./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec4_product42.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version c00e63dc Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec4_product42.cil.c -s /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 190527f0b5c755657048457e241e1db06174c0bd15c9c37dddb3c55b0e7d73ce --- Real Ultimate output --- This is Ultimate 0.3.0-?-c00e63d-m [2025-02-05 15:53:25,070 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-02-05 15:53:25,129 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-02-05 15:53:25,134 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-02-05 15:53:25,136 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-02-05 15:53:25,158 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-02-05 15:53:25,159 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-02-05 15:53:25,159 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-02-05 15:53:25,159 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-02-05 15:53:25,159 INFO L153 SettingsManager]: * Use memory slicer=true [2025-02-05 15:53:25,160 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-02-05 15:53:25,160 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-02-05 15:53:25,160 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-02-05 15:53:25,160 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-02-05 15:53:25,160 INFO L153 SettingsManager]: * Use SBE=true [2025-02-05 15:53:25,161 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-02-05 15:53:25,161 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-02-05 15:53:25,161 INFO L153 SettingsManager]: * sizeof long=4 [2025-02-05 15:53:25,161 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-02-05 15:53:25,161 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-02-05 15:53:25,162 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-02-05 15:53:25,162 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-02-05 15:53:25,162 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-02-05 15:53:25,162 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-02-05 15:53:25,162 INFO L153 SettingsManager]: * sizeof long double=12 [2025-02-05 15:53:25,162 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-02-05 15:53:25,162 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-02-05 15:53:25,162 INFO L153 SettingsManager]: * Use constant arrays=true [2025-02-05 15:53:25,162 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-02-05 15:53:25,162 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-02-05 15:53:25,162 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-02-05 15:53:25,162 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-02-05 15:53:25,162 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-02-05 15:53:25,163 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-02-05 15:53:25,163 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-02-05 15:53:25,163 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-02-05 15:53:25,163 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-02-05 15:53:25,163 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-02-05 15:53:25,163 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-02-05 15:53:25,163 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-02-05 15:53:25,164 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-02-05 15:53:25,164 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-02-05 15:53:25,164 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-02-05 15:53:25,164 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 190527f0b5c755657048457e241e1db06174c0bd15c9c37dddb3c55b0e7d73ce [2025-02-05 15:53:25,400 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-02-05 15:53:25,408 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-02-05 15:53:25,411 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-02-05 15:53:25,412 INFO L270 PluginConnector]: Initializing CDTParser... [2025-02-05 15:53:25,412 INFO L274 PluginConnector]: CDTParser initialized [2025-02-05 15:53:25,414 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec4_product42.cil.c [2025-02-05 15:53:26,650 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/e7771c543/8f40242c8e424dc9a42dc21e32a12f3e/FLAGe57ac105f [2025-02-05 15:53:26,914 INFO L384 CDTParser]: Found 1 translation units. [2025-02-05 15:53:26,915 INFO L180 CDTParser]: Scanning /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product42.cil.c [2025-02-05 15:53:26,924 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/e7771c543/8f40242c8e424dc9a42dc21e32a12f3e/FLAGe57ac105f [2025-02-05 15:53:26,944 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/e7771c543/8f40242c8e424dc9a42dc21e32a12f3e [2025-02-05 15:53:26,946 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-02-05 15:53:26,948 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-02-05 15:53:26,949 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-02-05 15:53:26,949 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-02-05 15:53:26,952 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-02-05 15:53:26,955 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 05.02 03:53:26" (1/1) ... [2025-02-05 15:53:26,955 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@7c7fecab and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:26, skipping insertion in model container [2025-02-05 15:53:26,956 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 05.02 03:53:26" (1/1) ... [2025-02-05 15:53:26,986 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-02-05 15:53:27,188 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product42.cil.c[17943,17956] [2025-02-05 15:53:27,191 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-02-05 15:53:27,203 INFO L200 MainTranslator]: Completed pre-run [2025-02-05 15:53:27,210 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2025-02-05 15:53:27,211 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [150] [2025-02-05 15:53:27,211 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [516] [2025-02-05 15:53:27,211 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification4_spec.i","") [554] [2025-02-05 15:53:27,211 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [582] [2025-02-05 15:53:27,212 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [681] [2025-02-05 15:53:27,212 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [749] [2025-02-05 15:53:27,212 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [929] [2025-02-05 15:53:27,266 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product42.cil.c[17943,17956] [2025-02-05 15:53:27,268 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-02-05 15:53:27,284 INFO L204 MainTranslator]: Completed translation [2025-02-05 15:53:27,285 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:27 WrapperNode [2025-02-05 15:53:27,285 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-02-05 15:53:27,287 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-02-05 15:53:27,287 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-02-05 15:53:27,287 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-02-05 15:53:27,291 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:27" (1/1) ... [2025-02-05 15:53:27,300 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:27" (1/1) ... [2025-02-05 15:53:27,314 INFO L138 Inliner]: procedures = 54, calls = 96, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 193 [2025-02-05 15:53:27,315 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-02-05 15:53:27,315 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-02-05 15:53:27,315 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-02-05 15:53:27,315 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-02-05 15:53:27,323 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:27" (1/1) ... [2025-02-05 15:53:27,323 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:27" (1/1) ... [2025-02-05 15:53:27,324 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:27" (1/1) ... [2025-02-05 15:53:27,336 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-02-05 15:53:27,336 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:27" (1/1) ... [2025-02-05 15:53:27,337 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:27" (1/1) ... [2025-02-05 15:53:27,340 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:27" (1/1) ... [2025-02-05 15:53:27,341 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:27" (1/1) ... [2025-02-05 15:53:27,341 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:27" (1/1) ... [2025-02-05 15:53:27,342 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:27" (1/1) ... [2025-02-05 15:53:27,343 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-02-05 15:53:27,344 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-02-05 15:53:27,344 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-02-05 15:53:27,344 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-02-05 15:53:27,345 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:27" (1/1) ... [2025-02-05 15:53:27,348 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-02-05 15:53:27,359 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-02-05 15:53:27,370 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-02-05 15:53:27,372 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-02-05 15:53:27,387 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-02-05 15:53:27,387 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2025-02-05 15:53:27,387 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2025-02-05 15:53:27,387 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-02-05 15:53:27,387 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-02-05 15:53:27,387 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-02-05 15:53:27,387 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-02-05 15:53:27,387 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-02-05 15:53:27,387 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-02-05 15:53:27,387 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-02-05 15:53:27,387 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-02-05 15:53:27,387 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-02-05 15:53:27,387 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-02-05 15:53:27,388 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-02-05 15:53:27,437 INFO L257 CfgBuilder]: Building ICFG [2025-02-05 15:53:27,438 INFO L287 CfgBuilder]: Building CFG for each procedure with an implementation [2025-02-05 15:53:27,575 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L147-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~2#1; [2025-02-05 15:53:27,575 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L854-1: isMethaneAlarm_#res#1 := isMethaneAlarm_~retValue_acc~9#1; [2025-02-05 15:53:27,575 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L863-1: isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~10#1; [2025-02-05 15:53:27,575 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L133-1: getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; [2025-02-05 15:53:27,575 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L918-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~11#1; [2025-02-05 15:53:27,575 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L101-1: isMethaneLevelCritical_#res#1 := isMethaneLevelCritical_~retValue_acc~0#1; [2025-02-05 15:53:27,600 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint cleanupFINAL: assume true; [2025-02-05 15:53:27,646 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L678-1: main_#res#1 := main_~retValue_acc~8#1; [2025-02-05 15:53:27,647 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L551-1: valid_product_#res#1 := valid_product_~retValue_acc~7#1; [2025-02-05 15:53:27,659 INFO L? ?]: Removed 43 outVars from TransFormulas that were not future-live. [2025-02-05 15:53:27,659 INFO L308 CfgBuilder]: Performing block encoding [2025-02-05 15:53:27,670 INFO L332 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-02-05 15:53:27,670 INFO L337 CfgBuilder]: Removed 0 assume(true) statements. [2025-02-05 15:53:27,670 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:53:27 BoogieIcfgContainer [2025-02-05 15:53:27,671 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-02-05 15:53:27,672 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-02-05 15:53:27,672 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-02-05 15:53:27,675 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-02-05 15:53:27,675 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 05.02 03:53:26" (1/3) ... [2025-02-05 15:53:27,676 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@330918b7 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 05.02 03:53:27, skipping insertion in model container [2025-02-05 15:53:27,676 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:27" (2/3) ... [2025-02-05 15:53:27,676 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@330918b7 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 05.02 03:53:27, skipping insertion in model container [2025-02-05 15:53:27,676 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:53:27" (3/3) ... [2025-02-05 15:53:27,677 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec4_product42.cil.c [2025-02-05 15:53:27,687 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-02-05 15:53:27,688 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec4_product42.cil.c that has 6 procedures, 74 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-02-05 15:53:27,728 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-02-05 15:53:27,737 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@70816a7, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-02-05 15:53:27,737 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-02-05 15:53:27,739 INFO L276 IsEmpty]: Start isEmpty. Operand has 73 states, 58 states have (on average 1.3793103448275863) internal successors, (80), 64 states have internal predecessors, (80), 8 states have call successors, (8), 5 states have call predecessors, (8), 4 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2025-02-05 15:53:27,744 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2025-02-05 15:53:27,744 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:53:27,744 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:53:27,744 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:53:27,748 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:53:27,748 INFO L85 PathProgramCache]: Analyzing trace with hash 2112969274, now seen corresponding path program 1 times [2025-02-05 15:53:27,752 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:53:27,753 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [165790880] [2025-02-05 15:53:27,753 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:27,753 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:53:27,799 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 19 statements into 1 equivalence classes. [2025-02-05 15:53:27,811 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 19 of 19 statements. [2025-02-05 15:53:27,811 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:27,811 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:27,845 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:53:27,846 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:53:27,846 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [165790880] [2025-02-05 15:53:27,846 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [165790880] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:53:27,847 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:53:27,847 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2025-02-05 15:53:27,848 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1468278469] [2025-02-05 15:53:27,848 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:53:27,850 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-02-05 15:53:27,851 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:53:27,861 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-02-05 15:53:27,862 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-02-05 15:53:27,863 INFO L87 Difference]: Start difference. First operand has 73 states, 58 states have (on average 1.3793103448275863) internal successors, (80), 64 states have internal predecessors, (80), 8 states have call successors, (8), 5 states have call predecessors, (8), 4 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) Second operand has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-02-05 15:53:27,877 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:53:27,877 INFO L93 Difference]: Finished difference Result 130 states and 177 transitions. [2025-02-05 15:53:27,878 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-02-05 15:53:27,879 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 19 [2025-02-05 15:53:27,879 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:53:27,883 INFO L225 Difference]: With dead ends: 130 [2025-02-05 15:53:27,883 INFO L226 Difference]: Without dead ends: 65 [2025-02-05 15:53:27,885 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-02-05 15:53:27,887 INFO L435 NwaCegarLoop]: 89 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 89 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:53:27,887 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 89 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:53:27,895 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 65 states. [2025-02-05 15:53:27,905 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 65 to 65. [2025-02-05 15:53:27,906 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 65 states, 52 states have (on average 1.3269230769230769) internal successors, (69), 57 states have internal predecessors, (69), 8 states have call successors, (8), 5 states have call predecessors, (8), 4 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2025-02-05 15:53:27,909 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 65 states to 65 states and 84 transitions. [2025-02-05 15:53:27,910 INFO L78 Accepts]: Start accepts. Automaton has 65 states and 84 transitions. Word has length 19 [2025-02-05 15:53:27,910 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:53:27,910 INFO L471 AbstractCegarLoop]: Abstraction has 65 states and 84 transitions. [2025-02-05 15:53:27,910 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-02-05 15:53:27,910 INFO L276 IsEmpty]: Start isEmpty. Operand 65 states and 84 transitions. [2025-02-05 15:53:27,911 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2025-02-05 15:53:27,911 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:53:27,911 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:53:27,912 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-02-05 15:53:27,912 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:53:27,912 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:53:27,912 INFO L85 PathProgramCache]: Analyzing trace with hash -755538077, now seen corresponding path program 1 times [2025-02-05 15:53:27,912 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:53:27,913 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1447531534] [2025-02-05 15:53:27,913 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:27,913 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:53:27,925 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 20 statements into 1 equivalence classes. [2025-02-05 15:53:27,938 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 20 of 20 statements. [2025-02-05 15:53:27,938 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:27,938 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:28,003 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:53:28,004 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:53:28,004 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1447531534] [2025-02-05 15:53:28,004 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1447531534] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:53:28,004 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:53:28,004 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-02-05 15:53:28,004 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [344468888] [2025-02-05 15:53:28,004 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:53:28,005 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:53:28,005 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:53:28,006 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:53:28,006 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:53:28,006 INFO L87 Difference]: Start difference. First operand 65 states and 84 transitions. Second operand has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-02-05 15:53:28,019 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:53:28,019 INFO L93 Difference]: Finished difference Result 96 states and 124 transitions. [2025-02-05 15:53:28,020 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:53:28,020 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 20 [2025-02-05 15:53:28,020 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:53:28,021 INFO L225 Difference]: With dead ends: 96 [2025-02-05 15:53:28,021 INFO L226 Difference]: Without dead ends: 56 [2025-02-05 15:53:28,021 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:53:28,023 INFO L435 NwaCegarLoop]: 71 mSDtfsCounter, 12 mSDsluCounter, 55 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 126 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:53:28,025 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [15 Valid, 126 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:53:28,025 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 56 states. [2025-02-05 15:53:28,030 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 56 to 56. [2025-02-05 15:53:28,030 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 56 states, 46 states have (on average 1.3478260869565217) internal successors, (62), 51 states have internal predecessors, (62), 5 states have call successors, (5), 4 states have call predecessors, (5), 4 states have return successors, (5), 4 states have call predecessors, (5), 5 states have call successors, (5) [2025-02-05 15:53:28,032 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 56 states to 56 states and 72 transitions. [2025-02-05 15:53:28,034 INFO L78 Accepts]: Start accepts. Automaton has 56 states and 72 transitions. Word has length 20 [2025-02-05 15:53:28,035 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:53:28,035 INFO L471 AbstractCegarLoop]: Abstraction has 56 states and 72 transitions. [2025-02-05 15:53:28,035 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-02-05 15:53:28,035 INFO L276 IsEmpty]: Start isEmpty. Operand 56 states and 72 transitions. [2025-02-05 15:53:28,036 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2025-02-05 15:53:28,037 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:53:28,037 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:53:28,037 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-02-05 15:53:28,037 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:53:28,038 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:53:28,038 INFO L85 PathProgramCache]: Analyzing trace with hash 1768170002, now seen corresponding path program 1 times [2025-02-05 15:53:28,039 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:53:28,039 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1816639156] [2025-02-05 15:53:28,039 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:28,039 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:53:28,053 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 24 statements into 1 equivalence classes. [2025-02-05 15:53:28,061 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 24 of 24 statements. [2025-02-05 15:53:28,062 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:28,062 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:28,185 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:53:28,185 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:53:28,185 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1816639156] [2025-02-05 15:53:28,185 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1816639156] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:53:28,185 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:53:28,185 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-02-05 15:53:28,185 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2096744454] [2025-02-05 15:53:28,185 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:53:28,186 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-02-05 15:53:28,186 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:53:28,186 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-02-05 15:53:28,186 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2025-02-05 15:53:28,186 INFO L87 Difference]: Start difference. First operand 56 states and 72 transitions. Second operand has 6 states, 6 states have (on average 3.8333333333333335) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-02-05 15:53:28,286 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:53:28,286 INFO L93 Difference]: Finished difference Result 105 states and 138 transitions. [2025-02-05 15:53:28,287 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:53:28,288 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 3.8333333333333335) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 24 [2025-02-05 15:53:28,288 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:53:28,289 INFO L225 Difference]: With dead ends: 105 [2025-02-05 15:53:28,290 INFO L226 Difference]: Without dead ends: 56 [2025-02-05 15:53:28,291 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=20, Invalid=36, Unknown=0, NotChecked=0, Total=56 [2025-02-05 15:53:28,293 INFO L435 NwaCegarLoop]: 68 mSDtfsCounter, 67 mSDsluCounter, 110 mSDsCounter, 0 mSdLazyCounter, 33 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 67 SdHoareTripleChecker+Valid, 178 SdHoareTripleChecker+Invalid, 34 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 33 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-02-05 15:53:28,297 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [67 Valid, 178 Invalid, 34 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 33 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-02-05 15:53:28,299 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 56 states. [2025-02-05 15:53:28,307 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 56 to 56. [2025-02-05 15:53:28,308 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 56 states, 46 states have (on average 1.326086956521739) internal successors, (61), 51 states have internal predecessors, (61), 5 states have call successors, (5), 4 states have call predecessors, (5), 4 states have return successors, (5), 4 states have call predecessors, (5), 5 states have call successors, (5) [2025-02-05 15:53:28,308 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 56 states to 56 states and 71 transitions. [2025-02-05 15:53:28,311 INFO L78 Accepts]: Start accepts. Automaton has 56 states and 71 transitions. Word has length 24 [2025-02-05 15:53:28,312 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:53:28,312 INFO L471 AbstractCegarLoop]: Abstraction has 56 states and 71 transitions. [2025-02-05 15:53:28,312 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 3.8333333333333335) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-02-05 15:53:28,312 INFO L276 IsEmpty]: Start isEmpty. Operand 56 states and 71 transitions. [2025-02-05 15:53:28,312 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2025-02-05 15:53:28,312 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:53:28,313 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:53:28,313 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-02-05 15:53:28,313 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:53:28,313 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:53:28,313 INFO L85 PathProgramCache]: Analyzing trace with hash 1171298757, now seen corresponding path program 1 times [2025-02-05 15:53:28,313 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:53:28,313 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1651424873] [2025-02-05 15:53:28,313 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:28,314 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:53:28,335 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 29 statements into 1 equivalence classes. [2025-02-05 15:53:28,343 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 29 of 29 statements. [2025-02-05 15:53:28,343 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:28,343 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:28,386 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:53:28,387 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:53:28,387 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1651424873] [2025-02-05 15:53:28,387 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1651424873] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:53:28,387 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:53:28,387 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-02-05 15:53:28,387 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [720146266] [2025-02-05 15:53:28,387 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:53:28,388 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:53:28,388 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:53:28,389 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:53:28,389 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:53:28,389 INFO L87 Difference]: Start difference. First operand 56 states and 71 transitions. Second operand has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:53:28,420 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:53:28,421 INFO L93 Difference]: Finished difference Result 140 states and 182 transitions. [2025-02-05 15:53:28,422 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:53:28,422 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 29 [2025-02-05 15:53:28,422 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:53:28,423 INFO L225 Difference]: With dead ends: 140 [2025-02-05 15:53:28,423 INFO L226 Difference]: Without dead ends: 91 [2025-02-05 15:53:28,423 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:53:28,424 INFO L435 NwaCegarLoop]: 68 mSDtfsCounter, 60 mSDsluCounter, 44 mSDsCounter, 0 mSdLazyCounter, 7 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 60 SdHoareTripleChecker+Valid, 112 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 7 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:53:28,424 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [60 Valid, 112 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 7 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:53:28,425 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 91 states. [2025-02-05 15:53:28,435 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 91 to 89. [2025-02-05 15:53:28,436 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 89 states, 72 states have (on average 1.3194444444444444) internal successors, (95), 79 states have internal predecessors, (95), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (10), 8 states have call predecessors, (10), 8 states have call successors, (10) [2025-02-05 15:53:28,436 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 89 states to 89 states and 113 transitions. [2025-02-05 15:53:28,437 INFO L78 Accepts]: Start accepts. Automaton has 89 states and 113 transitions. Word has length 29 [2025-02-05 15:53:28,437 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:53:28,437 INFO L471 AbstractCegarLoop]: Abstraction has 89 states and 113 transitions. [2025-02-05 15:53:28,437 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:53:28,437 INFO L276 IsEmpty]: Start isEmpty. Operand 89 states and 113 transitions. [2025-02-05 15:53:28,437 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2025-02-05 15:53:28,437 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:53:28,438 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:53:28,438 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-02-05 15:53:28,438 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:53:28,438 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:53:28,438 INFO L85 PathProgramCache]: Analyzing trace with hash 1370524384, now seen corresponding path program 1 times [2025-02-05 15:53:28,438 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:53:28,438 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [560002892] [2025-02-05 15:53:28,438 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:28,438 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:53:28,444 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 35 statements into 1 equivalence classes. [2025-02-05 15:53:28,449 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 35 of 35 statements. [2025-02-05 15:53:28,449 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:28,449 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:28,527 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:53:28,527 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:53:28,527 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [560002892] [2025-02-05 15:53:28,528 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [560002892] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:53:28,528 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:53:28,528 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-02-05 15:53:28,528 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [79450396] [2025-02-05 15:53:28,528 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:53:28,529 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-02-05 15:53:28,529 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:53:28,530 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-02-05 15:53:28,530 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-02-05 15:53:28,530 INFO L87 Difference]: Start difference. First operand 89 states and 113 transitions. Second operand has 6 states, 6 states have (on average 5.333333333333333) internal successors, (32), 6 states have internal predecessors, (32), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:53:28,567 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:53:28,571 INFO L93 Difference]: Finished difference Result 173 states and 226 transitions. [2025-02-05 15:53:28,571 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2025-02-05 15:53:28,572 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.333333333333333) internal successors, (32), 6 states have internal predecessors, (32), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 35 [2025-02-05 15:53:28,572 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:53:28,573 INFO L225 Difference]: With dead ends: 173 [2025-02-05 15:53:28,573 INFO L226 Difference]: Without dead ends: 91 [2025-02-05 15:53:28,575 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-02-05 15:53:28,576 INFO L435 NwaCegarLoop]: 67 mSDtfsCounter, 0 mSDsluCounter, 260 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 327 SdHoareTripleChecker+Invalid, 25 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:53:28,576 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 327 Invalid, 25 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:53:28,577 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 91 states. [2025-02-05 15:53:28,583 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 91 to 91. [2025-02-05 15:53:28,583 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 91 states, 74 states have (on average 1.3108108108108107) internal successors, (97), 81 states have internal predecessors, (97), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (10), 8 states have call predecessors, (10), 8 states have call successors, (10) [2025-02-05 15:53:28,587 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 91 states to 91 states and 115 transitions. [2025-02-05 15:53:28,592 INFO L78 Accepts]: Start accepts. Automaton has 91 states and 115 transitions. Word has length 35 [2025-02-05 15:53:28,592 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:53:28,592 INFO L471 AbstractCegarLoop]: Abstraction has 91 states and 115 transitions. [2025-02-05 15:53:28,592 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.333333333333333) internal successors, (32), 6 states have internal predecessors, (32), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:53:28,592 INFO L276 IsEmpty]: Start isEmpty. Operand 91 states and 115 transitions. [2025-02-05 15:53:28,593 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2025-02-05 15:53:28,593 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:53:28,593 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:53:28,593 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-02-05 15:53:28,594 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:53:28,594 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:53:28,595 INFO L85 PathProgramCache]: Analyzing trace with hash 1876083009, now seen corresponding path program 1 times [2025-02-05 15:53:28,597 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:53:28,597 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [728748985] [2025-02-05 15:53:28,597 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:28,597 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:53:28,604 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 35 statements into 1 equivalence classes. [2025-02-05 15:53:28,610 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 35 of 35 statements. [2025-02-05 15:53:28,615 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:28,615 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:28,711 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:53:28,711 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:53:28,711 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [728748985] [2025-02-05 15:53:28,711 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [728748985] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:53:28,711 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:53:28,711 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-02-05 15:53:28,711 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1648094425] [2025-02-05 15:53:28,712 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:53:28,712 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:53:28,712 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:53:28,712 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:53:28,713 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:53:28,713 INFO L87 Difference]: Start difference. First operand 91 states and 115 transitions. Second operand has 5 states, 5 states have (on average 6.4) internal successors, (32), 5 states have internal predecessors, (32), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:53:28,770 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:53:28,772 INFO L93 Difference]: Finished difference Result 241 states and 320 transitions. [2025-02-05 15:53:28,772 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:53:28,772 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.4) internal successors, (32), 5 states have internal predecessors, (32), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 35 [2025-02-05 15:53:28,773 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:53:28,774 INFO L225 Difference]: With dead ends: 241 [2025-02-05 15:53:28,774 INFO L226 Difference]: Without dead ends: 157 [2025-02-05 15:53:28,774 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-02-05 15:53:28,777 INFO L435 NwaCegarLoop]: 65 mSDtfsCounter, 27 mSDsluCounter, 186 mSDsCounter, 0 mSdLazyCounter, 27 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 27 SdHoareTripleChecker+Valid, 251 SdHoareTripleChecker+Invalid, 30 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 27 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:53:28,777 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [27 Valid, 251 Invalid, 30 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 27 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:53:28,777 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 157 states. [2025-02-05 15:53:28,799 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 157 to 157. [2025-02-05 15:53:28,800 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 157 states, 128 states have (on average 1.28125) internal successors, (164), 138 states have internal predecessors, (164), 15 states have call successors, (15), 15 states have call predecessors, (15), 13 states have return successors, (21), 13 states have call predecessors, (21), 15 states have call successors, (21) [2025-02-05 15:53:28,804 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 157 states to 157 states and 200 transitions. [2025-02-05 15:53:28,804 INFO L78 Accepts]: Start accepts. Automaton has 157 states and 200 transitions. Word has length 35 [2025-02-05 15:53:28,804 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:53:28,804 INFO L471 AbstractCegarLoop]: Abstraction has 157 states and 200 transitions. [2025-02-05 15:53:28,805 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.4) internal successors, (32), 5 states have internal predecessors, (32), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:53:28,805 INFO L276 IsEmpty]: Start isEmpty. Operand 157 states and 200 transitions. [2025-02-05 15:53:28,805 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 40 [2025-02-05 15:53:28,805 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:53:28,805 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:53:28,806 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-02-05 15:53:28,806 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:53:28,806 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:53:28,806 INFO L85 PathProgramCache]: Analyzing trace with hash -1898455389, now seen corresponding path program 1 times [2025-02-05 15:53:28,806 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:53:28,806 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [936157607] [2025-02-05 15:53:28,806 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:28,806 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:53:28,816 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 39 statements into 1 equivalence classes. [2025-02-05 15:53:28,824 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 39 of 39 statements. [2025-02-05 15:53:28,828 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:28,829 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:28,892 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:53:28,893 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:53:28,893 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [936157607] [2025-02-05 15:53:28,893 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [936157607] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:53:28,893 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:53:28,893 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-02-05 15:53:28,893 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [485441659] [2025-02-05 15:53:28,894 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:53:28,894 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:53:28,894 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:53:28,894 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:53:28,894 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:53:28,895 INFO L87 Difference]: Start difference. First operand 157 states and 200 transitions. Second operand has 5 states, 5 states have (on average 6.8) internal successors, (34), 5 states have internal predecessors, (34), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2025-02-05 15:53:28,944 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:53:28,945 INFO L93 Difference]: Finished difference Result 159 states and 201 transitions. [2025-02-05 15:53:28,945 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:53:28,945 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.8) internal successors, (34), 5 states have internal predecessors, (34), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 39 [2025-02-05 15:53:28,946 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:53:28,947 INFO L225 Difference]: With dead ends: 159 [2025-02-05 15:53:28,948 INFO L226 Difference]: Without dead ends: 157 [2025-02-05 15:53:28,948 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-02-05 15:53:28,949 INFO L435 NwaCegarLoop]: 66 mSDtfsCounter, 47 mSDsluCounter, 173 mSDsCounter, 0 mSdLazyCounter, 22 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 47 SdHoareTripleChecker+Valid, 239 SdHoareTripleChecker+Invalid, 24 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 22 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:53:28,949 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [47 Valid, 239 Invalid, 24 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 22 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:53:28,950 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 157 states. [2025-02-05 15:53:28,964 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 157 to 157. [2025-02-05 15:53:28,965 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 157 states, 128 states have (on average 1.2734375) internal successors, (163), 138 states have internal predecessors, (163), 15 states have call successors, (15), 15 states have call predecessors, (15), 13 states have return successors, (21), 13 states have call predecessors, (21), 15 states have call successors, (21) [2025-02-05 15:53:28,965 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 157 states to 157 states and 199 transitions. [2025-02-05 15:53:28,966 INFO L78 Accepts]: Start accepts. Automaton has 157 states and 199 transitions. Word has length 39 [2025-02-05 15:53:28,966 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:53:28,966 INFO L471 AbstractCegarLoop]: Abstraction has 157 states and 199 transitions. [2025-02-05 15:53:28,966 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.8) internal successors, (34), 5 states have internal predecessors, (34), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2025-02-05 15:53:28,966 INFO L276 IsEmpty]: Start isEmpty. Operand 157 states and 199 transitions. [2025-02-05 15:53:28,967 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2025-02-05 15:53:28,967 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:53:28,967 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:53:28,967 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-02-05 15:53:28,967 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:53:28,968 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:53:28,968 INFO L85 PathProgramCache]: Analyzing trace with hash -828392441, now seen corresponding path program 1 times [2025-02-05 15:53:28,968 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:53:28,968 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [322374416] [2025-02-05 15:53:28,968 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:28,968 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:53:28,978 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 41 statements into 1 equivalence classes. [2025-02-05 15:53:28,984 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 41 of 41 statements. [2025-02-05 15:53:28,986 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:28,986 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:29,053 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:53:29,053 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:53:29,053 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [322374416] [2025-02-05 15:53:29,053 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [322374416] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:53:29,053 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:53:29,054 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-02-05 15:53:29,054 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1236339740] [2025-02-05 15:53:29,054 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:53:29,054 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:53:29,054 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:53:29,055 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:53:29,055 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:53:29,055 INFO L87 Difference]: Start difference. First operand 157 states and 199 transitions. Second operand has 5 states, 5 states have (on average 7.6) internal successors, (38), 5 states have internal predecessors, (38), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:53:29,098 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:53:29,099 INFO L93 Difference]: Finished difference Result 279 states and 358 transitions. [2025-02-05 15:53:29,101 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:53:29,102 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.6) internal successors, (38), 5 states have internal predecessors, (38), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 41 [2025-02-05 15:53:29,102 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:53:29,103 INFO L225 Difference]: With dead ends: 279 [2025-02-05 15:53:29,103 INFO L226 Difference]: Without dead ends: 129 [2025-02-05 15:53:29,104 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:53:29,105 INFO L435 NwaCegarLoop]: 68 mSDtfsCounter, 0 mSDsluCounter, 197 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 265 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:53:29,105 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 265 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:53:29,106 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 129 states. [2025-02-05 15:53:29,112 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 129 to 129. [2025-02-05 15:53:29,113 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 129 states, 105 states have (on average 1.2571428571428571) internal successors, (132), 113 states have internal predecessors, (132), 12 states have call successors, (12), 12 states have call predecessors, (12), 11 states have return successors, (14), 11 states have call predecessors, (14), 12 states have call successors, (14) [2025-02-05 15:53:29,113 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 129 states to 129 states and 158 transitions. [2025-02-05 15:53:29,113 INFO L78 Accepts]: Start accepts. Automaton has 129 states and 158 transitions. Word has length 41 [2025-02-05 15:53:29,114 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:53:29,114 INFO L471 AbstractCegarLoop]: Abstraction has 129 states and 158 transitions. [2025-02-05 15:53:29,114 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.6) internal successors, (38), 5 states have internal predecessors, (38), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:53:29,114 INFO L276 IsEmpty]: Start isEmpty. Operand 129 states and 158 transitions. [2025-02-05 15:53:29,114 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2025-02-05 15:53:29,115 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:53:29,115 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:53:29,115 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-02-05 15:53:29,115 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:53:29,115 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:53:29,115 INFO L85 PathProgramCache]: Analyzing trace with hash 961895972, now seen corresponding path program 1 times [2025-02-05 15:53:29,115 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:53:29,116 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1124377915] [2025-02-05 15:53:29,116 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:29,116 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:53:29,121 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 41 statements into 1 equivalence classes. [2025-02-05 15:53:29,126 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 41 of 41 statements. [2025-02-05 15:53:29,127 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:29,127 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:29,207 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:53:29,207 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:53:29,207 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1124377915] [2025-02-05 15:53:29,207 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1124377915] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:53:29,207 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:53:29,207 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-02-05 15:53:29,207 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1913075227] [2025-02-05 15:53:29,207 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:53:29,207 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:53:29,207 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:53:29,208 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:53:29,208 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:53:29,208 INFO L87 Difference]: Start difference. First operand 129 states and 158 transitions. Second operand has 5 states, 5 states have (on average 7.6) internal successors, (38), 5 states have internal predecessors, (38), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:53:29,259 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:53:29,259 INFO L93 Difference]: Finished difference Result 278 states and 366 transitions. [2025-02-05 15:53:29,260 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:53:29,260 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.6) internal successors, (38), 5 states have internal predecessors, (38), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 41 [2025-02-05 15:53:29,260 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:53:29,261 INFO L225 Difference]: With dead ends: 278 [2025-02-05 15:53:29,262 INFO L226 Difference]: Without dead ends: 191 [2025-02-05 15:53:29,262 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-02-05 15:53:29,262 INFO L435 NwaCegarLoop]: 110 mSDtfsCounter, 38 mSDsluCounter, 268 mSDsCounter, 0 mSdLazyCounter, 30 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 38 SdHoareTripleChecker+Valid, 378 SdHoareTripleChecker+Invalid, 34 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 30 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:53:29,263 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [38 Valid, 378 Invalid, 34 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 30 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:53:29,263 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 191 states. [2025-02-05 15:53:29,272 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 191 to 191. [2025-02-05 15:53:29,273 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 191 states, 153 states have (on average 1.2483660130718954) internal successors, (191), 164 states have internal predecessors, (191), 19 states have call successors, (19), 19 states have call predecessors, (19), 18 states have return successors, (30), 18 states have call predecessors, (30), 19 states have call successors, (30) [2025-02-05 15:53:29,275 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 191 states to 191 states and 240 transitions. [2025-02-05 15:53:29,276 INFO L78 Accepts]: Start accepts. Automaton has 191 states and 240 transitions. Word has length 41 [2025-02-05 15:53:29,276 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:53:29,277 INFO L471 AbstractCegarLoop]: Abstraction has 191 states and 240 transitions. [2025-02-05 15:53:29,277 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.6) internal successors, (38), 5 states have internal predecessors, (38), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-02-05 15:53:29,277 INFO L276 IsEmpty]: Start isEmpty. Operand 191 states and 240 transitions. [2025-02-05 15:53:29,279 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 66 [2025-02-05 15:53:29,280 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:53:29,280 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:53:29,280 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-02-05 15:53:29,280 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:53:29,280 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:53:29,281 INFO L85 PathProgramCache]: Analyzing trace with hash 7281076, now seen corresponding path program 1 times [2025-02-05 15:53:29,281 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:53:29,281 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [331239103] [2025-02-05 15:53:29,281 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:29,281 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:53:29,291 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 65 statements into 1 equivalence classes. [2025-02-05 15:53:29,300 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 65 of 65 statements. [2025-02-05 15:53:29,300 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:29,300 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:29,428 INFO L134 CoverageAnalysis]: Checked inductivity of 16 backedges. 12 proven. 4 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:53:29,428 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:53:29,428 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [331239103] [2025-02-05 15:53:29,428 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [331239103] provided 0 perfect and 1 imperfect interpolant sequences [2025-02-05 15:53:29,428 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [699168029] [2025-02-05 15:53:29,428 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:29,428 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-02-05 15:53:29,429 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-02-05 15:53:29,431 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-02-05 15:53:29,432 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-02-05 15:53:29,476 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 65 statements into 1 equivalence classes. [2025-02-05 15:53:29,502 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 65 of 65 statements. [2025-02-05 15:53:29,502 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:29,502 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:29,504 INFO L256 TraceCheckSpWp]: Trace formula consists of 250 conjuncts, 8 conjuncts are in the unsatisfiable core [2025-02-05 15:53:29,508 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-02-05 15:53:29,589 INFO L134 CoverageAnalysis]: Checked inductivity of 16 backedges. 12 proven. 4 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:53:29,589 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-02-05 15:53:29,680 INFO L134 CoverageAnalysis]: Checked inductivity of 16 backedges. 12 proven. 4 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-02-05 15:53:29,680 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [699168029] provided 0 perfect and 2 imperfect interpolant sequences [2025-02-05 15:53:29,680 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2025-02-05 15:53:29,680 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [6, 6, 6] total 6 [2025-02-05 15:53:29,680 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [953049558] [2025-02-05 15:53:29,681 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2025-02-05 15:53:29,681 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-02-05 15:53:29,681 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:53:29,681 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-02-05 15:53:29,681 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2025-02-05 15:53:29,681 INFO L87 Difference]: Start difference. First operand 191 states and 240 transitions. Second operand has 6 states, 6 states have (on average 9.833333333333334) internal successors, (59), 6 states have internal predecessors, (59), 3 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2025-02-05 15:53:29,780 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:53:29,781 INFO L93 Difference]: Finished difference Result 438 states and 585 transitions. [2025-02-05 15:53:29,781 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2025-02-05 15:53:29,781 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 9.833333333333334) internal successors, (59), 6 states have internal predecessors, (59), 3 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 65 [2025-02-05 15:53:29,782 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:53:29,806 INFO L225 Difference]: With dead ends: 438 [2025-02-05 15:53:29,808 INFO L226 Difference]: Without dead ends: 289 [2025-02-05 15:53:29,809 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 139 GetRequests, 126 SyntacticMatches, 5 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 10 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=30, Invalid=60, Unknown=0, NotChecked=0, Total=90 [2025-02-05 15:53:29,810 INFO L435 NwaCegarLoop]: 99 mSDtfsCounter, 67 mSDsluCounter, 288 mSDsCounter, 0 mSdLazyCounter, 57 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 67 SdHoareTripleChecker+Valid, 387 SdHoareTripleChecker+Invalid, 63 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 57 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-02-05 15:53:29,810 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [67 Valid, 387 Invalid, 63 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 57 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-02-05 15:53:29,811 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 289 states. [2025-02-05 15:53:29,828 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 289 to 261. [2025-02-05 15:53:29,829 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 261 states, 207 states have (on average 1.2560386473429952) internal successors, (260), 222 states have internal predecessors, (260), 27 states have call successors, (27), 27 states have call predecessors, (27), 26 states have return successors, (46), 24 states have call predecessors, (46), 27 states have call successors, (46) [2025-02-05 15:53:29,831 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 261 states to 261 states and 333 transitions. [2025-02-05 15:53:29,831 INFO L78 Accepts]: Start accepts. Automaton has 261 states and 333 transitions. Word has length 65 [2025-02-05 15:53:29,832 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:53:29,832 INFO L471 AbstractCegarLoop]: Abstraction has 261 states and 333 transitions. [2025-02-05 15:53:29,832 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 9.833333333333334) internal successors, (59), 6 states have internal predecessors, (59), 3 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2025-02-05 15:53:29,832 INFO L276 IsEmpty]: Start isEmpty. Operand 261 states and 333 transitions. [2025-02-05 15:53:29,834 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 90 [2025-02-05 15:53:29,834 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:53:29,834 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:53:29,841 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2025-02-05 15:53:30,035 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2025-02-05 15:53:30,035 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:53:30,036 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:53:30,036 INFO L85 PathProgramCache]: Analyzing trace with hash -269277884, now seen corresponding path program 2 times [2025-02-05 15:53:30,036 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:53:30,036 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [690588103] [2025-02-05 15:53:30,036 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-02-05 15:53:30,036 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:53:30,048 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 89 statements into 2 equivalence classes. [2025-02-05 15:53:30,061 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) and asserted 89 of 89 statements. [2025-02-05 15:53:30,062 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2025-02-05 15:53:30,062 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-02-05 15:53:30,062 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-02-05 15:53:30,066 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 89 statements into 1 equivalence classes. [2025-02-05 15:53:30,073 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 89 of 89 statements. [2025-02-05 15:53:30,073 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:30,073 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-02-05 15:53:30,089 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-02-05 15:53:30,089 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-02-05 15:53:30,090 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-02-05 15:53:30,091 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2025-02-05 15:53:30,093 INFO L422 BasicCegarLoop]: Path program histogram: [2, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:53:30,137 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-02-05 15:53:30,139 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 05.02 03:53:30 BoogieIcfgContainer [2025-02-05 15:53:30,139 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-02-05 15:53:30,139 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-02-05 15:53:30,139 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-02-05 15:53:30,139 INFO L274 PluginConnector]: Witness Printer initialized [2025-02-05 15:53:30,140 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:53:27" (3/4) ... [2025-02-05 15:53:30,140 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-02-05 15:53:30,213 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 87. [2025-02-05 15:53:30,294 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-02-05 15:53:30,294 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.yml [2025-02-05 15:53:30,294 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-02-05 15:53:30,295 INFO L158 Benchmark]: Toolchain (without parser) took 3347.35ms. Allocated memory is still 167.8MB. Free memory was 132.3MB in the beginning and 103.0MB in the end (delta: 29.2MB). Peak memory consumption was 25.4MB. Max. memory is 16.1GB. [2025-02-05 15:53:30,295 INFO L158 Benchmark]: CDTParser took 0.30ms. Allocated memory is still 201.3MB. Free memory is still 126.7MB. There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:53:30,295 INFO L158 Benchmark]: CACSL2BoogieTranslator took 337.64ms. Allocated memory is still 167.8MB. Free memory was 132.3MB in the beginning and 113.8MB in the end (delta: 18.5MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-02-05 15:53:30,295 INFO L158 Benchmark]: Boogie Procedure Inliner took 28.01ms. Allocated memory is still 167.8MB. Free memory was 113.8MB in the beginning and 112.1MB in the end (delta: 1.7MB). There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:53:30,295 INFO L158 Benchmark]: Boogie Preprocessor took 28.00ms. Allocated memory is still 167.8MB. Free memory was 112.1MB in the beginning and 110.4MB in the end (delta: 1.7MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-02-05 15:53:30,295 INFO L158 Benchmark]: IcfgBuilder took 326.87ms. Allocated memory is still 167.8MB. Free memory was 110.4MB in the beginning and 93.3MB in the end (delta: 17.2MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-02-05 15:53:30,296 INFO L158 Benchmark]: TraceAbstraction took 2466.68ms. Allocated memory is still 167.8MB. Free memory was 92.4MB in the beginning and 114.1MB in the end (delta: -21.6MB). There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:53:30,296 INFO L158 Benchmark]: Witness Printer took 155.03ms. Allocated memory is still 167.8MB. Free memory was 114.1MB in the beginning and 103.0MB in the end (delta: 11.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-02-05 15:53:30,297 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.30ms. Allocated memory is still 201.3MB. Free memory is still 126.7MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 337.64ms. Allocated memory is still 167.8MB. Free memory was 132.3MB in the beginning and 113.8MB in the end (delta: 18.5MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 28.01ms. Allocated memory is still 167.8MB. Free memory was 113.8MB in the beginning and 112.1MB in the end (delta: 1.7MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 28.00ms. Allocated memory is still 167.8MB. Free memory was 112.1MB in the beginning and 110.4MB in the end (delta: 1.7MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * IcfgBuilder took 326.87ms. Allocated memory is still 167.8MB. Free memory was 110.4MB in the beginning and 93.3MB in the end (delta: 17.2MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 2466.68ms. Allocated memory is still 167.8MB. Free memory was 92.4MB in the beginning and 114.1MB in the end (delta: -21.6MB). There was no memory consumed. Max. memory is 16.1GB. * Witness Printer took 155.03ms. Allocated memory is still 167.8MB. Free memory was 114.1MB in the beginning and 103.0MB in the end (delta: 11.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 150]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [150] - GenericResultAtLocation [Line: 516]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [516] - GenericResultAtLocation [Line: 554]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification4_spec.i","") [554] - GenericResultAtLocation [Line: 582]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [582] - GenericResultAtLocation [Line: 681]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [681] - GenericResultAtLocation [Line: 749]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [749] - GenericResultAtLocation [Line: 929]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [929] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 934]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L57] int waterLevel = 1; [L58] int methaneLevelCritical = 0; [L320] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; [L583] int cleanupTimeShifts = 4; [L752] int pumpRunning = 0; [L753] int systemActive = 1; VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L659] int retValue_acc ; [L660] int tmp ; [L664] FCALL select_helpers() [L665] FCALL select_features() [L666] CALL, EXPR valid_product() [L546] int retValue_acc ; [L549] retValue_acc = 1 [L550] return (retValue_acc); VAL [\result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L666] RET, EXPR valid_product() [L666] tmp = valid_product() [L668] COND TRUE \read(tmp) [L670] FCALL setup() [L671] CALL runTest() [L653] CALL test() [L684] int splverifierCounter ; [L685] int tmp ; [L686] int tmp___0 ; [L687] int tmp___1 ; [L688] int tmp___2 ; [L691] splverifierCounter = 0 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L693] COND TRUE 1 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L695] COND TRUE splverifierCounter < 4 [L701] tmp = __VERIFIER_nondet_int() [L703] COND TRUE \read(tmp) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L705] CALL waterRise() VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L75] COND TRUE waterLevel < 2 [L76] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L705] RET waterRise() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L711] tmp___0 = __VERIFIER_nondet_int() [L713] COND FALSE !(\read(tmp___0)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L721] tmp___2 = __VERIFIER_nondet_int() [L723] COND FALSE !(\read(tmp___2)) [L729] tmp___1 = __VERIFIER_nondet_int() [L731] COND TRUE \read(tmp___1) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L738] CALL timeShift() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L759] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L766] COND TRUE \read(systemActive) [L768] CALL processEnvironment() [L788] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L791] COND TRUE ! pumpRunning [L793] CALL, EXPR isHighWaterLevel() [L903] int retValue_acc ; [L904] int tmp ; [L905] int tmp___0 ; [L909] CALL, EXPR isHighWaterSensorDry() [L137] int retValue_acc ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L140] COND FALSE !(waterLevel < 2) [L144] retValue_acc = 0 [L145] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L909] RET, EXPR isHighWaterSensorDry() [L909] tmp = isHighWaterSensorDry() [L911] COND FALSE !(\read(tmp)) [L914] tmp___0 = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L916] retValue_acc = tmp___0 [L917] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L793] RET, EXPR isHighWaterLevel() [L793] tmp = isHighWaterLevel() [L795] COND TRUE \read(tmp) [L797] CALL activatePump() [L822] int tmp ; [L826] CALL, EXPR isMethaneAlarm() [L847] int retValue_acc ; [L851] CALL, EXPR isMethaneLevelCritical() [L96] int retValue_acc ; [L99] retValue_acc = methaneLevelCritical [L100] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L851] RET, EXPR isMethaneLevelCritical() [L851] retValue_acc = isMethaneLevelCritical() [L853] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L826] RET, EXPR isMethaneAlarm() [L826] tmp = isMethaneAlarm() [L828] COND FALSE !(\read(tmp)) [L832] CALL activatePump__wrappee__highWaterSensor() [L816] pumpRunning = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L832] RET activatePump__wrappee__highWaterSensor() [L797] RET activatePump() [L768] RET processEnvironment() [L774] CALL __utac_acc__Specification4_spec__1() [L558] int tmp ; [L559] int tmp___0 ; [L563] CALL, EXPR getWaterLevel() [L128] int retValue_acc ; [L131] retValue_acc = waterLevel [L132] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L563] RET, EXPR getWaterLevel() [L563] tmp = getWaterLevel() [L565] COND FALSE !(tmp == 0) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L774] RET __utac_acc__Specification4_spec__1() [L738] RET timeShift() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L693] COND TRUE 1 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L695] COND TRUE splverifierCounter < 4 [L701] tmp = __VERIFIER_nondet_int() [L703] COND FALSE !(\read(tmp)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L711] tmp___0 = __VERIFIER_nondet_int() [L713] COND FALSE !(\read(tmp___0)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L721] tmp___2 = __VERIFIER_nondet_int() [L723] COND FALSE !(\read(tmp___2)) [L729] tmp___1 = __VERIFIER_nondet_int() [L731] COND TRUE \read(tmp___1) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L738] CALL timeShift() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L759] COND TRUE \read(pumpRunning) [L761] CALL lowerWaterLevel() [L63] COND TRUE waterLevel > 0 [L64] waterLevel = waterLevel - 1 VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L761] RET lowerWaterLevel() [L766] COND TRUE \read(systemActive) [L768] CALL processEnvironment() [L788] int tmp ; VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L791] COND FALSE !(! pumpRunning) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L806] FCALL processEnvironment__wrappee__base() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L768] RET processEnvironment() [L774] CALL __utac_acc__Specification4_spec__1() [L558] int tmp ; [L559] int tmp___0 ; [L563] CALL, EXPR getWaterLevel() [L128] int retValue_acc ; [L131] retValue_acc = waterLevel [L132] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L563] RET, EXPR getWaterLevel() [L563] tmp = getWaterLevel() [L565] COND FALSE !(tmp == 0) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L774] RET __utac_acc__Specification4_spec__1() [L738] RET timeShift() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L693] COND TRUE 1 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L695] COND TRUE splverifierCounter < 4 [L701] tmp = __VERIFIER_nondet_int() [L703] COND FALSE !(\read(tmp)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L711] tmp___0 = __VERIFIER_nondet_int() [L713] COND FALSE !(\read(tmp___0)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L721] tmp___2 = __VERIFIER_nondet_int() [L723] COND FALSE !(\read(tmp___2)) [L729] tmp___1 = __VERIFIER_nondet_int() [L731] COND TRUE \read(tmp___1) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L738] CALL timeShift() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L759] COND TRUE \read(pumpRunning) [L761] CALL lowerWaterLevel() [L63] COND TRUE waterLevel > 0 [L64] waterLevel = waterLevel - 1 VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L761] RET lowerWaterLevel() [L766] COND TRUE \read(systemActive) [L768] CALL processEnvironment() [L788] int tmp ; VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L791] COND FALSE !(! pumpRunning) VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L806] FCALL processEnvironment__wrappee__base() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L768] RET processEnvironment() [L774] CALL __utac_acc__Specification4_spec__1() [L558] int tmp ; [L559] int tmp___0 ; [L563] CALL, EXPR getWaterLevel() [L128] int retValue_acc ; [L131] retValue_acc = waterLevel [L132] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=1, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L563] RET, EXPR getWaterLevel() [L563] tmp = getWaterLevel() [L565] COND TRUE tmp == 0 [L567] CALL, EXPR isPumpRunning() [L858] int retValue_acc ; [L861] retValue_acc = pumpRunning [L862] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=1, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L567] RET, EXPR isPumpRunning() [L567] tmp___0 = isPumpRunning() [L569] COND TRUE \read(tmp___0) [L571] CALL __automaton_fail() [L934] reach_error() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] - StatisticsResult: Ultimate Automizer benchmark data CFG has 6 procedures, 74 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 2.4s, OverallIterations: 11, TraceHistogramMax: 3, PathProgramHistogramMax: 2, EmptinessCheckTime: 0.0s, AutomataDifference: 0.6s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 321 SdHoareTripleChecker+Valid, 0.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 318 mSDsluCounter, 2352 SdHoareTripleChecker+Invalid, 0.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1581 mSDsCounter, 19 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 220 IncrementalHoareTripleChecker+Invalid, 239 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 19 mSolverCounterUnsat, 771 mSDtfsCounter, 220 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 188 GetRequests, 145 SyntacticMatches, 5 SemanticMatches, 38 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 14 ImplicationChecksByTransitivity, 0.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=261occurred in iteration=10, InterpolantAutomatonStates: 47, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.1s AutomataMinimizationTime, 10 MinimizatonAttempts, 30 StatesRemovedByMinimization, 2 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 0.9s InterpolantComputationTime, 502 NumberOfCodeBlocks, 502 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 466 ConstructedInterpolants, 0 QuantifiedInterpolants, 872 SizeOfPredicates, 2 NumberOfNonLiveVariables, 250 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 36/48 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-02-05 15:53:30,313 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE