./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec2_product33.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version c00e63dc Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec2_product33.cil.c -s /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 6e02099a7691e56a2269c7f6adf0fcb5caba1ee7f52ae5d6ac320766d29d8d07 --- Real Ultimate output --- This is Ultimate 0.3.0-?-c00e63d-m [2025-02-05 15:51:35,095 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-02-05 15:51:35,155 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-02-05 15:51:35,158 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-02-05 15:51:35,158 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-02-05 15:51:35,175 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-02-05 15:51:35,176 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-02-05 15:51:35,176 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-02-05 15:51:35,176 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-02-05 15:51:35,176 INFO L153 SettingsManager]: * Use memory slicer=true [2025-02-05 15:51:35,176 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-02-05 15:51:35,176 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-02-05 15:51:35,176 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-02-05 15:51:35,177 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-02-05 15:51:35,177 INFO L153 SettingsManager]: * Use SBE=true [2025-02-05 15:51:35,177 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-02-05 15:51:35,177 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-02-05 15:51:35,178 INFO L153 SettingsManager]: * sizeof long=4 [2025-02-05 15:51:35,178 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-02-05 15:51:35,178 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-02-05 15:51:35,178 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-02-05 15:51:35,178 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-02-05 15:51:35,178 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-02-05 15:51:35,178 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-02-05 15:51:35,178 INFO L153 SettingsManager]: * sizeof long double=12 [2025-02-05 15:51:35,178 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-02-05 15:51:35,178 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-02-05 15:51:35,178 INFO L153 SettingsManager]: * Use constant arrays=true [2025-02-05 15:51:35,178 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-02-05 15:51:35,178 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-02-05 15:51:35,178 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-02-05 15:51:35,178 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-02-05 15:51:35,178 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-02-05 15:51:35,178 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-02-05 15:51:35,178 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-02-05 15:51:35,179 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-02-05 15:51:35,179 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-02-05 15:51:35,179 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-02-05 15:51:35,179 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-02-05 15:51:35,179 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-02-05 15:51:35,179 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-02-05 15:51:35,179 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-02-05 15:51:35,179 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-02-05 15:51:35,180 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 6e02099a7691e56a2269c7f6adf0fcb5caba1ee7f52ae5d6ac320766d29d8d07 [2025-02-05 15:51:35,346 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-02-05 15:51:35,354 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-02-05 15:51:35,355 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-02-05 15:51:35,356 INFO L270 PluginConnector]: Initializing CDTParser... [2025-02-05 15:51:35,356 INFO L274 PluginConnector]: CDTParser initialized [2025-02-05 15:51:35,357 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec2_product33.cil.c [2025-02-05 15:51:36,550 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/cc18914de/2137c8e7b5cb41789f3d802c4dfa13f0/FLAG621b771fd [2025-02-05 15:51:36,823 INFO L384 CDTParser]: Found 1 translation units. [2025-02-05 15:51:36,824 INFO L180 CDTParser]: Scanning /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product33.cil.c [2025-02-05 15:51:36,833 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/cc18914de/2137c8e7b5cb41789f3d802c4dfa13f0/FLAG621b771fd [2025-02-05 15:51:37,113 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/cc18914de/2137c8e7b5cb41789f3d802c4dfa13f0 [2025-02-05 15:51:37,115 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-02-05 15:51:37,116 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-02-05 15:51:37,117 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-02-05 15:51:37,117 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-02-05 15:51:37,120 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-02-05 15:51:37,121 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 05.02 03:51:37" (1/1) ... [2025-02-05 15:51:37,121 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@37eaf57a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:37, skipping insertion in model container [2025-02-05 15:51:37,122 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 05.02 03:51:37" (1/1) ... [2025-02-05 15:51:37,152 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-02-05 15:51:37,306 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product33.cil.c[4842,4855] [2025-02-05 15:51:37,389 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-02-05 15:51:37,401 INFO L200 MainTranslator]: Completed pre-run [2025-02-05 15:51:37,408 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [49] [2025-02-05 15:51:37,410 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [87] [2025-02-05 15:51:37,410 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [188] [2025-02-05 15:51:37,410 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [289] [2025-02-05 15:51:37,410 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [298] [2025-02-05 15:51:37,410 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [454] [2025-02-05 15:51:37,410 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [519] [2025-02-05 15:51:37,411 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification2_spec.i","") [885] [2025-02-05 15:51:37,419 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product33.cil.c[4842,4855] [2025-02-05 15:51:37,441 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-02-05 15:51:37,462 INFO L204 MainTranslator]: Completed translation [2025-02-05 15:51:37,463 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:37 WrapperNode [2025-02-05 15:51:37,463 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-02-05 15:51:37,464 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-02-05 15:51:37,464 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-02-05 15:51:37,465 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-02-05 15:51:37,469 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:37" (1/1) ... [2025-02-05 15:51:37,482 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:37" (1/1) ... [2025-02-05 15:51:37,497 INFO L138 Inliner]: procedures = 53, calls = 94, calls flagged for inlining = 20, calls inlined = 17, statements flattened = 169 [2025-02-05 15:51:37,497 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-02-05 15:51:37,498 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-02-05 15:51:37,498 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-02-05 15:51:37,498 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-02-05 15:51:37,504 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:37" (1/1) ... [2025-02-05 15:51:37,504 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:37" (1/1) ... [2025-02-05 15:51:37,510 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:37" (1/1) ... [2025-02-05 15:51:37,526 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-02-05 15:51:37,530 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:37" (1/1) ... [2025-02-05 15:51:37,530 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:37" (1/1) ... [2025-02-05 15:51:37,533 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:37" (1/1) ... [2025-02-05 15:51:37,534 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:37" (1/1) ... [2025-02-05 15:51:37,534 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:37" (1/1) ... [2025-02-05 15:51:37,535 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:37" (1/1) ... [2025-02-05 15:51:37,536 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-02-05 15:51:37,536 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-02-05 15:51:37,537 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-02-05 15:51:37,537 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-02-05 15:51:37,537 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:37" (1/1) ... [2025-02-05 15:51:37,545 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-02-05 15:51:37,556 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-02-05 15:51:37,567 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-02-05 15:51:37,576 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-02-05 15:51:37,596 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-02-05 15:51:37,597 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2025-02-05 15:51:37,597 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2025-02-05 15:51:37,597 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-02-05 15:51:37,597 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-02-05 15:51:37,597 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-02-05 15:51:37,597 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-02-05 15:51:37,597 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2025-02-05 15:51:37,597 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2025-02-05 15:51:37,597 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-02-05 15:51:37,597 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-02-05 15:51:37,598 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-02-05 15:51:37,598 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-02-05 15:51:37,598 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-02-05 15:51:37,598 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-02-05 15:51:37,598 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-02-05 15:51:37,658 INFO L257 CfgBuilder]: Building ICFG [2025-02-05 15:51:37,660 INFO L287 CfgBuilder]: Building CFG for each procedure with an implementation [2025-02-05 15:51:37,784 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L451-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~8#1; [2025-02-05 15:51:37,785 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L185-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~4#1; [2025-02-05 15:51:37,785 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L396-1: isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; [2025-02-05 15:51:37,802 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint cleanupFINAL: assume true; [2025-02-05 15:51:37,804 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L139: #res := ~retValue_acc~2; [2025-02-05 15:51:37,850 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L286-1: main_#res#1 := main_~retValue_acc~5#1; [2025-02-05 15:51:37,851 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L84-1: valid_product_#res#1 := valid_product_~retValue_acc~1#1; [2025-02-05 15:51:37,871 INFO L? ?]: Removed 36 outVars from TransFormulas that were not future-live. [2025-02-05 15:51:37,872 INFO L308 CfgBuilder]: Performing block encoding [2025-02-05 15:51:37,878 INFO L332 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-02-05 15:51:37,879 INFO L337 CfgBuilder]: Removed 0 assume(true) statements. [2025-02-05 15:51:37,879 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:51:37 BoogieIcfgContainer [2025-02-05 15:51:37,880 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-02-05 15:51:37,885 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-02-05 15:51:37,885 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-02-05 15:51:37,888 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-02-05 15:51:37,888 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 05.02 03:51:37" (1/3) ... [2025-02-05 15:51:37,889 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@35bd0874 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 05.02 03:51:37, skipping insertion in model container [2025-02-05 15:51:37,889 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:37" (2/3) ... [2025-02-05 15:51:37,889 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@35bd0874 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 05.02 03:51:37, skipping insertion in model container [2025-02-05 15:51:37,889 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:51:37" (3/3) ... [2025-02-05 15:51:37,890 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec2_product33.cil.c [2025-02-05 15:51:37,902 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-02-05 15:51:37,903 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec2_product33.cil.c that has 7 procedures, 75 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-02-05 15:51:37,951 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-02-05 15:51:37,961 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@7c7e6463, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-02-05 15:51:37,961 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-02-05 15:51:37,964 INFO L276 IsEmpty]: Start isEmpty. Operand has 74 states, 57 states have (on average 1.3859649122807018) internal successors, (79), 63 states have internal predecessors, (79), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2025-02-05 15:51:37,970 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2025-02-05 15:51:37,971 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:51:37,971 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:51:37,972 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:51:37,975 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:51:37,976 INFO L85 PathProgramCache]: Analyzing trace with hash 1749028800, now seen corresponding path program 1 times [2025-02-05 15:51:37,980 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:51:37,983 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1726425068] [2025-02-05 15:51:37,983 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:51:37,983 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:51:38,048 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 25 statements into 1 equivalence classes. [2025-02-05 15:51:38,069 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 25 of 25 statements. [2025-02-05 15:51:38,070 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:38,070 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:51:38,138 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:51:38,138 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:51:38,138 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1726425068] [2025-02-05 15:51:38,142 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1726425068] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:51:38,143 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:51:38,143 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2025-02-05 15:51:38,144 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [502054256] [2025-02-05 15:51:38,144 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:51:38,149 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-02-05 15:51:38,149 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:51:38,164 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-02-05 15:51:38,165 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-02-05 15:51:38,167 INFO L87 Difference]: Start difference. First operand has 74 states, 57 states have (on average 1.3859649122807018) internal successors, (79), 63 states have internal predecessors, (79), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:51:38,183 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:51:38,183 INFO L93 Difference]: Finished difference Result 131 states and 178 transitions. [2025-02-05 15:51:38,184 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-02-05 15:51:38,185 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2025-02-05 15:51:38,185 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:51:38,190 INFO L225 Difference]: With dead ends: 131 [2025-02-05 15:51:38,190 INFO L226 Difference]: Without dead ends: 66 [2025-02-05 15:51:38,192 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-02-05 15:51:38,194 INFO L435 NwaCegarLoop]: 90 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 90 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:51:38,197 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 90 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:51:38,207 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 66 states. [2025-02-05 15:51:38,218 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 66 to 66. [2025-02-05 15:51:38,219 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 66 states, 51 states have (on average 1.3333333333333333) internal successors, (68), 56 states have internal predecessors, (68), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2025-02-05 15:51:38,222 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 66 states to 66 states and 85 transitions. [2025-02-05 15:51:38,224 INFO L78 Accepts]: Start accepts. Automaton has 66 states and 85 transitions. Word has length 25 [2025-02-05 15:51:38,224 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:51:38,224 INFO L471 AbstractCegarLoop]: Abstraction has 66 states and 85 transitions. [2025-02-05 15:51:38,224 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:51:38,224 INFO L276 IsEmpty]: Start isEmpty. Operand 66 states and 85 transitions. [2025-02-05 15:51:38,225 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2025-02-05 15:51:38,225 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:51:38,226 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:51:38,226 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-02-05 15:51:38,226 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:51:38,226 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:51:38,226 INFO L85 PathProgramCache]: Analyzing trace with hash 1285043758, now seen corresponding path program 1 times [2025-02-05 15:51:38,227 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:51:38,227 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1765177981] [2025-02-05 15:51:38,227 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:51:38,227 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:51:38,234 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 26 statements into 1 equivalence classes. [2025-02-05 15:51:38,247 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 26 of 26 statements. [2025-02-05 15:51:38,247 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:38,247 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:51:38,316 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:51:38,320 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:51:38,321 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1765177981] [2025-02-05 15:51:38,321 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1765177981] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:51:38,321 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:51:38,321 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-02-05 15:51:38,321 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [795129405] [2025-02-05 15:51:38,321 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:51:38,322 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:51:38,322 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:51:38,322 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:51:38,322 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:51:38,322 INFO L87 Difference]: Start difference. First operand 66 states and 85 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:51:38,334 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:51:38,335 INFO L93 Difference]: Finished difference Result 98 states and 126 transitions. [2025-02-05 15:51:38,335 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:51:38,335 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2025-02-05 15:51:38,335 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:51:38,336 INFO L225 Difference]: With dead ends: 98 [2025-02-05 15:51:38,336 INFO L226 Difference]: Without dead ends: 57 [2025-02-05 15:51:38,336 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:51:38,337 INFO L435 NwaCegarLoop]: 72 mSDtfsCounter, 11 mSDsluCounter, 57 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 14 SdHoareTripleChecker+Valid, 129 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:51:38,337 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [14 Valid, 129 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:51:38,338 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 57 states. [2025-02-05 15:51:38,341 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 57 to 57. [2025-02-05 15:51:38,341 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 57 states, 45 states have (on average 1.3555555555555556) internal successors, (61), 50 states have internal predecessors, (61), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2025-02-05 15:51:38,342 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 57 states to 57 states and 73 transitions. [2025-02-05 15:51:38,342 INFO L78 Accepts]: Start accepts. Automaton has 57 states and 73 transitions. Word has length 26 [2025-02-05 15:51:38,342 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:51:38,342 INFO L471 AbstractCegarLoop]: Abstraction has 57 states and 73 transitions. [2025-02-05 15:51:38,342 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:51:38,342 INFO L276 IsEmpty]: Start isEmpty. Operand 57 states and 73 transitions. [2025-02-05 15:51:38,343 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2025-02-05 15:51:38,343 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:51:38,343 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:51:38,343 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-02-05 15:51:38,343 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:51:38,343 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:51:38,344 INFO L85 PathProgramCache]: Analyzing trace with hash -1577873643, now seen corresponding path program 1 times [2025-02-05 15:51:38,344 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:51:38,344 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1994031890] [2025-02-05 15:51:38,346 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:51:38,346 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:51:38,359 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 29 statements into 1 equivalence classes. [2025-02-05 15:51:38,373 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 29 of 29 statements. [2025-02-05 15:51:38,376 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:38,377 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:51:38,525 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:51:38,525 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:51:38,525 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1994031890] [2025-02-05 15:51:38,525 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1994031890] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:51:38,525 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:51:38,525 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-02-05 15:51:38,526 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1262569020] [2025-02-05 15:51:38,526 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:51:38,527 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-02-05 15:51:38,527 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:51:38,527 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-02-05 15:51:38,528 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2025-02-05 15:51:38,528 INFO L87 Difference]: Start difference. First operand 57 states and 73 transitions. Second operand has 6 states, 6 states have (on average 4.333333333333333) internal successors, (26), 6 states have internal predecessors, (26), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:51:38,626 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:51:38,626 INFO L93 Difference]: Finished difference Result 106 states and 139 transitions. [2025-02-05 15:51:38,627 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:51:38,627 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.333333333333333) internal successors, (26), 6 states have internal predecessors, (26), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 29 [2025-02-05 15:51:38,627 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:51:38,628 INFO L225 Difference]: With dead ends: 106 [2025-02-05 15:51:38,630 INFO L226 Difference]: Without dead ends: 57 [2025-02-05 15:51:38,630 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=20, Invalid=36, Unknown=0, NotChecked=0, Total=56 [2025-02-05 15:51:38,631 INFO L435 NwaCegarLoop]: 69 mSDtfsCounter, 69 mSDsluCounter, 110 mSDsCounter, 0 mSdLazyCounter, 35 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 69 SdHoareTripleChecker+Valid, 179 SdHoareTripleChecker+Invalid, 35 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 35 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-02-05 15:51:38,631 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [69 Valid, 179 Invalid, 35 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 35 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-02-05 15:51:38,631 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 57 states. [2025-02-05 15:51:38,638 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 57 to 57. [2025-02-05 15:51:38,639 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 57 states, 45 states have (on average 1.3333333333333333) internal successors, (60), 50 states have internal predecessors, (60), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2025-02-05 15:51:38,639 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 57 states to 57 states and 72 transitions. [2025-02-05 15:51:38,642 INFO L78 Accepts]: Start accepts. Automaton has 57 states and 72 transitions. Word has length 29 [2025-02-05 15:51:38,642 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:51:38,642 INFO L471 AbstractCegarLoop]: Abstraction has 57 states and 72 transitions. [2025-02-05 15:51:38,642 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.333333333333333) internal successors, (26), 6 states have internal predecessors, (26), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:51:38,642 INFO L276 IsEmpty]: Start isEmpty. Operand 57 states and 72 transitions. [2025-02-05 15:51:38,643 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2025-02-05 15:51:38,643 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:51:38,643 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:51:38,643 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-02-05 15:51:38,643 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:51:38,644 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:51:38,645 INFO L85 PathProgramCache]: Analyzing trace with hash -49053692, now seen corresponding path program 1 times [2025-02-05 15:51:38,646 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:51:38,646 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [553196533] [2025-02-05 15:51:38,646 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:51:38,646 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:51:38,653 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 34 statements into 1 equivalence classes. [2025-02-05 15:51:38,657 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 34 of 34 statements. [2025-02-05 15:51:38,657 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:38,657 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:51:38,675 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:51:38,675 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:51:38,675 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [553196533] [2025-02-05 15:51:38,675 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [553196533] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:51:38,675 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:51:38,675 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-02-05 15:51:38,675 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1151292787] [2025-02-05 15:51:38,675 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:51:38,676 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:51:38,676 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:51:38,676 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:51:38,676 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:51:38,676 INFO L87 Difference]: Start difference. First operand 57 states and 72 transitions. Second operand has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:51:38,703 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:51:38,705 INFO L93 Difference]: Finished difference Result 144 states and 187 transitions. [2025-02-05 15:51:38,705 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:51:38,705 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 34 [2025-02-05 15:51:38,705 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:51:38,706 INFO L225 Difference]: With dead ends: 144 [2025-02-05 15:51:38,706 INFO L226 Difference]: Without dead ends: 95 [2025-02-05 15:51:38,707 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:51:38,709 INFO L435 NwaCegarLoop]: 87 mSDtfsCounter, 61 mSDsluCounter, 48 mSDsCounter, 0 mSdLazyCounter, 7 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 61 SdHoareTripleChecker+Valid, 135 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 7 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:51:38,709 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [61 Valid, 135 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 7 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:51:38,709 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 95 states. [2025-02-05 15:51:38,721 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 95 to 93. [2025-02-05 15:51:38,724 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 93 states, 72 states have (on average 1.3333333333333333) internal successors, (96), 78 states have internal predecessors, (96), 10 states have call successors, (10), 10 states have call predecessors, (10), 10 states have return successors, (12), 10 states have call predecessors, (12), 10 states have call successors, (12) [2025-02-05 15:51:38,724 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 93 states to 93 states and 118 transitions. [2025-02-05 15:51:38,727 INFO L78 Accepts]: Start accepts. Automaton has 93 states and 118 transitions. Word has length 34 [2025-02-05 15:51:38,727 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:51:38,727 INFO L471 AbstractCegarLoop]: Abstraction has 93 states and 118 transitions. [2025-02-05 15:51:38,727 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:51:38,727 INFO L276 IsEmpty]: Start isEmpty. Operand 93 states and 118 transitions. [2025-02-05 15:51:38,728 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2025-02-05 15:51:38,728 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:51:38,728 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:51:38,728 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-02-05 15:51:38,728 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:51:38,728 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:51:38,728 INFO L85 PathProgramCache]: Analyzing trace with hash -205125332, now seen corresponding path program 1 times [2025-02-05 15:51:38,729 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:51:38,730 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1694694894] [2025-02-05 15:51:38,730 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:51:38,730 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:51:38,741 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 38 statements into 1 equivalence classes. [2025-02-05 15:51:38,749 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 38 of 38 statements. [2025-02-05 15:51:38,750 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:38,750 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:51:38,839 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:51:38,839 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:51:38,840 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1694694894] [2025-02-05 15:51:38,840 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1694694894] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:51:38,840 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:51:38,840 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-02-05 15:51:38,840 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2011330537] [2025-02-05 15:51:38,840 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:51:38,840 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:51:38,841 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:51:38,841 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:51:38,841 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:51:38,841 INFO L87 Difference]: Start difference. First operand 93 states and 118 transitions. Second operand has 5 states, 5 states have (on average 7.0) internal successors, (35), 5 states have internal predecessors, (35), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:51:38,868 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:51:38,869 INFO L93 Difference]: Finished difference Result 181 states and 234 transitions. [2025-02-05 15:51:38,869 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:51:38,869 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.0) internal successors, (35), 5 states have internal predecessors, (35), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 38 [2025-02-05 15:51:38,869 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:51:38,870 INFO L225 Difference]: With dead ends: 181 [2025-02-05 15:51:38,870 INFO L226 Difference]: Without dead ends: 96 [2025-02-05 15:51:38,870 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:51:38,871 INFO L435 NwaCegarLoop]: 69 mSDtfsCounter, 0 mSDsluCounter, 200 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 269 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:51:38,871 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 269 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:51:38,871 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 96 states. [2025-02-05 15:51:38,882 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 96 to 96. [2025-02-05 15:51:38,882 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 96 states, 75 states have (on average 1.32) internal successors, (99), 81 states have internal predecessors, (99), 10 states have call successors, (10), 10 states have call predecessors, (10), 10 states have return successors, (12), 10 states have call predecessors, (12), 10 states have call successors, (12) [2025-02-05 15:51:38,884 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 96 states to 96 states and 121 transitions. [2025-02-05 15:51:38,886 INFO L78 Accepts]: Start accepts. Automaton has 96 states and 121 transitions. Word has length 38 [2025-02-05 15:51:38,886 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:51:38,886 INFO L471 AbstractCegarLoop]: Abstraction has 96 states and 121 transitions. [2025-02-05 15:51:38,886 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.0) internal successors, (35), 5 states have internal predecessors, (35), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:51:38,886 INFO L276 IsEmpty]: Start isEmpty. Operand 96 states and 121 transitions. [2025-02-05 15:51:38,887 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2025-02-05 15:51:38,887 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:51:38,887 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:51:38,887 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-02-05 15:51:38,887 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:51:38,887 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:51:38,887 INFO L85 PathProgramCache]: Analyzing trace with hash 1148184365, now seen corresponding path program 1 times [2025-02-05 15:51:38,889 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:51:38,889 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1176867935] [2025-02-05 15:51:38,889 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:51:38,889 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:51:38,895 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 38 statements into 1 equivalence classes. [2025-02-05 15:51:38,901 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 38 of 38 statements. [2025-02-05 15:51:38,905 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:38,905 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:51:38,979 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:51:38,979 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:51:38,980 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1176867935] [2025-02-05 15:51:38,980 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1176867935] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:51:38,980 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:51:38,980 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-02-05 15:51:38,980 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [446143802] [2025-02-05 15:51:38,980 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:51:38,980 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-02-05 15:51:38,980 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:51:38,980 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-02-05 15:51:38,980 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-02-05 15:51:38,981 INFO L87 Difference]: Start difference. First operand 96 states and 121 transitions. Second operand has 6 states, 6 states have (on average 5.833333333333333) internal successors, (35), 6 states have internal predecessors, (35), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:51:39,013 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:51:39,013 INFO L93 Difference]: Finished difference Result 186 states and 241 transitions. [2025-02-05 15:51:39,014 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2025-02-05 15:51:39,014 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.833333333333333) internal successors, (35), 6 states have internal predecessors, (35), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 38 [2025-02-05 15:51:39,014 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:51:39,014 INFO L225 Difference]: With dead ends: 186 [2025-02-05 15:51:39,014 INFO L226 Difference]: Without dead ends: 98 [2025-02-05 15:51:39,015 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-02-05 15:51:39,015 INFO L435 NwaCegarLoop]: 68 mSDtfsCounter, 0 mSDsluCounter, 264 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 332 SdHoareTripleChecker+Invalid, 25 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:51:39,015 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 332 Invalid, 25 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:51:39,016 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 98 states. [2025-02-05 15:51:39,026 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 98 to 98. [2025-02-05 15:51:39,027 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 98 states, 77 states have (on average 1.3116883116883118) internal successors, (101), 83 states have internal predecessors, (101), 10 states have call successors, (10), 10 states have call predecessors, (10), 10 states have return successors, (12), 10 states have call predecessors, (12), 10 states have call successors, (12) [2025-02-05 15:51:39,028 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 98 states to 98 states and 123 transitions. [2025-02-05 15:51:39,028 INFO L78 Accepts]: Start accepts. Automaton has 98 states and 123 transitions. Word has length 38 [2025-02-05 15:51:39,029 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:51:39,029 INFO L471 AbstractCegarLoop]: Abstraction has 98 states and 123 transitions. [2025-02-05 15:51:39,029 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.833333333333333) internal successors, (35), 6 states have internal predecessors, (35), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:51:39,030 INFO L276 IsEmpty]: Start isEmpty. Operand 98 states and 123 transitions. [2025-02-05 15:51:39,030 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2025-02-05 15:51:39,031 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:51:39,031 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:51:39,031 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-02-05 15:51:39,032 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:51:39,032 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:51:39,032 INFO L85 PathProgramCache]: Analyzing trace with hash -540759377, now seen corresponding path program 1 times [2025-02-05 15:51:39,032 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:51:39,032 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [465890004] [2025-02-05 15:51:39,032 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:51:39,032 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:51:39,041 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 38 statements into 1 equivalence classes. [2025-02-05 15:51:39,047 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 38 of 38 statements. [2025-02-05 15:51:39,047 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:39,047 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:51:39,115 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:51:39,116 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:51:39,116 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [465890004] [2025-02-05 15:51:39,116 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [465890004] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:51:39,116 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:51:39,116 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-02-05 15:51:39,116 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [581145220] [2025-02-05 15:51:39,116 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:51:39,117 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:51:39,117 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:51:39,117 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:51:39,117 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:51:39,117 INFO L87 Difference]: Start difference. First operand 98 states and 123 transitions. Second operand has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:51:39,136 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:51:39,136 INFO L93 Difference]: Finished difference Result 231 states and 294 transitions. [2025-02-05 15:51:39,137 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:51:39,137 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 38 [2025-02-05 15:51:39,137 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:51:39,138 INFO L225 Difference]: With dead ends: 231 [2025-02-05 15:51:39,138 INFO L226 Difference]: Without dead ends: 141 [2025-02-05 15:51:39,139 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:51:39,141 INFO L435 NwaCegarLoop]: 70 mSDtfsCounter, 38 mSDsluCounter, 58 mSDsCounter, 0 mSdLazyCounter, 8 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 38 SdHoareTripleChecker+Valid, 128 SdHoareTripleChecker+Invalid, 9 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 8 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:51:39,142 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [38 Valid, 128 Invalid, 9 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 8 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:51:39,142 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 141 states. [2025-02-05 15:51:39,155 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 141 to 139. [2025-02-05 15:51:39,155 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 139 states, 109 states have (on average 1.2935779816513762) internal successors, (141), 116 states have internal predecessors, (141), 15 states have call successors, (15), 15 states have call predecessors, (15), 14 states have return successors, (17), 14 states have call predecessors, (17), 15 states have call successors, (17) [2025-02-05 15:51:39,156 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 139 states to 139 states and 173 transitions. [2025-02-05 15:51:39,156 INFO L78 Accepts]: Start accepts. Automaton has 139 states and 173 transitions. Word has length 38 [2025-02-05 15:51:39,156 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:51:39,156 INFO L471 AbstractCegarLoop]: Abstraction has 139 states and 173 transitions. [2025-02-05 15:51:39,156 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:51:39,157 INFO L276 IsEmpty]: Start isEmpty. Operand 139 states and 173 transitions. [2025-02-05 15:51:39,157 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2025-02-05 15:51:39,157 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:51:39,157 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:51:39,157 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-02-05 15:51:39,158 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:51:39,158 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:51:39,158 INFO L85 PathProgramCache]: Analyzing trace with hash -2091712504, now seen corresponding path program 1 times [2025-02-05 15:51:39,158 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:51:39,158 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1840442542] [2025-02-05 15:51:39,158 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:51:39,158 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:51:39,165 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 40 statements into 1 equivalence classes. [2025-02-05 15:51:39,170 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 40 of 40 statements. [2025-02-05 15:51:39,170 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:39,170 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:51:39,236 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:51:39,237 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:51:39,237 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1840442542] [2025-02-05 15:51:39,237 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1840442542] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:51:39,237 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:51:39,238 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-02-05 15:51:39,238 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1783298662] [2025-02-05 15:51:39,238 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:51:39,238 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:51:39,240 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:51:39,241 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:51:39,241 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:51:39,241 INFO L87 Difference]: Start difference. First operand 139 states and 173 transitions. Second operand has 5 states, 5 states have (on average 7.0) internal successors, (35), 5 states have internal predecessors, (35), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:51:39,278 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:51:39,279 INFO L93 Difference]: Finished difference Result 268 states and 337 transitions. [2025-02-05 15:51:39,279 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:51:39,279 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.0) internal successors, (35), 5 states have internal predecessors, (35), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 40 [2025-02-05 15:51:39,280 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:51:39,281 INFO L225 Difference]: With dead ends: 268 [2025-02-05 15:51:39,282 INFO L226 Difference]: Without dead ends: 137 [2025-02-05 15:51:39,282 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-02-05 15:51:39,283 INFO L435 NwaCegarLoop]: 68 mSDtfsCounter, 45 mSDsluCounter, 181 mSDsCounter, 0 mSdLazyCounter, 22 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 45 SdHoareTripleChecker+Valid, 249 SdHoareTripleChecker+Invalid, 24 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 22 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:51:39,283 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [45 Valid, 249 Invalid, 24 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 22 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:51:39,284 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 137 states. [2025-02-05 15:51:39,293 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 137 to 137. [2025-02-05 15:51:39,293 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 137 states, 107 states have (on average 1.2616822429906542) internal successors, (135), 114 states have internal predecessors, (135), 15 states have call successors, (15), 15 states have call predecessors, (15), 14 states have return successors, (17), 14 states have call predecessors, (17), 15 states have call successors, (17) [2025-02-05 15:51:39,294 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 137 states to 137 states and 167 transitions. [2025-02-05 15:51:39,294 INFO L78 Accepts]: Start accepts. Automaton has 137 states and 167 transitions. Word has length 40 [2025-02-05 15:51:39,294 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:51:39,294 INFO L471 AbstractCegarLoop]: Abstraction has 137 states and 167 transitions. [2025-02-05 15:51:39,294 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.0) internal successors, (35), 5 states have internal predecessors, (35), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:51:39,295 INFO L276 IsEmpty]: Start isEmpty. Operand 137 states and 167 transitions. [2025-02-05 15:51:39,295 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2025-02-05 15:51:39,295 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:51:39,295 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:51:39,296 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-02-05 15:51:39,296 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:51:39,296 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:51:39,296 INFO L85 PathProgramCache]: Analyzing trace with hash 155412625, now seen corresponding path program 1 times [2025-02-05 15:51:39,296 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:51:39,296 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1650804707] [2025-02-05 15:51:39,296 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:51:39,296 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:51:39,301 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 42 statements into 1 equivalence classes. [2025-02-05 15:51:39,309 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 42 of 42 statements. [2025-02-05 15:51:39,309 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:39,309 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:51:39,373 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:51:39,373 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:51:39,373 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1650804707] [2025-02-05 15:51:39,373 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1650804707] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:51:39,373 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:51:39,373 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-02-05 15:51:39,373 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1870951165] [2025-02-05 15:51:39,373 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:51:39,375 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:51:39,375 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:51:39,375 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:51:39,376 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:51:39,377 INFO L87 Difference]: Start difference. First operand 137 states and 167 transitions. Second operand has 3 states, 3 states have (on average 12.333333333333334) internal successors, (37), 3 states have internal predecessors, (37), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:51:39,401 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:51:39,401 INFO L93 Difference]: Finished difference Result 205 states and 254 transitions. [2025-02-05 15:51:39,401 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:51:39,401 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 12.333333333333334) internal successors, (37), 3 states have internal predecessors, (37), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 42 [2025-02-05 15:51:39,402 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:51:39,403 INFO L225 Difference]: With dead ends: 205 [2025-02-05 15:51:39,404 INFO L226 Difference]: Without dead ends: 203 [2025-02-05 15:51:39,405 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:51:39,405 INFO L435 NwaCegarLoop]: 71 mSDtfsCounter, 39 mSDsluCounter, 60 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 39 SdHoareTripleChecker+Valid, 131 SdHoareTripleChecker+Invalid, 8 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:51:39,405 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [39 Valid, 131 Invalid, 8 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:51:39,406 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 203 states. [2025-02-05 15:51:39,419 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 203 to 185. [2025-02-05 15:51:39,420 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 185 states, 145 states have (on average 1.289655172413793) internal successors, (187), 155 states have internal predecessors, (187), 20 states have call successors, (20), 20 states have call predecessors, (20), 19 states have return successors, (26), 19 states have call predecessors, (26), 20 states have call successors, (26) [2025-02-05 15:51:39,421 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 185 states to 185 states and 233 transitions. [2025-02-05 15:51:39,422 INFO L78 Accepts]: Start accepts. Automaton has 185 states and 233 transitions. Word has length 42 [2025-02-05 15:51:39,422 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:51:39,422 INFO L471 AbstractCegarLoop]: Abstraction has 185 states and 233 transitions. [2025-02-05 15:51:39,422 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 12.333333333333334) internal successors, (37), 3 states have internal predecessors, (37), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:51:39,422 INFO L276 IsEmpty]: Start isEmpty. Operand 185 states and 233 transitions. [2025-02-05 15:51:39,423 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 73 [2025-02-05 15:51:39,423 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:51:39,424 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:51:39,424 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-02-05 15:51:39,424 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:51:39,424 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:51:39,424 INFO L85 PathProgramCache]: Analyzing trace with hash -918622009, now seen corresponding path program 1 times [2025-02-05 15:51:39,425 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:51:39,425 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1416414677] [2025-02-05 15:51:39,425 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:51:39,425 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:51:39,433 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 72 statements into 1 equivalence classes. [2025-02-05 15:51:39,440 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 72 of 72 statements. [2025-02-05 15:51:39,440 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:39,440 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:51:39,549 INFO L134 CoverageAnalysis]: Checked inductivity of 22 backedges. 19 proven. 2 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2025-02-05 15:51:39,549 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:51:39,549 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1416414677] [2025-02-05 15:51:39,549 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1416414677] provided 0 perfect and 1 imperfect interpolant sequences [2025-02-05 15:51:39,550 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [878144523] [2025-02-05 15:51:39,550 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:51:39,550 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-02-05 15:51:39,550 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-02-05 15:51:39,556 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-02-05 15:51:39,573 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-02-05 15:51:39,613 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 72 statements into 1 equivalence classes. [2025-02-05 15:51:39,641 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 72 of 72 statements. [2025-02-05 15:51:39,641 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:39,641 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:51:39,647 INFO L256 TraceCheckSpWp]: Trace formula consists of 264 conjuncts, 11 conjuncts are in the unsatisfiable core [2025-02-05 15:51:39,651 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-02-05 15:51:39,758 INFO L134 CoverageAnalysis]: Checked inductivity of 22 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-02-05 15:51:39,759 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-02-05 15:51:39,759 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [878144523] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:51:39,760 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-02-05 15:51:39,760 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [7] total 10 [2025-02-05 15:51:39,760 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1324287359] [2025-02-05 15:51:39,760 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:51:39,760 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-02-05 15:51:39,760 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:51:39,761 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-02-05 15:51:39,761 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=26, Invalid=64, Unknown=0, NotChecked=0, Total=90 [2025-02-05 15:51:39,761 INFO L87 Difference]: Start difference. First operand 185 states and 233 transitions. Second operand has 6 states, 6 states have (on average 9.833333333333334) internal successors, (59), 4 states have internal predecessors, (59), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) [2025-02-05 15:51:39,840 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:51:39,840 INFO L93 Difference]: Finished difference Result 513 states and 665 transitions. [2025-02-05 15:51:39,842 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2025-02-05 15:51:39,843 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 9.833333333333334) internal successors, (59), 4 states have internal predecessors, (59), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) Word has length 72 [2025-02-05 15:51:39,843 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:51:39,845 INFO L225 Difference]: With dead ends: 513 [2025-02-05 15:51:39,845 INFO L226 Difference]: Without dead ends: 336 [2025-02-05 15:51:39,845 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 78 GetRequests, 70 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 6 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=26, Invalid=64, Unknown=0, NotChecked=0, Total=90 [2025-02-05 15:51:39,846 INFO L435 NwaCegarLoop]: 70 mSDtfsCounter, 26 mSDsluCounter, 215 mSDsCounter, 0 mSdLazyCounter, 63 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 26 SdHoareTripleChecker+Valid, 285 SdHoareTripleChecker+Invalid, 65 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 63 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-02-05 15:51:39,846 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [26 Valid, 285 Invalid, 65 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 63 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-02-05 15:51:39,846 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 336 states. [2025-02-05 15:51:39,867 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 336 to 307. [2025-02-05 15:51:39,869 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 307 states, 237 states have (on average 1.261603375527426) internal successors, (299), 254 states have internal predecessors, (299), 35 states have call successors, (35), 35 states have call predecessors, (35), 34 states have return successors, (47), 33 states have call predecessors, (47), 35 states have call successors, (47) [2025-02-05 15:51:39,871 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 307 states to 307 states and 381 transitions. [2025-02-05 15:51:39,872 INFO L78 Accepts]: Start accepts. Automaton has 307 states and 381 transitions. Word has length 72 [2025-02-05 15:51:39,872 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:51:39,872 INFO L471 AbstractCegarLoop]: Abstraction has 307 states and 381 transitions. [2025-02-05 15:51:39,873 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 9.833333333333334) internal successors, (59), 4 states have internal predecessors, (59), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) [2025-02-05 15:51:39,873 INFO L276 IsEmpty]: Start isEmpty. Operand 307 states and 381 transitions. [2025-02-05 15:51:39,874 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 77 [2025-02-05 15:51:39,874 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:51:39,875 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:51:39,885 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2025-02-05 15:51:40,075 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2025-02-05 15:51:40,076 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:51:40,076 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:51:40,077 INFO L85 PathProgramCache]: Analyzing trace with hash 414758760, now seen corresponding path program 1 times [2025-02-05 15:51:40,077 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:51:40,077 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1608930446] [2025-02-05 15:51:40,077 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:51:40,077 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:51:40,085 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 76 statements into 1 equivalence classes. [2025-02-05 15:51:40,095 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 76 of 76 statements. [2025-02-05 15:51:40,096 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:40,096 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-02-05 15:51:40,096 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-02-05 15:51:40,099 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 76 statements into 1 equivalence classes. [2025-02-05 15:51:40,105 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 76 of 76 statements. [2025-02-05 15:51:40,105 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:40,105 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-02-05 15:51:40,130 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-02-05 15:51:40,130 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-02-05 15:51:40,131 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-02-05 15:51:40,134 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2025-02-05 15:51:40,138 INFO L422 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:51:40,203 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-02-05 15:51:40,205 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 05.02 03:51:40 BoogieIcfgContainer [2025-02-05 15:51:40,206 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-02-05 15:51:40,206 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-02-05 15:51:40,206 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-02-05 15:51:40,206 INFO L274 PluginConnector]: Witness Printer initialized [2025-02-05 15:51:40,207 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:51:37" (3/4) ... [2025-02-05 15:51:40,207 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-02-05 15:51:40,300 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 67. [2025-02-05 15:51:40,386 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-02-05 15:51:40,386 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.yml [2025-02-05 15:51:40,386 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-02-05 15:51:40,387 INFO L158 Benchmark]: Toolchain (without parser) took 3270.60ms. Allocated memory is still 142.6MB. Free memory was 112.4MB in the beginning and 42.2MB in the end (delta: 70.2MB). Peak memory consumption was 69.7MB. Max. memory is 16.1GB. [2025-02-05 15:51:40,387 INFO L158 Benchmark]: CDTParser took 0.12ms. Allocated memory is still 201.3MB. Free memory is still 123.6MB. There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:51:40,387 INFO L158 Benchmark]: CACSL2BoogieTranslator took 346.62ms. Allocated memory is still 142.6MB. Free memory was 112.4MB in the beginning and 93.9MB in the end (delta: 18.5MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-02-05 15:51:40,387 INFO L158 Benchmark]: Boogie Procedure Inliner took 33.14ms. Allocated memory is still 142.6MB. Free memory was 93.9MB in the beginning and 92.0MB in the end (delta: 1.9MB). There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:51:40,388 INFO L158 Benchmark]: Boogie Preprocessor took 38.22ms. Allocated memory is still 142.6MB. Free memory was 92.0MB in the beginning and 90.5MB in the end (delta: 1.5MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-02-05 15:51:40,388 INFO L158 Benchmark]: IcfgBuilder took 343.18ms. Allocated memory is still 142.6MB. Free memory was 90.5MB in the beginning and 73.7MB in the end (delta: 16.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-02-05 15:51:40,388 INFO L158 Benchmark]: TraceAbstraction took 2320.98ms. Allocated memory is still 142.6MB. Free memory was 73.2MB in the beginning and 53.7MB in the end (delta: 19.5MB). Peak memory consumption was 19.4MB. Max. memory is 16.1GB. [2025-02-05 15:51:40,388 INFO L158 Benchmark]: Witness Printer took 180.11ms. Allocated memory is still 142.6MB. Free memory was 53.7MB in the beginning and 42.2MB in the end (delta: 11.6MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-02-05 15:51:40,390 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.12ms. Allocated memory is still 201.3MB. Free memory is still 123.6MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 346.62ms. Allocated memory is still 142.6MB. Free memory was 112.4MB in the beginning and 93.9MB in the end (delta: 18.5MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 33.14ms. Allocated memory is still 142.6MB. Free memory was 93.9MB in the beginning and 92.0MB in the end (delta: 1.9MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 38.22ms. Allocated memory is still 142.6MB. Free memory was 92.0MB in the beginning and 90.5MB in the end (delta: 1.5MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * IcfgBuilder took 343.18ms. Allocated memory is still 142.6MB. Free memory was 90.5MB in the beginning and 73.7MB in the end (delta: 16.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 2320.98ms. Allocated memory is still 142.6MB. Free memory was 73.2MB in the beginning and 53.7MB in the end (delta: 19.5MB). Peak memory consumption was 19.4MB. Max. memory is 16.1GB. * Witness Printer took 180.11ms. Allocated memory is still 142.6MB. Free memory was 53.7MB in the beginning and 42.2MB in the end (delta: 11.6MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [49] - GenericResultAtLocation [Line: 87]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [87] - GenericResultAtLocation [Line: 188]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [188] - GenericResultAtLocation [Line: 289]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [289] - GenericResultAtLocation [Line: 298]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [298] - GenericResultAtLocation [Line: 454]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [454] - GenericResultAtLocation [Line: 519]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [519] - GenericResultAtLocation [Line: 885]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification2_spec.i","") [885] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 294]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L95] int waterLevel = 1; [L96] int methaneLevelCritical = 0; [L189] int cleanupTimeShifts = 4; [L302] int pumpRunning = 0; [L303] int systemActive = 1; [L689] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; [L886] int methAndRunningLastTime ; VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L267] int retValue_acc ; [L268] int tmp ; [L272] FCALL select_helpers() [L273] FCALL select_features() [L274] CALL, EXPR valid_product() [L79] int retValue_acc ; [L82] retValue_acc = 1 [L83] return (retValue_acc); VAL [\result=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L274] RET, EXPR valid_product() [L274] tmp = valid_product() [L276] COND TRUE \read(tmp) [L278] FCALL setup() [L279] CALL runTest() [L260] CALL __utac_acc__Specification2_spec__1() [L891] methAndRunningLastTime = 0 VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L260] RET __utac_acc__Specification2_spec__1() [L261] CALL test() [L456] int splverifierCounter ; [L457] int tmp ; [L458] int tmp___0 ; [L459] int tmp___1 ; [L460] int tmp___2 ; [L463] splverifierCounter = 0 VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L465] COND TRUE 1 VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L467] COND TRUE splverifierCounter < 4 [L473] tmp = __VERIFIER_nondet_int() [L475] COND TRUE \read(tmp) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L477] CALL waterRise() VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L113] COND TRUE waterLevel < 2 [L114] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L477] RET waterRise() VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L483] tmp___0 = __VERIFIER_nondet_int() [L485] COND TRUE \read(tmp___0) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L487] CALL changeMethaneLevel() VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L125] COND FALSE !(\read(methaneLevelCritical)) [L128] methaneLevelCritical = 1 VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L487] RET changeMethaneLevel() VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L493] tmp___2 = __VERIFIER_nondet_int() [L495] COND TRUE \read(tmp___2) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L508] CALL timeShift() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L310] COND FALSE !(\read(pumpRunning)) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L317] COND TRUE \read(systemActive) [L319] CALL processEnvironment() [L339] int tmp ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L342] COND TRUE ! pumpRunning [L344] CALL, EXPR isHighWaterLevel() [L436] int retValue_acc ; [L437] int tmp ; [L438] int tmp___0 ; [L442] CALL, EXPR isHighWaterSensorDry() [L175] int retValue_acc ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L178] COND FALSE !(waterLevel < 2) [L182] retValue_acc = 0 [L183] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L442] RET, EXPR isHighWaterSensorDry() [L442] tmp = isHighWaterSensorDry() [L444] COND FALSE !(\read(tmp)) [L447] tmp___0 = 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L449] retValue_acc = tmp___0 [L450] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L344] RET, EXPR isHighWaterLevel() [L344] tmp = isHighWaterLevel() [L346] COND TRUE \read(tmp) [L348] CALL activatePump() [L367] pumpRunning = 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L348] RET activatePump() [L319] RET processEnvironment() [L325] CALL __utac_acc__Specification2_spec__2() [L896] int tmp ; [L897] int tmp___0 ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L901] CALL, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L134] int retValue_acc ; [L137] retValue_acc = methaneLevelCritical [L138] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L901] RET, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L901] tmp = isMethaneLevelCritical() [L903] COND TRUE \read(tmp) [L905] CALL, EXPR isPumpRunning() [L391] int retValue_acc ; [L394] retValue_acc = pumpRunning [L395] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L905] RET, EXPR isPumpRunning() [L905] tmp___0 = isPumpRunning() [L907] COND TRUE \read(tmp___0) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L908] COND FALSE !(\read(methAndRunningLastTime)) [L913] methAndRunningLastTime = 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L325] RET __utac_acc__Specification2_spec__2() [L508] RET timeShift() VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L465] COND TRUE 1 VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L467] COND TRUE splverifierCounter < 4 [L473] tmp = __VERIFIER_nondet_int() [L475] COND FALSE !(\read(tmp)) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L483] tmp___0 = __VERIFIER_nondet_int() [L485] COND FALSE !(\read(tmp___0)) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L493] tmp___2 = __VERIFIER_nondet_int() [L495] COND TRUE \read(tmp___2) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L508] CALL timeShift() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L310] COND TRUE \read(pumpRunning) [L312] CALL lowerWaterLevel() [L101] COND TRUE waterLevel > 0 [L102] waterLevel = waterLevel - 1 VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L312] RET lowerWaterLevel() [L317] COND TRUE \read(systemActive) [L319] CALL processEnvironment() [L339] int tmp ; VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L342] COND FALSE !(! pumpRunning) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L357] FCALL processEnvironment__wrappee__base() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L319] RET processEnvironment() [L325] CALL __utac_acc__Specification2_spec__2() [L896] int tmp ; [L897] int tmp___0 ; VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L901] CALL, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L134] int retValue_acc ; [L137] retValue_acc = methaneLevelCritical [L138] return (retValue_acc); VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L901] RET, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L901] tmp = isMethaneLevelCritical() [L903] COND TRUE \read(tmp) [L905] CALL, EXPR isPumpRunning() [L391] int retValue_acc ; [L394] retValue_acc = pumpRunning [L395] return (retValue_acc); VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L905] RET, EXPR isPumpRunning() [L905] tmp___0 = isPumpRunning() [L907] COND TRUE \read(tmp___0) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L908] COND TRUE \read(methAndRunningLastTime) [L910] CALL __automaton_fail() [L294] reach_error() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 75 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 2.2s, OverallIterations: 11, TraceHistogramMax: 2, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.5s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 292 SdHoareTripleChecker+Valid, 0.2s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 289 mSDsluCounter, 1927 SdHoareTripleChecker+Invalid, 0.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1193 mSDsCounter, 13 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 182 IncrementalHoareTripleChecker+Invalid, 195 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 13 mSolverCounterUnsat, 734 mSDtfsCounter, 182 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 121 GetRequests, 91 SyntacticMatches, 0 SemanticMatches, 30 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=307occurred in iteration=10, InterpolantAutomatonStates: 41, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.1s AutomataMinimizationTime, 10 MinimizatonAttempts, 51 StatesRemovedByMinimization, 4 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 0.9s InterpolantComputationTime, 530 NumberOfCodeBlocks, 530 NumberOfCodeBlocksAsserted, 12 NumberOfCheckSat, 443 ConstructedInterpolants, 0 QuantifiedInterpolants, 807 SizeOfPredicates, 0 NumberOfNonLiveVariables, 264 ConjunctsInSsa, 11 ConjunctsInUnsatCore, 11 InterpolantComputations, 10 PerfectInterpolantSequences, 42/44 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-02-05 15:51:40,404 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE