./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product64.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version e2fb8bed Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product64.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 323b2112d56f35ec9fc5a7837411d8e54d2d46e3d8981d77e080eaf0dd99497b --- Real Ultimate output --- This is Ultimate 0.3.0-?-e2fb8be-m [2025-03-08 05:42:04,155 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-03-08 05:42:04,203 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-03-08 05:42:04,207 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-03-08 05:42:04,207 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-03-08 05:42:04,227 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-03-08 05:42:04,227 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-03-08 05:42:04,227 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-03-08 05:42:04,228 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-03-08 05:42:04,228 INFO L153 SettingsManager]: * Use memory slicer=true [2025-03-08 05:42:04,229 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-03-08 05:42:04,229 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-03-08 05:42:04,229 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-03-08 05:42:04,229 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-03-08 05:42:04,230 INFO L153 SettingsManager]: * Use SBE=true [2025-03-08 05:42:04,230 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-03-08 05:42:04,230 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-03-08 05:42:04,230 INFO L153 SettingsManager]: * sizeof long=4 [2025-03-08 05:42:04,230 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-03-08 05:42:04,230 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-03-08 05:42:04,230 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-03-08 05:42:04,231 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-03-08 05:42:04,231 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-03-08 05:42:04,231 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-03-08 05:42:04,231 INFO L153 SettingsManager]: * sizeof long double=12 [2025-03-08 05:42:04,231 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-03-08 05:42:04,231 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-03-08 05:42:04,231 INFO L153 SettingsManager]: * Use constant arrays=true [2025-03-08 05:42:04,231 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-03-08 05:42:04,231 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-03-08 05:42:04,232 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-03-08 05:42:04,232 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-03-08 05:42:04,232 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-08 05:42:04,232 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-03-08 05:42:04,232 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-03-08 05:42:04,232 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-03-08 05:42:04,232 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-03-08 05:42:04,232 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-03-08 05:42:04,232 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-03-08 05:42:04,232 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-03-08 05:42:04,232 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-03-08 05:42:04,232 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-03-08 05:42:04,233 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-03-08 05:42:04,233 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 323b2112d56f35ec9fc5a7837411d8e54d2d46e3d8981d77e080eaf0dd99497b [2025-03-08 05:42:04,463 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-03-08 05:42:04,471 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-03-08 05:42:04,472 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-03-08 05:42:04,473 INFO L270 PluginConnector]: Initializing CDTParser... [2025-03-08 05:42:04,473 INFO L274 PluginConnector]: CDTParser initialized [2025-03-08 05:42:04,475 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product64.cil.c [2025-03-08 05:42:05,627 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/f6a8e5a8c/5f94d28e673747e9bdba0db5ca4719ca/FLAG959b73a17 [2025-03-08 05:42:05,877 INFO L384 CDTParser]: Found 1 translation units. [2025-03-08 05:42:05,881 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product64.cil.c [2025-03-08 05:42:05,893 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/f6a8e5a8c/5f94d28e673747e9bdba0db5ca4719ca/FLAG959b73a17 [2025-03-08 05:42:06,193 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/f6a8e5a8c/5f94d28e673747e9bdba0db5ca4719ca [2025-03-08 05:42:06,195 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-03-08 05:42:06,196 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-03-08 05:42:06,196 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-03-08 05:42:06,196 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-03-08 05:42:06,200 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-03-08 05:42:06,201 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.03 05:42:06" (1/1) ... [2025-03-08 05:42:06,201 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@17ab1301 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:42:06, skipping insertion in model container [2025-03-08 05:42:06,201 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.03 05:42:06" (1/1) ... [2025-03-08 05:42:06,224 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-03-08 05:42:06,384 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product64.cil.c[9626,9639] [2025-03-08 05:42:06,444 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-08 05:42:06,452 INFO L200 MainTranslator]: Completed pre-run [2025-03-08 05:42:06,458 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [49] [2025-03-08 05:42:06,459 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [101] [2025-03-08 05:42:06,459 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [176] [2025-03-08 05:42:06,459 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [450] [2025-03-08 05:42:06,460 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [553] [2025-03-08 05:42:06,460 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [653] [2025-03-08 05:42:06,460 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [662] [2025-03-08 05:42:06,461 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [697] [2025-03-08 05:42:06,482 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product64.cil.c[9626,9639] [2025-03-08 05:42:06,519 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-08 05:42:06,536 INFO L204 MainTranslator]: Completed translation [2025-03-08 05:42:06,536 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:42:06 WrapperNode [2025-03-08 05:42:06,537 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-03-08 05:42:06,537 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-03-08 05:42:06,538 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-03-08 05:42:06,538 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-03-08 05:42:06,542 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:42:06" (1/1) ... [2025-03-08 05:42:06,549 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:42:06" (1/1) ... [2025-03-08 05:42:06,566 INFO L138 Inliner]: procedures = 61, calls = 110, calls flagged for inlining = 27, calls inlined = 24, statements flattened = 246 [2025-03-08 05:42:06,567 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-03-08 05:42:06,568 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-03-08 05:42:06,568 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-03-08 05:42:06,568 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-03-08 05:42:06,574 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:42:06" (1/1) ... [2025-03-08 05:42:06,574 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:42:06" (1/1) ... [2025-03-08 05:42:06,575 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:42:06" (1/1) ... [2025-03-08 05:42:06,586 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-03-08 05:42:06,587 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:42:06" (1/1) ... [2025-03-08 05:42:06,587 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:42:06" (1/1) ... [2025-03-08 05:42:06,594 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:42:06" (1/1) ... [2025-03-08 05:42:06,595 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:42:06" (1/1) ... [2025-03-08 05:42:06,595 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:42:06" (1/1) ... [2025-03-08 05:42:06,596 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:42:06" (1/1) ... [2025-03-08 05:42:06,601 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-03-08 05:42:06,602 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-03-08 05:42:06,603 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-03-08 05:42:06,603 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-03-08 05:42:06,603 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:42:06" (1/1) ... [2025-03-08 05:42:06,607 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-08 05:42:06,616 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-08 05:42:06,627 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-03-08 05:42:06,632 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-03-08 05:42:06,645 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-03-08 05:42:06,645 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2025-03-08 05:42:06,645 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2025-03-08 05:42:06,645 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-03-08 05:42:06,645 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-03-08 05:42:06,645 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-03-08 05:42:06,645 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-03-08 05:42:06,645 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2025-03-08 05:42:06,646 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2025-03-08 05:42:06,646 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-03-08 05:42:06,646 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-03-08 05:42:06,646 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2025-03-08 05:42:06,646 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2025-03-08 05:42:06,646 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2025-03-08 05:42:06,646 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2025-03-08 05:42:06,646 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2025-03-08 05:42:06,647 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2025-03-08 05:42:06,647 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2025-03-08 05:42:06,647 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2025-03-08 05:42:06,647 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-03-08 05:42:06,648 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-03-08 05:42:06,648 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-03-08 05:42:06,648 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-03-08 05:42:06,648 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-03-08 05:42:06,700 INFO L256 CfgBuilder]: Building ICFG [2025-03-08 05:42:06,701 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2025-03-08 05:42:06,760 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L424-1: isLowWaterLevel_#res#1 := isLowWaterLevel_~retValue_acc~3#1; [2025-03-08 05:42:06,760 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L550-1: isLowWaterSensorDry_#res#1 := isLowWaterSensorDry_~retValue_acc~7#1; [2025-03-08 05:42:06,765 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L350: #res := ~retValue_acc~1; [2025-03-08 05:42:06,819 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L527-1: getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~5#1; [2025-03-08 05:42:06,878 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L694-1: valid_product_#res#1 := valid_product_~retValue_acc~10#1; [2025-03-08 05:42:06,878 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L650-1: main_#res#1 := main_~retValue_acc~8#1; [2025-03-08 05:42:06,905 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L541-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~6#1; [2025-03-08 05:42:06,906 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L405-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~2#1; [2025-03-08 05:42:06,919 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L495-1: isMethaneLevelCritical_#res#1 := isMethaneLevelCritical_~retValue_acc~4#1; [2025-03-08 05:42:06,919 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L341: #res#1 := ~retValue_acc~0#1; [2025-03-08 05:42:06,939 INFO L? ?]: Removed 52 outVars from TransFormulas that were not future-live. [2025-03-08 05:42:06,939 INFO L307 CfgBuilder]: Performing block encoding [2025-03-08 05:42:06,949 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-03-08 05:42:06,949 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2025-03-08 05:42:06,949 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 08.03 05:42:06 BoogieIcfgContainer [2025-03-08 05:42:06,950 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-03-08 05:42:06,951 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-03-08 05:42:06,951 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-03-08 05:42:06,954 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-03-08 05:42:06,955 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 08.03 05:42:06" (1/3) ... [2025-03-08 05:42:06,955 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@13ee90d8 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.03 05:42:06, skipping insertion in model container [2025-03-08 05:42:06,955 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:42:06" (2/3) ... [2025-03-08 05:42:06,955 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@13ee90d8 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.03 05:42:06, skipping insertion in model container [2025-03-08 05:42:06,956 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 08.03 05:42:06" (3/3) ... [2025-03-08 05:42:06,957 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product64.cil.c [2025-03-08 05:42:06,967 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-03-08 05:42:06,969 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec5_product64.cil.c that has 11 procedures, 115 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-03-08 05:42:07,017 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-03-08 05:42:07,026 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@10823efa, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-03-08 05:42:07,027 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-03-08 05:42:07,030 INFO L276 IsEmpty]: Start isEmpty. Operand has 115 states, 84 states have (on average 1.3452380952380953) internal successors, (113), 95 states have internal predecessors, (113), 19 states have call successors, (19), 10 states have call predecessors, (19), 10 states have return successors, (19), 14 states have call predecessors, (19), 19 states have call successors, (19) [2025-03-08 05:42:07,035 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2025-03-08 05:42:07,035 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:42:07,036 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:42:07,036 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:42:07,039 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:42:07,039 INFO L85 PathProgramCache]: Analyzing trace with hash -231430773, now seen corresponding path program 1 times [2025-03-08 05:42:07,044 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:42:07,044 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1100046449] [2025-03-08 05:42:07,044 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:42:07,044 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:42:07,092 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 32 statements into 1 equivalence classes. [2025-03-08 05:42:07,114 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 32 of 32 statements. [2025-03-08 05:42:07,114 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:42:07,114 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:42:07,219 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-03-08 05:42:07,219 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:42:07,219 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1100046449] [2025-03-08 05:42:07,220 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1100046449] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:42:07,220 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:42:07,220 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-08 05:42:07,221 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [349832169] [2025-03-08 05:42:07,222 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:42:07,224 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-08 05:42:07,224 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:42:07,236 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-08 05:42:07,237 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:42:07,238 INFO L87 Difference]: Start difference. First operand has 115 states, 84 states have (on average 1.3452380952380953) internal successors, (113), 95 states have internal predecessors, (113), 19 states have call successors, (19), 10 states have call predecessors, (19), 10 states have return successors, (19), 14 states have call predecessors, (19), 19 states have call successors, (19) Second operand has 3 states, 3 states have (on average 8.0) internal successors, (24), 3 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-03-08 05:42:07,265 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:42:07,265 INFO L93 Difference]: Finished difference Result 209 states and 277 transitions. [2025-03-08 05:42:07,267 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-08 05:42:07,268 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.0) internal successors, (24), 3 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2025-03-08 05:42:07,268 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:42:07,273 INFO L225 Difference]: With dead ends: 209 [2025-03-08 05:42:07,273 INFO L226 Difference]: Without dead ends: 98 [2025-03-08 05:42:07,275 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:42:07,277 INFO L435 NwaCegarLoop]: 130 mSDtfsCounter, 16 mSDsluCounter, 110 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 240 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:42:07,278 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [20 Valid, 240 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:42:07,287 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 98 states. [2025-03-08 05:42:07,308 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 98 to 98. [2025-03-08 05:42:07,310 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 98 states, 72 states have (on average 1.3194444444444444) internal successors, (95), 82 states have internal predecessors, (95), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2025-03-08 05:42:07,313 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 98 states to 98 states and 127 transitions. [2025-03-08 05:42:07,315 INFO L78 Accepts]: Start accepts. Automaton has 98 states and 127 transitions. Word has length 32 [2025-03-08 05:42:07,315 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:42:07,315 INFO L471 AbstractCegarLoop]: Abstraction has 98 states and 127 transitions. [2025-03-08 05:42:07,315 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.0) internal successors, (24), 3 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-03-08 05:42:07,315 INFO L276 IsEmpty]: Start isEmpty. Operand 98 states and 127 transitions. [2025-03-08 05:42:07,317 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 37 [2025-03-08 05:42:07,317 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:42:07,317 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:42:07,317 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-03-08 05:42:07,317 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:42:07,318 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:42:07,318 INFO L85 PathProgramCache]: Analyzing trace with hash -1137760960, now seen corresponding path program 1 times [2025-03-08 05:42:07,318 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:42:07,318 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [654742452] [2025-03-08 05:42:07,318 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:42:07,318 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:42:07,345 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 36 statements into 1 equivalence classes. [2025-03-08 05:42:07,352 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 36 of 36 statements. [2025-03-08 05:42:07,352 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:42:07,352 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:42:07,468 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-03-08 05:42:07,468 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:42:07,468 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [654742452] [2025-03-08 05:42:07,468 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [654742452] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:42:07,469 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:42:07,469 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-08 05:42:07,469 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1370455602] [2025-03-08 05:42:07,469 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:42:07,469 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-08 05:42:07,470 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:42:07,470 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-08 05:42:07,470 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-08 05:42:07,470 INFO L87 Difference]: Start difference. First operand 98 states and 127 transitions. Second operand has 5 states, 5 states have (on average 5.8) internal successors, (29), 5 states have internal predecessors, (29), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2025-03-08 05:42:07,540 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:42:07,541 INFO L93 Difference]: Finished difference Result 233 states and 306 transitions. [2025-03-08 05:42:07,543 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-08 05:42:07,543 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.8) internal successors, (29), 5 states have internal predecessors, (29), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 36 [2025-03-08 05:42:07,543 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:42:07,545 INFO L225 Difference]: With dead ends: 233 [2025-03-08 05:42:07,545 INFO L226 Difference]: Without dead ends: 143 [2025-03-08 05:42:07,545 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-03-08 05:42:07,546 INFO L435 NwaCegarLoop]: 139 mSDtfsCounter, 116 mSDsluCounter, 331 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 116 SdHoareTripleChecker+Valid, 470 SdHoareTripleChecker+Invalid, 13 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:42:07,546 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [116 Valid, 470 Invalid, 13 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:42:07,548 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 143 states. [2025-03-08 05:42:07,560 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 143 to 140. [2025-03-08 05:42:07,560 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 140 states, 103 states have (on average 1.3398058252427185) internal successors, (138), 116 states have internal predecessors, (138), 22 states have call successors, (22), 14 states have call predecessors, (22), 14 states have return successors, (23), 16 states have call predecessors, (23), 22 states have call successors, (23) [2025-03-08 05:42:07,562 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 140 states to 140 states and 183 transitions. [2025-03-08 05:42:07,562 INFO L78 Accepts]: Start accepts. Automaton has 140 states and 183 transitions. Word has length 36 [2025-03-08 05:42:07,562 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:42:07,562 INFO L471 AbstractCegarLoop]: Abstraction has 140 states and 183 transitions. [2025-03-08 05:42:07,562 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.8) internal successors, (29), 5 states have internal predecessors, (29), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2025-03-08 05:42:07,562 INFO L276 IsEmpty]: Start isEmpty. Operand 140 states and 183 transitions. [2025-03-08 05:42:07,563 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 40 [2025-03-08 05:42:07,564 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:42:07,564 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:42:07,564 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-03-08 05:42:07,564 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:42:07,565 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:42:07,565 INFO L85 PathProgramCache]: Analyzing trace with hash 43217573, now seen corresponding path program 1 times [2025-03-08 05:42:07,565 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:42:07,565 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [465146687] [2025-03-08 05:42:07,565 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:42:07,565 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:42:07,572 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 39 statements into 1 equivalence classes. [2025-03-08 05:42:07,589 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 39 of 39 statements. [2025-03-08 05:42:07,590 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:42:07,590 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:42:07,689 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2025-03-08 05:42:07,689 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:42:07,689 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [465146687] [2025-03-08 05:42:07,690 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [465146687] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:42:07,690 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:42:07,690 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-03-08 05:42:07,690 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [71984369] [2025-03-08 05:42:07,690 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:42:07,690 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-03-08 05:42:07,690 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:42:07,691 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-03-08 05:42:07,691 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-08 05:42:07,692 INFO L87 Difference]: Start difference. First operand 140 states and 183 transitions. Second operand has 6 states, 6 states have (on average 5.666666666666667) internal successors, (34), 5 states have internal predecessors, (34), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2025-03-08 05:42:07,851 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:42:07,852 INFO L93 Difference]: Finished difference Result 318 states and 426 transitions. [2025-03-08 05:42:07,852 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-03-08 05:42:07,852 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.666666666666667) internal successors, (34), 5 states have internal predecessors, (34), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 39 [2025-03-08 05:42:07,852 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:42:07,854 INFO L225 Difference]: With dead ends: 318 [2025-03-08 05:42:07,854 INFO L226 Difference]: Without dead ends: 186 [2025-03-08 05:42:07,854 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2025-03-08 05:42:07,855 INFO L435 NwaCegarLoop]: 124 mSDtfsCounter, 65 mSDsluCounter, 409 mSDsCounter, 0 mSdLazyCounter, 80 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 66 SdHoareTripleChecker+Valid, 533 SdHoareTripleChecker+Invalid, 91 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 80 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-08 05:42:07,855 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [66 Valid, 533 Invalid, 91 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 80 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-08 05:42:07,858 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 186 states. [2025-03-08 05:42:07,875 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 186 to 185. [2025-03-08 05:42:07,875 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 185 states, 137 states have (on average 1.27007299270073) internal successors, (174), 149 states have internal predecessors, (174), 26 states have call successors, (26), 21 states have call predecessors, (26), 21 states have return successors, (34), 24 states have call predecessors, (34), 26 states have call successors, (34) [2025-03-08 05:42:07,877 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 185 states to 185 states and 234 transitions. [2025-03-08 05:42:07,877 INFO L78 Accepts]: Start accepts. Automaton has 185 states and 234 transitions. Word has length 39 [2025-03-08 05:42:07,877 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:42:07,877 INFO L471 AbstractCegarLoop]: Abstraction has 185 states and 234 transitions. [2025-03-08 05:42:07,877 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.666666666666667) internal successors, (34), 5 states have internal predecessors, (34), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2025-03-08 05:42:07,877 INFO L276 IsEmpty]: Start isEmpty. Operand 185 states and 234 transitions. [2025-03-08 05:42:07,879 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 67 [2025-03-08 05:42:07,879 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:42:07,879 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:42:07,879 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-03-08 05:42:07,879 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:42:07,880 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:42:07,880 INFO L85 PathProgramCache]: Analyzing trace with hash 608900647, now seen corresponding path program 1 times [2025-03-08 05:42:07,880 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:42:07,880 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1188647500] [2025-03-08 05:42:07,880 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:42:07,880 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:42:07,892 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 66 statements into 1 equivalence classes. [2025-03-08 05:42:07,897 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 66 of 66 statements. [2025-03-08 05:42:07,897 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:42:07,897 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:42:07,934 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-03-08 05:42:07,934 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:42:07,935 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1188647500] [2025-03-08 05:42:07,935 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1188647500] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:42:07,935 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:42:07,935 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-08 05:42:07,935 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1682221556] [2025-03-08 05:42:07,935 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:42:07,935 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-08 05:42:07,936 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:42:07,937 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-08 05:42:07,937 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:42:07,937 INFO L87 Difference]: Start difference. First operand 185 states and 234 transitions. Second operand has 3 states, 3 states have (on average 17.666666666666668) internal successors, (53), 3 states have internal predecessors, (53), 3 states have call successors, (6), 2 states have call predecessors, (6), 1 states have return successors, (5), 3 states have call predecessors, (5), 3 states have call successors, (5) [2025-03-08 05:42:07,956 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:42:07,956 INFO L93 Difference]: Finished difference Result 364 states and 462 transitions. [2025-03-08 05:42:07,956 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-08 05:42:07,956 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 17.666666666666668) internal successors, (53), 3 states have internal predecessors, (53), 3 states have call successors, (6), 2 states have call predecessors, (6), 1 states have return successors, (5), 3 states have call predecessors, (5), 3 states have call successors, (5) Word has length 66 [2025-03-08 05:42:07,957 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:42:07,958 INFO L225 Difference]: With dead ends: 364 [2025-03-08 05:42:07,958 INFO L226 Difference]: Without dead ends: 187 [2025-03-08 05:42:07,959 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:42:07,959 INFO L435 NwaCegarLoop]: 161 mSDtfsCounter, 36 mSDsluCounter, 121 mSDsCounter, 0 mSdLazyCounter, 5 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 36 SdHoareTripleChecker+Valid, 282 SdHoareTripleChecker+Invalid, 5 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 5 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:42:07,959 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [36 Valid, 282 Invalid, 5 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 5 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:42:07,960 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 187 states. [2025-03-08 05:42:07,976 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 187 to 185. [2025-03-08 05:42:07,977 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 185 states, 137 states have (on average 1.2627737226277371) internal successors, (173), 149 states have internal predecessors, (173), 26 states have call successors, (26), 21 states have call predecessors, (26), 21 states have return successors, (32), 24 states have call predecessors, (32), 26 states have call successors, (32) [2025-03-08 05:42:07,978 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 185 states to 185 states and 231 transitions. [2025-03-08 05:42:07,978 INFO L78 Accepts]: Start accepts. Automaton has 185 states and 231 transitions. Word has length 66 [2025-03-08 05:42:07,978 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:42:07,978 INFO L471 AbstractCegarLoop]: Abstraction has 185 states and 231 transitions. [2025-03-08 05:42:07,978 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 17.666666666666668) internal successors, (53), 3 states have internal predecessors, (53), 3 states have call successors, (6), 2 states have call predecessors, (6), 1 states have return successors, (5), 3 states have call predecessors, (5), 3 states have call successors, (5) [2025-03-08 05:42:07,990 INFO L276 IsEmpty]: Start isEmpty. Operand 185 states and 231 transitions. [2025-03-08 05:42:07,991 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 64 [2025-03-08 05:42:07,991 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:42:07,991 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:42:07,991 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-03-08 05:42:07,992 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:42:07,992 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:42:07,992 INFO L85 PathProgramCache]: Analyzing trace with hash 1736415916, now seen corresponding path program 1 times [2025-03-08 05:42:07,992 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:42:07,992 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2040802612] [2025-03-08 05:42:07,992 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:42:07,992 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:42:08,003 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 63 statements into 1 equivalence classes. [2025-03-08 05:42:08,007 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 63 of 63 statements. [2025-03-08 05:42:08,007 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:42:08,007 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:42:08,066 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-03-08 05:42:08,066 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:42:08,066 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2040802612] [2025-03-08 05:42:08,067 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2040802612] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:42:08,067 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:42:08,067 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-08 05:42:08,067 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [560361371] [2025-03-08 05:42:08,067 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:42:08,067 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-08 05:42:08,067 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:42:08,068 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-08 05:42:08,069 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-08 05:42:08,069 INFO L87 Difference]: Start difference. First operand 185 states and 231 transitions. Second operand has 5 states, 5 states have (on average 10.0) internal successors, (50), 5 states have internal predecessors, (50), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2025-03-08 05:42:08,095 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:42:08,097 INFO L93 Difference]: Finished difference Result 365 states and 470 transitions. [2025-03-08 05:42:08,097 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-08 05:42:08,098 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 10.0) internal successors, (50), 5 states have internal predecessors, (50), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 63 [2025-03-08 05:42:08,098 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:42:08,101 INFO L225 Difference]: With dead ends: 365 [2025-03-08 05:42:08,101 INFO L226 Difference]: Without dead ends: 188 [2025-03-08 05:42:08,102 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-08 05:42:08,102 INFO L435 NwaCegarLoop]: 124 mSDtfsCounter, 0 mSDsluCounter, 366 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 490 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:42:08,103 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 490 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:42:08,103 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 188 states. [2025-03-08 05:42:08,116 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 188 to 188. [2025-03-08 05:42:08,117 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 188 states, 140 states have (on average 1.2571428571428571) internal successors, (176), 152 states have internal predecessors, (176), 26 states have call successors, (26), 21 states have call predecessors, (26), 21 states have return successors, (32), 24 states have call predecessors, (32), 26 states have call successors, (32) [2025-03-08 05:42:08,118 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 188 states to 188 states and 234 transitions. [2025-03-08 05:42:08,118 INFO L78 Accepts]: Start accepts. Automaton has 188 states and 234 transitions. Word has length 63 [2025-03-08 05:42:08,118 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:42:08,118 INFO L471 AbstractCegarLoop]: Abstraction has 188 states and 234 transitions. [2025-03-08 05:42:08,119 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 10.0) internal successors, (50), 5 states have internal predecessors, (50), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2025-03-08 05:42:08,119 INFO L276 IsEmpty]: Start isEmpty. Operand 188 states and 234 transitions. [2025-03-08 05:42:08,120 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 64 [2025-03-08 05:42:08,121 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:42:08,122 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:42:08,122 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-03-08 05:42:08,122 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:42:08,122 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:42:08,122 INFO L85 PathProgramCache]: Analyzing trace with hash -1865449683, now seen corresponding path program 1 times [2025-03-08 05:42:08,122 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:42:08,123 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [585461411] [2025-03-08 05:42:08,123 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:42:08,123 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:42:08,133 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 63 statements into 1 equivalence classes. [2025-03-08 05:42:08,136 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 63 of 63 statements. [2025-03-08 05:42:08,137 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:42:08,137 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:42:08,198 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-03-08 05:42:08,199 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:42:08,199 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [585461411] [2025-03-08 05:42:08,199 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [585461411] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:42:08,199 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:42:08,199 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-03-08 05:42:08,199 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [186880747] [2025-03-08 05:42:08,199 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:42:08,199 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-03-08 05:42:08,200 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:42:08,200 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-03-08 05:42:08,200 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-08 05:42:08,200 INFO L87 Difference]: Start difference. First operand 188 states and 234 transitions. Second operand has 6 states, 6 states have (on average 8.333333333333334) internal successors, (50), 6 states have internal predecessors, (50), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2025-03-08 05:42:08,226 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:42:08,227 INFO L93 Difference]: Finished difference Result 370 states and 475 transitions. [2025-03-08 05:42:08,227 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2025-03-08 05:42:08,228 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 8.333333333333334) internal successors, (50), 6 states have internal predecessors, (50), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 63 [2025-03-08 05:42:08,228 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:42:08,230 INFO L225 Difference]: With dead ends: 370 [2025-03-08 05:42:08,230 INFO L226 Difference]: Without dead ends: 190 [2025-03-08 05:42:08,230 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-08 05:42:08,231 INFO L435 NwaCegarLoop]: 123 mSDtfsCounter, 0 mSDsluCounter, 484 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 607 SdHoareTripleChecker+Invalid, 25 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:42:08,232 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 607 Invalid, 25 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:42:08,233 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 190 states. [2025-03-08 05:42:08,244 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 190 to 190. [2025-03-08 05:42:08,245 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 190 states, 142 states have (on average 1.2535211267605635) internal successors, (178), 154 states have internal predecessors, (178), 26 states have call successors, (26), 21 states have call predecessors, (26), 21 states have return successors, (32), 24 states have call predecessors, (32), 26 states have call successors, (32) [2025-03-08 05:42:08,246 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 190 states to 190 states and 236 transitions. [2025-03-08 05:42:08,247 INFO L78 Accepts]: Start accepts. Automaton has 190 states and 236 transitions. Word has length 63 [2025-03-08 05:42:08,247 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:42:08,247 INFO L471 AbstractCegarLoop]: Abstraction has 190 states and 236 transitions. [2025-03-08 05:42:08,247 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 8.333333333333334) internal successors, (50), 6 states have internal predecessors, (50), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2025-03-08 05:42:08,247 INFO L276 IsEmpty]: Start isEmpty. Operand 190 states and 236 transitions. [2025-03-08 05:42:08,248 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 64 [2025-03-08 05:42:08,248 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:42:08,248 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:42:08,248 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-03-08 05:42:08,248 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:42:08,249 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:42:08,249 INFO L85 PathProgramCache]: Analyzing trace with hash -1163849809, now seen corresponding path program 1 times [2025-03-08 05:42:08,249 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:42:08,249 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [836215815] [2025-03-08 05:42:08,249 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:42:08,249 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:42:08,256 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 63 statements into 1 equivalence classes. [2025-03-08 05:42:08,261 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 63 of 63 statements. [2025-03-08 05:42:08,261 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:42:08,261 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:42:08,344 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-03-08 05:42:08,345 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:42:08,345 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [836215815] [2025-03-08 05:42:08,346 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [836215815] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:42:08,346 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:42:08,346 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-03-08 05:42:08,346 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1441550464] [2025-03-08 05:42:08,346 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:42:08,346 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-03-08 05:42:08,346 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:42:08,347 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-03-08 05:42:08,347 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-08 05:42:08,347 INFO L87 Difference]: Start difference. First operand 190 states and 236 transitions. Second operand has 4 states, 4 states have (on average 12.5) internal successors, (50), 4 states have internal predecessors, (50), 4 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2025-03-08 05:42:08,452 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:42:08,452 INFO L93 Difference]: Finished difference Result 628 states and 807 transitions. [2025-03-08 05:42:08,452 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-03-08 05:42:08,453 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 12.5) internal successors, (50), 4 states have internal predecessors, (50), 4 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) Word has length 63 [2025-03-08 05:42:08,453 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:42:08,455 INFO L225 Difference]: With dead ends: 628 [2025-03-08 05:42:08,455 INFO L226 Difference]: Without dead ends: 446 [2025-03-08 05:42:08,456 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-08 05:42:08,456 INFO L435 NwaCegarLoop]: 212 mSDtfsCounter, 157 mSDsluCounter, 201 mSDsCounter, 0 mSdLazyCounter, 78 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 157 SdHoareTripleChecker+Valid, 413 SdHoareTripleChecker+Invalid, 83 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 78 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-08 05:42:08,456 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [157 Valid, 413 Invalid, 83 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 78 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-08 05:42:08,460 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 446 states. [2025-03-08 05:42:08,483 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 446 to 437. [2025-03-08 05:42:08,484 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 437 states, 325 states have (on average 1.236923076923077) internal successors, (402), 348 states have internal predecessors, (402), 61 states have call successors, (61), 49 states have call predecessors, (61), 50 states have return successors, (87), 58 states have call predecessors, (87), 61 states have call successors, (87) [2025-03-08 05:42:08,486 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 437 states to 437 states and 550 transitions. [2025-03-08 05:42:08,486 INFO L78 Accepts]: Start accepts. Automaton has 437 states and 550 transitions. Word has length 63 [2025-03-08 05:42:08,486 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:42:08,486 INFO L471 AbstractCegarLoop]: Abstraction has 437 states and 550 transitions. [2025-03-08 05:42:08,486 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 12.5) internal successors, (50), 4 states have internal predecessors, (50), 4 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2025-03-08 05:42:08,487 INFO L276 IsEmpty]: Start isEmpty. Operand 437 states and 550 transitions. [2025-03-08 05:42:08,487 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 68 [2025-03-08 05:42:08,487 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:42:08,487 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:42:08,488 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-03-08 05:42:08,488 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:42:08,488 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:42:08,488 INFO L85 PathProgramCache]: Analyzing trace with hash 1170365233, now seen corresponding path program 1 times [2025-03-08 05:42:08,488 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:42:08,488 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1438225311] [2025-03-08 05:42:08,488 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:42:08,488 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:42:08,494 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 67 statements into 1 equivalence classes. [2025-03-08 05:42:08,499 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 67 of 67 statements. [2025-03-08 05:42:08,500 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:42:08,500 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:42:08,662 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2025-03-08 05:42:08,663 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:42:08,663 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1438225311] [2025-03-08 05:42:08,663 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1438225311] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:42:08,663 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:42:08,663 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2025-03-08 05:42:08,663 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [40933574] [2025-03-08 05:42:08,663 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:42:08,663 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2025-03-08 05:42:08,663 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:42:08,663 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2025-03-08 05:42:08,664 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2025-03-08 05:42:08,664 INFO L87 Difference]: Start difference. First operand 437 states and 550 transitions. Second operand has 8 states, 8 states have (on average 6.5) internal successors, (52), 7 states have internal predecessors, (52), 4 states have call successors, (7), 3 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2025-03-08 05:42:09,088 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:42:09,088 INFO L93 Difference]: Finished difference Result 1242 states and 1610 transitions. [2025-03-08 05:42:09,089 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2025-03-08 05:42:09,089 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 6.5) internal successors, (52), 7 states have internal predecessors, (52), 4 states have call successors, (7), 3 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) Word has length 67 [2025-03-08 05:42:09,089 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:42:09,099 INFO L225 Difference]: With dead ends: 1242 [2025-03-08 05:42:09,099 INFO L226 Difference]: Without dead ends: 902 [2025-03-08 05:42:09,101 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 16 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=47, Invalid=109, Unknown=0, NotChecked=0, Total=156 [2025-03-08 05:42:09,101 INFO L435 NwaCegarLoop]: 151 mSDtfsCounter, 381 mSDsluCounter, 456 mSDsCounter, 0 mSdLazyCounter, 410 mSolverCounterSat, 87 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 391 SdHoareTripleChecker+Valid, 607 SdHoareTripleChecker+Invalid, 497 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 87 IncrementalHoareTripleChecker+Valid, 410 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2025-03-08 05:42:09,101 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [391 Valid, 607 Invalid, 497 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [87 Valid, 410 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2025-03-08 05:42:09,102 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 902 states. [2025-03-08 05:42:09,171 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 902 to 808. [2025-03-08 05:42:09,172 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 808 states, 598 states have (on average 1.2207357859531773) internal successors, (730), 642 states have internal predecessors, (730), 110 states have call successors, (110), 85 states have call predecessors, (110), 99 states have return successors, (165), 110 states have call predecessors, (165), 110 states have call successors, (165) [2025-03-08 05:42:09,175 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 808 states to 808 states and 1005 transitions. [2025-03-08 05:42:09,176 INFO L78 Accepts]: Start accepts. Automaton has 808 states and 1005 transitions. Word has length 67 [2025-03-08 05:42:09,176 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:42:09,176 INFO L471 AbstractCegarLoop]: Abstraction has 808 states and 1005 transitions. [2025-03-08 05:42:09,177 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 6.5) internal successors, (52), 7 states have internal predecessors, (52), 4 states have call successors, (7), 3 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2025-03-08 05:42:09,177 INFO L276 IsEmpty]: Start isEmpty. Operand 808 states and 1005 transitions. [2025-03-08 05:42:09,178 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 120 [2025-03-08 05:42:09,178 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:42:09,178 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:42:09,178 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-03-08 05:42:09,178 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:42:09,178 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:42:09,179 INFO L85 PathProgramCache]: Analyzing trace with hash 370623275, now seen corresponding path program 1 times [2025-03-08 05:42:09,179 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:42:09,179 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2095345535] [2025-03-08 05:42:09,179 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:42:09,179 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:42:09,188 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 119 statements into 1 equivalence classes. [2025-03-08 05:42:09,200 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 119 of 119 statements. [2025-03-08 05:42:09,201 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:42:09,201 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:42:09,339 INFO L134 CoverageAnalysis]: Checked inductivity of 40 backedges. 17 proven. 10 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2025-03-08 05:42:09,339 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:42:09,339 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2095345535] [2025-03-08 05:42:09,339 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2095345535] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-08 05:42:09,339 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [905752633] [2025-03-08 05:42:09,339 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:42:09,339 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-08 05:42:09,340 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-08 05:42:09,341 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-08 05:42:09,343 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-03-08 05:42:09,386 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 119 statements into 1 equivalence classes. [2025-03-08 05:42:09,425 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 119 of 119 statements. [2025-03-08 05:42:09,426 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:42:09,426 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:42:09,428 INFO L256 TraceCheckSpWp]: Trace formula consists of 385 conjuncts, 8 conjuncts are in the unsatisfiable core [2025-03-08 05:42:09,445 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-08 05:42:09,600 INFO L134 CoverageAnalysis]: Checked inductivity of 40 backedges. 29 proven. 11 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-08 05:42:09,600 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-08 05:42:09,800 INFO L134 CoverageAnalysis]: Checked inductivity of 40 backedges. 17 proven. 10 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2025-03-08 05:42:09,801 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [905752633] provided 0 perfect and 2 imperfect interpolant sequences [2025-03-08 05:42:09,801 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2025-03-08 05:42:09,801 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 6, 6] total 14 [2025-03-08 05:42:09,801 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1846235375] [2025-03-08 05:42:09,802 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2025-03-08 05:42:09,802 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2025-03-08 05:42:09,803 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:42:09,803 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2025-03-08 05:42:09,803 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=34, Invalid=148, Unknown=0, NotChecked=0, Total=182 [2025-03-08 05:42:09,804 INFO L87 Difference]: Start difference. First operand 808 states and 1005 transitions. Second operand has 14 states, 14 states have (on average 10.428571428571429) internal successors, (146), 12 states have internal predecessors, (146), 5 states have call successors, (24), 4 states have call predecessors, (24), 7 states have return successors, (25), 8 states have call predecessors, (25), 5 states have call successors, (25) [2025-03-08 05:42:10,218 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:42:10,218 INFO L93 Difference]: Finished difference Result 1841 states and 2356 transitions. [2025-03-08 05:42:10,219 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2025-03-08 05:42:10,220 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 14 states have (on average 10.428571428571429) internal successors, (146), 12 states have internal predecessors, (146), 5 states have call successors, (24), 4 states have call predecessors, (24), 7 states have return successors, (25), 8 states have call predecessors, (25), 5 states have call successors, (25) Word has length 119 [2025-03-08 05:42:10,220 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:42:10,224 INFO L225 Difference]: With dead ends: 1841 [2025-03-08 05:42:10,224 INFO L226 Difference]: Without dead ends: 1126 [2025-03-08 05:42:10,226 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 263 GetRequests, 233 SyntacticMatches, 4 SemanticMatches, 26 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 147 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=150, Invalid=606, Unknown=0, NotChecked=0, Total=756 [2025-03-08 05:42:10,227 INFO L435 NwaCegarLoop]: 253 mSDtfsCounter, 246 mSDsluCounter, 1573 mSDsCounter, 0 mSdLazyCounter, 340 mSolverCounterSat, 62 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 255 SdHoareTripleChecker+Valid, 1826 SdHoareTripleChecker+Invalid, 402 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 62 IncrementalHoareTripleChecker+Valid, 340 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2025-03-08 05:42:10,227 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [255 Valid, 1826 Invalid, 402 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [62 Valid, 340 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2025-03-08 05:42:10,228 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1126 states. [2025-03-08 05:42:10,280 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1126 to 984. [2025-03-08 05:42:10,281 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 984 states, 718 states have (on average 1.2061281337047354) internal successors, (866), 779 states have internal predecessors, (866), 137 states have call successors, (137), 115 states have call predecessors, (137), 128 states have return successors, (183), 132 states have call predecessors, (183), 137 states have call successors, (183) [2025-03-08 05:42:10,285 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 984 states to 984 states and 1186 transitions. [2025-03-08 05:42:10,286 INFO L78 Accepts]: Start accepts. Automaton has 984 states and 1186 transitions. Word has length 119 [2025-03-08 05:42:10,286 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:42:10,286 INFO L471 AbstractCegarLoop]: Abstraction has 984 states and 1186 transitions. [2025-03-08 05:42:10,287 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 14 states have (on average 10.428571428571429) internal successors, (146), 12 states have internal predecessors, (146), 5 states have call successors, (24), 4 states have call predecessors, (24), 7 states have return successors, (25), 8 states have call predecessors, (25), 5 states have call successors, (25) [2025-03-08 05:42:10,287 INFO L276 IsEmpty]: Start isEmpty. Operand 984 states and 1186 transitions. [2025-03-08 05:42:10,289 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 212 [2025-03-08 05:42:10,290 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:42:10,290 INFO L218 NwaCegarLoop]: trace histogram [5, 5, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:42:10,297 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2025-03-08 05:42:10,494 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-08 05:42:10,494 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:42:10,494 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:42:10,495 INFO L85 PathProgramCache]: Analyzing trace with hash 1404926834, now seen corresponding path program 1 times [2025-03-08 05:42:10,495 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:42:10,495 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [738359856] [2025-03-08 05:42:10,495 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:42:10,495 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:42:10,508 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 211 statements into 1 equivalence classes. [2025-03-08 05:42:10,519 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 211 of 211 statements. [2025-03-08 05:42:10,520 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:42:10,520 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:42:10,680 INFO L134 CoverageAnalysis]: Checked inductivity of 223 backedges. 70 proven. 2 refuted. 0 times theorem prover too weak. 151 trivial. 0 not checked. [2025-03-08 05:42:10,680 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:42:10,681 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [738359856] [2025-03-08 05:42:10,681 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [738359856] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-08 05:42:10,681 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1818187394] [2025-03-08 05:42:10,681 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:42:10,681 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-08 05:42:10,681 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-08 05:42:10,683 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-08 05:42:10,684 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2025-03-08 05:42:10,732 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 211 statements into 1 equivalence classes. [2025-03-08 05:42:10,785 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 211 of 211 statements. [2025-03-08 05:42:10,785 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:42:10,785 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:42:10,787 INFO L256 TraceCheckSpWp]: Trace formula consists of 618 conjuncts, 13 conjuncts are in the unsatisfiable core [2025-03-08 05:42:10,791 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-08 05:42:10,974 INFO L134 CoverageAnalysis]: Checked inductivity of 223 backedges. 163 proven. 2 refuted. 0 times theorem prover too weak. 58 trivial. 0 not checked. [2025-03-08 05:42:10,974 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-08 05:42:11,370 INFO L134 CoverageAnalysis]: Checked inductivity of 223 backedges. 74 proven. 40 refuted. 0 times theorem prover too weak. 109 trivial. 0 not checked. [2025-03-08 05:42:11,371 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1818187394] provided 0 perfect and 2 imperfect interpolant sequences [2025-03-08 05:42:11,371 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2025-03-08 05:42:11,371 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 10, 11] total 23 [2025-03-08 05:42:11,371 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [109246244] [2025-03-08 05:42:11,371 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2025-03-08 05:42:11,372 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 23 states [2025-03-08 05:42:11,372 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:42:11,372 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 23 interpolants. [2025-03-08 05:42:11,372 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=106, Invalid=400, Unknown=0, NotChecked=0, Total=506 [2025-03-08 05:42:11,373 INFO L87 Difference]: Start difference. First operand 984 states and 1186 transitions. Second operand has 23 states, 23 states have (on average 9.565217391304348) internal successors, (220), 22 states have internal predecessors, (220), 9 states have call successors, (41), 7 states have call predecessors, (41), 10 states have return successors, (43), 8 states have call predecessors, (43), 9 states have call successors, (43) [2025-03-08 05:42:12,225 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:42:12,225 INFO L93 Difference]: Finished difference Result 2183 states and 2724 transitions. [2025-03-08 05:42:12,225 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2025-03-08 05:42:12,226 INFO L78 Accepts]: Start accepts. Automaton has has 23 states, 23 states have (on average 9.565217391304348) internal successors, (220), 22 states have internal predecessors, (220), 9 states have call successors, (41), 7 states have call predecessors, (41), 10 states have return successors, (43), 8 states have call predecessors, (43), 9 states have call successors, (43) Word has length 211 [2025-03-08 05:42:12,226 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:42:12,227 INFO L225 Difference]: With dead ends: 2183 [2025-03-08 05:42:12,227 INFO L226 Difference]: Without dead ends: 0 [2025-03-08 05:42:12,232 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 447 GetRequests, 410 SyntacticMatches, 3 SemanticMatches, 34 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 185 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=281, Invalid=979, Unknown=0, NotChecked=0, Total=1260 [2025-03-08 05:42:12,232 INFO L435 NwaCegarLoop]: 106 mSDtfsCounter, 451 mSDsluCounter, 868 mSDsCounter, 0 mSdLazyCounter, 1452 mSolverCounterSat, 193 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 457 SdHoareTripleChecker+Valid, 974 SdHoareTripleChecker+Invalid, 1645 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 193 IncrementalHoareTripleChecker+Valid, 1452 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2025-03-08 05:42:12,233 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [457 Valid, 974 Invalid, 1645 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [193 Valid, 1452 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2025-03-08 05:42:12,233 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2025-03-08 05:42:12,234 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2025-03-08 05:42:12,234 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2025-03-08 05:42:12,234 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2025-03-08 05:42:12,235 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 211 [2025-03-08 05:42:12,235 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:42:12,235 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2025-03-08 05:42:12,235 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 23 states, 23 states have (on average 9.565217391304348) internal successors, (220), 22 states have internal predecessors, (220), 9 states have call successors, (41), 7 states have call predecessors, (41), 10 states have return successors, (43), 8 states have call predecessors, (43), 9 states have call successors, (43) [2025-03-08 05:42:12,235 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2025-03-08 05:42:12,235 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2025-03-08 05:42:12,237 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-03-08 05:42:12,245 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2025-03-08 05:42:12,442 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2025-03-08 05:42:12,444 INFO L422 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:42:12,445 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2025-03-08 05:42:17,875 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-03-08 05:42:17,883 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 08.03 05:42:17 BoogieIcfgContainer [2025-03-08 05:42:17,883 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-03-08 05:42:17,884 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-03-08 05:42:17,884 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-03-08 05:42:17,884 INFO L274 PluginConnector]: Witness Printer initialized [2025-03-08 05:42:17,884 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 08.03 05:42:06" (3/4) ... [2025-03-08 05:42:17,886 INFO L146 WitnessPrinter]: Generating witness for correct program [2025-03-08 05:42:17,890 INFO L385 IcfgBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2025-03-08 05:42:17,890 INFO L385 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2025-03-08 05:42:17,890 INFO L385 IcfgBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2025-03-08 05:42:17,890 INFO L385 IcfgBacktranslator]: Ignoring RootEdge to procedure cleanup [2025-03-08 05:42:17,890 INFO L385 IcfgBacktranslator]: Ignoring RootEdge to procedure timeShift [2025-03-08 05:42:17,890 INFO L385 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2025-03-08 05:42:17,890 INFO L385 IcfgBacktranslator]: Ignoring RootEdge to procedure waterRise [2025-03-08 05:42:17,890 INFO L385 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2025-03-08 05:42:17,890 INFO L385 IcfgBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2025-03-08 05:42:17,890 INFO L385 IcfgBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2025-03-08 05:42:17,896 INFO L919 BoogieBacktranslator]: Reduced CFG by removing 21 nodes and edges [2025-03-08 05:42:17,897 INFO L919 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2025-03-08 05:42:17,897 INFO L919 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2025-03-08 05:42:17,897 INFO L919 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2025-03-08 05:42:17,898 INFO L919 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2025-03-08 05:42:17,958 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-03-08 05:42:17,958 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2025-03-08 05:42:17,958 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-03-08 05:42:17,960 INFO L158 Benchmark]: Toolchain (without parser) took 11762.84ms. Allocated memory was 142.6MB in the beginning and 218.1MB in the end (delta: 75.5MB). Free memory was 111.3MB in the beginning and 159.2MB in the end (delta: -48.0MB). Peak memory consumption was 29.8MB. Max. memory is 16.1GB. [2025-03-08 05:42:17,960 INFO L158 Benchmark]: CDTParser took 0.23ms. Allocated memory is still 226.5MB. Free memory is still 147.8MB. There was no memory consumed. Max. memory is 16.1GB. [2025-03-08 05:42:17,960 INFO L158 Benchmark]: CACSL2BoogieTranslator took 340.40ms. Allocated memory is still 142.6MB. Free memory was 111.3MB in the beginning and 91.6MB in the end (delta: 19.6MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-03-08 05:42:17,961 INFO L158 Benchmark]: Boogie Procedure Inliner took 30.12ms. Allocated memory is still 142.6MB. Free memory was 91.6MB in the beginning and 90.1MB in the end (delta: 1.6MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-03-08 05:42:17,961 INFO L158 Benchmark]: Boogie Preprocessor took 32.74ms. Allocated memory is still 142.6MB. Free memory was 90.1MB in the beginning and 87.9MB in the end (delta: 2.2MB). There was no memory consumed. Max. memory is 16.1GB. [2025-03-08 05:42:17,961 INFO L158 Benchmark]: IcfgBuilder took 347.98ms. Allocated memory is still 142.6MB. Free memory was 87.9MB in the beginning and 67.5MB in the end (delta: 20.4MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-03-08 05:42:17,961 INFO L158 Benchmark]: TraceAbstraction took 10931.80ms. Allocated memory was 142.6MB in the beginning and 218.1MB in the end (delta: 75.5MB). Free memory was 67.0MB in the beginning and 167.6MB in the end (delta: -100.6MB). Peak memory consumption was 82.2MB. Max. memory is 16.1GB. [2025-03-08 05:42:17,962 INFO L158 Benchmark]: Witness Printer took 74.43ms. Allocated memory is still 218.1MB. Free memory was 167.6MB in the beginning and 159.2MB in the end (delta: 8.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-03-08 05:42:17,963 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.23ms. Allocated memory is still 226.5MB. Free memory is still 147.8MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 340.40ms. Allocated memory is still 142.6MB. Free memory was 111.3MB in the beginning and 91.6MB in the end (delta: 19.6MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 30.12ms. Allocated memory is still 142.6MB. Free memory was 91.6MB in the beginning and 90.1MB in the end (delta: 1.6MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Preprocessor took 32.74ms. Allocated memory is still 142.6MB. Free memory was 90.1MB in the beginning and 87.9MB in the end (delta: 2.2MB). There was no memory consumed. Max. memory is 16.1GB. * IcfgBuilder took 347.98ms. Allocated memory is still 142.6MB. Free memory was 87.9MB in the beginning and 67.5MB in the end (delta: 20.4MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 10931.80ms. Allocated memory was 142.6MB in the beginning and 218.1MB in the end (delta: 75.5MB). Free memory was 67.0MB in the beginning and 167.6MB in the end (delta: -100.6MB). Peak memory consumption was 82.2MB. Max. memory is 16.1GB. * Witness Printer took 74.43ms. Allocated memory is still 218.1MB. Free memory was 167.6MB in the beginning and 159.2MB in the end (delta: 8.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [49] - GenericResultAtLocation [Line: 101]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [101] - GenericResultAtLocation [Line: 176]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [176] - GenericResultAtLocation [Line: 450]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [450] - GenericResultAtLocation [Line: 553]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [553] - GenericResultAtLocation [Line: 653]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [653] - GenericResultAtLocation [Line: 662]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [662] - GenericResultAtLocation [Line: 697]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [697] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 658]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 11 procedures, 115 locations, 170 edges, 1 error locations. Started 1 CEGAR loops. OverallTime: 5.4s, OverallIterations: 10, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 2.2s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1498 SdHoareTripleChecker+Valid, 1.4s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1468 mSDsluCounter, 6442 SdHoareTripleChecker+Invalid, 1.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 4919 mSDsCounter, 360 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2419 IncrementalHoareTripleChecker+Invalid, 2779 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 360 mSolverCounterUnsat, 1523 mSDtfsCounter, 2419 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 769 GetRequests, 668 SyntacticMatches, 7 SemanticMatches, 94 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 352 ImplicationChecksByTransitivity, 0.7s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=984occurred in iteration=9, InterpolantAutomatonStates: 83, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 10 MinimizatonAttempts, 251 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 2.0s InterpolantComputationTime, 1089 NumberOfCodeBlocks, 1089 NumberOfCodeBlocksAsserted, 12 NumberOfCheckSat, 1405 ConstructedInterpolants, 0 QuantifiedInterpolants, 2554 SizeOfPredicates, 2 NumberOfNonLiveVariables, 1003 ConjunctsInSsa, 21 ConjunctsInUnsatCore, 14 InterpolantComputations, 8 PerfectInterpolantSequences, 738/813 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 565]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 118]: Location Invariant Derived location invariant: ((((((pumpRunning == 0) && (2 == waterLevel)) && (splverifierCounter == 0)) || (((((waterLevel <= 1) && (splverifierCounter == 0)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) && (pumpRunning == 1))) || ((((2 == waterLevel) && (splverifierCounter == 0)) && (0 != systemActive)) && (pumpRunning == 1))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (splverifierCounter == 0))) RESULT: Ultimate proved your program to be correct! [2025-03-08 05:42:17,979 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE