./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec2_product42.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version e2fb8bed Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec2_product42.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 23f15893fb26009b2882a55698a2d895d2e3e404fcbd45ba17e1cf64b2b2b34e --- Real Ultimate output --- This is Ultimate 0.3.0-?-e2fb8be-m [2025-03-08 05:39:27,012 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-03-08 05:39:27,069 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-03-08 05:39:27,074 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-03-08 05:39:27,074 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-03-08 05:39:27,095 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-03-08 05:39:27,096 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-03-08 05:39:27,097 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-03-08 05:39:27,097 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-03-08 05:39:27,097 INFO L153 SettingsManager]: * Use memory slicer=true [2025-03-08 05:39:27,098 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-03-08 05:39:27,098 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-03-08 05:39:27,098 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-03-08 05:39:27,098 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-03-08 05:39:27,098 INFO L153 SettingsManager]: * Use SBE=true [2025-03-08 05:39:27,099 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-03-08 05:39:27,099 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-03-08 05:39:27,099 INFO L153 SettingsManager]: * sizeof long=4 [2025-03-08 05:39:27,099 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-03-08 05:39:27,099 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-03-08 05:39:27,099 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-03-08 05:39:27,099 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-03-08 05:39:27,099 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-03-08 05:39:27,099 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-03-08 05:39:27,099 INFO L153 SettingsManager]: * sizeof long double=12 [2025-03-08 05:39:27,100 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-03-08 05:39:27,100 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-03-08 05:39:27,100 INFO L153 SettingsManager]: * Use constant arrays=true [2025-03-08 05:39:27,100 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-03-08 05:39:27,100 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-03-08 05:39:27,100 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-03-08 05:39:27,100 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-03-08 05:39:27,100 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-08 05:39:27,100 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-03-08 05:39:27,101 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-03-08 05:39:27,101 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-03-08 05:39:27,101 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-03-08 05:39:27,101 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-03-08 05:39:27,101 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-03-08 05:39:27,101 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-03-08 05:39:27,101 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-03-08 05:39:27,101 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-03-08 05:39:27,101 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-03-08 05:39:27,101 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 23f15893fb26009b2882a55698a2d895d2e3e404fcbd45ba17e1cf64b2b2b34e [2025-03-08 05:39:27,359 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-03-08 05:39:27,370 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-03-08 05:39:27,372 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-03-08 05:39:27,373 INFO L270 PluginConnector]: Initializing CDTParser... [2025-03-08 05:39:27,373 INFO L274 PluginConnector]: CDTParser initialized [2025-03-08 05:39:27,374 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec2_product42.cil.c [2025-03-08 05:39:28,550 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/dffedc31c/b4a4fdc805674fa5a8fce3708cac8b8c/FLAG106e65cd3 [2025-03-08 05:39:28,781 INFO L384 CDTParser]: Found 1 translation units. [2025-03-08 05:39:28,782 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product42.cil.c [2025-03-08 05:39:28,790 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/dffedc31c/b4a4fdc805674fa5a8fce3708cac8b8c/FLAG106e65cd3 [2025-03-08 05:39:29,096 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/dffedc31c/b4a4fdc805674fa5a8fce3708cac8b8c [2025-03-08 05:39:29,098 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-03-08 05:39:29,100 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-03-08 05:39:29,100 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-03-08 05:39:29,100 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-03-08 05:39:29,104 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-03-08 05:39:29,105 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.03 05:39:29" (1/1) ... [2025-03-08 05:39:29,105 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6ab1b04e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:29, skipping insertion in model container [2025-03-08 05:39:29,105 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.03 05:39:29" (1/1) ... [2025-03-08 05:39:29,132 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-03-08 05:39:29,331 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product42.cil.c[17055,17068] [2025-03-08 05:39:29,341 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-08 05:39:29,351 INFO L200 MainTranslator]: Completed pre-run [2025-03-08 05:39:29,358 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] [2025-03-08 05:39:29,359 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [415] [2025-03-08 05:39:29,359 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [487] [2025-03-08 05:39:29,359 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification2_spec.i","") [674] [2025-03-08 05:39:29,360 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [714] [2025-03-08 05:39:29,360 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [752] [2025-03-08 05:39:29,360 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [849] [2025-03-08 05:39:29,361 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [858] [2025-03-08 05:39:29,413 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product42.cil.c[17055,17068] [2025-03-08 05:39:29,415 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-08 05:39:29,427 INFO L204 MainTranslator]: Completed translation [2025-03-08 05:39:29,427 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:29 WrapperNode [2025-03-08 05:39:29,427 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-03-08 05:39:29,428 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-03-08 05:39:29,428 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-03-08 05:39:29,428 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-03-08 05:39:29,432 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:29" (1/1) ... [2025-03-08 05:39:29,440 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:29" (1/1) ... [2025-03-08 05:39:29,457 INFO L138 Inliner]: procedures = 55, calls = 97, calls flagged for inlining = 23, calls inlined = 20, statements flattened = 189 [2025-03-08 05:39:29,457 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-03-08 05:39:29,458 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-03-08 05:39:29,458 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-03-08 05:39:29,458 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-03-08 05:39:29,464 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:29" (1/1) ... [2025-03-08 05:39:29,464 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:29" (1/1) ... [2025-03-08 05:39:29,466 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:29" (1/1) ... [2025-03-08 05:39:29,476 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-03-08 05:39:29,476 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:29" (1/1) ... [2025-03-08 05:39:29,476 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:29" (1/1) ... [2025-03-08 05:39:29,479 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:29" (1/1) ... [2025-03-08 05:39:29,481 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:29" (1/1) ... [2025-03-08 05:39:29,482 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:29" (1/1) ... [2025-03-08 05:39:29,483 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:29" (1/1) ... [2025-03-08 05:39:29,487 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-03-08 05:39:29,488 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-03-08 05:39:29,488 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-03-08 05:39:29,488 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-03-08 05:39:29,489 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:29" (1/1) ... [2025-03-08 05:39:29,492 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-08 05:39:29,500 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-08 05:39:29,512 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-03-08 05:39:29,514 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-03-08 05:39:29,531 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-03-08 05:39:29,531 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2025-03-08 05:39:29,531 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2025-03-08 05:39:29,531 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2025-03-08 05:39:29,531 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2025-03-08 05:39:29,531 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-03-08 05:39:29,531 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-03-08 05:39:29,531 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-03-08 05:39:29,531 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-03-08 05:39:29,531 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-03-08 05:39:29,531 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-03-08 05:39:29,531 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-03-08 05:39:29,531 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-03-08 05:39:29,531 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-03-08 05:39:29,531 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-03-08 05:39:29,531 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-03-08 05:39:29,588 INFO L256 CfgBuilder]: Building ICFG [2025-03-08 05:39:29,590 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2025-03-08 05:39:29,632 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L904: #res := ~retValue_acc~9; [2025-03-08 05:39:29,739 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L663-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~5#1; [2025-03-08 05:39:29,740 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L599-1: isMethaneAlarm_#res#1 := isMethaneAlarm_~retValue_acc~3#1; [2025-03-08 05:39:29,740 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L950-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~11#1; [2025-03-08 05:39:29,740 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L608-1: isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~4#1; [2025-03-08 05:39:29,800 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L846-1: main_#res#1 := main_~retValue_acc~8#1; [2025-03-08 05:39:29,800 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L749-1: valid_product_#res#1 := valid_product_~retValue_acc~7#1; [2025-03-08 05:39:29,815 INFO L? ?]: Removed 40 outVars from TransFormulas that were not future-live. [2025-03-08 05:39:29,816 INFO L307 CfgBuilder]: Performing block encoding [2025-03-08 05:39:29,824 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-03-08 05:39:29,825 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2025-03-08 05:39:29,825 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 08.03 05:39:29 BoogieIcfgContainer [2025-03-08 05:39:29,825 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-03-08 05:39:29,827 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-03-08 05:39:29,827 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-03-08 05:39:29,830 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-03-08 05:39:29,830 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 08.03 05:39:29" (1/3) ... [2025-03-08 05:39:29,831 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@6d9fa577 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.03 05:39:29, skipping insertion in model container [2025-03-08 05:39:29,831 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:29" (2/3) ... [2025-03-08 05:39:29,831 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@6d9fa577 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.03 05:39:29, skipping insertion in model container [2025-03-08 05:39:29,831 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 08.03 05:39:29" (3/3) ... [2025-03-08 05:39:29,832 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec2_product42.cil.c [2025-03-08 05:39:29,843 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-03-08 05:39:29,845 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec2_product42.cil.c that has 7 procedures, 79 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-03-08 05:39:29,886 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-03-08 05:39:29,894 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@16e0467d, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-03-08 05:39:29,895 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-03-08 05:39:29,899 INFO L276 IsEmpty]: Start isEmpty. Operand has 79 states, 61 states have (on average 1.3770491803278688) internal successors, (84), 67 states have internal predecessors, (84), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2025-03-08 05:39:29,904 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2025-03-08 05:39:29,904 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:39:29,905 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:39:29,905 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:39:29,909 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:39:29,910 INFO L85 PathProgramCache]: Analyzing trace with hash 1847219476, now seen corresponding path program 1 times [2025-03-08 05:39:29,915 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:39:29,917 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1024614098] [2025-03-08 05:39:29,918 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:39:29,918 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:39:29,984 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 25 statements into 1 equivalence classes. [2025-03-08 05:39:30,008 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 25 of 25 statements. [2025-03-08 05:39:30,009 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:30,009 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:39:30,123 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-08 05:39:30,123 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:39:30,123 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1024614098] [2025-03-08 05:39:30,124 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1024614098] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:39:30,124 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:39:30,124 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-08 05:39:30,125 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2053177203] [2025-03-08 05:39:30,125 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:39:30,128 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-08 05:39:30,128 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:39:30,139 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-08 05:39:30,140 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:39:30,141 INFO L87 Difference]: Start difference. First operand has 79 states, 61 states have (on average 1.3770491803278688) internal successors, (84), 67 states have internal predecessors, (84), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 3 states, 3 states have (on average 7.0) internal successors, (21), 3 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-08 05:39:30,162 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:39:30,163 INFO L93 Difference]: Finished difference Result 137 states and 183 transitions. [2025-03-08 05:39:30,164 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-08 05:39:30,165 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.0) internal successors, (21), 3 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2025-03-08 05:39:30,165 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:39:30,169 INFO L225 Difference]: With dead ends: 137 [2025-03-08 05:39:30,169 INFO L226 Difference]: Without dead ends: 62 [2025-03-08 05:39:30,171 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:39:30,173 INFO L435 NwaCegarLoop]: 83 mSDtfsCounter, 12 mSDsluCounter, 68 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 151 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:39:30,173 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [15 Valid, 151 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:39:30,182 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 62 states. [2025-03-08 05:39:30,192 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 62 to 62. [2025-03-08 05:39:30,193 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 62 states, 49 states have (on average 1.346938775510204) internal successors, (66), 54 states have internal predecessors, (66), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2025-03-08 05:39:30,196 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 62 states to 62 states and 80 transitions. [2025-03-08 05:39:30,198 INFO L78 Accepts]: Start accepts. Automaton has 62 states and 80 transitions. Word has length 25 [2025-03-08 05:39:30,198 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:39:30,198 INFO L471 AbstractCegarLoop]: Abstraction has 62 states and 80 transitions. [2025-03-08 05:39:30,198 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.0) internal successors, (21), 3 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-08 05:39:30,198 INFO L276 IsEmpty]: Start isEmpty. Operand 62 states and 80 transitions. [2025-03-08 05:39:30,199 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2025-03-08 05:39:30,200 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:39:30,200 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:39:30,200 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-03-08 05:39:30,200 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:39:30,201 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:39:30,201 INFO L85 PathProgramCache]: Analyzing trace with hash -1002511584, now seen corresponding path program 1 times [2025-03-08 05:39:30,201 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:39:30,201 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [352164108] [2025-03-08 05:39:30,201 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:39:30,201 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:39:30,208 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 29 statements into 1 equivalence classes. [2025-03-08 05:39:30,216 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 29 of 29 statements. [2025-03-08 05:39:30,216 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:30,217 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:39:30,351 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-08 05:39:30,351 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:39:30,351 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [352164108] [2025-03-08 05:39:30,351 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [352164108] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:39:30,351 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:39:30,351 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-03-08 05:39:30,351 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [667335113] [2025-03-08 05:39:30,351 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:39:30,352 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-03-08 05:39:30,352 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:39:30,353 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-03-08 05:39:30,353 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2025-03-08 05:39:30,353 INFO L87 Difference]: Start difference. First operand 62 states and 80 transitions. Second operand has 6 states, 6 states have (on average 4.333333333333333) internal successors, (26), 6 states have internal predecessors, (26), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-08 05:39:30,450 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:39:30,451 INFO L93 Difference]: Finished difference Result 116 states and 153 transitions. [2025-03-08 05:39:30,452 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-08 05:39:30,452 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.333333333333333) internal successors, (26), 6 states have internal predecessors, (26), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 29 [2025-03-08 05:39:30,452 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:39:30,453 INFO L225 Difference]: With dead ends: 116 [2025-03-08 05:39:30,453 INFO L226 Difference]: Without dead ends: 62 [2025-03-08 05:39:30,453 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=20, Invalid=36, Unknown=0, NotChecked=0, Total=56 [2025-03-08 05:39:30,454 INFO L435 NwaCegarLoop]: 76 mSDtfsCounter, 125 mSDsluCounter, 118 mSDsCounter, 0 mSdLazyCounter, 41 mSolverCounterSat, 15 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 125 SdHoareTripleChecker+Valid, 194 SdHoareTripleChecker+Invalid, 56 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 15 IncrementalHoareTripleChecker+Valid, 41 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-08 05:39:30,454 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [125 Valid, 194 Invalid, 56 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [15 Valid, 41 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-08 05:39:30,454 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 62 states. [2025-03-08 05:39:30,460 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 62 to 62. [2025-03-08 05:39:30,460 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 62 states, 49 states have (on average 1.3265306122448979) internal successors, (65), 54 states have internal predecessors, (65), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2025-03-08 05:39:30,461 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 62 states to 62 states and 79 transitions. [2025-03-08 05:39:30,461 INFO L78 Accepts]: Start accepts. Automaton has 62 states and 79 transitions. Word has length 29 [2025-03-08 05:39:30,461 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:39:30,461 INFO L471 AbstractCegarLoop]: Abstraction has 62 states and 79 transitions. [2025-03-08 05:39:30,461 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.333333333333333) internal successors, (26), 6 states have internal predecessors, (26), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-08 05:39:30,461 INFO L276 IsEmpty]: Start isEmpty. Operand 62 states and 79 transitions. [2025-03-08 05:39:30,462 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2025-03-08 05:39:30,462 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:39:30,462 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:39:30,462 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-03-08 05:39:30,462 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:39:30,464 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:39:30,464 INFO L85 PathProgramCache]: Analyzing trace with hash -1398388625, now seen corresponding path program 1 times [2025-03-08 05:39:30,464 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:39:30,465 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [776191882] [2025-03-08 05:39:30,467 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:39:30,467 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:39:30,476 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 34 statements into 1 equivalence classes. [2025-03-08 05:39:30,485 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 34 of 34 statements. [2025-03-08 05:39:30,485 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:30,485 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:39:30,518 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-08 05:39:30,518 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:39:30,518 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [776191882] [2025-03-08 05:39:30,518 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [776191882] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:39:30,518 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:39:30,519 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-08 05:39:30,519 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [438898715] [2025-03-08 05:39:30,519 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:39:30,520 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-08 05:39:30,520 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:39:30,521 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-08 05:39:30,521 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:39:30,522 INFO L87 Difference]: Start difference. First operand 62 states and 79 transitions. Second operand has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-03-08 05:39:30,550 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:39:30,551 INFO L93 Difference]: Finished difference Result 155 states and 202 transitions. [2025-03-08 05:39:30,554 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-08 05:39:30,554 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 34 [2025-03-08 05:39:30,555 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:39:30,555 INFO L225 Difference]: With dead ends: 155 [2025-03-08 05:39:30,555 INFO L226 Difference]: Without dead ends: 101 [2025-03-08 05:39:30,556 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:39:30,556 INFO L435 NwaCegarLoop]: 89 mSDtfsCounter, 68 mSDsluCounter, 49 mSDsCounter, 0 mSdLazyCounter, 7 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 68 SdHoareTripleChecker+Valid, 138 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 7 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:39:30,556 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [68 Valid, 138 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 7 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:39:30,557 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 101 states. [2025-03-08 05:39:30,565 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 101 to 99. [2025-03-08 05:39:30,566 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 99 states, 77 states have (on average 1.3246753246753247) internal successors, (102), 84 states have internal predecessors, (102), 11 states have call successors, (11), 10 states have call predecessors, (11), 10 states have return successors, (13), 11 states have call predecessors, (13), 11 states have call successors, (13) [2025-03-08 05:39:30,567 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 99 states to 99 states and 126 transitions. [2025-03-08 05:39:30,567 INFO L78 Accepts]: Start accepts. Automaton has 99 states and 126 transitions. Word has length 34 [2025-03-08 05:39:30,567 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:39:30,567 INFO L471 AbstractCegarLoop]: Abstraction has 99 states and 126 transitions. [2025-03-08 05:39:30,567 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-03-08 05:39:30,568 INFO L276 IsEmpty]: Start isEmpty. Operand 99 states and 126 transitions. [2025-03-08 05:39:30,569 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2025-03-08 05:39:30,569 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:39:30,569 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:39:30,569 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-03-08 05:39:30,569 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:39:30,570 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:39:30,570 INFO L85 PathProgramCache]: Analyzing trace with hash -1820497101, now seen corresponding path program 1 times [2025-03-08 05:39:30,570 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:39:30,570 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1409204741] [2025-03-08 05:39:30,570 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:39:30,570 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:39:30,580 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 40 statements into 1 equivalence classes. [2025-03-08 05:39:30,586 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 40 of 40 statements. [2025-03-08 05:39:30,586 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:30,586 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:39:30,679 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-08 05:39:30,679 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:39:30,679 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1409204741] [2025-03-08 05:39:30,679 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1409204741] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:39:30,679 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:39:30,679 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-08 05:39:30,679 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [518343703] [2025-03-08 05:39:30,679 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:39:30,679 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-08 05:39:30,679 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:39:30,680 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-08 05:39:30,680 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-08 05:39:30,680 INFO L87 Difference]: Start difference. First operand 99 states and 126 transitions. Second operand has 5 states, 5 states have (on average 7.0) internal successors, (35), 5 states have internal predecessors, (35), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-03-08 05:39:30,725 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:39:30,726 INFO L93 Difference]: Finished difference Result 189 states and 244 transitions. [2025-03-08 05:39:30,726 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-08 05:39:30,726 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.0) internal successors, (35), 5 states have internal predecessors, (35), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 40 [2025-03-08 05:39:30,726 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:39:30,727 INFO L225 Difference]: With dead ends: 189 [2025-03-08 05:39:30,727 INFO L226 Difference]: Without dead ends: 98 [2025-03-08 05:39:30,728 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-03-08 05:39:30,728 INFO L435 NwaCegarLoop]: 83 mSDtfsCounter, 52 mSDsluCounter, 207 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 52 SdHoareTripleChecker+Valid, 290 SdHoareTripleChecker+Invalid, 27 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:39:30,728 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [52 Valid, 290 Invalid, 27 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:39:30,729 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 98 states. [2025-03-08 05:39:30,734 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 98 to 98. [2025-03-08 05:39:30,735 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 98 states, 76 states have (on average 1.3026315789473684) internal successors, (99), 83 states have internal predecessors, (99), 11 states have call successors, (11), 10 states have call predecessors, (11), 10 states have return successors, (13), 11 states have call predecessors, (13), 11 states have call successors, (13) [2025-03-08 05:39:30,736 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 98 states to 98 states and 123 transitions. [2025-03-08 05:39:30,736 INFO L78 Accepts]: Start accepts. Automaton has 98 states and 123 transitions. Word has length 40 [2025-03-08 05:39:30,736 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:39:30,736 INFO L471 AbstractCegarLoop]: Abstraction has 98 states and 123 transitions. [2025-03-08 05:39:30,736 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.0) internal successors, (35), 5 states have internal predecessors, (35), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-03-08 05:39:30,736 INFO L276 IsEmpty]: Start isEmpty. Operand 98 states and 123 transitions. [2025-03-08 05:39:30,737 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2025-03-08 05:39:30,737 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:39:30,737 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:39:30,737 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-03-08 05:39:30,737 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:39:30,738 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:39:30,738 INFO L85 PathProgramCache]: Analyzing trace with hash -10925589, now seen corresponding path program 1 times [2025-03-08 05:39:30,738 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:39:30,738 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [120108746] [2025-03-08 05:39:30,738 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:39:30,738 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:39:30,746 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 46 statements into 1 equivalence classes. [2025-03-08 05:39:30,757 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 46 of 46 statements. [2025-03-08 05:39:30,757 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:30,757 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:39:30,835 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-03-08 05:39:30,836 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:39:30,836 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [120108746] [2025-03-08 05:39:30,836 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [120108746] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:39:30,836 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:39:30,836 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-08 05:39:30,836 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1479692753] [2025-03-08 05:39:30,836 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:39:30,836 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-08 05:39:30,836 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:39:30,837 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-08 05:39:30,837 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-08 05:39:30,837 INFO L87 Difference]: Start difference. First operand 98 states and 123 transitions. Second operand has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-03-08 05:39:30,856 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:39:30,856 INFO L93 Difference]: Finished difference Result 191 states and 246 transitions. [2025-03-08 05:39:30,856 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-08 05:39:30,856 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 46 [2025-03-08 05:39:30,857 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:39:30,857 INFO L225 Difference]: With dead ends: 191 [2025-03-08 05:39:30,857 INFO L226 Difference]: Without dead ends: 101 [2025-03-08 05:39:30,859 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-08 05:39:30,860 INFO L435 NwaCegarLoop]: 76 mSDtfsCounter, 0 mSDsluCounter, 221 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 297 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:39:30,861 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 297 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:39:30,862 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 101 states. [2025-03-08 05:39:30,872 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 101 to 101. [2025-03-08 05:39:30,872 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 101 states, 79 states have (on average 1.2911392405063291) internal successors, (102), 86 states have internal predecessors, (102), 11 states have call successors, (11), 10 states have call predecessors, (11), 10 states have return successors, (13), 11 states have call predecessors, (13), 11 states have call successors, (13) [2025-03-08 05:39:30,873 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 101 states to 101 states and 126 transitions. [2025-03-08 05:39:30,873 INFO L78 Accepts]: Start accepts. Automaton has 101 states and 126 transitions. Word has length 46 [2025-03-08 05:39:30,874 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:39:30,874 INFO L471 AbstractCegarLoop]: Abstraction has 101 states and 126 transitions. [2025-03-08 05:39:30,874 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-03-08 05:39:30,874 INFO L276 IsEmpty]: Start isEmpty. Operand 101 states and 126 transitions. [2025-03-08 05:39:30,874 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2025-03-08 05:39:30,874 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:39:30,875 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:39:30,875 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-03-08 05:39:30,875 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:39:30,875 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:39:30,875 INFO L85 PathProgramCache]: Analyzing trace with hash -2088134932, now seen corresponding path program 1 times [2025-03-08 05:39:30,875 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:39:30,875 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1807508738] [2025-03-08 05:39:30,875 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:39:30,876 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:39:30,882 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 46 statements into 1 equivalence classes. [2025-03-08 05:39:30,885 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 46 of 46 statements. [2025-03-08 05:39:30,885 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:30,885 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:39:30,937 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-03-08 05:39:30,937 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:39:30,937 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1807508738] [2025-03-08 05:39:30,937 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1807508738] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:39:30,937 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:39:30,937 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-03-08 05:39:30,937 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1299741317] [2025-03-08 05:39:30,938 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:39:30,938 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-03-08 05:39:30,938 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:39:30,938 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-03-08 05:39:30,938 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-08 05:39:30,939 INFO L87 Difference]: Start difference. First operand 101 states and 126 transitions. Second operand has 4 states, 4 states have (on average 9.75) internal successors, (39), 4 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-03-08 05:39:30,952 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:39:30,952 INFO L93 Difference]: Finished difference Result 196 states and 251 transitions. [2025-03-08 05:39:30,952 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-03-08 05:39:30,953 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 9.75) internal successors, (39), 4 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 46 [2025-03-08 05:39:30,953 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:39:30,953 INFO L225 Difference]: With dead ends: 196 [2025-03-08 05:39:30,953 INFO L226 Difference]: Without dead ends: 103 [2025-03-08 05:39:30,954 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-08 05:39:30,954 INFO L435 NwaCegarLoop]: 77 mSDtfsCounter, 0 mSDsluCounter, 148 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 225 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:39:30,954 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 225 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:39:30,955 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 103 states. [2025-03-08 05:39:30,961 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 103 to 103. [2025-03-08 05:39:30,962 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 103 states, 81 states have (on average 1.2839506172839505) internal successors, (104), 88 states have internal predecessors, (104), 11 states have call successors, (11), 10 states have call predecessors, (11), 10 states have return successors, (13), 11 states have call predecessors, (13), 11 states have call successors, (13) [2025-03-08 05:39:30,962 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 103 states to 103 states and 128 transitions. [2025-03-08 05:39:30,962 INFO L78 Accepts]: Start accepts. Automaton has 103 states and 128 transitions. Word has length 46 [2025-03-08 05:39:30,963 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:39:30,963 INFO L471 AbstractCegarLoop]: Abstraction has 103 states and 128 transitions. [2025-03-08 05:39:30,963 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 9.75) internal successors, (39), 4 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-03-08 05:39:30,963 INFO L276 IsEmpty]: Start isEmpty. Operand 103 states and 128 transitions. [2025-03-08 05:39:30,963 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2025-03-08 05:39:30,963 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:39:30,964 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:39:30,964 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-03-08 05:39:30,964 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:39:30,964 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:39:30,964 INFO L85 PathProgramCache]: Analyzing trace with hash -164906898, now seen corresponding path program 1 times [2025-03-08 05:39:30,964 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:39:30,964 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1846804341] [2025-03-08 05:39:30,964 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:39:30,965 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:39:30,972 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 46 statements into 1 equivalence classes. [2025-03-08 05:39:30,976 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 46 of 46 statements. [2025-03-08 05:39:30,979 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:30,979 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:39:31,027 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-03-08 05:39:31,027 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:39:31,027 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1846804341] [2025-03-08 05:39:31,028 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1846804341] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:39:31,028 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:39:31,028 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-08 05:39:31,028 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1360294191] [2025-03-08 05:39:31,028 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:39:31,029 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-08 05:39:31,029 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:39:31,029 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-08 05:39:31,030 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:39:31,030 INFO L87 Difference]: Start difference. First operand 103 states and 128 transitions. Second operand has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-03-08 05:39:31,049 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:39:31,050 INFO L93 Difference]: Finished difference Result 238 states and 300 transitions. [2025-03-08 05:39:31,050 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-08 05:39:31,050 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 46 [2025-03-08 05:39:31,050 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:39:31,051 INFO L225 Difference]: With dead ends: 238 [2025-03-08 05:39:31,051 INFO L226 Difference]: Without dead ends: 143 [2025-03-08 05:39:31,052 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:39:31,052 INFO L435 NwaCegarLoop]: 79 mSDtfsCounter, 34 mSDsluCounter, 65 mSDsCounter, 0 mSdLazyCounter, 8 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 34 SdHoareTripleChecker+Valid, 144 SdHoareTripleChecker+Invalid, 9 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 8 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:39:31,052 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [34 Valid, 144 Invalid, 9 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 8 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:39:31,053 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 143 states. [2025-03-08 05:39:31,061 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 143 to 143. [2025-03-08 05:39:31,064 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 143 states, 112 states have (on average 1.2589285714285714) internal successors, (141), 120 states have internal predecessors, (141), 16 states have call successors, (16), 15 states have call predecessors, (16), 14 states have return successors, (18), 15 states have call predecessors, (18), 16 states have call successors, (18) [2025-03-08 05:39:31,065 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 143 states to 143 states and 175 transitions. [2025-03-08 05:39:31,065 INFO L78 Accepts]: Start accepts. Automaton has 143 states and 175 transitions. Word has length 46 [2025-03-08 05:39:31,065 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:39:31,065 INFO L471 AbstractCegarLoop]: Abstraction has 143 states and 175 transitions. [2025-03-08 05:39:31,066 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-03-08 05:39:31,066 INFO L276 IsEmpty]: Start isEmpty. Operand 143 states and 175 transitions. [2025-03-08 05:39:31,066 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2025-03-08 05:39:31,066 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:39:31,066 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:39:31,066 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-03-08 05:39:31,066 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:39:31,067 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:39:31,067 INFO L85 PathProgramCache]: Analyzing trace with hash -263720052, now seen corresponding path program 1 times [2025-03-08 05:39:31,067 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:39:31,067 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [525214937] [2025-03-08 05:39:31,067 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:39:31,067 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:39:31,073 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 50 statements into 1 equivalence classes. [2025-03-08 05:39:31,077 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 50 of 50 statements. [2025-03-08 05:39:31,077 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:31,077 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:39:31,110 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-03-08 05:39:31,111 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:39:31,111 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [525214937] [2025-03-08 05:39:31,111 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [525214937] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:39:31,111 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:39:31,111 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-08 05:39:31,111 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1028781802] [2025-03-08 05:39:31,111 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:39:31,112 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-08 05:39:31,112 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:39:31,112 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-08 05:39:31,112 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:39:31,112 INFO L87 Difference]: Start difference. First operand 143 states and 175 transitions. Second operand has 3 states, 3 states have (on average 13.666666666666666) internal successors, (41), 3 states have internal predecessors, (41), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2025-03-08 05:39:31,129 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:39:31,130 INFO L93 Difference]: Finished difference Result 217 states and 270 transitions. [2025-03-08 05:39:31,130 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-08 05:39:31,130 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 13.666666666666666) internal successors, (41), 3 states have internal predecessors, (41), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 50 [2025-03-08 05:39:31,130 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:39:31,132 INFO L225 Difference]: With dead ends: 217 [2025-03-08 05:39:31,132 INFO L226 Difference]: Without dead ends: 215 [2025-03-08 05:39:31,132 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:39:31,132 INFO L435 NwaCegarLoop]: 78 mSDtfsCounter, 41 mSDsluCounter, 67 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 41 SdHoareTripleChecker+Valid, 145 SdHoareTripleChecker+Invalid, 8 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:39:31,133 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [41 Valid, 145 Invalid, 8 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:39:31,133 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 215 states. [2025-03-08 05:39:31,151 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 215 to 211. [2025-03-08 05:39:31,152 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 211 states, 165 states have (on average 1.2666666666666666) internal successors, (209), 178 states have internal predecessors, (209), 24 states have call successors, (24), 22 states have call predecessors, (24), 21 states have return successors, (30), 22 states have call predecessors, (30), 24 states have call successors, (30) [2025-03-08 05:39:31,153 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 211 states to 211 states and 263 transitions. [2025-03-08 05:39:31,153 INFO L78 Accepts]: Start accepts. Automaton has 211 states and 263 transitions. Word has length 50 [2025-03-08 05:39:31,153 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:39:31,154 INFO L471 AbstractCegarLoop]: Abstraction has 211 states and 263 transitions. [2025-03-08 05:39:31,154 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 13.666666666666666) internal successors, (41), 3 states have internal predecessors, (41), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2025-03-08 05:39:31,154 INFO L276 IsEmpty]: Start isEmpty. Operand 211 states and 263 transitions. [2025-03-08 05:39:31,156 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 81 [2025-03-08 05:39:31,156 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:39:31,156 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:39:31,156 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-03-08 05:39:31,156 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:39:31,157 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:39:31,157 INFO L85 PathProgramCache]: Analyzing trace with hash 644548897, now seen corresponding path program 1 times [2025-03-08 05:39:31,157 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:39:31,157 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [913904592] [2025-03-08 05:39:31,157 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:39:31,157 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:39:31,168 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 80 statements into 1 equivalence classes. [2025-03-08 05:39:31,180 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 80 of 80 statements. [2025-03-08 05:39:31,180 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:31,180 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:39:31,286 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 21 proven. 2 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2025-03-08 05:39:31,287 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:39:31,287 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [913904592] [2025-03-08 05:39:31,287 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [913904592] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-08 05:39:31,287 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [994935133] [2025-03-08 05:39:31,287 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:39:31,287 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-08 05:39:31,287 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-08 05:39:31,289 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-08 05:39:31,291 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-03-08 05:39:31,333 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 80 statements into 1 equivalence classes. [2025-03-08 05:39:31,363 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 80 of 80 statements. [2025-03-08 05:39:31,363 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:31,363 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:39:31,366 INFO L256 TraceCheckSpWp]: Trace formula consists of 293 conjuncts, 11 conjuncts are in the unsatisfiable core [2025-03-08 05:39:31,370 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-08 05:39:31,500 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 7 proven. 2 refuted. 0 times theorem prover too weak. 19 trivial. 0 not checked. [2025-03-08 05:39:31,501 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-08 05:39:31,605 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 15 proven. 0 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2025-03-08 05:39:31,605 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [994935133] provided 1 perfect and 1 imperfect interpolant sequences [2025-03-08 05:39:31,605 INFO L185 FreeRefinementEngine]: Found 1 perfect and 2 imperfect interpolant sequences. [2025-03-08 05:39:31,605 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [7, 5] total 10 [2025-03-08 05:39:31,605 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [546471207] [2025-03-08 05:39:31,605 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:39:31,605 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-03-08 05:39:31,605 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:39:31,606 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-03-08 05:39:31,606 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=24, Invalid=66, Unknown=0, NotChecked=0, Total=90 [2025-03-08 05:39:31,606 INFO L87 Difference]: Start difference. First operand 211 states and 263 transitions. Second operand has 6 states, 6 states have (on average 9.833333333333334) internal successors, (59), 5 states have internal predecessors, (59), 2 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2025-03-08 05:39:31,691 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:39:31,692 INFO L93 Difference]: Finished difference Result 592 states and 756 transitions. [2025-03-08 05:39:31,692 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-03-08 05:39:31,692 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 9.833333333333334) internal successors, (59), 5 states have internal predecessors, (59), 2 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) Word has length 80 [2025-03-08 05:39:31,693 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:39:31,697 INFO L225 Difference]: With dead ends: 592 [2025-03-08 05:39:31,697 INFO L226 Difference]: Without dead ends: 389 [2025-03-08 05:39:31,697 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 168 GetRequests, 157 SyntacticMatches, 1 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 16 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=34, Invalid=98, Unknown=0, NotChecked=0, Total=132 [2025-03-08 05:39:31,698 INFO L435 NwaCegarLoop]: 77 mSDtfsCounter, 42 mSDsluCounter, 271 mSDsCounter, 0 mSdLazyCounter, 42 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 44 SdHoareTripleChecker+Valid, 348 SdHoareTripleChecker+Invalid, 46 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 42 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:39:31,698 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [44 Valid, 348 Invalid, 46 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 42 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:39:31,699 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 389 states. [2025-03-08 05:39:31,720 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 389 to 339. [2025-03-08 05:39:31,721 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 339 states, 262 states have (on average 1.248091603053435) internal successors, (327), 283 states have internal predecessors, (327), 40 states have call successors, (40), 37 states have call predecessors, (40), 36 states have return successors, (52), 37 states have call predecessors, (52), 40 states have call successors, (52) [2025-03-08 05:39:31,722 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 339 states to 339 states and 419 transitions. [2025-03-08 05:39:31,722 INFO L78 Accepts]: Start accepts. Automaton has 339 states and 419 transitions. Word has length 80 [2025-03-08 05:39:31,722 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:39:31,723 INFO L471 AbstractCegarLoop]: Abstraction has 339 states and 419 transitions. [2025-03-08 05:39:31,723 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 9.833333333333334) internal successors, (59), 5 states have internal predecessors, (59), 2 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2025-03-08 05:39:31,723 INFO L276 IsEmpty]: Start isEmpty. Operand 339 states and 419 transitions. [2025-03-08 05:39:31,724 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 85 [2025-03-08 05:39:31,724 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:39:31,724 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:39:31,731 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2025-03-08 05:39:31,924 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-08 05:39:31,924 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:39:31,925 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:39:31,926 INFO L85 PathProgramCache]: Analyzing trace with hash -1021187168, now seen corresponding path program 1 times [2025-03-08 05:39:31,926 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:39:31,926 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1209337553] [2025-03-08 05:39:31,926 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:39:31,926 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:39:31,935 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 84 statements into 1 equivalence classes. [2025-03-08 05:39:31,942 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 84 of 84 statements. [2025-03-08 05:39:31,942 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:31,942 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:39:32,090 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 19 proven. 4 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2025-03-08 05:39:32,091 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:39:32,091 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1209337553] [2025-03-08 05:39:32,091 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1209337553] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-08 05:39:32,091 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1135332934] [2025-03-08 05:39:32,091 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:39:32,091 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-08 05:39:32,091 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-08 05:39:32,093 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-08 05:39:32,094 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2025-03-08 05:39:32,129 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 84 statements into 1 equivalence classes. [2025-03-08 05:39:32,157 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 84 of 84 statements. [2025-03-08 05:39:32,158 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:32,158 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:39:32,159 INFO L256 TraceCheckSpWp]: Trace formula consists of 303 conjuncts, 8 conjuncts are in the unsatisfiable core [2025-03-08 05:39:32,161 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-08 05:39:32,264 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 17 proven. 0 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2025-03-08 05:39:32,265 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-08 05:39:32,265 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1135332934] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:39:32,265 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-08 05:39:32,265 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [11] total 16 [2025-03-08 05:39:32,265 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [191229399] [2025-03-08 05:39:32,265 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:39:32,266 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2025-03-08 05:39:32,266 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:39:32,266 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2025-03-08 05:39:32,266 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=40, Invalid=200, Unknown=0, NotChecked=0, Total=240 [2025-03-08 05:39:32,266 INFO L87 Difference]: Start difference. First operand 339 states and 419 transitions. Second operand has 7 states, 7 states have (on average 8.714285714285714) internal successors, (61), 6 states have internal predecessors, (61), 3 states have call successors, (7), 3 states have call predecessors, (7), 4 states have return successors, (6), 4 states have call predecessors, (6), 3 states have call successors, (6) [2025-03-08 05:39:32,352 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:39:32,352 INFO L93 Difference]: Finished difference Result 664 states and 829 transitions. [2025-03-08 05:39:32,352 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-03-08 05:39:32,352 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 8.714285714285714) internal successors, (61), 6 states have internal predecessors, (61), 3 states have call successors, (7), 3 states have call predecessors, (7), 4 states have return successors, (6), 4 states have call predecessors, (6), 3 states have call successors, (6) Word has length 84 [2025-03-08 05:39:32,353 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:39:32,354 INFO L225 Difference]: With dead ends: 664 [2025-03-08 05:39:32,354 INFO L226 Difference]: Without dead ends: 333 [2025-03-08 05:39:32,355 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 95 GetRequests, 81 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 13 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=40, Invalid=200, Unknown=0, NotChecked=0, Total=240 [2025-03-08 05:39:32,355 INFO L435 NwaCegarLoop]: 133 mSDtfsCounter, 45 mSDsluCounter, 516 mSDsCounter, 0 mSdLazyCounter, 107 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 46 SdHoareTripleChecker+Valid, 649 SdHoareTripleChecker+Invalid, 108 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 107 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-08 05:39:32,356 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [46 Valid, 649 Invalid, 108 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 107 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-08 05:39:32,356 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 333 states. [2025-03-08 05:39:32,370 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 333 to 302. [2025-03-08 05:39:32,371 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 302 states, 233 states have (on average 1.240343347639485) internal successors, (289), 248 states have internal predecessors, (289), 36 states have call successors, (36), 34 states have call predecessors, (36), 32 states have return successors, (42), 34 states have call predecessors, (42), 36 states have call successors, (42) [2025-03-08 05:39:32,372 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 302 states to 302 states and 367 transitions. [2025-03-08 05:39:32,372 INFO L78 Accepts]: Start accepts. Automaton has 302 states and 367 transitions. Word has length 84 [2025-03-08 05:39:32,373 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:39:32,373 INFO L471 AbstractCegarLoop]: Abstraction has 302 states and 367 transitions. [2025-03-08 05:39:32,373 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 8.714285714285714) internal successors, (61), 6 states have internal predecessors, (61), 3 states have call successors, (7), 3 states have call predecessors, (7), 4 states have return successors, (6), 4 states have call predecessors, (6), 3 states have call successors, (6) [2025-03-08 05:39:32,373 INFO L276 IsEmpty]: Start isEmpty. Operand 302 states and 367 transitions. [2025-03-08 05:39:32,374 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 112 [2025-03-08 05:39:32,374 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:39:32,374 INFO L218 NwaCegarLoop]: trace histogram [4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:39:32,380 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2025-03-08 05:39:32,575 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2025-03-08 05:39:32,575 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:39:32,576 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:39:32,576 INFO L85 PathProgramCache]: Analyzing trace with hash 851490610, now seen corresponding path program 1 times [2025-03-08 05:39:32,576 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:39:32,576 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1914736891] [2025-03-08 05:39:32,576 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:39:32,576 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:39:32,587 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 111 statements into 1 equivalence classes. [2025-03-08 05:39:32,597 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 111 of 111 statements. [2025-03-08 05:39:32,598 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:32,598 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-03-08 05:39:32,598 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-03-08 05:39:32,602 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 111 statements into 1 equivalence classes. [2025-03-08 05:39:32,611 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 111 of 111 statements. [2025-03-08 05:39:32,611 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:32,612 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-03-08 05:39:32,639 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-03-08 05:39:32,639 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-03-08 05:39:32,640 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-03-08 05:39:32,641 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2025-03-08 05:39:32,643 INFO L422 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:39:32,717 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-03-08 05:39:32,720 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 08.03 05:39:32 BoogieIcfgContainer [2025-03-08 05:39:32,721 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-03-08 05:39:32,721 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-03-08 05:39:32,722 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-03-08 05:39:32,722 INFO L274 PluginConnector]: Witness Printer initialized [2025-03-08 05:39:32,722 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 08.03 05:39:29" (3/4) ... [2025-03-08 05:39:32,723 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-03-08 05:39:32,792 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 94. [2025-03-08 05:39:32,861 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-03-08 05:39:32,861 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2025-03-08 05:39:32,861 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-03-08 05:39:32,862 INFO L158 Benchmark]: Toolchain (without parser) took 3762.50ms. Allocated memory is still 201.3MB. Free memory was 154.5MB in the beginning and 85.8MB in the end (delta: 68.7MB). Peak memory consumption was 66.9MB. Max. memory is 16.1GB. [2025-03-08 05:39:32,862 INFO L158 Benchmark]: CDTParser took 0.21ms. Allocated memory is still 201.3MB. Free memory is still 119.5MB. There was no memory consumed. Max. memory is 16.1GB. [2025-03-08 05:39:32,862 INFO L158 Benchmark]: CACSL2BoogieTranslator took 327.34ms. Allocated memory is still 201.3MB. Free memory was 154.1MB in the beginning and 135.7MB in the end (delta: 18.4MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-03-08 05:39:32,862 INFO L158 Benchmark]: Boogie Procedure Inliner took 29.41ms. Allocated memory is still 201.3MB. Free memory was 135.7MB in the beginning and 134.0MB in the end (delta: 1.6MB). There was no memory consumed. Max. memory is 16.1GB. [2025-03-08 05:39:32,863 INFO L158 Benchmark]: Boogie Preprocessor took 29.10ms. Allocated memory is still 201.3MB. Free memory was 134.0MB in the beginning and 132.6MB in the end (delta: 1.4MB). There was no memory consumed. Max. memory is 16.1GB. [2025-03-08 05:39:32,863 INFO L158 Benchmark]: IcfgBuilder took 337.62ms. Allocated memory is still 201.3MB. Free memory was 132.6MB in the beginning and 114.2MB in the end (delta: 18.4MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. [2025-03-08 05:39:32,863 INFO L158 Benchmark]: TraceAbstraction took 2894.40ms. Allocated memory is still 201.3MB. Free memory was 113.4MB in the beginning and 99.3MB in the end (delta: 14.1MB). Peak memory consumption was 8.2MB. Max. memory is 16.1GB. [2025-03-08 05:39:32,863 INFO L158 Benchmark]: Witness Printer took 139.90ms. Allocated memory is still 201.3MB. Free memory was 99.3MB in the beginning and 85.8MB in the end (delta: 13.5MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-03-08 05:39:32,864 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.21ms. Allocated memory is still 201.3MB. Free memory is still 119.5MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 327.34ms. Allocated memory is still 201.3MB. Free memory was 154.1MB in the beginning and 135.7MB in the end (delta: 18.4MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 29.41ms. Allocated memory is still 201.3MB. Free memory was 135.7MB in the beginning and 134.0MB in the end (delta: 1.6MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 29.10ms. Allocated memory is still 201.3MB. Free memory was 134.0MB in the beginning and 132.6MB in the end (delta: 1.4MB). There was no memory consumed. Max. memory is 16.1GB. * IcfgBuilder took 337.62ms. Allocated memory is still 201.3MB. Free memory was 132.6MB in the beginning and 114.2MB in the end (delta: 18.4MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. * TraceAbstraction took 2894.40ms. Allocated memory is still 201.3MB. Free memory was 113.4MB in the beginning and 99.3MB in the end (delta: 14.1MB). Peak memory consumption was 8.2MB. Max. memory is 16.1GB. * Witness Printer took 139.90ms. Allocated memory is still 201.3MB. Free memory was 99.3MB in the beginning and 85.8MB in the end (delta: 13.5MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] - GenericResultAtLocation [Line: 415]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [415] - GenericResultAtLocation [Line: 487]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [487] - GenericResultAtLocation [Line: 674]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification2_spec.i","") [674] - GenericResultAtLocation [Line: 714]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [714] - GenericResultAtLocation [Line: 752]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [752] - GenericResultAtLocation [Line: 849]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [849] - GenericResultAtLocation [Line: 858]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [858] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 854]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L219] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; [L496] int pumpRunning = 0; [L497] int systemActive = 1; [L676] int methAndRunningLastTime ; [L753] int cleanupTimeShifts = 4; [L860] int waterLevel = 1; [L861] int methaneLevelCritical = 0; VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L827] int retValue_acc ; [L828] int tmp ; [L832] FCALL select_helpers() [L833] FCALL select_features() [L834] CALL, EXPR valid_product() [L744] int retValue_acc ; [L747] retValue_acc = 1 [L748] return (retValue_acc); VAL [\result=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L834] RET, EXPR valid_product() [L834] tmp = valid_product() [L836] COND TRUE \read(tmp) [L838] FCALL setup() [L839] CALL runTest() [L820] CALL __utac_acc__Specification2_spec__1() [L681] methAndRunningLastTime = 0 VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L820] RET __utac_acc__Specification2_spec__1() [L821] CALL test() [L422] int splverifierCounter ; [L423] int tmp ; [L424] int tmp___0 ; [L425] int tmp___1 ; [L426] int tmp___2 ; [L429] splverifierCounter = 0 VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L433] COND TRUE splverifierCounter < 4 [L439] tmp = __VERIFIER_nondet_int() [L441] COND TRUE \read(tmp) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L443] CALL waterRise() VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L878] COND TRUE waterLevel < 2 [L879] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L443] RET waterRise() VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L449] tmp___0 = __VERIFIER_nondet_int() [L451] COND FALSE !(\read(tmp___0)) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L459] tmp___2 = __VERIFIER_nondet_int() [L461] COND FALSE !(\read(tmp___2)) [L467] tmp___1 = __VERIFIER_nondet_int() [L469] COND TRUE \read(tmp___1) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L476] CALL timeShift() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L504] COND FALSE !(\read(pumpRunning)) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L511] COND TRUE \read(systemActive) [L513] CALL processEnvironment() [L533] int tmp ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L536] COND TRUE ! pumpRunning [L538] CALL, EXPR isHighWaterLevel() [L648] int retValue_acc ; [L649] int tmp ; [L650] int tmp___0 ; [L654] CALL, EXPR isHighWaterSensorDry() [L940] int retValue_acc ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L943] COND FALSE !(waterLevel < 2) [L947] retValue_acc = 0 [L948] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L654] RET, EXPR isHighWaterSensorDry() [L654] tmp = isHighWaterSensorDry() [L656] COND FALSE !(\read(tmp)) [L659] tmp___0 = 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L661] retValue_acc = tmp___0 [L662] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L538] RET, EXPR isHighWaterLevel() [L538] tmp = isHighWaterLevel() [L540] COND TRUE \read(tmp) [L542] CALL activatePump() [L567] int tmp ; [L571] CALL, EXPR isMethaneAlarm() [L592] int retValue_acc ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L596] CALL, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L899] int retValue_acc ; [L902] retValue_acc = methaneLevelCritical [L903] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L596] RET, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L596] retValue_acc = isMethaneLevelCritical() [L598] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L571] RET, EXPR isMethaneAlarm() [L571] tmp = isMethaneAlarm() [L573] COND FALSE !(\read(tmp)) [L577] CALL activatePump__wrappee__highWaterSensor() [L561] pumpRunning = 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L577] RET activatePump__wrappee__highWaterSensor() [L542] RET activatePump() [L513] RET processEnvironment() [L519] CALL __utac_acc__Specification2_spec__2() [L686] int tmp ; [L687] int tmp___0 ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L691] CALL, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L899] int retValue_acc ; [L902] retValue_acc = methaneLevelCritical [L903] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L691] RET, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L691] tmp = isMethaneLevelCritical() [L693] COND FALSE !(\read(tmp)) [L709] methAndRunningLastTime = 0 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L519] RET __utac_acc__Specification2_spec__2() [L476] RET timeShift() VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L433] COND TRUE splverifierCounter < 4 [L439] tmp = __VERIFIER_nondet_int() [L441] COND FALSE !(\read(tmp)) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L449] tmp___0 = __VERIFIER_nondet_int() [L451] COND TRUE \read(tmp___0) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L453] CALL changeMethaneLevel() VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L890] COND FALSE !(\read(methaneLevelCritical)) [L893] methaneLevelCritical = 1 VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L453] RET changeMethaneLevel() VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L459] tmp___2 = __VERIFIER_nondet_int() [L461] COND FALSE !(\read(tmp___2)) [L467] tmp___1 = __VERIFIER_nondet_int() [L469] COND TRUE \read(tmp___1) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L476] CALL timeShift() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L504] COND TRUE \read(pumpRunning) [L506] CALL lowerWaterLevel() [L866] COND TRUE waterLevel > 0 [L867] waterLevel = waterLevel - 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L506] RET lowerWaterLevel() [L511] COND TRUE \read(systemActive) [L513] CALL processEnvironment() [L533] int tmp ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L536] COND FALSE !(! pumpRunning) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L551] FCALL processEnvironment__wrappee__base() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L513] RET processEnvironment() [L519] CALL __utac_acc__Specification2_spec__2() [L686] int tmp ; [L687] int tmp___0 ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L691] CALL, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L899] int retValue_acc ; [L902] retValue_acc = methaneLevelCritical [L903] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=1, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L691] RET, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L691] tmp = isMethaneLevelCritical() [L693] COND TRUE \read(tmp) [L695] CALL, EXPR isPumpRunning() [L603] int retValue_acc ; [L606] retValue_acc = pumpRunning [L607] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=1, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L695] RET, EXPR isPumpRunning() [L695] tmp___0 = isPumpRunning() [L697] COND TRUE \read(tmp___0) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L698] COND FALSE !(\read(methAndRunningLastTime)) [L703] methAndRunningLastTime = 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L519] RET __utac_acc__Specification2_spec__2() [L476] RET timeShift() VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L433] COND TRUE splverifierCounter < 4 [L439] tmp = __VERIFIER_nondet_int() [L441] COND FALSE !(\read(tmp)) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L449] tmp___0 = __VERIFIER_nondet_int() [L451] COND FALSE !(\read(tmp___0)) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L459] tmp___2 = __VERIFIER_nondet_int() [L461] COND FALSE !(\read(tmp___2)) [L467] tmp___1 = __VERIFIER_nondet_int() [L469] COND TRUE \read(tmp___1) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L476] CALL timeShift() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L504] COND TRUE \read(pumpRunning) [L506] CALL lowerWaterLevel() [L866] COND TRUE waterLevel > 0 [L867] waterLevel = waterLevel - 1 VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=0] [L506] RET lowerWaterLevel() [L511] COND TRUE \read(systemActive) [L513] CALL processEnvironment() [L533] int tmp ; VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=0] [L536] COND FALSE !(! pumpRunning) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=0] [L551] FCALL processEnvironment__wrappee__base() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=0] [L513] RET processEnvironment() [L519] CALL __utac_acc__Specification2_spec__2() [L686] int tmp ; [L687] int tmp___0 ; VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=0] [L691] CALL, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=0] [L899] int retValue_acc ; [L902] retValue_acc = methaneLevelCritical [L903] return (retValue_acc); VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=1, \result=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=0] [L691] RET, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=0] [L691] tmp = isMethaneLevelCritical() [L693] COND TRUE \read(tmp) [L695] CALL, EXPR isPumpRunning() [L603] int retValue_acc ; [L606] retValue_acc = pumpRunning [L607] return (retValue_acc); VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=1, \result=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=0] [L695] RET, EXPR isPumpRunning() [L695] tmp___0 = isPumpRunning() [L697] COND TRUE \read(tmp___0) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=0] [L698] COND TRUE \read(methAndRunningLastTime) [L700] CALL __automaton_fail() [L854] reach_error() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=0] - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 79 locations, 114 edges, 1 error locations. Started 1 CEGAR loops. OverallTime: 2.8s, OverallIterations: 11, TraceHistogramMax: 4, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.5s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 425 SdHoareTripleChecker+Valid, 0.2s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 419 mSDsluCounter, 2581 SdHoareTripleChecker+Invalid, 0.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1730 mSDsCounter, 31 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 263 IncrementalHoareTripleChecker+Invalid, 294 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 31 mSolverCounterUnsat, 851 mSDtfsCounter, 263 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 301 GetRequests, 256 SyntacticMatches, 1 SemanticMatches, 44 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 31 ImplicationChecksByTransitivity, 0.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=339occurred in iteration=9, InterpolantAutomatonStates: 45, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.1s AutomataMinimizationTime, 10 MinimizatonAttempts, 87 StatesRemovedByMinimization, 4 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.2s InterpolantComputationTime, 755 NumberOfCodeBlocks, 755 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 711 ConstructedInterpolants, 0 QuantifiedInterpolants, 1349 SizeOfPredicates, 1 NumberOfNonLiveVariables, 596 ConjunctsInSsa, 19 ConjunctsInUnsatCore, 13 InterpolantComputations, 10 PerfectInterpolantSequences, 144/152 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-03-08 05:39:32,878 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE