./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec2_product43.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version c00e63dc Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec2_product43.cil.c -s /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 80c186986e830d4bb291929eac4e7624996dc1953e9c0441022d003e4def396a --- Real Ultimate output --- This is Ultimate 0.3.0-?-c00e63d-m [2025-02-05 15:51:41,496 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-02-05 15:51:41,570 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-02-05 15:51:41,579 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-02-05 15:51:41,579 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-02-05 15:51:41,603 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-02-05 15:51:41,604 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-02-05 15:51:41,604 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-02-05 15:51:41,604 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-02-05 15:51:41,605 INFO L153 SettingsManager]: * Use memory slicer=true [2025-02-05 15:51:41,605 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-02-05 15:51:41,605 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-02-05 15:51:41,605 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-02-05 15:51:41,605 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-02-05 15:51:41,606 INFO L153 SettingsManager]: * Use SBE=true [2025-02-05 15:51:41,607 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-02-05 15:51:41,607 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-02-05 15:51:41,607 INFO L153 SettingsManager]: * sizeof long=4 [2025-02-05 15:51:41,607 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-02-05 15:51:41,607 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-02-05 15:51:41,608 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-02-05 15:51:41,608 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-02-05 15:51:41,608 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-02-05 15:51:41,608 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-02-05 15:51:41,608 INFO L153 SettingsManager]: * sizeof long double=12 [2025-02-05 15:51:41,608 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-02-05 15:51:41,608 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-02-05 15:51:41,608 INFO L153 SettingsManager]: * Use constant arrays=true [2025-02-05 15:51:41,608 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-02-05 15:51:41,609 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-02-05 15:51:41,609 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-02-05 15:51:41,609 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-02-05 15:51:41,609 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-02-05 15:51:41,609 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-02-05 15:51:41,609 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-02-05 15:51:41,610 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-02-05 15:51:41,610 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-02-05 15:51:41,610 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-02-05 15:51:41,610 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-02-05 15:51:41,610 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-02-05 15:51:41,610 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-02-05 15:51:41,610 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-02-05 15:51:41,610 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-02-05 15:51:41,610 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 80c186986e830d4bb291929eac4e7624996dc1953e9c0441022d003e4def396a [2025-02-05 15:51:41,882 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-02-05 15:51:41,889 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-02-05 15:51:41,891 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-02-05 15:51:41,892 INFO L270 PluginConnector]: Initializing CDTParser... [2025-02-05 15:51:41,892 INFO L274 PluginConnector]: CDTParser initialized [2025-02-05 15:51:41,894 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec2_product43.cil.c [2025-02-05 15:51:43,237 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/bb283d517/6365d4ebca164961a7aa84e64a87f97a/FLAG7ac49d62a [2025-02-05 15:51:43,587 INFO L384 CDTParser]: Found 1 translation units. [2025-02-05 15:51:43,588 INFO L180 CDTParser]: Scanning /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product43.cil.c [2025-02-05 15:51:43,607 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/bb283d517/6365d4ebca164961a7aa84e64a87f97a/FLAG7ac49d62a [2025-02-05 15:51:43,630 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/bb283d517/6365d4ebca164961a7aa84e64a87f97a [2025-02-05 15:51:43,633 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-02-05 15:51:43,635 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-02-05 15:51:43,637 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-02-05 15:51:43,637 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-02-05 15:51:43,642 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-02-05 15:51:43,643 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 05.02 03:51:43" (1/1) ... [2025-02-05 15:51:43,644 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6f5732c7 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:43, skipping insertion in model container [2025-02-05 15:51:43,646 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 05.02 03:51:43" (1/1) ... [2025-02-05 15:51:43,681 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-02-05 15:51:43,934 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product43.cil.c[18403,18416] [2025-02-05 15:51:43,937 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-02-05 15:51:43,948 INFO L200 MainTranslator]: Completed pre-run [2025-02-05 15:51:43,956 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2025-02-05 15:51:43,958 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [150] [2025-02-05 15:51:43,958 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [516] [2025-02-05 15:51:43,958 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [620] [2025-02-05 15:51:43,959 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification2_spec.i","") [655] [2025-02-05 15:51:43,959 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [696] [2025-02-05 15:51:43,959 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [764] [2025-02-05 15:51:43,959 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [951] [2025-02-05 15:51:44,027 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product43.cil.c[18403,18416] [2025-02-05 15:51:44,030 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-02-05 15:51:44,046 INFO L204 MainTranslator]: Completed translation [2025-02-05 15:51:44,046 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:44 WrapperNode [2025-02-05 15:51:44,048 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-02-05 15:51:44,049 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-02-05 15:51:44,049 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-02-05 15:51:44,049 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-02-05 15:51:44,054 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:44" (1/1) ... [2025-02-05 15:51:44,070 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:44" (1/1) ... [2025-02-05 15:51:44,105 INFO L138 Inliner]: procedures = 55, calls = 98, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 193 [2025-02-05 15:51:44,106 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-02-05 15:51:44,107 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-02-05 15:51:44,107 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-02-05 15:51:44,107 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-02-05 15:51:44,115 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:44" (1/1) ... [2025-02-05 15:51:44,115 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:44" (1/1) ... [2025-02-05 15:51:44,120 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:44" (1/1) ... [2025-02-05 15:51:44,137 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-02-05 15:51:44,138 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:44" (1/1) ... [2025-02-05 15:51:44,138 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:44" (1/1) ... [2025-02-05 15:51:44,145 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:44" (1/1) ... [2025-02-05 15:51:44,146 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:44" (1/1) ... [2025-02-05 15:51:44,149 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:44" (1/1) ... [2025-02-05 15:51:44,150 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:44" (1/1) ... [2025-02-05 15:51:44,152 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-02-05 15:51:44,156 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-02-05 15:51:44,156 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-02-05 15:51:44,156 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-02-05 15:51:44,157 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:44" (1/1) ... [2025-02-05 15:51:44,161 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-02-05 15:51:44,171 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-02-05 15:51:44,183 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-02-05 15:51:44,187 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-02-05 15:51:44,207 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-02-05 15:51:44,207 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2025-02-05 15:51:44,207 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2025-02-05 15:51:44,207 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-02-05 15:51:44,207 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-02-05 15:51:44,207 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-02-05 15:51:44,207 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-02-05 15:51:44,208 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2025-02-05 15:51:44,208 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2025-02-05 15:51:44,208 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-02-05 15:51:44,208 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-02-05 15:51:44,209 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-02-05 15:51:44,209 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-02-05 15:51:44,209 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-02-05 15:51:44,209 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-02-05 15:51:44,210 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-02-05 15:51:44,286 INFO L257 CfgBuilder]: Building ICFG [2025-02-05 15:51:44,288 INFO L287 CfgBuilder]: Building CFG for each procedure with an implementation [2025-02-05 15:51:44,408 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L147-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~2#1; [2025-02-05 15:51:44,408 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L878-1: isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~10#1; [2025-02-05 15:51:44,408 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L933-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~11#1; [2025-02-05 15:51:44,408 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L869-1: isMethaneAlarm_#res#1 := isMethaneAlarm_~retValue_acc~9#1; [2025-02-05 15:51:44,432 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint cleanupFINAL: assume true; [2025-02-05 15:51:44,440 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L101: #res := ~retValue_acc~0; [2025-02-05 15:51:44,530 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L652-1: valid_product_#res#1 := valid_product_~retValue_acc~8#1; [2025-02-05 15:51:44,530 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L617-1: main_#res#1 := main_~retValue_acc~6#1; [2025-02-05 15:51:44,547 INFO L? ?]: Removed 40 outVars from TransFormulas that were not future-live. [2025-02-05 15:51:44,547 INFO L308 CfgBuilder]: Performing block encoding [2025-02-05 15:51:44,556 INFO L332 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-02-05 15:51:44,557 INFO L337 CfgBuilder]: Removed 0 assume(true) statements. [2025-02-05 15:51:44,558 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:51:44 BoogieIcfgContainer [2025-02-05 15:51:44,558 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-02-05 15:51:44,559 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-02-05 15:51:44,559 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-02-05 15:51:44,562 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-02-05 15:51:44,563 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 05.02 03:51:43" (1/3) ... [2025-02-05 15:51:44,563 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7cbf1b7d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 05.02 03:51:44, skipping insertion in model container [2025-02-05 15:51:44,563 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:51:44" (2/3) ... [2025-02-05 15:51:44,563 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7cbf1b7d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 05.02 03:51:44, skipping insertion in model container [2025-02-05 15:51:44,563 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:51:44" (3/3) ... [2025-02-05 15:51:44,564 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec2_product43.cil.c [2025-02-05 15:51:44,575 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-02-05 15:51:44,577 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec2_product43.cil.c that has 7 procedures, 84 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-02-05 15:51:44,622 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-02-05 15:51:44,633 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@11d43d2e, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-02-05 15:51:44,633 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-02-05 15:51:44,637 INFO L276 IsEmpty]: Start isEmpty. Operand has 83 states, 65 states have (on average 1.3692307692307693) internal successors, (89), 71 states have internal predecessors, (89), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2025-02-05 15:51:44,643 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2025-02-05 15:51:44,643 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:51:44,643 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:51:44,644 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:51:44,648 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:51:44,649 INFO L85 PathProgramCache]: Analyzing trace with hash 1215879701, now seen corresponding path program 1 times [2025-02-05 15:51:44,655 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:51:44,656 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1683067167] [2025-02-05 15:51:44,656 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:51:44,657 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:51:44,731 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 25 statements into 1 equivalence classes. [2025-02-05 15:51:44,751 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 25 of 25 statements. [2025-02-05 15:51:44,753 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:44,753 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:51:44,825 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:51:44,825 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:51:44,825 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1683067167] [2025-02-05 15:51:44,826 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1683067167] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:51:44,826 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:51:44,827 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2025-02-05 15:51:44,828 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1442135927] [2025-02-05 15:51:44,828 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:51:44,831 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-02-05 15:51:44,832 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:51:44,850 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-02-05 15:51:44,850 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-02-05 15:51:44,853 INFO L87 Difference]: Start difference. First operand has 83 states, 65 states have (on average 1.3692307692307693) internal successors, (89), 71 states have internal predecessors, (89), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:51:44,882 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:51:44,882 INFO L93 Difference]: Finished difference Result 149 states and 202 transitions. [2025-02-05 15:51:44,883 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-02-05 15:51:44,885 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2025-02-05 15:51:44,885 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:51:44,892 INFO L225 Difference]: With dead ends: 149 [2025-02-05 15:51:44,894 INFO L226 Difference]: Without dead ends: 75 [2025-02-05 15:51:44,897 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-02-05 15:51:44,900 INFO L435 NwaCegarLoop]: 102 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 102 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:51:44,903 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 102 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:51:44,915 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 75 states. [2025-02-05 15:51:44,932 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 75 to 75. [2025-02-05 15:51:44,934 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 75 states, 59 states have (on average 1.3220338983050848) internal successors, (78), 64 states have internal predecessors, (78), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2025-02-05 15:51:44,938 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 75 states to 75 states and 97 transitions. [2025-02-05 15:51:44,942 INFO L78 Accepts]: Start accepts. Automaton has 75 states and 97 transitions. Word has length 25 [2025-02-05 15:51:44,943 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:51:44,943 INFO L471 AbstractCegarLoop]: Abstraction has 75 states and 97 transitions. [2025-02-05 15:51:44,943 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:51:44,943 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 97 transitions. [2025-02-05 15:51:44,945 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2025-02-05 15:51:44,946 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:51:44,946 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:51:44,946 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-02-05 15:51:44,946 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:51:44,948 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:51:44,948 INFO L85 PathProgramCache]: Analyzing trace with hash 1279231378, now seen corresponding path program 1 times [2025-02-05 15:51:44,948 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:51:44,948 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1885387647] [2025-02-05 15:51:44,948 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:51:44,948 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:51:44,964 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 26 statements into 1 equivalence classes. [2025-02-05 15:51:44,975 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 26 of 26 statements. [2025-02-05 15:51:44,976 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:44,976 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:51:45,079 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:51:45,079 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:51:45,079 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1885387647] [2025-02-05 15:51:45,079 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1885387647] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:51:45,079 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:51:45,079 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-02-05 15:51:45,079 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1897156838] [2025-02-05 15:51:45,079 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:51:45,080 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:51:45,080 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:51:45,081 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:51:45,081 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:51:45,081 INFO L87 Difference]: Start difference. First operand 75 states and 97 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:51:45,101 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:51:45,101 INFO L93 Difference]: Finished difference Result 112 states and 145 transitions. [2025-02-05 15:51:45,104 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:51:45,104 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2025-02-05 15:51:45,104 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:51:45,105 INFO L225 Difference]: With dead ends: 112 [2025-02-05 15:51:45,105 INFO L226 Difference]: Without dead ends: 66 [2025-02-05 15:51:45,105 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:51:45,106 INFO L435 NwaCegarLoop]: 84 mSDtfsCounter, 16 mSDsluCounter, 64 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 19 SdHoareTripleChecker+Valid, 148 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:51:45,106 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [19 Valid, 148 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:51:45,107 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 66 states. [2025-02-05 15:51:45,112 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 66 to 66. [2025-02-05 15:51:45,112 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 66 states, 53 states have (on average 1.3396226415094339) internal successors, (71), 58 states have internal predecessors, (71), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2025-02-05 15:51:45,113 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 66 states to 66 states and 85 transitions. [2025-02-05 15:51:45,113 INFO L78 Accepts]: Start accepts. Automaton has 66 states and 85 transitions. Word has length 26 [2025-02-05 15:51:45,113 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:51:45,113 INFO L471 AbstractCegarLoop]: Abstraction has 66 states and 85 transitions. [2025-02-05 15:51:45,114 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:51:45,114 INFO L276 IsEmpty]: Start isEmpty. Operand 66 states and 85 transitions. [2025-02-05 15:51:45,114 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2025-02-05 15:51:45,114 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:51:45,115 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:51:45,115 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-02-05 15:51:45,115 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:51:45,116 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:51:45,116 INFO L85 PathProgramCache]: Analyzing trace with hash -569847501, now seen corresponding path program 1 times [2025-02-05 15:51:45,116 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:51:45,116 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1423885769] [2025-02-05 15:51:45,116 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:51:45,116 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:51:45,130 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 29 statements into 1 equivalence classes. [2025-02-05 15:51:45,172 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 29 of 29 statements. [2025-02-05 15:51:45,174 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:45,174 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:51:45,307 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:51:45,308 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:51:45,308 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1423885769] [2025-02-05 15:51:45,308 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1423885769] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:51:45,308 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:51:45,309 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-02-05 15:51:45,309 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [139366789] [2025-02-05 15:51:45,309 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:51:45,310 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-02-05 15:51:45,310 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:51:45,310 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-02-05 15:51:45,310 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2025-02-05 15:51:45,311 INFO L87 Difference]: Start difference. First operand 66 states and 85 transitions. Second operand has 6 states, 6 states have (on average 4.333333333333333) internal successors, (26), 6 states have internal predecessors, (26), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:51:45,463 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:51:45,463 INFO L93 Difference]: Finished difference Result 220 states and 292 transitions. [2025-02-05 15:51:45,463 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2025-02-05 15:51:45,464 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.333333333333333) internal successors, (26), 6 states have internal predecessors, (26), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 29 [2025-02-05 15:51:45,464 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:51:45,465 INFO L225 Difference]: With dead ends: 220 [2025-02-05 15:51:45,465 INFO L226 Difference]: Without dead ends: 162 [2025-02-05 15:51:45,466 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=20, Invalid=36, Unknown=0, NotChecked=0, Total=56 [2025-02-05 15:51:45,466 INFO L435 NwaCegarLoop]: 99 mSDtfsCounter, 197 mSDsluCounter, 270 mSDsCounter, 0 mSdLazyCounter, 62 mSolverCounterSat, 14 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 197 SdHoareTripleChecker+Valid, 369 SdHoareTripleChecker+Invalid, 76 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 14 IncrementalHoareTripleChecker+Valid, 62 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-02-05 15:51:45,467 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [197 Valid, 369 Invalid, 76 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [14 Valid, 62 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-02-05 15:51:45,467 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 162 states. [2025-02-05 15:51:45,488 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 162 to 152. [2025-02-05 15:51:45,490 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 152 states, 119 states have (on average 1.3781512605042017) internal successors, (164), 130 states have internal predecessors, (164), 18 states have call successors, (18), 14 states have call predecessors, (18), 14 states have return successors, (19), 16 states have call predecessors, (19), 18 states have call successors, (19) [2025-02-05 15:51:45,492 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 152 states to 152 states and 201 transitions. [2025-02-05 15:51:45,494 INFO L78 Accepts]: Start accepts. Automaton has 152 states and 201 transitions. Word has length 29 [2025-02-05 15:51:45,494 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:51:45,494 INFO L471 AbstractCegarLoop]: Abstraction has 152 states and 201 transitions. [2025-02-05 15:51:45,494 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.333333333333333) internal successors, (26), 6 states have internal predecessors, (26), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:51:45,494 INFO L276 IsEmpty]: Start isEmpty. Operand 152 states and 201 transitions. [2025-02-05 15:51:45,495 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2025-02-05 15:51:45,497 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:51:45,497 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:51:45,497 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-02-05 15:51:45,497 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:51:45,498 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:51:45,498 INFO L85 PathProgramCache]: Analyzing trace with hash 453079951, now seen corresponding path program 1 times [2025-02-05 15:51:45,498 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:51:45,498 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1160968399] [2025-02-05 15:51:45,498 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:51:45,499 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:51:45,507 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 33 statements into 1 equivalence classes. [2025-02-05 15:51:45,520 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 33 of 33 statements. [2025-02-05 15:51:45,520 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:45,520 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:51:45,610 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:51:45,610 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:51:45,610 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1160968399] [2025-02-05 15:51:45,611 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1160968399] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:51:45,611 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:51:45,611 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-02-05 15:51:45,611 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1983990713] [2025-02-05 15:51:45,611 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:51:45,611 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:51:45,611 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:51:45,611 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:51:45,611 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:51:45,612 INFO L87 Difference]: Start difference. First operand 152 states and 201 transitions. Second operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:51:45,670 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:51:45,670 INFO L93 Difference]: Finished difference Result 366 states and 492 transitions. [2025-02-05 15:51:45,670 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:51:45,671 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 33 [2025-02-05 15:51:45,671 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:51:45,672 INFO L225 Difference]: With dead ends: 366 [2025-02-05 15:51:45,672 INFO L226 Difference]: Without dead ends: 222 [2025-02-05 15:51:45,673 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-02-05 15:51:45,673 INFO L435 NwaCegarLoop]: 79 mSDtfsCounter, 66 mSDsluCounter, 204 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 7 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 66 SdHoareTripleChecker+Valid, 283 SdHoareTripleChecker+Invalid, 32 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 7 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:51:45,674 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [66 Valid, 283 Invalid, 32 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [7 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:51:45,674 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 222 states. [2025-02-05 15:51:45,689 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 222 to 222. [2025-02-05 15:51:45,689 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 222 states, 171 states have (on average 1.3216374269005848) internal successors, (226), 186 states have internal predecessors, (226), 26 states have call successors, (26), 24 states have call predecessors, (26), 24 states have return successors, (32), 26 states have call predecessors, (32), 26 states have call successors, (32) [2025-02-05 15:51:45,691 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 222 states to 222 states and 284 transitions. [2025-02-05 15:51:45,691 INFO L78 Accepts]: Start accepts. Automaton has 222 states and 284 transitions. Word has length 33 [2025-02-05 15:51:45,691 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:51:45,691 INFO L471 AbstractCegarLoop]: Abstraction has 222 states and 284 transitions. [2025-02-05 15:51:45,691 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:51:45,691 INFO L276 IsEmpty]: Start isEmpty. Operand 222 states and 284 transitions. [2025-02-05 15:51:45,692 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2025-02-05 15:51:45,692 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:51:45,693 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:51:45,693 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-02-05 15:51:45,693 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:51:45,693 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:51:45,693 INFO L85 PathProgramCache]: Analyzing trace with hash 116584842, now seen corresponding path program 1 times [2025-02-05 15:51:45,693 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:51:45,693 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [109155414] [2025-02-05 15:51:45,693 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:51:45,693 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:51:45,699 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 46 statements into 1 equivalence classes. [2025-02-05 15:51:45,703 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 46 of 46 statements. [2025-02-05 15:51:45,703 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:45,703 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:51:45,748 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-02-05 15:51:45,748 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:51:45,748 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [109155414] [2025-02-05 15:51:45,748 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [109155414] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:51:45,748 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:51:45,748 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-02-05 15:51:45,749 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [363538770] [2025-02-05 15:51:45,749 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:51:45,749 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:51:45,749 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:51:45,749 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:51:45,749 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:51:45,750 INFO L87 Difference]: Start difference. First operand 222 states and 284 transitions. Second operand has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:51:45,798 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:51:45,799 INFO L93 Difference]: Finished difference Result 442 states and 578 transitions. [2025-02-05 15:51:45,799 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:51:45,799 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 46 [2025-02-05 15:51:45,799 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:51:45,801 INFO L225 Difference]: With dead ends: 442 [2025-02-05 15:51:45,801 INFO L226 Difference]: Without dead ends: 228 [2025-02-05 15:51:45,802 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:51:45,803 INFO L435 NwaCegarLoop]: 82 mSDtfsCounter, 0 mSDsluCounter, 239 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 321 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:51:45,803 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 321 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:51:45,804 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 228 states. [2025-02-05 15:51:45,854 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 228 to 228. [2025-02-05 15:51:45,855 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 228 states, 177 states have (on average 1.310734463276836) internal successors, (232), 192 states have internal predecessors, (232), 26 states have call successors, (26), 24 states have call predecessors, (26), 24 states have return successors, (32), 26 states have call predecessors, (32), 26 states have call successors, (32) [2025-02-05 15:51:45,858 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 228 states to 228 states and 290 transitions. [2025-02-05 15:51:45,858 INFO L78 Accepts]: Start accepts. Automaton has 228 states and 290 transitions. Word has length 46 [2025-02-05 15:51:45,858 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:51:45,858 INFO L471 AbstractCegarLoop]: Abstraction has 228 states and 290 transitions. [2025-02-05 15:51:45,858 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:51:45,859 INFO L276 IsEmpty]: Start isEmpty. Operand 228 states and 290 transitions. [2025-02-05 15:51:45,860 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2025-02-05 15:51:45,860 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:51:45,860 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:51:45,860 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-02-05 15:51:45,862 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:51:45,863 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:51:45,863 INFO L85 PathProgramCache]: Analyzing trace with hash -1960624501, now seen corresponding path program 1 times [2025-02-05 15:51:45,863 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:51:45,863 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1949674791] [2025-02-05 15:51:45,863 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:51:45,863 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:51:45,874 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 46 statements into 1 equivalence classes. [2025-02-05 15:51:45,883 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 46 of 46 statements. [2025-02-05 15:51:45,883 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:45,883 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:51:46,001 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-02-05 15:51:46,002 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:51:46,002 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1949674791] [2025-02-05 15:51:46,002 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1949674791] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:51:46,002 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:51:46,002 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-02-05 15:51:46,002 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1873218631] [2025-02-05 15:51:46,002 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:51:46,002 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-02-05 15:51:46,002 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:51:46,003 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-02-05 15:51:46,003 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-02-05 15:51:46,003 INFO L87 Difference]: Start difference. First operand 228 states and 290 transitions. Second operand has 6 states, 6 states have (on average 6.5) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:51:46,053 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:51:46,053 INFO L93 Difference]: Finished difference Result 452 states and 588 transitions. [2025-02-05 15:51:46,054 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2025-02-05 15:51:46,054 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.5) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 46 [2025-02-05 15:51:46,054 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:51:46,056 INFO L225 Difference]: With dead ends: 452 [2025-02-05 15:51:46,056 INFO L226 Difference]: Without dead ends: 232 [2025-02-05 15:51:46,057 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-02-05 15:51:46,059 INFO L435 NwaCegarLoop]: 81 mSDtfsCounter, 0 mSDsluCounter, 316 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 397 SdHoareTripleChecker+Invalid, 25 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:51:46,060 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 397 Invalid, 25 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:51:46,060 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 232 states. [2025-02-05 15:51:46,087 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 232 to 232. [2025-02-05 15:51:46,088 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 232 states, 181 states have (on average 1.3038674033149171) internal successors, (236), 196 states have internal predecessors, (236), 26 states have call successors, (26), 24 states have call predecessors, (26), 24 states have return successors, (32), 26 states have call predecessors, (32), 26 states have call successors, (32) [2025-02-05 15:51:46,090 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 232 states to 232 states and 294 transitions. [2025-02-05 15:51:46,090 INFO L78 Accepts]: Start accepts. Automaton has 232 states and 294 transitions. Word has length 46 [2025-02-05 15:51:46,090 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:51:46,090 INFO L471 AbstractCegarLoop]: Abstraction has 232 states and 294 transitions. [2025-02-05 15:51:46,091 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.5) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:51:46,091 INFO L276 IsEmpty]: Start isEmpty. Operand 232 states and 294 transitions. [2025-02-05 15:51:46,095 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2025-02-05 15:51:46,096 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:51:46,096 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:51:46,096 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-02-05 15:51:46,096 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:51:46,096 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:51:46,096 INFO L85 PathProgramCache]: Analyzing trace with hash -37396467, now seen corresponding path program 1 times [2025-02-05 15:51:46,096 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:51:46,096 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [586708123] [2025-02-05 15:51:46,097 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:51:46,097 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:51:46,106 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 46 statements into 1 equivalence classes. [2025-02-05 15:51:46,109 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 46 of 46 statements. [2025-02-05 15:51:46,110 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:46,110 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:51:46,176 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-02-05 15:51:46,176 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:51:46,176 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [586708123] [2025-02-05 15:51:46,176 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [586708123] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:51:46,176 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:51:46,177 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-02-05 15:51:46,177 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [139310899] [2025-02-05 15:51:46,178 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:51:46,178 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:51:46,179 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:51:46,179 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:51:46,179 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:51:46,180 INFO L87 Difference]: Start difference. First operand 232 states and 294 transitions. Second operand has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:51:46,218 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:51:46,218 INFO L93 Difference]: Finished difference Result 568 states and 729 transitions. [2025-02-05 15:51:46,218 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:51:46,218 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 46 [2025-02-05 15:51:46,218 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:51:46,221 INFO L225 Difference]: With dead ends: 568 [2025-02-05 15:51:46,221 INFO L226 Difference]: Without dead ends: 344 [2025-02-05 15:51:46,222 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:51:46,225 INFO L435 NwaCegarLoop]: 83 mSDtfsCounter, 38 mSDsluCounter, 71 mSDsCounter, 0 mSdLazyCounter, 8 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 38 SdHoareTripleChecker+Valid, 154 SdHoareTripleChecker+Invalid, 9 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 8 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:51:46,225 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [38 Valid, 154 Invalid, 9 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 8 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:51:46,226 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 344 states. [2025-02-05 15:51:46,259 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 344 to 344. [2025-02-05 15:51:46,260 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 344 states, 268 states have (on average 1.2761194029850746) internal successors, (342), 286 states have internal predecessors, (342), 40 states have call successors, (40), 38 states have call predecessors, (40), 35 states have return successors, (47), 37 states have call predecessors, (47), 40 states have call successors, (47) [2025-02-05 15:51:46,262 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 344 states to 344 states and 429 transitions. [2025-02-05 15:51:46,263 INFO L78 Accepts]: Start accepts. Automaton has 344 states and 429 transitions. Word has length 46 [2025-02-05 15:51:46,263 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:51:46,263 INFO L471 AbstractCegarLoop]: Abstraction has 344 states and 429 transitions. [2025-02-05 15:51:46,263 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-02-05 15:51:46,264 INFO L276 IsEmpty]: Start isEmpty. Operand 344 states and 429 transitions. [2025-02-05 15:51:46,265 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2025-02-05 15:51:46,265 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:51:46,266 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:51:46,266 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-02-05 15:51:46,266 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:51:46,266 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:51:46,267 INFO L85 PathProgramCache]: Analyzing trace with hash 1444546415, now seen corresponding path program 1 times [2025-02-05 15:51:46,267 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:51:46,267 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [87354358] [2025-02-05 15:51:46,267 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:51:46,267 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:51:46,280 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 50 statements into 1 equivalence classes. [2025-02-05 15:51:46,289 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 50 of 50 statements. [2025-02-05 15:51:46,289 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:46,289 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:51:46,390 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-02-05 15:51:46,390 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:51:46,390 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [87354358] [2025-02-05 15:51:46,390 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [87354358] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:51:46,390 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:51:46,390 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-02-05 15:51:46,390 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [250473690] [2025-02-05 15:51:46,390 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:51:46,390 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:51:46,391 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:51:46,391 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:51:46,391 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:51:46,391 INFO L87 Difference]: Start difference. First operand 344 states and 429 transitions. Second operand has 3 states, 3 states have (on average 13.666666666666666) internal successors, (41), 3 states have internal predecessors, (41), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2025-02-05 15:51:46,435 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:51:46,438 INFO L93 Difference]: Finished difference Result 506 states and 642 transitions. [2025-02-05 15:51:46,439 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:51:46,439 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 13.666666666666666) internal successors, (41), 3 states have internal predecessors, (41), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 50 [2025-02-05 15:51:46,439 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:51:46,442 INFO L225 Difference]: With dead ends: 506 [2025-02-05 15:51:46,442 INFO L226 Difference]: Without dead ends: 504 [2025-02-05 15:51:46,443 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:51:46,445 INFO L435 NwaCegarLoop]: 84 mSDtfsCounter, 47 mSDsluCounter, 73 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 47 SdHoareTripleChecker+Valid, 157 SdHoareTripleChecker+Invalid, 8 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:51:46,445 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [47 Valid, 157 Invalid, 8 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:51:46,447 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 504 states. [2025-02-05 15:51:46,492 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 504 to 487. [2025-02-05 15:51:46,494 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 487 states, 380 states have (on average 1.2789473684210526) internal successors, (486), 408 states have internal predecessors, (486), 57 states have call successors, (57), 53 states have call predecessors, (57), 49 states have return successors, (76), 51 states have call predecessors, (76), 57 states have call successors, (76) [2025-02-05 15:51:46,500 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 487 states to 487 states and 619 transitions. [2025-02-05 15:51:46,501 INFO L78 Accepts]: Start accepts. Automaton has 487 states and 619 transitions. Word has length 50 [2025-02-05 15:51:46,501 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:51:46,501 INFO L471 AbstractCegarLoop]: Abstraction has 487 states and 619 transitions. [2025-02-05 15:51:46,502 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 13.666666666666666) internal successors, (41), 3 states have internal predecessors, (41), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2025-02-05 15:51:46,503 INFO L276 IsEmpty]: Start isEmpty. Operand 487 states and 619 transitions. [2025-02-05 15:51:46,506 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 81 [2025-02-05 15:51:46,506 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:51:46,507 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:51:46,507 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-02-05 15:51:46,507 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:51:46,507 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:51:46,508 INFO L85 PathProgramCache]: Analyzing trace with hash 1223108908, now seen corresponding path program 1 times [2025-02-05 15:51:46,508 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:51:46,508 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1097341978] [2025-02-05 15:51:46,508 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:51:46,508 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:51:46,518 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 80 statements into 1 equivalence classes. [2025-02-05 15:51:46,532 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 80 of 80 statements. [2025-02-05 15:51:46,533 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:46,533 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:51:46,679 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 21 proven. 2 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2025-02-05 15:51:46,681 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:51:46,681 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1097341978] [2025-02-05 15:51:46,681 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1097341978] provided 0 perfect and 1 imperfect interpolant sequences [2025-02-05 15:51:46,681 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [156673068] [2025-02-05 15:51:46,681 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:51:46,681 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-02-05 15:51:46,682 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-02-05 15:51:46,685 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-02-05 15:51:46,686 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-02-05 15:51:46,745 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 80 statements into 1 equivalence classes. [2025-02-05 15:51:46,789 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 80 of 80 statements. [2025-02-05 15:51:46,789 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:46,789 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:51:46,794 INFO L256 TraceCheckSpWp]: Trace formula consists of 287 conjuncts, 11 conjuncts are in the unsatisfiable core [2025-02-05 15:51:46,800 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-02-05 15:51:46,977 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 7 proven. 2 refuted. 0 times theorem prover too weak. 19 trivial. 0 not checked. [2025-02-05 15:51:46,977 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-02-05 15:51:47,112 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 15 proven. 0 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2025-02-05 15:51:47,113 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [156673068] provided 1 perfect and 1 imperfect interpolant sequences [2025-02-05 15:51:47,113 INFO L185 FreeRefinementEngine]: Found 1 perfect and 2 imperfect interpolant sequences. [2025-02-05 15:51:47,113 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [7, 5] total 10 [2025-02-05 15:51:47,113 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1925615786] [2025-02-05 15:51:47,113 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:51:47,113 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-02-05 15:51:47,114 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:51:47,114 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-02-05 15:51:47,114 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=24, Invalid=66, Unknown=0, NotChecked=0, Total=90 [2025-02-05 15:51:47,114 INFO L87 Difference]: Start difference. First operand 487 states and 619 transitions. Second operand has 6 states, 6 states have (on average 9.833333333333334) internal successors, (59), 5 states have internal predecessors, (59), 2 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2025-02-05 15:51:47,239 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:51:47,240 INFO L93 Difference]: Finished difference Result 1391 states and 1814 transitions. [2025-02-05 15:51:47,240 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-02-05 15:51:47,241 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 9.833333333333334) internal successors, (59), 5 states have internal predecessors, (59), 2 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) Word has length 80 [2025-02-05 15:51:47,241 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:51:47,249 INFO L225 Difference]: With dead ends: 1391 [2025-02-05 15:51:47,249 INFO L226 Difference]: Without dead ends: 912 [2025-02-05 15:51:47,251 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 168 GetRequests, 157 SyntacticMatches, 1 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 16 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=34, Invalid=98, Unknown=0, NotChecked=0, Total=132 [2025-02-05 15:51:47,255 INFO L435 NwaCegarLoop]: 83 mSDtfsCounter, 48 mSDsluCounter, 295 mSDsCounter, 0 mSdLazyCounter, 42 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 50 SdHoareTripleChecker+Valid, 378 SdHoareTripleChecker+Invalid, 46 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 42 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-02-05 15:51:47,255 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [50 Valid, 378 Invalid, 46 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 42 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-02-05 15:51:47,256 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 912 states. [2025-02-05 15:51:47,326 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 912 to 807. [2025-02-05 15:51:47,328 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 807 states, 623 states have (on average 1.2568218298555378) internal successors, (783), 670 states have internal predecessors, (783), 97 states have call successors, (97), 91 states have call predecessors, (97), 86 states have return successors, (133), 88 states have call predecessors, (133), 97 states have call successors, (133) [2025-02-05 15:51:47,333 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 807 states to 807 states and 1013 transitions. [2025-02-05 15:51:47,334 INFO L78 Accepts]: Start accepts. Automaton has 807 states and 1013 transitions. Word has length 80 [2025-02-05 15:51:47,334 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:51:47,335 INFO L471 AbstractCegarLoop]: Abstraction has 807 states and 1013 transitions. [2025-02-05 15:51:47,335 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 9.833333333333334) internal successors, (59), 5 states have internal predecessors, (59), 2 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2025-02-05 15:51:47,335 INFO L276 IsEmpty]: Start isEmpty. Operand 807 states and 1013 transitions. [2025-02-05 15:51:47,338 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 85 [2025-02-05 15:51:47,339 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:51:47,339 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:51:47,348 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2025-02-05 15:51:47,539 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,2 /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-02-05 15:51:47,540 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:51:47,540 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:51:47,540 INFO L85 PathProgramCache]: Analyzing trace with hash -343500755, now seen corresponding path program 1 times [2025-02-05 15:51:47,540 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:51:47,540 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [651927815] [2025-02-05 15:51:47,540 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:51:47,541 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:51:47,549 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 84 statements into 1 equivalence classes. [2025-02-05 15:51:47,554 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 84 of 84 statements. [2025-02-05 15:51:47,554 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:47,554 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:51:47,721 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 19 proven. 4 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2025-02-05 15:51:47,721 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:51:47,721 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [651927815] [2025-02-05 15:51:47,722 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [651927815] provided 0 perfect and 1 imperfect interpolant sequences [2025-02-05 15:51:47,722 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [705492690] [2025-02-05 15:51:47,722 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:51:47,722 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-02-05 15:51:47,722 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-02-05 15:51:47,724 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-02-05 15:51:47,727 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2025-02-05 15:51:47,771 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 84 statements into 1 equivalence classes. [2025-02-05 15:51:47,808 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 84 of 84 statements. [2025-02-05 15:51:47,809 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:47,809 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:51:47,810 INFO L256 TraceCheckSpWp]: Trace formula consists of 297 conjuncts, 8 conjuncts are in the unsatisfiable core [2025-02-05 15:51:47,813 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-02-05 15:51:47,962 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 17 proven. 0 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2025-02-05 15:51:47,963 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-02-05 15:51:47,963 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [705492690] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:51:47,964 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-02-05 15:51:47,964 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [8] total 13 [2025-02-05 15:51:47,964 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [183390350] [2025-02-05 15:51:47,966 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:51:47,967 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2025-02-05 15:51:47,967 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:51:47,967 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2025-02-05 15:51:47,969 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=28, Invalid=128, Unknown=0, NotChecked=0, Total=156 [2025-02-05 15:51:47,969 INFO L87 Difference]: Start difference. First operand 807 states and 1013 transitions. Second operand has 7 states, 7 states have (on average 8.714285714285714) internal successors, (61), 6 states have internal predecessors, (61), 3 states have call successors, (7), 3 states have call predecessors, (7), 4 states have return successors, (6), 4 states have call predecessors, (6), 3 states have call successors, (6) [2025-02-05 15:51:48,097 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:51:48,097 INFO L93 Difference]: Finished difference Result 1594 states and 2016 transitions. [2025-02-05 15:51:48,097 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-02-05 15:51:48,098 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 8.714285714285714) internal successors, (61), 6 states have internal predecessors, (61), 3 states have call successors, (7), 3 states have call predecessors, (7), 4 states have return successors, (6), 4 states have call predecessors, (6), 3 states have call successors, (6) Word has length 84 [2025-02-05 15:51:48,098 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:51:48,102 INFO L225 Difference]: With dead ends: 1594 [2025-02-05 15:51:48,102 INFO L226 Difference]: Without dead ends: 795 [2025-02-05 15:51:48,105 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 91 GetRequests, 80 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=28, Invalid=128, Unknown=0, NotChecked=0, Total=156 [2025-02-05 15:51:48,105 INFO L435 NwaCegarLoop]: 145 mSDtfsCounter, 52 mSDsluCounter, 427 mSDsCounter, 0 mSdLazyCounter, 98 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 53 SdHoareTripleChecker+Valid, 572 SdHoareTripleChecker+Invalid, 99 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 98 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-02-05 15:51:48,106 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [53 Valid, 572 Invalid, 99 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 98 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-02-05 15:51:48,107 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 795 states. [2025-02-05 15:51:48,165 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 795 to 726. [2025-02-05 15:51:48,166 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 726 states, 559 states have (on average 1.2468694096601074) internal successors, (697), 594 states have internal predecessors, (697), 88 states have call successors, (88), 84 states have call predecessors, (88), 78 states have return successors, (105), 82 states have call predecessors, (105), 88 states have call successors, (105) [2025-02-05 15:51:48,170 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 726 states to 726 states and 890 transitions. [2025-02-05 15:51:48,171 INFO L78 Accepts]: Start accepts. Automaton has 726 states and 890 transitions. Word has length 84 [2025-02-05 15:51:48,171 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:51:48,171 INFO L471 AbstractCegarLoop]: Abstraction has 726 states and 890 transitions. [2025-02-05 15:51:48,171 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 8.714285714285714) internal successors, (61), 6 states have internal predecessors, (61), 3 states have call successors, (7), 3 states have call predecessors, (7), 4 states have return successors, (6), 4 states have call predecessors, (6), 3 states have call successors, (6) [2025-02-05 15:51:48,171 INFO L276 IsEmpty]: Start isEmpty. Operand 726 states and 890 transitions. [2025-02-05 15:51:48,178 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 112 [2025-02-05 15:51:48,178 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:51:48,178 INFO L218 NwaCegarLoop]: trace histogram [4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:51:48,202 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2025-02-05 15:51:48,378 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9,3 /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-02-05 15:51:48,379 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:51:48,379 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:51:48,379 INFO L85 PathProgramCache]: Analyzing trace with hash -546508301, now seen corresponding path program 1 times [2025-02-05 15:51:48,379 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:51:48,379 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1985154377] [2025-02-05 15:51:48,380 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:51:48,380 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:51:48,389 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 111 statements into 1 equivalence classes. [2025-02-05 15:51:48,403 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 111 of 111 statements. [2025-02-05 15:51:48,403 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:48,403 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-02-05 15:51:48,403 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-02-05 15:51:48,407 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 111 statements into 1 equivalence classes. [2025-02-05 15:51:48,420 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 111 of 111 statements. [2025-02-05 15:51:48,420 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:51:48,421 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-02-05 15:51:48,447 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-02-05 15:51:48,448 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-02-05 15:51:48,448 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-02-05 15:51:48,450 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2025-02-05 15:51:48,454 INFO L422 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:51:48,541 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-02-05 15:51:48,544 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 05.02 03:51:48 BoogieIcfgContainer [2025-02-05 15:51:48,544 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-02-05 15:51:48,545 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-02-05 15:51:48,545 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-02-05 15:51:48,545 INFO L274 PluginConnector]: Witness Printer initialized [2025-02-05 15:51:48,546 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:51:44" (3/4) ... [2025-02-05 15:51:48,546 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-02-05 15:51:48,653 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 94. [2025-02-05 15:51:48,754 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-02-05 15:51:48,754 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.yml [2025-02-05 15:51:48,754 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-02-05 15:51:48,755 INFO L158 Benchmark]: Toolchain (without parser) took 5120.94ms. Allocated memory was 142.6MB in the beginning and 176.2MB in the end (delta: 33.6MB). Free memory was 112.1MB in the beginning and 103.0MB in the end (delta: 9.1MB). Peak memory consumption was 39.3MB. Max. memory is 16.1GB. [2025-02-05 15:51:48,755 INFO L158 Benchmark]: CDTParser took 0.30ms. Allocated memory is still 201.3MB. Free memory is still 124.5MB. There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:51:48,755 INFO L158 Benchmark]: CACSL2BoogieTranslator took 411.78ms. Allocated memory is still 142.6MB. Free memory was 112.0MB in the beginning and 93.1MB in the end (delta: 18.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-02-05 15:51:48,756 INFO L158 Benchmark]: Boogie Procedure Inliner took 57.27ms. Allocated memory is still 142.6MB. Free memory was 93.1MB in the beginning and 91.3MB in the end (delta: 1.8MB). There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:51:48,756 INFO L158 Benchmark]: Boogie Preprocessor took 44.98ms. Allocated memory is still 142.6MB. Free memory was 91.3MB in the beginning and 90.1MB in the end (delta: 1.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-02-05 15:51:48,756 INFO L158 Benchmark]: IcfgBuilder took 401.87ms. Allocated memory is still 142.6MB. Free memory was 90.1MB in the beginning and 72.4MB in the end (delta: 17.7MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-02-05 15:51:48,756 INFO L158 Benchmark]: TraceAbstraction took 3984.80ms. Allocated memory was 142.6MB in the beginning and 176.2MB in the end (delta: 33.6MB). Free memory was 72.0MB in the beginning and 116.3MB in the end (delta: -44.4MB). There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:51:48,756 INFO L158 Benchmark]: Witness Printer took 209.58ms. Allocated memory is still 176.2MB. Free memory was 116.3MB in the beginning and 103.0MB in the end (delta: 13.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-02-05 15:51:48,757 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.30ms. Allocated memory is still 201.3MB. Free memory is still 124.5MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 411.78ms. Allocated memory is still 142.6MB. Free memory was 112.0MB in the beginning and 93.1MB in the end (delta: 18.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 57.27ms. Allocated memory is still 142.6MB. Free memory was 93.1MB in the beginning and 91.3MB in the end (delta: 1.8MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 44.98ms. Allocated memory is still 142.6MB. Free memory was 91.3MB in the beginning and 90.1MB in the end (delta: 1.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * IcfgBuilder took 401.87ms. Allocated memory is still 142.6MB. Free memory was 90.1MB in the beginning and 72.4MB in the end (delta: 17.7MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 3984.80ms. Allocated memory was 142.6MB in the beginning and 176.2MB in the end (delta: 33.6MB). Free memory was 72.0MB in the beginning and 116.3MB in the end (delta: -44.4MB). There was no memory consumed. Max. memory is 16.1GB. * Witness Printer took 209.58ms. Allocated memory is still 176.2MB. Free memory was 116.3MB in the beginning and 103.0MB in the end (delta: 13.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 150]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [150] - GenericResultAtLocation [Line: 516]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [516] - GenericResultAtLocation [Line: 620]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [620] - GenericResultAtLocation [Line: 655]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification2_spec.i","") [655] - GenericResultAtLocation [Line: 696]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [696] - GenericResultAtLocation [Line: 764]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [764] - GenericResultAtLocation [Line: 951]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [951] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 956]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L57] int waterLevel = 1; [L58] int methaneLevelCritical = 0; [L320] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; [L517] int cleanupTimeShifts = 4; [L658] int methAndRunningLastTime ; [L767] int pumpRunning = 0; [L768] int systemActive = 1; VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L598] int retValue_acc ; [L599] int tmp ; [L603] FCALL select_helpers() [L604] FCALL select_features() [L605] CALL, EXPR valid_product() [L647] int retValue_acc ; [L650] retValue_acc = 1 [L651] return (retValue_acc); VAL [\result=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L605] RET, EXPR valid_product() [L605] tmp = valid_product() [L607] COND TRUE \read(tmp) [L609] FCALL setup() [L610] CALL runTest() [L588] CALL __utac_acc__Specification2_spec__1() [L663] methAndRunningLastTime = 0 VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L588] RET __utac_acc__Specification2_spec__1() [L589] CALL test() [L699] int splverifierCounter ; [L700] int tmp ; [L701] int tmp___0 ; [L702] int tmp___1 ; [L703] int tmp___2 ; [L706] splverifierCounter = 0 VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L708] COND TRUE 1 VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L710] COND TRUE splverifierCounter < 4 [L716] tmp = __VERIFIER_nondet_int() [L718] COND TRUE \read(tmp) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L720] CALL waterRise() VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L75] COND TRUE waterLevel < 2 [L76] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L720] RET waterRise() VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L726] tmp___0 = __VERIFIER_nondet_int() [L728] COND FALSE !(\read(tmp___0)) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L736] tmp___2 = __VERIFIER_nondet_int() [L738] COND TRUE \read(tmp___2) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L753] CALL timeShift() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L774] COND FALSE !(\read(pumpRunning)) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L781] COND TRUE \read(systemActive) [L783] CALL processEnvironment() [L803] int tmp ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L806] COND TRUE ! pumpRunning [L808] CALL, EXPR isHighWaterLevel() [L918] int retValue_acc ; [L919] int tmp ; [L920] int tmp___0 ; [L924] CALL, EXPR isHighWaterSensorDry() [L137] int retValue_acc ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L140] COND FALSE !(waterLevel < 2) [L144] retValue_acc = 0 [L145] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L924] RET, EXPR isHighWaterSensorDry() [L924] tmp = isHighWaterSensorDry() [L926] COND FALSE !(\read(tmp)) [L929] tmp___0 = 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L931] retValue_acc = tmp___0 [L932] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L808] RET, EXPR isHighWaterLevel() [L808] tmp = isHighWaterLevel() [L810] COND TRUE \read(tmp) [L812] CALL activatePump() [L837] int tmp ; [L841] CALL, EXPR isMethaneAlarm() [L862] int retValue_acc ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L866] CALL, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L96] int retValue_acc ; [L99] retValue_acc = methaneLevelCritical [L100] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L866] RET, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L866] retValue_acc = isMethaneLevelCritical() [L868] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L841] RET, EXPR isMethaneAlarm() [L841] tmp = isMethaneAlarm() [L843] COND FALSE !(\read(tmp)) [L847] CALL activatePump__wrappee__highWaterSensor() [L831] pumpRunning = 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L847] RET activatePump__wrappee__highWaterSensor() [L812] RET activatePump() [L783] RET processEnvironment() [L789] CALL __utac_acc__Specification2_spec__2() [L668] int tmp ; [L669] int tmp___0 ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L673] CALL, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L96] int retValue_acc ; [L99] retValue_acc = methaneLevelCritical [L100] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L673] RET, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L673] tmp = isMethaneLevelCritical() [L675] COND FALSE !(\read(tmp)) [L691] methAndRunningLastTime = 0 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L789] RET __utac_acc__Specification2_spec__2() [L753] RET timeShift() VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L708] COND TRUE 1 VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L710] COND TRUE splverifierCounter < 4 [L716] tmp = __VERIFIER_nondet_int() [L718] COND FALSE !(\read(tmp)) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L726] tmp___0 = __VERIFIER_nondet_int() [L728] COND TRUE \read(tmp___0) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L730] CALL changeMethaneLevel() VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L87] COND FALSE !(\read(methaneLevelCritical)) [L90] methaneLevelCritical = 1 VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L730] RET changeMethaneLevel() VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L736] tmp___2 = __VERIFIER_nondet_int() [L738] COND TRUE \read(tmp___2) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L753] CALL timeShift() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L774] COND TRUE \read(pumpRunning) [L776] CALL lowerWaterLevel() [L63] COND TRUE waterLevel > 0 [L64] waterLevel = waterLevel - 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L776] RET lowerWaterLevel() [L781] COND TRUE \read(systemActive) [L783] CALL processEnvironment() [L803] int tmp ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L806] COND FALSE !(! pumpRunning) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L821] FCALL processEnvironment__wrappee__base() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L783] RET processEnvironment() [L789] CALL __utac_acc__Specification2_spec__2() [L668] int tmp ; [L669] int tmp___0 ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L673] CALL, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L96] int retValue_acc ; [L99] retValue_acc = methaneLevelCritical [L100] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=1, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L673] RET, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L673] tmp = isMethaneLevelCritical() [L675] COND TRUE \read(tmp) [L677] CALL, EXPR isPumpRunning() [L873] int retValue_acc ; [L876] retValue_acc = pumpRunning [L877] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=1, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L677] RET, EXPR isPumpRunning() [L677] tmp___0 = isPumpRunning() [L679] COND TRUE \read(tmp___0) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L680] COND FALSE !(\read(methAndRunningLastTime)) [L685] methAndRunningLastTime = 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L789] RET __utac_acc__Specification2_spec__2() [L753] RET timeShift() VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L708] COND TRUE 1 VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L710] COND TRUE splverifierCounter < 4 [L716] tmp = __VERIFIER_nondet_int() [L718] COND FALSE !(\read(tmp)) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L726] tmp___0 = __VERIFIER_nondet_int() [L728] COND FALSE !(\read(tmp___0)) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L736] tmp___2 = __VERIFIER_nondet_int() [L738] COND TRUE \read(tmp___2) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L753] CALL timeShift() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L774] COND TRUE \read(pumpRunning) [L776] CALL lowerWaterLevel() [L63] COND TRUE waterLevel > 0 [L64] waterLevel = waterLevel - 1 VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=0] [L776] RET lowerWaterLevel() [L781] COND TRUE \read(systemActive) [L783] CALL processEnvironment() [L803] int tmp ; VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=0] [L806] COND FALSE !(! pumpRunning) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=0] [L821] FCALL processEnvironment__wrappee__base() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=0] [L783] RET processEnvironment() [L789] CALL __utac_acc__Specification2_spec__2() [L668] int tmp ; [L669] int tmp___0 ; VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=0] [L673] CALL, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=0] [L96] int retValue_acc ; [L99] retValue_acc = methaneLevelCritical [L100] return (retValue_acc); VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=1, \result=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=0] [L673] RET, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=0] [L673] tmp = isMethaneLevelCritical() [L675] COND TRUE \read(tmp) [L677] CALL, EXPR isPumpRunning() [L873] int retValue_acc ; [L876] retValue_acc = pumpRunning [L877] return (retValue_acc); VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=1, \result=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=0] [L677] RET, EXPR isPumpRunning() [L677] tmp___0 = isPumpRunning() [L679] COND TRUE \read(tmp___0) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=0] [L680] COND TRUE \read(methAndRunningLastTime) [L682] CALL __automaton_fail() [L956] reach_error() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=0] - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 84 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 3.8s, OverallIterations: 11, TraceHistogramMax: 4, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.8s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 470 SdHoareTripleChecker+Valid, 0.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 464 mSDsluCounter, 2881 SdHoareTripleChecker+Invalid, 0.3s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1959 mSDsCounter, 32 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 282 IncrementalHoareTripleChecker+Invalid, 314 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 32 mSolverCounterUnsat, 922 mSDtfsCounter, 282 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 299 GetRequests, 256 SyntacticMatches, 1 SemanticMatches, 42 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 22 ImplicationChecksByTransitivity, 0.3s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=807occurred in iteration=9, InterpolantAutomatonStates: 47, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 10 MinimizatonAttempts, 201 StatesRemovedByMinimization, 4 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.5s InterpolantComputationTime, 740 NumberOfCodeBlocks, 740 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 696 ConstructedInterpolants, 0 QuantifiedInterpolants, 1325 SizeOfPredicates, 1 NumberOfNonLiveVariables, 584 ConjunctsInSsa, 19 ConjunctsInUnsatCore, 13 InterpolantComputations, 10 PerfectInterpolantSequences, 144/152 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-02-05 15:51:48,779 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE