./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec1_product54.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version e2fb8bed Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec1_product54.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 90a76a2882b85be994db917b0e3084e326cc29272a09018948be7f2d57c03e00 --- Real Ultimate output --- This is Ultimate 0.3.0-?-e2fb8be-m [2025-03-08 05:38:52,213 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-03-08 05:38:52,272 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-03-08 05:38:52,276 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-03-08 05:38:52,277 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-03-08 05:38:52,298 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-03-08 05:38:52,299 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-03-08 05:38:52,299 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-03-08 05:38:52,299 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-03-08 05:38:52,299 INFO L153 SettingsManager]: * Use memory slicer=true [2025-03-08 05:38:52,299 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-03-08 05:38:52,299 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-03-08 05:38:52,301 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-03-08 05:38:52,301 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-03-08 05:38:52,301 INFO L153 SettingsManager]: * Use SBE=true [2025-03-08 05:38:52,302 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-03-08 05:38:52,302 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-03-08 05:38:52,302 INFO L153 SettingsManager]: * sizeof long=4 [2025-03-08 05:38:52,302 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-03-08 05:38:52,302 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-03-08 05:38:52,302 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-03-08 05:38:52,302 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-03-08 05:38:52,303 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-03-08 05:38:52,303 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-03-08 05:38:52,303 INFO L153 SettingsManager]: * sizeof long double=12 [2025-03-08 05:38:52,303 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-03-08 05:38:52,303 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-03-08 05:38:52,303 INFO L153 SettingsManager]: * Use constant arrays=true [2025-03-08 05:38:52,303 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-03-08 05:38:52,303 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-03-08 05:38:52,303 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-03-08 05:38:52,303 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-03-08 05:38:52,304 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-08 05:38:52,304 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-03-08 05:38:52,304 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-03-08 05:38:52,304 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-03-08 05:38:52,304 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-03-08 05:38:52,304 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-03-08 05:38:52,304 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-03-08 05:38:52,304 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-03-08 05:38:52,304 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-03-08 05:38:52,305 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-03-08 05:38:52,305 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-03-08 05:38:52,305 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 90a76a2882b85be994db917b0e3084e326cc29272a09018948be7f2d57c03e00 [2025-03-08 05:38:52,547 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-03-08 05:38:52,557 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-03-08 05:38:52,559 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-03-08 05:38:52,560 INFO L270 PluginConnector]: Initializing CDTParser... [2025-03-08 05:38:52,560 INFO L274 PluginConnector]: CDTParser initialized [2025-03-08 05:38:52,563 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec1_product54.cil.c [2025-03-08 05:38:53,743 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/63f20ea56/6ab4f899d87e4fa2b961d182058b0872/FLAG3fdd5a6de [2025-03-08 05:38:54,033 INFO L384 CDTParser]: Found 1 translation units. [2025-03-08 05:38:54,034 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product54.cil.c [2025-03-08 05:38:54,045 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/63f20ea56/6ab4f899d87e4fa2b961d182058b0872/FLAG3fdd5a6de [2025-03-08 05:38:54,060 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/63f20ea56/6ab4f899d87e4fa2b961d182058b0872 [2025-03-08 05:38:54,062 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-03-08 05:38:54,064 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-03-08 05:38:54,065 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-03-08 05:38:54,065 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-03-08 05:38:54,069 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-03-08 05:38:54,069 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.03 05:38:54" (1/1) ... [2025-03-08 05:38:54,070 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6969ebf1 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:38:54, skipping insertion in model container [2025-03-08 05:38:54,070 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.03 05:38:54" (1/1) ... [2025-03-08 05:38:54,100 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-03-08 05:38:54,241 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product54.cil.c[3816,3829] [2025-03-08 05:38:54,303 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-08 05:38:54,315 INFO L200 MainTranslator]: Completed pre-run [2025-03-08 05:38:54,321 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] [2025-03-08 05:38:54,322 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [153] [2025-03-08 05:38:54,322 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [221] [2025-03-08 05:38:54,322 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [230] [2025-03-08 05:38:54,323 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [470] [2025-03-08 05:38:54,323 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [505] [2025-03-08 05:38:54,323 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [531] [2025-03-08 05:38:54,323 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [897] [2025-03-08 05:38:54,335 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product54.cil.c[3816,3829] [2025-03-08 05:38:54,387 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-08 05:38:54,404 INFO L204 MainTranslator]: Completed translation [2025-03-08 05:38:54,405 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:38:54 WrapperNode [2025-03-08 05:38:54,405 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-03-08 05:38:54,406 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-03-08 05:38:54,406 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-03-08 05:38:54,406 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-03-08 05:38:54,410 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:38:54" (1/1) ... [2025-03-08 05:38:54,419 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:38:54" (1/1) ... [2025-03-08 05:38:54,439 INFO L138 Inliner]: procedures = 57, calls = 103, calls flagged for inlining = 23, calls inlined = 20, statements flattened = 216 [2025-03-08 05:38:54,439 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-03-08 05:38:54,439 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-03-08 05:38:54,439 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-03-08 05:38:54,439 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-03-08 05:38:54,446 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:38:54" (1/1) ... [2025-03-08 05:38:54,446 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:38:54" (1/1) ... [2025-03-08 05:38:54,447 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:38:54" (1/1) ... [2025-03-08 05:38:54,463 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-03-08 05:38:54,463 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:38:54" (1/1) ... [2025-03-08 05:38:54,463 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:38:54" (1/1) ... [2025-03-08 05:38:54,468 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:38:54" (1/1) ... [2025-03-08 05:38:54,469 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:38:54" (1/1) ... [2025-03-08 05:38:54,470 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:38:54" (1/1) ... [2025-03-08 05:38:54,470 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:38:54" (1/1) ... [2025-03-08 05:38:54,471 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-03-08 05:38:54,472 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-03-08 05:38:54,472 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-03-08 05:38:54,472 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-03-08 05:38:54,473 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:38:54" (1/1) ... [2025-03-08 05:38:54,477 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-08 05:38:54,485 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-08 05:38:54,495 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-03-08 05:38:54,498 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-03-08 05:38:54,514 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-03-08 05:38:54,515 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2025-03-08 05:38:54,515 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2025-03-08 05:38:54,515 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2025-03-08 05:38:54,515 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2025-03-08 05:38:54,515 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-03-08 05:38:54,515 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-03-08 05:38:54,515 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-03-08 05:38:54,515 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-03-08 05:38:54,515 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2025-03-08 05:38:54,515 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2025-03-08 05:38:54,515 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-03-08 05:38:54,515 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-03-08 05:38:54,515 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2025-03-08 05:38:54,515 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2025-03-08 05:38:54,515 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2025-03-08 05:38:54,515 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2025-03-08 05:38:54,515 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-03-08 05:38:54,515 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-03-08 05:38:54,515 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-03-08 05:38:54,515 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-03-08 05:38:54,515 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-03-08 05:38:54,579 INFO L256 CfgBuilder]: Building ICFG [2025-03-08 05:38:54,580 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2025-03-08 05:38:54,621 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L943: #res := ~retValue_acc~10; [2025-03-08 05:38:54,669 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L376-1: isMethaneAlarm_#res#1 := isMethaneAlarm_~retValue_acc~1#1; [2025-03-08 05:38:54,669 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L385-1: isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~2#1; [2025-03-08 05:38:54,753 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L502-1: valid_product_#res#1 := valid_product_~retValue_acc~6#1; [2025-03-08 05:38:54,753 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L150-1: main_#res#1 := main_~retValue_acc~0#1; [2025-03-08 05:38:54,779 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L989-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~12#1; [2025-03-08 05:38:54,780 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L440-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~3#1; [2025-03-08 05:38:54,805 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L459-1: isLowWaterLevel_#res#1 := isLowWaterLevel_~retValue_acc~4#1; [2025-03-08 05:38:54,806 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L998-1: isLowWaterSensorDry_#res#1 := isLowWaterSensorDry_~retValue_acc~13#1; [2025-03-08 05:38:54,823 INFO L? ?]: Removed 49 outVars from TransFormulas that were not future-live. [2025-03-08 05:38:54,824 INFO L307 CfgBuilder]: Performing block encoding [2025-03-08 05:38:54,832 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-03-08 05:38:54,833 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2025-03-08 05:38:54,833 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 08.03 05:38:54 BoogieIcfgContainer [2025-03-08 05:38:54,833 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-03-08 05:38:54,837 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-03-08 05:38:54,837 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-03-08 05:38:54,840 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-03-08 05:38:54,840 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 08.03 05:38:54" (1/3) ... [2025-03-08 05:38:54,841 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4a6b5585 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.03 05:38:54, skipping insertion in model container [2025-03-08 05:38:54,841 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:38:54" (2/3) ... [2025-03-08 05:38:54,841 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4a6b5585 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.03 05:38:54, skipping insertion in model container [2025-03-08 05:38:54,841 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 08.03 05:38:54" (3/3) ... [2025-03-08 05:38:54,842 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product54.cil.c [2025-03-08 05:38:54,854 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-03-08 05:38:54,855 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec1_product54.cil.c that has 10 procedures, 98 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-03-08 05:38:54,899 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-03-08 05:38:54,910 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@50b613d, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-03-08 05:38:54,910 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-03-08 05:38:54,913 INFO L276 IsEmpty]: Start isEmpty. Operand has 98 states, 71 states have (on average 1.3661971830985915) internal successors, (97), 81 states have internal predecessors, (97), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2025-03-08 05:38:54,919 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2025-03-08 05:38:54,920 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:38:54,920 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:38:54,920 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:38:54,925 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:38:54,926 INFO L85 PathProgramCache]: Analyzing trace with hash 1769086157, now seen corresponding path program 1 times [2025-03-08 05:38:54,931 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:38:54,933 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [786601330] [2025-03-08 05:38:54,934 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:38:54,934 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:38:54,998 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 23 statements into 1 equivalence classes. [2025-03-08 05:38:55,022 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 23 of 23 statements. [2025-03-08 05:38:55,024 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:38:55,024 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:38:55,167 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-08 05:38:55,168 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:38:55,168 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [786601330] [2025-03-08 05:38:55,169 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [786601330] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:38:55,169 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:38:55,170 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-08 05:38:55,171 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1619711968] [2025-03-08 05:38:55,172 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:38:55,174 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-08 05:38:55,174 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:38:55,187 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-08 05:38:55,188 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:38:55,191 INFO L87 Difference]: Start difference. First operand has 98 states, 71 states have (on average 1.3661971830985915) internal successors, (97), 81 states have internal predecessors, (97), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) Second operand has 3 states, 3 states have (on average 6.333333333333333) internal successors, (19), 3 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-08 05:38:55,222 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:38:55,223 INFO L93 Difference]: Finished difference Result 176 states and 234 transitions. [2025-03-08 05:38:55,224 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-08 05:38:55,225 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.333333333333333) internal successors, (19), 3 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2025-03-08 05:38:55,225 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:38:55,231 INFO L225 Difference]: With dead ends: 176 [2025-03-08 05:38:55,232 INFO L226 Difference]: Without dead ends: 81 [2025-03-08 05:38:55,235 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:38:55,237 INFO L435 NwaCegarLoop]: 108 mSDtfsCounter, 12 mSDsluCounter, 93 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 201 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:38:55,238 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [15 Valid, 201 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:38:55,247 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 81 states. [2025-03-08 05:38:55,260 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 81 to 81. [2025-03-08 05:38:55,261 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 81 states, 59 states have (on average 1.3389830508474576) internal successors, (79), 68 states have internal predecessors, (79), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 8 states have call predecessors, (13), 13 states have call successors, (13) [2025-03-08 05:38:55,264 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 81 states to 81 states and 105 transitions. [2025-03-08 05:38:55,265 INFO L78 Accepts]: Start accepts. Automaton has 81 states and 105 transitions. Word has length 23 [2025-03-08 05:38:55,265 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:38:55,265 INFO L471 AbstractCegarLoop]: Abstraction has 81 states and 105 transitions. [2025-03-08 05:38:55,266 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.333333333333333) internal successors, (19), 3 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-08 05:38:55,268 INFO L276 IsEmpty]: Start isEmpty. Operand 81 states and 105 transitions. [2025-03-08 05:38:55,269 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2025-03-08 05:38:55,269 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:38:55,269 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:38:55,270 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-03-08 05:38:55,271 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:38:55,271 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:38:55,271 INFO L85 PathProgramCache]: Analyzing trace with hash 1399227947, now seen corresponding path program 1 times [2025-03-08 05:38:55,271 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:38:55,271 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [830137228] [2025-03-08 05:38:55,272 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:38:55,272 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:38:55,281 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 27 statements into 1 equivalence classes. [2025-03-08 05:38:55,292 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 27 of 27 statements. [2025-03-08 05:38:55,292 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:38:55,292 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:38:55,402 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-08 05:38:55,402 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:38:55,402 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [830137228] [2025-03-08 05:38:55,402 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [830137228] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:38:55,402 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:38:55,402 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-08 05:38:55,403 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2073809276] [2025-03-08 05:38:55,403 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:38:55,403 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-08 05:38:55,403 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:38:55,404 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-08 05:38:55,404 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-08 05:38:55,404 INFO L87 Difference]: Start difference. First operand 81 states and 105 transitions. Second operand has 5 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-08 05:38:55,449 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:38:55,449 INFO L93 Difference]: Finished difference Result 155 states and 204 transitions. [2025-03-08 05:38:55,450 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-08 05:38:55,450 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 27 [2025-03-08 05:38:55,450 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:38:55,451 INFO L225 Difference]: With dead ends: 155 [2025-03-08 05:38:55,451 INFO L226 Difference]: Without dead ends: 81 [2025-03-08 05:38:55,452 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-03-08 05:38:55,452 INFO L435 NwaCegarLoop]: 101 mSDtfsCounter, 99 mSDsluCounter, 200 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 99 SdHoareTripleChecker+Valid, 301 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:38:55,452 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [99 Valid, 301 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:38:55,453 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 81 states. [2025-03-08 05:38:55,460 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 81 to 81. [2025-03-08 05:38:55,461 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 81 states, 59 states have (on average 1.3220338983050848) internal successors, (78), 68 states have internal predecessors, (78), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 8 states have call predecessors, (13), 13 states have call successors, (13) [2025-03-08 05:38:55,462 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 81 states to 81 states and 104 transitions. [2025-03-08 05:38:55,462 INFO L78 Accepts]: Start accepts. Automaton has 81 states and 104 transitions. Word has length 27 [2025-03-08 05:38:55,462 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:38:55,462 INFO L471 AbstractCegarLoop]: Abstraction has 81 states and 104 transitions. [2025-03-08 05:38:55,463 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-08 05:38:55,463 INFO L276 IsEmpty]: Start isEmpty. Operand 81 states and 104 transitions. [2025-03-08 05:38:55,464 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2025-03-08 05:38:55,464 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:38:55,464 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:38:55,464 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-03-08 05:38:55,464 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:38:55,465 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:38:55,465 INFO L85 PathProgramCache]: Analyzing trace with hash 281761510, now seen corresponding path program 1 times [2025-03-08 05:38:55,465 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:38:55,465 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [314853373] [2025-03-08 05:38:55,465 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:38:55,465 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:38:55,474 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 40 statements into 1 equivalence classes. [2025-03-08 05:38:55,483 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 40 of 40 statements. [2025-03-08 05:38:55,487 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:38:55,488 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:38:55,558 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-03-08 05:38:55,559 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:38:55,559 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [314853373] [2025-03-08 05:38:55,559 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [314853373] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:38:55,559 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:38:55,559 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-08 05:38:55,559 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1221803913] [2025-03-08 05:38:55,559 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:38:55,559 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-08 05:38:55,559 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:38:55,559 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-08 05:38:55,560 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:38:55,560 INFO L87 Difference]: Start difference. First operand 81 states and 104 transitions. Second operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2025-03-08 05:38:55,595 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:38:55,596 INFO L93 Difference]: Finished difference Result 200 states and 265 transitions. [2025-03-08 05:38:55,596 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-08 05:38:55,596 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 40 [2025-03-08 05:38:55,596 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:38:55,597 INFO L225 Difference]: With dead ends: 200 [2025-03-08 05:38:55,597 INFO L226 Difference]: Without dead ends: 126 [2025-03-08 05:38:55,597 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:38:55,598 INFO L435 NwaCegarLoop]: 120 mSDtfsCounter, 59 mSDsluCounter, 71 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 59 SdHoareTripleChecker+Valid, 191 SdHoareTripleChecker+Invalid, 19 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:38:55,598 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [59 Valid, 191 Invalid, 19 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:38:55,598 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 126 states. [2025-03-08 05:38:55,609 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 126 to 124. [2025-03-08 05:38:55,610 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 124 states, 91 states have (on average 1.2967032967032968) internal successors, (118), 99 states have internal predecessors, (118), 17 states have call successors, (17), 15 states have call predecessors, (17), 15 states have return successors, (23), 15 states have call predecessors, (23), 17 states have call successors, (23) [2025-03-08 05:38:55,611 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 124 states to 124 states and 158 transitions. [2025-03-08 05:38:55,611 INFO L78 Accepts]: Start accepts. Automaton has 124 states and 158 transitions. Word has length 40 [2025-03-08 05:38:55,611 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:38:55,611 INFO L471 AbstractCegarLoop]: Abstraction has 124 states and 158 transitions. [2025-03-08 05:38:55,611 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2025-03-08 05:38:55,611 INFO L276 IsEmpty]: Start isEmpty. Operand 124 states and 158 transitions. [2025-03-08 05:38:55,612 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2025-03-08 05:38:55,612 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:38:55,612 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:38:55,612 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-03-08 05:38:55,613 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:38:55,613 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:38:55,613 INFO L85 PathProgramCache]: Analyzing trace with hash -598274582, now seen corresponding path program 1 times [2025-03-08 05:38:55,613 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:38:55,613 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1097652294] [2025-03-08 05:38:55,613 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:38:55,613 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:38:55,619 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 46 statements into 1 equivalence classes. [2025-03-08 05:38:55,625 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 46 of 46 statements. [2025-03-08 05:38:55,625 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:38:55,625 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:38:55,678 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-08 05:38:55,678 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:38:55,678 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1097652294] [2025-03-08 05:38:55,678 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1097652294] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:38:55,678 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:38:55,678 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-08 05:38:55,678 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [193086714] [2025-03-08 05:38:55,678 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:38:55,679 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-08 05:38:55,679 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:38:55,679 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-08 05:38:55,679 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-08 05:38:55,679 INFO L87 Difference]: Start difference. First operand 124 states and 158 transitions. Second operand has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2025-03-08 05:38:55,703 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:38:55,704 INFO L93 Difference]: Finished difference Result 244 states and 319 transitions. [2025-03-08 05:38:55,704 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-08 05:38:55,704 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 46 [2025-03-08 05:38:55,705 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:38:55,705 INFO L225 Difference]: With dead ends: 244 [2025-03-08 05:38:55,706 INFO L226 Difference]: Without dead ends: 127 [2025-03-08 05:38:55,706 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-08 05:38:55,707 INFO L435 NwaCegarLoop]: 101 mSDtfsCounter, 0 mSDsluCounter, 297 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 398 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:38:55,707 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 398 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:38:55,707 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 127 states. [2025-03-08 05:38:55,717 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 127 to 127. [2025-03-08 05:38:55,718 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 127 states, 94 states have (on average 1.2872340425531914) internal successors, (121), 102 states have internal predecessors, (121), 17 states have call successors, (17), 15 states have call predecessors, (17), 15 states have return successors, (23), 15 states have call predecessors, (23), 17 states have call successors, (23) [2025-03-08 05:38:55,719 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 127 states to 127 states and 161 transitions. [2025-03-08 05:38:55,719 INFO L78 Accepts]: Start accepts. Automaton has 127 states and 161 transitions. Word has length 46 [2025-03-08 05:38:55,720 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:38:55,720 INFO L471 AbstractCegarLoop]: Abstraction has 127 states and 161 transitions. [2025-03-08 05:38:55,720 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2025-03-08 05:38:55,720 INFO L276 IsEmpty]: Start isEmpty. Operand 127 states and 161 transitions. [2025-03-08 05:38:55,721 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2025-03-08 05:38:55,721 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:38:55,721 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:38:55,721 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-03-08 05:38:55,722 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:38:55,722 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:38:55,722 INFO L85 PathProgramCache]: Analyzing trace with hash -1007098807, now seen corresponding path program 1 times [2025-03-08 05:38:55,722 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:38:55,722 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [50301179] [2025-03-08 05:38:55,722 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:38:55,722 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:38:55,728 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 46 statements into 1 equivalence classes. [2025-03-08 05:38:55,733 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 46 of 46 statements. [2025-03-08 05:38:55,734 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:38:55,734 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:38:55,845 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-08 05:38:55,846 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:38:55,846 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [50301179] [2025-03-08 05:38:55,846 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [50301179] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:38:55,846 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:38:55,846 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-03-08 05:38:55,846 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1081204727] [2025-03-08 05:38:55,846 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:38:55,846 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-03-08 05:38:55,846 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:38:55,846 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-03-08 05:38:55,847 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-08 05:38:55,847 INFO L87 Difference]: Start difference. First operand 127 states and 161 transitions. Second operand has 6 states, 6 states have (on average 6.5) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2025-03-08 05:38:55,888 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:38:55,889 INFO L93 Difference]: Finished difference Result 249 states and 330 transitions. [2025-03-08 05:38:55,889 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2025-03-08 05:38:55,889 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.5) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 46 [2025-03-08 05:38:55,889 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:38:55,891 INFO L225 Difference]: With dead ends: 249 [2025-03-08 05:38:55,891 INFO L226 Difference]: Without dead ends: 129 [2025-03-08 05:38:55,891 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-08 05:38:55,892 INFO L435 NwaCegarLoop]: 100 mSDtfsCounter, 0 mSDsluCounter, 392 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 492 SdHoareTripleChecker+Invalid, 25 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:38:55,892 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 492 Invalid, 25 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:38:55,892 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 129 states. [2025-03-08 05:38:55,919 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 129 to 129. [2025-03-08 05:38:55,920 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 129 states, 96 states have (on average 1.28125) internal successors, (123), 104 states have internal predecessors, (123), 17 states have call successors, (17), 15 states have call predecessors, (17), 15 states have return successors, (23), 15 states have call predecessors, (23), 17 states have call successors, (23) [2025-03-08 05:38:55,920 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 129 states to 129 states and 163 transitions. [2025-03-08 05:38:55,921 INFO L78 Accepts]: Start accepts. Automaton has 129 states and 163 transitions. Word has length 46 [2025-03-08 05:38:55,921 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:38:55,921 INFO L471 AbstractCegarLoop]: Abstraction has 129 states and 163 transitions. [2025-03-08 05:38:55,921 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.5) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2025-03-08 05:38:55,921 INFO L276 IsEmpty]: Start isEmpty. Operand 129 states and 163 transitions. [2025-03-08 05:38:55,922 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2025-03-08 05:38:55,922 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:38:55,922 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:38:55,922 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-03-08 05:38:55,922 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:38:55,922 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:38:55,922 INFO L85 PathProgramCache]: Analyzing trace with hash -788244089, now seen corresponding path program 1 times [2025-03-08 05:38:55,922 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:38:55,922 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [831089858] [2025-03-08 05:38:55,922 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:38:55,923 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:38:55,929 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 46 statements into 1 equivalence classes. [2025-03-08 05:38:55,932 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 46 of 46 statements. [2025-03-08 05:38:55,932 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:38:55,932 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:38:55,987 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-08 05:38:55,987 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:38:55,987 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [831089858] [2025-03-08 05:38:55,987 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [831089858] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:38:55,987 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:38:55,987 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-03-08 05:38:55,987 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [272988690] [2025-03-08 05:38:55,987 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:38:55,988 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-03-08 05:38:55,988 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:38:55,988 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-03-08 05:38:55,988 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-08 05:38:55,988 INFO L87 Difference]: Start difference. First operand 129 states and 163 transitions. Second operand has 4 states, 4 states have (on average 9.75) internal successors, (39), 4 states have internal predecessors, (39), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2025-03-08 05:38:56,102 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:38:56,103 INFO L93 Difference]: Finished difference Result 419 states and 550 transitions. [2025-03-08 05:38:56,104 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-03-08 05:38:56,104 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 9.75) internal successors, (39), 4 states have internal predecessors, (39), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 46 [2025-03-08 05:38:56,104 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:38:56,106 INFO L225 Difference]: With dead ends: 419 [2025-03-08 05:38:56,106 INFO L226 Difference]: Without dead ends: 297 [2025-03-08 05:38:56,107 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-08 05:38:56,107 INFO L435 NwaCegarLoop]: 184 mSDtfsCounter, 137 mSDsluCounter, 174 mSDsCounter, 0 mSdLazyCounter, 63 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 137 SdHoareTripleChecker+Valid, 358 SdHoareTripleChecker+Invalid, 68 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 63 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-08 05:38:56,111 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [137 Valid, 358 Invalid, 68 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 63 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-08 05:38:56,112 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 297 states. [2025-03-08 05:38:56,137 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 297 to 288. [2025-03-08 05:38:56,138 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 288 states, 212 states have (on average 1.2641509433962264) internal successors, (268), 227 states have internal predecessors, (268), 39 states have call successors, (39), 35 states have call predecessors, (39), 36 states have return successors, (64), 36 states have call predecessors, (64), 39 states have call successors, (64) [2025-03-08 05:38:56,140 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 288 states to 288 states and 371 transitions. [2025-03-08 05:38:56,140 INFO L78 Accepts]: Start accepts. Automaton has 288 states and 371 transitions. Word has length 46 [2025-03-08 05:38:56,140 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:38:56,140 INFO L471 AbstractCegarLoop]: Abstraction has 288 states and 371 transitions. [2025-03-08 05:38:56,140 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 9.75) internal successors, (39), 4 states have internal predecessors, (39), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2025-03-08 05:38:56,140 INFO L276 IsEmpty]: Start isEmpty. Operand 288 states and 371 transitions. [2025-03-08 05:38:56,141 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 49 [2025-03-08 05:38:56,141 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:38:56,141 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:38:56,142 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-03-08 05:38:56,142 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:38:56,142 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:38:56,142 INFO L85 PathProgramCache]: Analyzing trace with hash 775772408, now seen corresponding path program 1 times [2025-03-08 05:38:56,142 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:38:56,142 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [445968057] [2025-03-08 05:38:56,142 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:38:56,143 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:38:56,153 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 48 statements into 1 equivalence classes. [2025-03-08 05:38:56,159 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 48 of 48 statements. [2025-03-08 05:38:56,164 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:38:56,164 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:38:56,297 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-08 05:38:56,297 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:38:56,297 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [445968057] [2025-03-08 05:38:56,297 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [445968057] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:38:56,297 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:38:56,297 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-03-08 05:38:56,297 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [154142859] [2025-03-08 05:38:56,297 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:38:56,298 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-03-08 05:38:56,298 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:38:56,298 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-03-08 05:38:56,298 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-08 05:38:56,298 INFO L87 Difference]: Start difference. First operand 288 states and 371 transitions. Second operand has 6 states, 6 states have (on average 6.5) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2025-03-08 05:38:56,514 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:38:56,515 INFO L93 Difference]: Finished difference Result 330 states and 423 transitions. [2025-03-08 05:38:56,516 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2025-03-08 05:38:56,516 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.5) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 48 [2025-03-08 05:38:56,516 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:38:56,518 INFO L225 Difference]: With dead ends: 330 [2025-03-08 05:38:56,518 INFO L226 Difference]: Without dead ends: 328 [2025-03-08 05:38:56,519 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=35, Invalid=75, Unknown=0, NotChecked=0, Total=110 [2025-03-08 05:38:56,519 INFO L435 NwaCegarLoop]: 75 mSDtfsCounter, 112 mSDsluCounter, 246 mSDsCounter, 0 mSdLazyCounter, 155 mSolverCounterSat, 34 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 117 SdHoareTripleChecker+Valid, 321 SdHoareTripleChecker+Invalid, 189 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 34 IncrementalHoareTripleChecker+Valid, 155 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-08 05:38:56,519 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [117 Valid, 321 Invalid, 189 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [34 Valid, 155 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-08 05:38:56,520 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 328 states. [2025-03-08 05:38:56,543 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 328 to 326. [2025-03-08 05:38:56,544 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 326 states, 240 states have (on average 1.2375) internal successors, (297), 255 states have internal predecessors, (297), 42 states have call successors, (42), 35 states have call predecessors, (42), 43 states have return successors, (77), 45 states have call predecessors, (77), 42 states have call successors, (77) [2025-03-08 05:38:56,546 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 326 states to 326 states and 416 transitions. [2025-03-08 05:38:56,546 INFO L78 Accepts]: Start accepts. Automaton has 326 states and 416 transitions. Word has length 48 [2025-03-08 05:38:56,547 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:38:56,547 INFO L471 AbstractCegarLoop]: Abstraction has 326 states and 416 transitions. [2025-03-08 05:38:56,547 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.5) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2025-03-08 05:38:56,547 INFO L276 IsEmpty]: Start isEmpty. Operand 326 states and 416 transitions. [2025-03-08 05:38:56,548 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2025-03-08 05:38:56,548 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:38:56,548 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:38:56,548 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-03-08 05:38:56,548 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:38:56,549 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:38:56,549 INFO L85 PathProgramCache]: Analyzing trace with hash 802270249, now seen corresponding path program 1 times [2025-03-08 05:38:56,549 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:38:56,549 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [629807699] [2025-03-08 05:38:56,549 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:38:56,549 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:38:56,555 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 50 statements into 1 equivalence classes. [2025-03-08 05:38:56,560 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 50 of 50 statements. [2025-03-08 05:38:56,560 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:38:56,560 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:38:56,636 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-08 05:38:56,636 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:38:56,636 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [629807699] [2025-03-08 05:38:56,636 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [629807699] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:38:56,636 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:38:56,636 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-03-08 05:38:56,636 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1152015446] [2025-03-08 05:38:56,636 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:38:56,636 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-03-08 05:38:56,637 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:38:56,637 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-03-08 05:38:56,637 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-08 05:38:56,637 INFO L87 Difference]: Start difference. First operand 326 states and 416 transitions. Second operand has 6 states, 6 states have (on average 6.833333333333333) internal successors, (41), 5 states have internal predecessors, (41), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2025-03-08 05:38:56,758 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:38:56,758 INFO L93 Difference]: Finished difference Result 946 states and 1244 transitions. [2025-03-08 05:38:56,761 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-03-08 05:38:56,761 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.833333333333333) internal successors, (41), 5 states have internal predecessors, (41), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 50 [2025-03-08 05:38:56,762 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:38:56,766 INFO L225 Difference]: With dead ends: 946 [2025-03-08 05:38:56,767 INFO L226 Difference]: Without dead ends: 627 [2025-03-08 05:38:56,769 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2025-03-08 05:38:56,769 INFO L435 NwaCegarLoop]: 102 mSDtfsCounter, 73 mSDsluCounter, 363 mSDsCounter, 0 mSdLazyCounter, 53 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 75 SdHoareTripleChecker+Valid, 465 SdHoareTripleChecker+Invalid, 55 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 53 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-08 05:38:56,769 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [75 Valid, 465 Invalid, 55 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 53 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-08 05:38:56,773 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 627 states. [2025-03-08 05:38:56,835 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 627 to 627. [2025-03-08 05:38:56,836 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 627 states, 456 states have (on average 1.2149122807017543) internal successors, (554), 485 states have internal predecessors, (554), 84 states have call successors, (84), 70 states have call predecessors, (84), 86 states have return successors, (159), 90 states have call predecessors, (159), 84 states have call successors, (159) [2025-03-08 05:38:56,841 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 627 states to 627 states and 797 transitions. [2025-03-08 05:38:56,841 INFO L78 Accepts]: Start accepts. Automaton has 627 states and 797 transitions. Word has length 50 [2025-03-08 05:38:56,841 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:38:56,841 INFO L471 AbstractCegarLoop]: Abstraction has 627 states and 797 transitions. [2025-03-08 05:38:56,842 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.833333333333333) internal successors, (41), 5 states have internal predecessors, (41), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2025-03-08 05:38:56,842 INFO L276 IsEmpty]: Start isEmpty. Operand 627 states and 797 transitions. [2025-03-08 05:38:56,843 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2025-03-08 05:38:56,843 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:38:56,843 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:38:56,843 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-03-08 05:38:56,844 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:38:56,844 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:38:56,844 INFO L85 PathProgramCache]: Analyzing trace with hash -1985719510, now seen corresponding path program 1 times [2025-03-08 05:38:56,844 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:38:56,844 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1692933028] [2025-03-08 05:38:56,844 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:38:56,844 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:38:56,851 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 54 statements into 1 equivalence classes. [2025-03-08 05:38:56,858 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 54 of 54 statements. [2025-03-08 05:38:56,858 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:38:56,859 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-03-08 05:38:56,859 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-03-08 05:38:56,864 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 54 statements into 1 equivalence classes. [2025-03-08 05:38:56,871 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 54 of 54 statements. [2025-03-08 05:38:56,871 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:38:56,871 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-03-08 05:38:56,890 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-03-08 05:38:56,890 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-03-08 05:38:56,890 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-03-08 05:38:56,892 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-03-08 05:38:56,894 INFO L422 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:38:56,936 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-03-08 05:38:56,938 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 08.03 05:38:56 BoogieIcfgContainer [2025-03-08 05:38:56,938 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-03-08 05:38:56,940 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-03-08 05:38:56,940 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-03-08 05:38:56,940 INFO L274 PluginConnector]: Witness Printer initialized [2025-03-08 05:38:56,940 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 08.03 05:38:54" (3/4) ... [2025-03-08 05:38:56,941 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-03-08 05:38:57,000 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 47. [2025-03-08 05:38:57,054 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-03-08 05:38:57,054 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2025-03-08 05:38:57,054 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-03-08 05:38:57,055 INFO L158 Benchmark]: Toolchain (without parser) took 2991.65ms. Allocated memory is still 142.6MB. Free memory was 106.2MB in the beginning and 79.5MB in the end (delta: 26.8MB). Peak memory consumption was 28.5MB. Max. memory is 16.1GB. [2025-03-08 05:38:57,055 INFO L158 Benchmark]: CDTParser took 0.37ms. Allocated memory is still 201.3MB. Free memory is still 128.3MB. There was no memory consumed. Max. memory is 16.1GB. [2025-03-08 05:38:57,055 INFO L158 Benchmark]: CACSL2BoogieTranslator took 340.47ms. Allocated memory is still 142.6MB. Free memory was 106.2MB in the beginning and 86.9MB in the end (delta: 19.4MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-03-08 05:38:57,055 INFO L158 Benchmark]: Boogie Procedure Inliner took 33.38ms. Allocated memory is still 142.6MB. Free memory was 86.9MB in the beginning and 85.4MB in the end (delta: 1.5MB). There was no memory consumed. Max. memory is 16.1GB. [2025-03-08 05:38:57,055 INFO L158 Benchmark]: Boogie Preprocessor took 32.15ms. Allocated memory is still 142.6MB. Free memory was 85.4MB in the beginning and 83.5MB in the end (delta: 2.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-03-08 05:38:57,056 INFO L158 Benchmark]: IcfgBuilder took 361.00ms. Allocated memory is still 142.6MB. Free memory was 83.5MB in the beginning and 64.7MB in the end (delta: 18.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-03-08 05:38:57,056 INFO L158 Benchmark]: TraceAbstraction took 2102.39ms. Allocated memory is still 142.6MB. Free memory was 63.7MB in the beginning and 89.1MB in the end (delta: -25.4MB). There was no memory consumed. Max. memory is 16.1GB. [2025-03-08 05:38:57,056 INFO L158 Benchmark]: Witness Printer took 114.89ms. Allocated memory is still 142.6MB. Free memory was 89.1MB in the beginning and 79.5MB in the end (delta: 9.7MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-03-08 05:38:57,057 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.37ms. Allocated memory is still 201.3MB. Free memory is still 128.3MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 340.47ms. Allocated memory is still 142.6MB. Free memory was 106.2MB in the beginning and 86.9MB in the end (delta: 19.4MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 33.38ms. Allocated memory is still 142.6MB. Free memory was 86.9MB in the beginning and 85.4MB in the end (delta: 1.5MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 32.15ms. Allocated memory is still 142.6MB. Free memory was 85.4MB in the beginning and 83.5MB in the end (delta: 2.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * IcfgBuilder took 361.00ms. Allocated memory is still 142.6MB. Free memory was 83.5MB in the beginning and 64.7MB in the end (delta: 18.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 2102.39ms. Allocated memory is still 142.6MB. Free memory was 63.7MB in the beginning and 89.1MB in the end (delta: -25.4MB). There was no memory consumed. Max. memory is 16.1GB. * Witness Printer took 114.89ms. Allocated memory is still 142.6MB. Free memory was 89.1MB in the beginning and 79.5MB in the end (delta: 9.7MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] - GenericResultAtLocation [Line: 153]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [153] - GenericResultAtLocation [Line: 221]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [221] - GenericResultAtLocation [Line: 230]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [230] - GenericResultAtLocation [Line: 470]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [470] - GenericResultAtLocation [Line: 505]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [505] - GenericResultAtLocation [Line: 531]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [531] - GenericResultAtLocation [Line: 897]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [897] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 226]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L50] int cleanupTimeShifts = 4; [L239] int pumpRunning = 0; [L240] int systemActive = 1; [L701] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; [L899] int waterLevel = 1; [L900] int methaneLevelCritical = 0; VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L131] int retValue_acc ; [L132] int tmp ; [L136] FCALL select_helpers() [L137] FCALL select_features() [L138] CALL, EXPR valid_product() [L497] int retValue_acc ; [L500] retValue_acc = 1 [L501] return (retValue_acc); VAL [\result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L138] RET, EXPR valid_product() [L138] tmp = valid_product() [L140] COND TRUE \read(tmp) [L142] FCALL setup() [L143] CALL runTest() [L122] CALL test() [L156] int splverifierCounter ; [L157] int tmp ; [L158] int tmp___0 ; [L159] int tmp___1 ; [L160] int tmp___2 ; [L163] splverifierCounter = 0 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L167] COND TRUE splverifierCounter < 4 [L173] tmp = __VERIFIER_nondet_int() [L175] COND TRUE \read(tmp) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L177] CALL waterRise() VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L917] COND TRUE waterLevel < 2 [L918] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L177] RET waterRise() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L183] tmp___0 = __VERIFIER_nondet_int() [L185] COND TRUE \read(tmp___0) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L187] CALL changeMethaneLevel() VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L929] COND FALSE !(\read(methaneLevelCritical)) [L932] methaneLevelCritical = 1 VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L187] RET changeMethaneLevel() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L193] tmp___2 = __VERIFIER_nondet_int() [L195] COND TRUE \read(tmp___2) [L197] CALL startSystem() [L466] systemActive = 1 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L197] RET startSystem() [L210] CALL timeShift() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L247] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L254] COND TRUE \read(systemActive) [L256] CALL processEnvironment() [L328] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L331] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L346] CALL processEnvironment__wrappee__lowWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L302] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L305] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L320] CALL processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L276] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L279] COND TRUE ! pumpRunning [L281] CALL, EXPR isHighWaterLevel() [L425] int retValue_acc ; [L426] int tmp ; [L427] int tmp___0 ; [L431] CALL, EXPR isHighWaterSensorDry() [L979] int retValue_acc ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L982] COND FALSE !(waterLevel < 2) [L986] retValue_acc = 0 [L987] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L431] RET, EXPR isHighWaterSensorDry() [L431] tmp = isHighWaterSensorDry() [L433] COND FALSE !(\read(tmp)) [L436] tmp___0 = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L438] retValue_acc = tmp___0 [L439] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L281] RET, EXPR isHighWaterLevel() [L281] tmp = isHighWaterLevel() [L283] COND TRUE \read(tmp) [L285] CALL activatePump() [L356] pumpRunning = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L285] RET activatePump() [L320] RET processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L346] RET processEnvironment__wrappee__lowWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L256] RET processEnvironment() [L262] CALL __utac_acc__Specification1_spec__1() [L507] int tmp ; [L508] int tmp___0 ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L512] CALL, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L938] int retValue_acc ; [L941] retValue_acc = methaneLevelCritical [L942] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L512] RET, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L512] tmp = isMethaneLevelCritical() [L514] COND TRUE \read(tmp) [L516] CALL, EXPR isPumpRunning() [L380] int retValue_acc ; [L383] retValue_acc = pumpRunning [L384] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L516] RET, EXPR isPumpRunning() [L516] tmp___0 = isPumpRunning() [L518] COND TRUE \read(tmp___0) [L520] CALL __automaton_fail() [L226] reach_error() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 98 locations, 145 edges, 1 error locations. Started 1 CEGAR loops. OverallTime: 2.0s, OverallIterations: 9, TraceHistogramMax: 2, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.7s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 502 SdHoareTripleChecker+Valid, 0.4s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 492 mSDsluCounter, 2727 SdHoareTripleChecker+Invalid, 0.3s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1836 mSDsCounter, 50 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 334 IncrementalHoareTripleChecker+Invalid, 384 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 50 mSolverCounterUnsat, 891 mSDtfsCounter, 334 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 58 GetRequests, 26 SyntacticMatches, 0 SemanticMatches, 32 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 12 ImplicationChecksByTransitivity, 0.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=627occurred in iteration=8, InterpolantAutomatonStates: 42, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 8 MinimizatonAttempts, 13 StatesRemovedByMinimization, 3 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 0.7s InterpolantComputationTime, 380 NumberOfCodeBlocks, 380 NumberOfCodeBlocksAsserted, 9 NumberOfCheckSat, 318 ConstructedInterpolants, 0 QuantifiedInterpolants, 584 SizeOfPredicates, 0 NumberOfNonLiveVariables, 0 ConjunctsInSsa, 0 ConjunctsInUnsatCore, 8 InterpolantComputations, 8 PerfectInterpolantSequences, 3/3 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-03-08 05:38:57,072 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE