLocation [Line: 796]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [796] - GenericResultAtLocation [Line: 822]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [822] - GenericResultAtLocation [Line: 860]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [860] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 54]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L228] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; [L508] int pumpRunning = 0; [L509] int systemActive = 1; [L703] int waterLevel = 1; [L704] int methaneLevelCritical = 0; [L861] int cleanupTimeShifts = 4; VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L934] int retValue_acc ; [L935] int tmp ; [L939] FCALL select_helpers() [L940] FCALL select_features() [L941] CALL, EXPR valid_product() [L852] int retValue_acc ; [L855] retValue_acc = 1 [L856] return (retValue_acc); VAL [\result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L941] RET, EXPR valid_product() [L941] tmp = valid_product() [L943] COND TRUE \read(tmp) [L945] FCALL setup() [L946] CALL runTest() [L928] CALL test() [L432] int splverifierCounter ; [L433] int tmp ; [L434] int tmp___0 ; [L435] int tmp___1 ; [L436] int tmp___2 ; [L439] splverifierCounter = 0 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L441] COND TRUE 1 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L443] COND TRUE splverifierCounter < 4 [L449] tmp = __VERIFIER_nondet_int() [L451] COND TRUE \read(tmp) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L453] CALL waterRise() VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L721] COND TRUE waterLevel < 2 [L722] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L453] RET waterRise() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L459] tmp___0 = __VERIFIER_nondet_int() [L461] COND FALSE !(\read(tmp___0)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L469] tmp___2 = __VERIFIER_nondet_int() [L471] COND FALSE !(\read(tmp___2)) [L477] tmp___1 = __VERIFIER_nondet_int() [L479] COND FALSE !(\read(tmp___1)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L488] CALL timeShift() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L516] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L523] COND TRUE \read(systemActive) [L525] CALL processEnvironment() [L545] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L548] COND TRUE ! pumpRunning [L550] CALL, EXPR isHighWaterLevel() [L660] int retValue_acc ; [L661] int tmp ; [L662] int tmp___0 ; [L666] CALL, EXPR isHighWaterSensorDry() [L783] int retValue_acc ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L786] COND FALSE !(waterLevel < 2) [L790] retValue_acc = 0 [L791] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L666] RET, EXPR isHighWaterSensorDry() [L666] tmp = isHighWaterSensorDry() [L668] COND FALSE !(\read(tmp)) [L671] tmp___0 = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L673] retValue_acc = tmp___0 [L674] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L550] RET, EXPR isHighWaterLevel() [L550] tmp = isHighWaterLevel() [L552] COND TRUE \read(tmp) [L554] CALL activatePump() [L579] int tmp ; [L583] CALL, EXPR isMethaneAlarm() [L604] int retValue_acc ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L608] CALL, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L742] int retValue_acc ; [L745] retValue_acc = methaneLevelCritical [L746] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L608] RET, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L608] retValue_acc = isMethaneLevelCritical() [L610] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L583] RET, EXPR isMethaneAlarm() [L583] tmp = isMethaneAlarm() [L585] COND FALSE !(\read(tmp)) [L589] CALL activatePump__wrappee__highWaterSensor() [L573] pumpRunning = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L589] RET activatePump__wrappee__highWaterSensor() [L554] RET activatePump() [L525] RET processEnvironment() [L531] CALL __utac_acc__Specification1_spec__1() [L798] int tmp ; [L799] int tmp___0 ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L803] CALL, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L742] int retValue_acc ; [L745] retValue_acc = methaneLevelCritical [L746] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L803] RET, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L803] tmp = isMethaneLevelCritical() [L805] COND FALSE !(\read(tmp)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L531] RET __utac_acc__Specification1_spec__1() [L488] RET timeShift() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L441] COND TRUE 1 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L443] COND TRUE splverifierCounter < 4 [L449] tmp = __VERIFIER_nondet_int() [L451] COND FALSE !(\read(tmp)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L459] tmp___0 = __VERIFIER_nondet_int() [L461] COND TRUE \read(tmp___0) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L463] CALL changeMethaneLevel() VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L733] COND FALSE !(\read(methaneLevelCritical)) [L736] methaneLevelCritical = 1 VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L463] RET changeMethaneLevel() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L469] tmp___2 = __VERIFIER_nondet_int() [L471] COND FALSE !(\read(tmp___2)) [L477] tmp___1 = __VERIFIER_nondet_int() [L479] COND FALSE !(\read(tmp___1)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L488] CALL timeShift() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L516] COND TRUE \read(pumpRunning) [L518] CALL lowerWaterLevel() [L709] COND TRUE waterLevel > 0 [L710] waterLevel = waterLevel - 1 VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L518] RET lowerWaterLevel() [L523] COND TRUE \read(systemActive) [L525] CALL processEnvironment() [L545] int tmp ; VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L548] COND FALSE !(! pumpRunning) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L563] FCALL processEnvironment__wrappee__base() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L525] RET processEnvironment() [L531] CALL __utac_acc__Specification1_spec__1() [L798] int tmp ; [L799] int tmp___0 ; VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L803] CALL, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L742] int retValue_acc ; [L745] retValue_acc = methaneLevelCritical [L746] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L803] RET, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L803] tmp = isMethaneLevelCritical() [L805] COND TRUE \read(tmp) [L807] CALL, EXPR isPumpRunning() [L615] int retValue_acc ; [L618] retValue_acc = pumpRunning [L619] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L807] RET, EXPR isPumpRunning() [L807] tmp___0 = isPumpRunning() [L809] COND TRUE \read(tmp___0) [L811] CALL __automaton_fail() [L54] reach_error() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 83 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 2.8s, OverallIterations: 11, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.8s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 402 SdHoareTripleChecker+Valid, 0.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 396 mSDsluCounter, 2696 SdHoareTripleChecker+Invalid, 0.3s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1758 mSDsCounter, 19 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 328 IncrementalHoareTripleChecker+Invalid, 347 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 19 mSolverCounterUnsat, 938 mSDtfsCounter, 328 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 143 GetRequests, 101 SyntacticMatches, 0 SemanticMatches, 42 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 48 ImplicationChecksByTransitivity, 0.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=541occurred in iteration=8, InterpolantAutomatonStates: 49, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 10 MinimizatonAttempts, 13 StatesRemovedByMinimization, 2 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.0s InterpolantComputationTime, 620 NumberOfCodeBlocks, 620 NumberOfCodeBlocksAsserted, 12 NumberOfCheckSat, 528 ConstructedInterpolants, 0 QuantifiedInterpolants, 904 SizeOfPredicates, 0 NumberOfNonLiveVariables, 292 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 11 InterpolantComputations, 10 PerfectInterpolantSequences, 90/96 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-02-05 15:51:00,966 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE