./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec3_product56.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version c00e63dc Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_product56.cil.c -s /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash c0bb085f1a2e359e53f6064743019c071065ce678b1651991605b55849e9a12f --- Real Ultimate output --- This is Ultimate 0.3.0-?-c00e63d-m [2025-02-05 15:52:47,113 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-02-05 15:52:47,166 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-02-05 15:52:47,170 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-02-05 15:52:47,170 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-02-05 15:52:47,184 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-02-05 15:52:47,185 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-02-05 15:52:47,185 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-02-05 15:52:47,185 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-02-05 15:52:47,185 INFO L153 SettingsManager]: * Use memory slicer=true [2025-02-05 15:52:47,185 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-02-05 15:52:47,185 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-02-05 15:52:47,186 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-02-05 15:52:47,186 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-02-05 15:52:47,186 INFO L153 SettingsManager]: * Use SBE=true [2025-02-05 15:52:47,186 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-02-05 15:52:47,186 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-02-05 15:52:47,186 INFO L153 SettingsManager]: * sizeof long=4 [2025-02-05 15:52:47,186 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-02-05 15:52:47,186 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-02-05 15:52:47,186 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-02-05 15:52:47,186 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-02-05 15:52:47,186 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-02-05 15:52:47,186 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-02-05 15:52:47,186 INFO L153 SettingsManager]: * sizeof long double=12 [2025-02-05 15:52:47,186 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-02-05 15:52:47,186 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-02-05 15:52:47,186 INFO L153 SettingsManager]: * Use constant arrays=true [2025-02-05 15:52:47,186 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-02-05 15:52:47,187 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-02-05 15:52:47,187 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-02-05 15:52:47,187 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-02-05 15:52:47,187 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-02-05 15:52:47,187 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-02-05 15:52:47,187 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-02-05 15:52:47,187 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-02-05 15:52:47,187 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-02-05 15:52:47,187 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-02-05 15:52:47,187 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-02-05 15:52:47,187 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-02-05 15:52:47,187 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-02-05 15:52:47,187 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-02-05 15:52:47,187 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-02-05 15:52:47,187 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> c0bb085f1a2e359e53f6064743019c071065ce678b1651991605b55849e9a12f [2025-02-05 15:52:47,405 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-02-05 15:52:47,415 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-02-05 15:52:47,417 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-02-05 15:52:47,418 INFO L270 PluginConnector]: Initializing CDTParser... [2025-02-05 15:52:47,418 INFO L274 PluginConnector]: CDTParser initialized [2025-02-05 15:52:47,419 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_product56.cil.c [2025-02-05 15:52:48,592 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/6bb686b6c/d0aa9cc862f648e8bfeed95f28abc997/FLAG9c5612203 [2025-02-05 15:52:48,888 INFO L384 CDTParser]: Found 1 translation units. [2025-02-05 15:52:48,889 INFO L180 CDTParser]: Scanning /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product56.cil.c [2025-02-05 15:52:48,901 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/6bb686b6c/d0aa9cc862f648e8bfeed95f28abc997/FLAG9c5612203 [2025-02-05 15:52:48,914 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/6bb686b6c/d0aa9cc862f648e8bfeed95f28abc997 [2025-02-05 15:52:48,917 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-02-05 15:52:48,919 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-02-05 15:52:48,920 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-02-05 15:52:48,920 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-02-05 15:52:48,923 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-02-05 15:52:48,925 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 05.02 03:52:48" (1/1) ... [2025-02-05 15:52:48,926 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@40cc5769 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:48, skipping insertion in model container [2025-02-05 15:52:48,926 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 05.02 03:52:48" (1/1) ... [2025-02-05 15:52:48,955 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-02-05 15:52:49,165 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product56.cil.c[19275,19288] [2025-02-05 15:52:49,167 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-02-05 15:52:49,179 INFO L200 MainTranslator]: Completed pre-run [2025-02-05 15:52:49,184 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] [2025-02-05 15:52:49,186 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [153] [2025-02-05 15:52:49,186 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [519] [2025-02-05 15:52:49,186 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification3_spec.i","") [554] [2025-02-05 15:52:49,186 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [592] [2025-02-05 15:52:49,186 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [699] [2025-02-05 15:52:49,186 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [949] [2025-02-05 15:52:49,186 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1018] [2025-02-05 15:52:49,248 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product56.cil.c[19275,19288] [2025-02-05 15:52:49,250 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-02-05 15:52:49,265 INFO L204 MainTranslator]: Completed translation [2025-02-05 15:52:49,265 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:49 WrapperNode [2025-02-05 15:52:49,265 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-02-05 15:52:49,267 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-02-05 15:52:49,267 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-02-05 15:52:49,267 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-02-05 15:52:49,272 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:49" (1/1) ... [2025-02-05 15:52:49,281 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:49" (1/1) ... [2025-02-05 15:52:49,299 INFO L138 Inliner]: procedures = 58, calls = 106, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 233 [2025-02-05 15:52:49,300 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-02-05 15:52:49,300 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-02-05 15:52:49,300 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-02-05 15:52:49,300 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-02-05 15:52:49,307 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:49" (1/1) ... [2025-02-05 15:52:49,307 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:49" (1/1) ... [2025-02-05 15:52:49,309 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:49" (1/1) ... [2025-02-05 15:52:49,320 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-02-05 15:52:49,320 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:49" (1/1) ... [2025-02-05 15:52:49,320 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:49" (1/1) ... [2025-02-05 15:52:49,323 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:49" (1/1) ... [2025-02-05 15:52:49,324 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:49" (1/1) ... [2025-02-05 15:52:49,324 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:49" (1/1) ... [2025-02-05 15:52:49,325 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:49" (1/1) ... [2025-02-05 15:52:49,326 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-02-05 15:52:49,327 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-02-05 15:52:49,327 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-02-05 15:52:49,327 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-02-05 15:52:49,328 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:49" (1/1) ... [2025-02-05 15:52:49,331 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-02-05 15:52:49,339 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-02-05 15:52:49,350 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-02-05 15:52:49,353 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-02-05 15:52:49,370 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-02-05 15:52:49,371 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2025-02-05 15:52:49,371 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2025-02-05 15:52:49,371 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2025-02-05 15:52:49,371 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2025-02-05 15:52:49,371 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-02-05 15:52:49,371 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-02-05 15:52:49,371 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-02-05 15:52:49,371 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-02-05 15:52:49,371 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2025-02-05 15:52:49,371 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2025-02-05 15:52:49,372 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-02-05 15:52:49,372 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-02-05 15:52:49,372 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2025-02-05 15:52:49,372 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2025-02-05 15:52:49,372 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2025-02-05 15:52:49,372 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2025-02-05 15:52:49,373 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-02-05 15:52:49,373 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-02-05 15:52:49,373 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-02-05 15:52:49,373 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-02-05 15:52:49,373 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-02-05 15:52:49,426 INFO L257 CfgBuilder]: Building ICFG [2025-02-05 15:52:49,428 INFO L287 CfgBuilder]: Building CFG for each procedure with an implementation [2025-02-05 15:52:49,469 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L641: #res := ~retValue_acc~6; [2025-02-05 15:52:49,518 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L673-1: getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~7#1; [2025-02-05 15:52:49,518 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L849-1: isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~11#1; [2025-02-05 15:52:49,518 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L840-1: isMethaneAlarm_#res#1 := isMethaneAlarm_~retValue_acc~10#1; [2025-02-05 15:52:49,536 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint cleanupFINAL: assume true; [2025-02-05 15:52:49,596 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L150-1: main_#res#1 := main_~retValue_acc~0#1; [2025-02-05 15:52:49,596 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L551-1: valid_product_#res#1 := valid_product_~retValue_acc~5#1; [2025-02-05 15:52:49,622 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L687-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~8#1; [2025-02-05 15:52:49,622 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L904-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~12#1; [2025-02-05 15:52:49,655 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L923-1: isLowWaterLevel_#res#1 := isLowWaterLevel_~retValue_acc~13#1; [2025-02-05 15:52:49,656 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L696-1: isLowWaterSensorDry_#res#1 := isLowWaterSensorDry_~retValue_acc~9#1; [2025-02-05 15:52:49,673 INFO L? ?]: Removed 53 outVars from TransFormulas that were not future-live. [2025-02-05 15:52:49,674 INFO L308 CfgBuilder]: Performing block encoding [2025-02-05 15:52:49,686 INFO L332 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-02-05 15:52:49,686 INFO L337 CfgBuilder]: Removed 0 assume(true) statements. [2025-02-05 15:52:49,686 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:52:49 BoogieIcfgContainer [2025-02-05 15:52:49,687 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-02-05 15:52:49,689 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-02-05 15:52:49,689 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-02-05 15:52:49,692 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-02-05 15:52:49,692 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 05.02 03:52:48" (1/3) ... [2025-02-05 15:52:49,692 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4bba40eb and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 05.02 03:52:49, skipping insertion in model container [2025-02-05 15:52:49,692 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:49" (2/3) ... [2025-02-05 15:52:49,693 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4bba40eb and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 05.02 03:52:49, skipping insertion in model container [2025-02-05 15:52:49,693 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:52:49" (3/3) ... [2025-02-05 15:52:49,694 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product56.cil.c [2025-02-05 15:52:49,707 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-02-05 15:52:49,708 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec3_product56.cil.c that has 10 procedures, 106 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-02-05 15:52:49,753 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-02-05 15:52:49,763 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@4363811d, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-02-05 15:52:49,763 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-02-05 15:52:49,768 INFO L276 IsEmpty]: Start isEmpty. Operand has 105 states, 77 states have (on average 1.3636363636363635) internal successors, (105), 88 states have internal predecessors, (105), 17 states have call successors, (17), 9 states have call predecessors, (17), 8 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2025-02-05 15:52:49,774 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2025-02-05 15:52:49,776 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:52:49,777 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:52:49,777 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:52:49,781 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:52:49,781 INFO L85 PathProgramCache]: Analyzing trace with hash -817420580, now seen corresponding path program 1 times [2025-02-05 15:52:49,786 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:52:49,787 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [477958081] [2025-02-05 15:52:49,787 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:52:49,787 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:52:49,838 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 25 statements into 1 equivalence classes. [2025-02-05 15:52:49,855 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 25 of 25 statements. [2025-02-05 15:52:49,856 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:52:49,856 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:52:49,903 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:52:49,904 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:52:49,904 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [477958081] [2025-02-05 15:52:49,905 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [477958081] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:52:49,906 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:52:49,906 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2025-02-05 15:52:49,907 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [248105003] [2025-02-05 15:52:49,908 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:52:49,910 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-02-05 15:52:49,911 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:52:49,925 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-02-05 15:52:49,925 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-02-05 15:52:49,927 INFO L87 Difference]: Start difference. First operand has 105 states, 77 states have (on average 1.3636363636363635) internal successors, (105), 88 states have internal predecessors, (105), 17 states have call successors, (17), 9 states have call predecessors, (17), 8 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:52:49,951 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:52:49,953 INFO L93 Difference]: Finished difference Result 194 states and 263 transitions. [2025-02-05 15:52:49,953 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-02-05 15:52:49,954 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2025-02-05 15:52:49,954 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:52:49,959 INFO L225 Difference]: With dead ends: 194 [2025-02-05 15:52:49,959 INFO L226 Difference]: Without dead ends: 97 [2025-02-05 15:52:49,961 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-02-05 15:52:49,963 INFO L435 NwaCegarLoop]: 132 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 132 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:52:49,963 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 132 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:52:49,973 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 97 states. [2025-02-05 15:52:49,987 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 97 to 97. [2025-02-05 15:52:49,989 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 97 states, 71 states have (on average 1.323943661971831) internal successors, (94), 81 states have internal predecessors, (94), 17 states have call successors, (17), 9 states have call predecessors, (17), 8 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2025-02-05 15:52:49,993 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 97 states to 97 states and 127 transitions. [2025-02-05 15:52:49,995 INFO L78 Accepts]: Start accepts. Automaton has 97 states and 127 transitions. Word has length 25 [2025-02-05 15:52:49,996 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:52:49,996 INFO L471 AbstractCegarLoop]: Abstraction has 97 states and 127 transitions. [2025-02-05 15:52:49,996 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:52:49,996 INFO L276 IsEmpty]: Start isEmpty. Operand 97 states and 127 transitions. [2025-02-05 15:52:49,997 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2025-02-05 15:52:49,997 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:52:49,997 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:52:49,998 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-02-05 15:52:49,998 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:52:49,998 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:52:49,998 INFO L85 PathProgramCache]: Analyzing trace with hash -426312053, now seen corresponding path program 1 times [2025-02-05 15:52:49,998 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:52:49,998 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1374740289] [2025-02-05 15:52:49,998 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:52:49,998 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:52:50,007 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 26 statements into 1 equivalence classes. [2025-02-05 15:52:50,017 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 26 of 26 statements. [2025-02-05 15:52:50,017 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:52:50,017 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:52:50,091 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:52:50,092 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:52:50,092 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1374740289] [2025-02-05 15:52:50,092 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1374740289] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:52:50,092 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:52:50,092 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-02-05 15:52:50,092 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [992858107] [2025-02-05 15:52:50,092 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:52:50,093 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:52:50,093 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:52:50,094 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:52:50,094 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:52:50,094 INFO L87 Difference]: Start difference. First operand 97 states and 127 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:52:50,107 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:52:50,108 INFO L93 Difference]: Finished difference Result 156 states and 204 transitions. [2025-02-05 15:52:50,108 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:52:50,108 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2025-02-05 15:52:50,108 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:52:50,109 INFO L225 Difference]: With dead ends: 156 [2025-02-05 15:52:50,109 INFO L226 Difference]: Without dead ends: 88 [2025-02-05 15:52:50,110 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:52:50,110 INFO L435 NwaCegarLoop]: 114 mSDtfsCounter, 16 mSDsluCounter, 93 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 207 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:52:50,111 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [20 Valid, 207 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:52:50,111 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 88 states. [2025-02-05 15:52:50,116 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 88 to 88. [2025-02-05 15:52:50,117 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 88 states, 65 states have (on average 1.3384615384615384) internal successors, (87), 75 states have internal predecessors, (87), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) [2025-02-05 15:52:50,117 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 88 states to 88 states and 115 transitions. [2025-02-05 15:52:50,118 INFO L78 Accepts]: Start accepts. Automaton has 88 states and 115 transitions. Word has length 26 [2025-02-05 15:52:50,118 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:52:50,118 INFO L471 AbstractCegarLoop]: Abstraction has 88 states and 115 transitions. [2025-02-05 15:52:50,118 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:52:50,118 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 115 transitions. [2025-02-05 15:52:50,119 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2025-02-05 15:52:50,119 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:52:50,120 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:52:50,120 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-02-05 15:52:50,120 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:52:50,121 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:52:50,121 INFO L85 PathProgramCache]: Analyzing trace with hash 937362594, now seen corresponding path program 1 times [2025-02-05 15:52:50,121 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:52:50,121 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [365289020] [2025-02-05 15:52:50,121 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:52:50,121 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:52:50,128 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 30 statements into 1 equivalence classes. [2025-02-05 15:52:50,139 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 30 of 30 statements. [2025-02-05 15:52:50,139 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:52:50,139 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:52:50,239 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:52:50,240 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:52:50,240 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [365289020] [2025-02-05 15:52:50,240 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [365289020] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:52:50,240 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:52:50,240 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-02-05 15:52:50,240 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [853778801] [2025-02-05 15:52:50,240 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:52:50,240 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:52:50,240 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:52:50,241 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:52:50,241 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:52:50,241 INFO L87 Difference]: Start difference. First operand 88 states and 115 transitions. Second operand has 5 states, 5 states have (on average 5.4) internal successors, (27), 5 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:52:50,305 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:52:50,306 INFO L93 Difference]: Finished difference Result 212 states and 280 transitions. [2025-02-05 15:52:50,306 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:52:50,306 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.4) internal successors, (27), 5 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2025-02-05 15:52:50,307 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:52:50,308 INFO L225 Difference]: With dead ends: 212 [2025-02-05 15:52:50,308 INFO L226 Difference]: Without dead ends: 131 [2025-02-05 15:52:50,309 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-02-05 15:52:50,309 INFO L435 NwaCegarLoop]: 128 mSDtfsCounter, 108 mSDsluCounter, 306 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 108 SdHoareTripleChecker+Valid, 434 SdHoareTripleChecker+Invalid, 13 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:52:50,309 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [108 Valid, 434 Invalid, 13 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:52:50,310 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 131 states. [2025-02-05 15:52:50,328 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 131 to 128. [2025-02-05 15:52:50,328 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 128 states, 95 states have (on average 1.3578947368421053) internal successors, (129), 108 states have internal predecessors, (129), 19 states have call successors, (19), 13 states have call predecessors, (19), 13 states have return successors, (20), 13 states have call predecessors, (20), 19 states have call successors, (20) [2025-02-05 15:52:50,329 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 128 states to 128 states and 168 transitions. [2025-02-05 15:52:50,330 INFO L78 Accepts]: Start accepts. Automaton has 128 states and 168 transitions. Word has length 30 [2025-02-05 15:52:50,330 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:52:50,330 INFO L471 AbstractCegarLoop]: Abstraction has 128 states and 168 transitions. [2025-02-05 15:52:50,330 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.4) internal successors, (27), 5 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:52:50,330 INFO L276 IsEmpty]: Start isEmpty. Operand 128 states and 168 transitions. [2025-02-05 15:52:50,335 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2025-02-05 15:52:50,335 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:52:50,335 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:52:50,335 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-02-05 15:52:50,335 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:52:50,335 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:52:50,335 INFO L85 PathProgramCache]: Analyzing trace with hash 2109010103, now seen corresponding path program 1 times [2025-02-05 15:52:50,335 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:52:50,335 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1100805315] [2025-02-05 15:52:50,335 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:52:50,336 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:52:50,347 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 33 statements into 1 equivalence classes. [2025-02-05 15:52:50,356 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 33 of 33 statements. [2025-02-05 15:52:50,360 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:52:50,360 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:52:50,448 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:52:50,449 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:52:50,449 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1100805315] [2025-02-05 15:52:50,449 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1100805315] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:52:50,449 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:52:50,449 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-02-05 15:52:50,449 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [675040898] [2025-02-05 15:52:50,449 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:52:50,449 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:52:50,449 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:52:50,450 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:52:50,450 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:52:50,450 INFO L87 Difference]: Start difference. First operand 128 states and 168 transitions. Second operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:52:50,522 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:52:50,522 INFO L93 Difference]: Finished difference Result 358 states and 491 transitions. [2025-02-05 15:52:50,523 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:52:50,523 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 33 [2025-02-05 15:52:50,523 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:52:50,525 INFO L225 Difference]: With dead ends: 358 [2025-02-05 15:52:50,526 INFO L226 Difference]: Without dead ends: 237 [2025-02-05 15:52:50,527 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-02-05 15:52:50,528 INFO L435 NwaCegarLoop]: 108 mSDtfsCounter, 78 mSDsluCounter, 313 mSDsCounter, 0 mSdLazyCounter, 32 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 78 SdHoareTripleChecker+Valid, 421 SdHoareTripleChecker+Invalid, 35 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 32 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:52:50,528 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [78 Valid, 421 Invalid, 35 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 32 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:52:50,528 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 237 states. [2025-02-05 15:52:50,548 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 237 to 237. [2025-02-05 15:52:50,551 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 237 states, 174 states have (on average 1.339080459770115) internal successors, (233), 197 states have internal predecessors, (233), 38 states have call successors, (38), 26 states have call predecessors, (38), 24 states have return successors, (43), 24 states have call predecessors, (43), 38 states have call successors, (43) [2025-02-05 15:52:50,552 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 237 states to 237 states and 314 transitions. [2025-02-05 15:52:50,553 INFO L78 Accepts]: Start accepts. Automaton has 237 states and 314 transitions. Word has length 33 [2025-02-05 15:52:50,554 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:52:50,554 INFO L471 AbstractCegarLoop]: Abstraction has 237 states and 314 transitions. [2025-02-05 15:52:50,554 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:52:50,554 INFO L276 IsEmpty]: Start isEmpty. Operand 237 states and 314 transitions. [2025-02-05 15:52:50,555 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2025-02-05 15:52:50,555 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:52:50,556 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:52:50,556 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-02-05 15:52:50,556 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:52:50,557 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:52:50,557 INFO L85 PathProgramCache]: Analyzing trace with hash 2067271577, now seen corresponding path program 1 times [2025-02-05 15:52:50,557 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:52:50,557 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [857172742] [2025-02-05 15:52:50,557 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:52:50,557 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:52:50,566 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 37 statements into 1 equivalence classes. [2025-02-05 15:52:50,577 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 37 of 37 statements. [2025-02-05 15:52:50,578 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:52:50,578 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-02-05 15:52:50,578 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-02-05 15:52:50,580 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 37 statements into 1 equivalence classes. [2025-02-05 15:52:50,584 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 37 of 37 statements. [2025-02-05 15:52:50,584 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:52:50,585 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-02-05 15:52:50,605 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-02-05 15:52:50,606 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-02-05 15:52:50,607 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-02-05 15:52:50,608 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-02-05 15:52:50,610 INFO L422 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1] [2025-02-05 15:52:50,647 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-02-05 15:52:50,649 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 05.02 03:52:50 BoogieIcfgContainer [2025-02-05 15:52:50,650 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-02-05 15:52:50,651 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-02-05 15:52:50,652 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-02-05 15:52:50,653 INFO L274 PluginConnector]: Witness Printer initialized [2025-02-05 15:52:50,653 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:52:49" (3/4) ... [2025-02-05 15:52:50,654 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-02-05 15:52:50,706 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 32. [2025-02-05 15:52:50,760 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-02-05 15:52:50,762 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.yml [2025-02-05 15:52:50,762 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-02-05 15:52:50,763 INFO L158 Benchmark]: Toolchain (without parser) took 1844.23ms. Allocated memory is still 142.6MB. Free memory was 104.9MB in the beginning and 41.7MB in the end (delta: 63.1MB). Peak memory consumption was 64.4MB. Max. memory is 16.1GB. [2025-02-05 15:52:50,763 INFO L158 Benchmark]: CDTParser took 0.19ms. Allocated memory is still 201.3MB. Free memory is still 126.8MB. There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:52:50,764 INFO L158 Benchmark]: CACSL2BoogieTranslator took 345.88ms. Allocated memory is still 142.6MB. Free memory was 104.9MB in the beginning and 86.4MB in the end (delta: 18.4MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-02-05 15:52:50,764 INFO L158 Benchmark]: Boogie Procedure Inliner took 32.75ms. Allocated memory is still 142.6MB. Free memory was 86.4MB in the beginning and 83.8MB in the end (delta: 2.6MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-02-05 15:52:50,764 INFO L158 Benchmark]: Boogie Preprocessor took 26.25ms. Allocated memory is still 142.6MB. Free memory was 83.8MB in the beginning and 82.8MB in the end (delta: 958.6kB). There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:52:50,764 INFO L158 Benchmark]: IcfgBuilder took 360.34ms. Allocated memory is still 142.6MB. Free memory was 82.8MB in the beginning and 62.2MB in the end (delta: 20.6MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-02-05 15:52:50,765 INFO L158 Benchmark]: TraceAbstraction took 961.53ms. Allocated memory is still 142.6MB. Free memory was 62.2MB in the beginning and 49.4MB in the end (delta: 12.8MB). Peak memory consumption was 14.0MB. Max. memory is 16.1GB. [2025-02-05 15:52:50,765 INFO L158 Benchmark]: Witness Printer took 111.03ms. Allocated memory is still 142.6MB. Free memory was 49.4MB in the beginning and 41.7MB in the end (delta: 7.7MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-02-05 15:52:50,766 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.19ms. Allocated memory is still 201.3MB. Free memory is still 126.8MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 345.88ms. Allocated memory is still 142.6MB. Free memory was 104.9MB in the beginning and 86.4MB in the end (delta: 18.4MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 32.75ms. Allocated memory is still 142.6MB. Free memory was 86.4MB in the beginning and 83.8MB in the end (delta: 2.6MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Preprocessor took 26.25ms. Allocated memory is still 142.6MB. Free memory was 83.8MB in the beginning and 82.8MB in the end (delta: 958.6kB). There was no memory consumed. Max. memory is 16.1GB. * IcfgBuilder took 360.34ms. Allocated memory is still 142.6MB. Free memory was 82.8MB in the beginning and 62.2MB in the end (delta: 20.6MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 961.53ms. Allocated memory is still 142.6MB. Free memory was 62.2MB in the beginning and 49.4MB in the end (delta: 12.8MB). Peak memory consumption was 14.0MB. Max. memory is 16.1GB. * Witness Printer took 111.03ms. Allocated memory is still 142.6MB. Free memory was 49.4MB in the beginning and 41.7MB in the end (delta: 7.7MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] - GenericResultAtLocation [Line: 153]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [153] - GenericResultAtLocation [Line: 519]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [519] - GenericResultAtLocation [Line: 554]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification3_spec.i","") [554] - GenericResultAtLocation [Line: 592]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [592] - GenericResultAtLocation [Line: 699]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [699] - GenericResultAtLocation [Line: 949]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [949] - GenericResultAtLocation [Line: 1018]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1018] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 1023]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L50] int cleanupTimeShifts = 4; [L323] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; [L597] int waterLevel = 1; [L598] int methaneLevelCritical = 0; [L704] int pumpRunning = 0; [L705] int systemActive = 1; VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L131] int retValue_acc ; [L132] int tmp ; [L136] FCALL select_helpers() [L137] FCALL select_features() [L138] CALL, EXPR valid_product() [L546] int retValue_acc ; [L549] retValue_acc = 1 [L550] return (retValue_acc); VAL [\result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L138] RET, EXPR valid_product() [L138] tmp = valid_product() [L140] COND TRUE \read(tmp) [L142] FCALL setup() [L143] CALL runTest() [L122] CALL test() [L951] int splverifierCounter ; [L952] int tmp ; [L953] int tmp___0 ; [L954] int tmp___1 ; [L955] int tmp___2 ; [L958] splverifierCounter = 0 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L960] COND TRUE 1 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L962] COND TRUE splverifierCounter < 4 [L968] tmp = __VERIFIER_nondet_int() [L970] COND TRUE \read(tmp) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L972] CALL waterRise() VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L615] COND TRUE waterLevel < 2 [L616] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L972] RET waterRise() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L978] tmp___0 = __VERIFIER_nondet_int() [L980] COND FALSE !(\read(tmp___0)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L988] tmp___2 = __VERIFIER_nondet_int() [L990] COND FALSE !(\read(tmp___2)) [L996] tmp___1 = __VERIFIER_nondet_int() [L998] COND TRUE \read(tmp___1) [L1000] CALL stopSystem() [L930] COND FALSE !(\read(pumpRunning)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L937] systemActive = 0 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=0, waterLevel=2] [L1000] RET stopSystem() [L1007] CALL timeShift() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=0, waterLevel=2] [L711] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=0, waterLevel=2] [L718] COND FALSE !(\read(systemActive)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=0, waterLevel=2] [L726] CALL __utac_acc__Specification3_spec__1() [L560] int tmp ; [L561] int tmp___0 ; [L562] int tmp___1 ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=0, waterLevel=2] [L566] CALL, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=0, waterLevel=2] [L636] int retValue_acc ; [L639] retValue_acc = methaneLevelCritical [L640] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=0, waterLevel=2] [L566] RET, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=0, waterLevel=2] [L566] tmp = isMethaneLevelCritical() [L568] COND FALSE !(\read(tmp)) [L572] CALL, EXPR getWaterLevel() [L668] int retValue_acc ; [L671] retValue_acc = waterLevel [L672] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=0, waterLevel=2] [L572] RET, EXPR getWaterLevel() [L572] tmp___0 = getWaterLevel() [L574] COND TRUE tmp___0 == 2 [L576] CALL, EXPR isPumpRunning() [L844] int retValue_acc ; [L847] retValue_acc = pumpRunning [L848] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=0, waterLevel=2] [L576] RET, EXPR isPumpRunning() [L576] tmp___1 = isPumpRunning() [L578] COND FALSE !(\read(tmp___1)) [L582] CALL __automaton_fail() [L1023] reach_error() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=0, waterLevel=2] - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 106 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 0.9s, OverallIterations: 5, TraceHistogramMax: 1, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.2s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 206 SdHoareTripleChecker+Valid, 0.1s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 202 mSDsluCounter, 1194 SdHoareTripleChecker+Invalid, 0.0s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 712 mSDsCounter, 5 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 44 IncrementalHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 5 mSolverCounterUnsat, 482 mSDtfsCounter, 44 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 21 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=237occurred in iteration=4, InterpolantAutomatonStates: 15, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.1s AutomataMinimizationTime, 4 MinimizatonAttempts, 3 StatesRemovedByMinimization, 1 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 0.3s InterpolantComputationTime, 151 NumberOfCodeBlocks, 151 NumberOfCodeBlocksAsserted, 5 NumberOfCheckSat, 110 ConstructedInterpolants, 0 QuantifiedInterpolants, 182 SizeOfPredicates, 0 NumberOfNonLiveVariables, 0 ConjunctsInSsa, 0 ConjunctsInUnsatCore, 4 InterpolantComputations, 4 PerfectInterpolantSequences, 0/0 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-02-05 15:52:50,783 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE