./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec1_product39.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 798a7b37 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec1_product39.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 1a60868809a0ad0cb359a526a1f66a469756e048a31d4d83c9a3de774ac0575c --- Real Ultimate output --- This is Ultimate 0.3.0-?-798a7b3-m [2025-03-03 14:28:47,831 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-03-03 14:28:47,883 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-03-03 14:28:47,888 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-03-03 14:28:47,889 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-03-03 14:28:47,905 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-03-03 14:28:47,907 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-03-03 14:28:47,907 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-03-03 14:28:47,908 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-03-03 14:28:47,908 INFO L153 SettingsManager]: * Use memory slicer=true [2025-03-03 14:28:47,908 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-03-03 14:28:47,909 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-03-03 14:28:47,909 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-03-03 14:28:47,909 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-03-03 14:28:47,909 INFO L153 SettingsManager]: * Use SBE=true [2025-03-03 14:28:47,910 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-03-03 14:28:47,910 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-03-03 14:28:47,910 INFO L153 SettingsManager]: * sizeof long=4 [2025-03-03 14:28:47,910 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-03-03 14:28:47,910 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-03-03 14:28:47,910 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-03-03 14:28:47,910 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-03-03 14:28:47,910 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-03-03 14:28:47,910 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-03-03 14:28:47,910 INFO L153 SettingsManager]: * sizeof long double=12 [2025-03-03 14:28:47,910 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-03-03 14:28:47,910 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-03-03 14:28:47,910 INFO L153 SettingsManager]: * Use constant arrays=true [2025-03-03 14:28:47,911 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-03-03 14:28:47,911 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-03-03 14:28:47,911 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-03-03 14:28:47,911 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-03-03 14:28:47,911 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:28:47,911 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-03-03 14:28:47,911 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-03-03 14:28:47,911 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-03-03 14:28:47,911 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-03-03 14:28:47,912 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-03-03 14:28:47,912 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-03-03 14:28:47,912 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-03-03 14:28:47,912 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-03-03 14:28:47,912 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-03-03 14:28:47,912 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-03-03 14:28:47,912 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 1a60868809a0ad0cb359a526a1f66a469756e048a31d4d83c9a3de774ac0575c [2025-03-03 14:28:48,110 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-03-03 14:28:48,118 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-03-03 14:28:48,119 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-03-03 14:28:48,121 INFO L270 PluginConnector]: Initializing CDTParser... [2025-03-03 14:28:48,121 INFO L274 PluginConnector]: CDTParser initialized [2025-03-03 14:28:48,122 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec1_product39.cil.c [2025-03-03 14:28:49,269 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/765e121b3/2bc3ed7d5915491a8af15b709a6b8121/FLAG3829475de [2025-03-03 14:28:49,586 INFO L384 CDTParser]: Found 1 translation units. [2025-03-03 14:28:49,586 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product39.cil.c [2025-03-03 14:28:49,595 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/765e121b3/2bc3ed7d5915491a8af15b709a6b8121/FLAG3829475de [2025-03-03 14:28:49,851 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/765e121b3/2bc3ed7d5915491a8af15b709a6b8121 [2025-03-03 14:28:49,853 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-03-03 14:28:49,854 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-03-03 14:28:49,855 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-03-03 14:28:49,855 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-03-03 14:28:49,858 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-03-03 14:28:49,858 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:28:49" (1/1) ... [2025-03-03 14:28:49,859 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@19ff6553 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:28:49, skipping insertion in model container [2025-03-03 14:28:49,859 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:28:49" (1/1) ... [2025-03-03 14:28:49,890 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-03-03 14:28:50,068 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product39.cil.c[11731,11744] [2025-03-03 14:28:50,107 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:28:50,116 INFO L200 MainTranslator]: Completed pre-run [2025-03-03 14:28:50,122 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] [2025-03-03 14:28:50,123 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [415] [2025-03-03 14:28:50,123 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [444] [2025-03-03 14:28:50,123 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [453] [2025-03-03 14:28:50,123 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [553] [2025-03-03 14:28:50,123 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [623] [2025-03-03 14:28:50,123 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [819] [2025-03-03 14:28:50,124 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [857] [2025-03-03 14:28:50,159 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product39.cil.c[11731,11744] [2025-03-03 14:28:50,169 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:28:50,184 INFO L204 MainTranslator]: Completed translation [2025-03-03 14:28:50,185 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:28:50 WrapperNode [2025-03-03 14:28:50,185 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-03-03 14:28:50,186 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-03-03 14:28:50,186 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-03-03 14:28:50,186 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-03-03 14:28:50,191 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:28:50" (1/1) ... [2025-03-03 14:28:50,200 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:28:50" (1/1) ... [2025-03-03 14:28:50,217 INFO L138 Inliner]: procedures = 54, calls = 99, calls flagged for inlining = 21, calls inlined = 18, statements flattened = 186 [2025-03-03 14:28:50,218 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-03-03 14:28:50,218 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-03-03 14:28:50,218 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-03-03 14:28:50,219 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-03-03 14:28:50,224 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:28:50" (1/1) ... [2025-03-03 14:28:50,224 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:28:50" (1/1) ... [2025-03-03 14:28:50,226 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:28:50" (1/1) ... [2025-03-03 14:28:50,247 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-03-03 14:28:50,247 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:28:50" (1/1) ... [2025-03-03 14:28:50,247 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:28:50" (1/1) ... [2025-03-03 14:28:50,252 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:28:50" (1/1) ... [2025-03-03 14:28:50,253 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:28:50" (1/1) ... [2025-03-03 14:28:50,256 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:28:50" (1/1) ... [2025-03-03 14:28:50,257 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:28:50" (1/1) ... [2025-03-03 14:28:50,258 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-03-03 14:28:50,259 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-03-03 14:28:50,259 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-03-03 14:28:50,259 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-03-03 14:28:50,259 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:28:50" (1/1) ... [2025-03-03 14:28:50,263 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:28:50,274 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:28:50,285 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-03-03 14:28:50,292 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-03-03 14:28:50,307 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-03-03 14:28:50,308 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2025-03-03 14:28:50,308 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2025-03-03 14:28:50,308 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-03-03 14:28:50,308 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-03-03 14:28:50,308 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-03-03 14:28:50,308 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-03-03 14:28:50,308 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2025-03-03 14:28:50,308 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2025-03-03 14:28:50,308 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2025-03-03 14:28:50,308 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2025-03-03 14:28:50,309 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-03-03 14:28:50,309 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-03-03 14:28:50,309 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2025-03-03 14:28:50,309 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2025-03-03 14:28:50,309 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-03-03 14:28:50,310 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-03-03 14:28:50,310 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-03-03 14:28:50,310 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-03-03 14:28:50,310 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-03-03 14:28:50,372 INFO L256 CfgBuilder]: Building ICFG [2025-03-03 14:28:50,374 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2025-03-03 14:28:50,475 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L737-1: isMethaneAlarm_#res#1 := isMethaneAlarm_~retValue_acc~6#1; [2025-03-03 14:28:50,476 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L746-1: isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~7#1; [2025-03-03 14:28:50,478 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L504: #res := ~retValue_acc~3; [2025-03-03 14:28:50,535 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L950-1: main_#res#1 := main_~retValue_acc~11#1; [2025-03-03 14:28:50,535 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L854-1: valid_product_#res#1 := valid_product_~retValue_acc~10#1; [2025-03-03 14:28:50,568 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L801-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~8#1; [2025-03-03 14:28:50,568 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L550-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~5#1; [2025-03-03 14:28:50,589 INFO L? ?]: Removed 40 outVars from TransFormulas that were not future-live. [2025-03-03 14:28:50,589 INFO L307 CfgBuilder]: Performing block encoding [2025-03-03 14:28:50,597 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-03-03 14:28:50,597 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2025-03-03 14:28:50,598 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:28:50 BoogieIcfgContainer [2025-03-03 14:28:50,598 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-03-03 14:28:50,600 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-03-03 14:28:50,600 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-03-03 14:28:50,603 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-03-03 14:28:50,603 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.03 02:28:49" (1/3) ... [2025-03-03 14:28:50,604 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1fbc5d9 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:28:50, skipping insertion in model container [2025-03-03 14:28:50,604 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:28:50" (2/3) ... [2025-03-03 14:28:50,604 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1fbc5d9 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:28:50, skipping insertion in model container [2025-03-03 14:28:50,604 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:28:50" (3/3) ... [2025-03-03 14:28:50,605 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product39.cil.c [2025-03-03 14:28:50,616 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-03-03 14:28:50,617 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec1_product39.cil.c that has 9 procedures, 91 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-03-03 14:28:50,663 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-03-03 14:28:50,676 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@7b916fa4, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-03-03 14:28:50,676 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-03-03 14:28:50,680 INFO L276 IsEmpty]: Start isEmpty. Operand has 91 states, 67 states have (on average 1.3582089552238805) internal successors, (91), 76 states have internal predecessors, (91), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) [2025-03-03 14:28:50,687 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2025-03-03 14:28:50,687 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:28:50,687 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:28:50,688 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:28:50,691 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:28:50,692 INFO L85 PathProgramCache]: Analyzing trace with hash -529125488, now seen corresponding path program 1 times [2025-03-03 14:28:50,696 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:28:50,697 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [934006524] [2025-03-03 14:28:50,697 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:28:50,697 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:28:50,757 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 23 statements into 1 equivalence classes. [2025-03-03 14:28:50,778 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 23 of 23 statements. [2025-03-03 14:28:50,778 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:28:50,778 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:28:50,833 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-03 14:28:50,833 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:28:50,833 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [934006524] [2025-03-03 14:28:50,834 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [934006524] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:28:50,834 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:28:50,834 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2025-03-03 14:28:50,835 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [645917059] [2025-03-03 14:28:50,835 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:28:50,840 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-03-03 14:28:50,840 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:28:50,856 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-03-03 14:28:50,856 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-03-03 14:28:50,858 INFO L87 Difference]: Start difference. First operand has 91 states, 67 states have (on average 1.3582089552238805) internal successors, (91), 76 states have internal predecessors, (91), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:28:50,884 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:28:50,886 INFO L93 Difference]: Finished difference Result 174 states and 233 transitions. [2025-03-03 14:28:50,887 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-03-03 14:28:50,888 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2025-03-03 14:28:50,889 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:28:50,895 INFO L225 Difference]: With dead ends: 174 [2025-03-03 14:28:50,895 INFO L226 Difference]: Without dead ends: 82 [2025-03-03 14:28:50,897 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-03-03 14:28:50,900 INFO L435 NwaCegarLoop]: 115 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 115 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:28:50,900 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 115 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:28:50,910 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 82 states. [2025-03-03 14:28:50,924 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 82 to 82. [2025-03-03 14:28:50,925 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 82 states, 60 states have (on average 1.3166666666666667) internal successors, (79), 68 states have internal predecessors, (79), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2025-03-03 14:28:50,931 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 82 states to 82 states and 106 transitions. [2025-03-03 14:28:50,933 INFO L78 Accepts]: Start accepts. Automaton has 82 states and 106 transitions. Word has length 23 [2025-03-03 14:28:50,934 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:28:50,934 INFO L471 AbstractCegarLoop]: Abstraction has 82 states and 106 transitions. [2025-03-03 14:28:50,934 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:28:50,934 INFO L276 IsEmpty]: Start isEmpty. Operand 82 states and 106 transitions. [2025-03-03 14:28:50,937 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2025-03-03 14:28:50,937 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:28:50,937 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:28:50,937 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-03-03 14:28:50,938 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:28:50,938 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:28:50,939 INFO L85 PathProgramCache]: Analyzing trace with hash 869904391, now seen corresponding path program 1 times [2025-03-03 14:28:50,939 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:28:50,939 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1646821917] [2025-03-03 14:28:50,939 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:28:50,939 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:28:50,949 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 24 statements into 1 equivalence classes. [2025-03-03 14:28:50,959 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 24 of 24 statements. [2025-03-03 14:28:50,959 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:28:50,959 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:28:51,043 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-03 14:28:51,044 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:28:51,044 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1646821917] [2025-03-03 14:28:51,044 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1646821917] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:28:51,044 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:28:51,044 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:28:51,044 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1412831393] [2025-03-03 14:28:51,045 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:28:51,045 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:28:51,045 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:28:51,046 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:28:51,046 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:28:51,046 INFO L87 Difference]: Start difference. First operand 82 states and 106 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:28:51,062 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:28:51,062 INFO L93 Difference]: Finished difference Result 127 states and 163 transitions. [2025-03-03 14:28:51,063 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:28:51,063 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2025-03-03 14:28:51,063 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:28:51,064 INFO L225 Difference]: With dead ends: 127 [2025-03-03 14:28:51,064 INFO L226 Difference]: Without dead ends: 73 [2025-03-03 14:28:51,064 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:28:51,065 INFO L435 NwaCegarLoop]: 93 mSDtfsCounter, 15 mSDsluCounter, 73 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 19 SdHoareTripleChecker+Valid, 166 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:28:51,065 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [19 Valid, 166 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:28:51,066 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 73 states. [2025-03-03 14:28:51,073 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 73 to 73. [2025-03-03 14:28:51,074 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 73 states, 54 states have (on average 1.3333333333333333) internal successors, (72), 62 states have internal predecessors, (72), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 8 states have call predecessors, (11), 11 states have call successors, (11) [2025-03-03 14:28:51,075 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 73 states to 73 states and 94 transitions. [2025-03-03 14:28:51,075 INFO L78 Accepts]: Start accepts. Automaton has 73 states and 94 transitions. Word has length 24 [2025-03-03 14:28:51,075 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:28:51,075 INFO L471 AbstractCegarLoop]: Abstraction has 73 states and 94 transitions. [2025-03-03 14:28:51,075 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:28:51,075 INFO L276 IsEmpty]: Start isEmpty. Operand 73 states and 94 transitions. [2025-03-03 14:28:51,076 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2025-03-03 14:28:51,076 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:28:51,076 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:28:51,076 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-03-03 14:28:51,076 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:28:51,077 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:28:51,077 INFO L85 PathProgramCache]: Analyzing trace with hash 354479484, now seen corresponding path program 1 times [2025-03-03 14:28:51,077 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:28:51,077 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [250909897] [2025-03-03 14:28:51,077 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:28:51,077 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:28:51,085 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 27 statements into 1 equivalence classes. [2025-03-03 14:28:51,091 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 27 of 27 statements. [2025-03-03 14:28:51,091 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:28:51,091 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:28:51,219 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-03 14:28:51,219 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:28:51,219 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [250909897] [2025-03-03 14:28:51,219 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [250909897] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:28:51,219 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:28:51,219 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-03-03 14:28:51,219 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [591902727] [2025-03-03 14:28:51,219 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:28:51,220 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-03-03 14:28:51,220 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:28:51,220 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-03-03 14:28:51,220 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:28:51,220 INFO L87 Difference]: Start difference. First operand 73 states and 94 transitions. Second operand has 6 states, 6 states have (on average 4.0) internal successors, (24), 6 states have internal predecessors, (24), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:28:51,425 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:28:51,425 INFO L93 Difference]: Finished difference Result 245 states and 322 transitions. [2025-03-03 14:28:51,425 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2025-03-03 14:28:51,426 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.0) internal successors, (24), 6 states have internal predecessors, (24), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 27 [2025-03-03 14:28:51,426 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:28:51,427 INFO L225 Difference]: With dead ends: 245 [2025-03-03 14:28:51,427 INFO L226 Difference]: Without dead ends: 179 [2025-03-03 14:28:51,428 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=20, Invalid=36, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:28:51,428 INFO L435 NwaCegarLoop]: 105 mSDtfsCounter, 162 mSDsluCounter, 313 mSDsCounter, 0 mSdLazyCounter, 90 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 162 SdHoareTripleChecker+Valid, 418 SdHoareTripleChecker+Invalid, 91 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 90 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:28:51,428 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [162 Valid, 418 Invalid, 91 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 90 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:28:51,429 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 179 states. [2025-03-03 14:28:51,454 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 179 to 173. [2025-03-03 14:28:51,456 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 173 states, 126 states have (on average 1.3650793650793651) internal successors, (172), 144 states have internal predecessors, (172), 27 states have call successors, (27), 19 states have call predecessors, (27), 19 states have return successors, (28), 19 states have call predecessors, (28), 27 states have call successors, (28) [2025-03-03 14:28:51,459 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 173 states to 173 states and 227 transitions. [2025-03-03 14:28:51,459 INFO L78 Accepts]: Start accepts. Automaton has 173 states and 227 transitions. Word has length 27 [2025-03-03 14:28:51,460 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:28:51,460 INFO L471 AbstractCegarLoop]: Abstraction has 173 states and 227 transitions. [2025-03-03 14:28:51,460 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.0) internal successors, (24), 6 states have internal predecessors, (24), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:28:51,460 INFO L276 IsEmpty]: Start isEmpty. Operand 173 states and 227 transitions. [2025-03-03 14:28:51,463 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2025-03-03 14:28:51,463 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:28:51,463 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:28:51,463 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-03-03 14:28:51,463 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:28:51,463 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:28:51,464 INFO L85 PathProgramCache]: Analyzing trace with hash 1434224768, now seen corresponding path program 1 times [2025-03-03 14:28:51,464 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:28:51,464 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1642460269] [2025-03-03 14:28:51,464 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:28:51,464 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:28:51,472 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 31 statements into 1 equivalence classes. [2025-03-03 14:28:51,478 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 31 of 31 statements. [2025-03-03 14:28:51,482 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:28:51,482 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:28:51,572 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-03 14:28:51,573 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:28:51,573 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1642460269] [2025-03-03 14:28:51,573 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1642460269] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:28:51,573 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:28:51,573 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:28:51,573 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [538119176] [2025-03-03 14:28:51,573 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:28:51,573 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:28:51,573 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:28:51,573 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:28:51,573 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:28:51,574 INFO L87 Difference]: Start difference. First operand 173 states and 227 transitions. Second operand has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:28:51,636 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:28:51,636 INFO L93 Difference]: Finished difference Result 413 states and 557 transitions. [2025-03-03 14:28:51,636 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:28:51,636 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 31 [2025-03-03 14:28:51,637 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:28:51,638 INFO L225 Difference]: With dead ends: 413 [2025-03-03 14:28:51,638 INFO L226 Difference]: Without dead ends: 247 [2025-03-03 14:28:51,639 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:28:51,639 INFO L435 NwaCegarLoop]: 91 mSDtfsCounter, 48 mSDsluCounter, 238 mSDsCounter, 0 mSdLazyCounter, 30 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 48 SdHoareTripleChecker+Valid, 329 SdHoareTripleChecker+Invalid, 39 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 30 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:28:51,640 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [48 Valid, 329 Invalid, 39 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 30 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:28:51,642 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 247 states. [2025-03-03 14:28:51,660 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 247 to 245. [2025-03-03 14:28:51,661 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 245 states, 180 states have (on average 1.3111111111111111) internal successors, (236), 197 states have internal predecessors, (236), 34 states have call successors, (34), 30 states have call predecessors, (34), 30 states have return successors, (44), 31 states have call predecessors, (44), 34 states have call successors, (44) [2025-03-03 14:28:51,663 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 245 states to 245 states and 314 transitions. [2025-03-03 14:28:51,664 INFO L78 Accepts]: Start accepts. Automaton has 245 states and 314 transitions. Word has length 31 [2025-03-03 14:28:51,664 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:28:51,664 INFO L471 AbstractCegarLoop]: Abstraction has 245 states and 314 transitions. [2025-03-03 14:28:51,665 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:28:51,665 INFO L276 IsEmpty]: Start isEmpty. Operand 245 states and 314 transitions. [2025-03-03 14:28:51,665 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2025-03-03 14:28:51,667 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:28:51,667 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:28:51,667 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-03-03 14:28:51,668 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:28:51,668 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:28:51,668 INFO L85 PathProgramCache]: Analyzing trace with hash -473240776, now seen corresponding path program 1 times [2025-03-03 14:28:51,668 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:28:51,668 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [601682905] [2025-03-03 14:28:51,668 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:28:51,668 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:28:51,677 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 41 statements into 1 equivalence classes. [2025-03-03 14:28:51,682 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 41 of 41 statements. [2025-03-03 14:28:51,682 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:28:51,683 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:28:51,733 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-03 14:28:51,733 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:28:51,733 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [601682905] [2025-03-03 14:28:51,733 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [601682905] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:28:51,733 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:28:51,733 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:28:51,733 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2011653338] [2025-03-03 14:28:51,734 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:28:51,734 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:28:51,734 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:28:51,734 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:28:51,734 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:28:51,734 INFO L87 Difference]: Start difference. First operand 245 states and 314 transitions. Second operand has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2025-03-03 14:28:51,765 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:28:51,765 INFO L93 Difference]: Finished difference Result 489 states and 638 transitions. [2025-03-03 14:28:51,766 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:28:51,767 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) Word has length 41 [2025-03-03 14:28:51,767 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:28:51,768 INFO L225 Difference]: With dead ends: 489 [2025-03-03 14:28:51,768 INFO L226 Difference]: Without dead ends: 251 [2025-03-03 14:28:51,769 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:28:51,770 INFO L435 NwaCegarLoop]: 91 mSDtfsCounter, 0 mSDsluCounter, 267 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 358 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:28:51,770 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 358 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:28:51,770 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 251 states. [2025-03-03 14:28:51,791 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 251 to 251. [2025-03-03 14:28:51,792 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 251 states, 186 states have (on average 1.3010752688172043) internal successors, (242), 203 states have internal predecessors, (242), 34 states have call successors, (34), 30 states have call predecessors, (34), 30 states have return successors, (44), 31 states have call predecessors, (44), 34 states have call successors, (44) [2025-03-03 14:28:51,795 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 251 states to 251 states and 320 transitions. [2025-03-03 14:28:51,796 INFO L78 Accepts]: Start accepts. Automaton has 251 states and 320 transitions. Word has length 41 [2025-03-03 14:28:51,796 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:28:51,796 INFO L471 AbstractCegarLoop]: Abstraction has 251 states and 320 transitions. [2025-03-03 14:28:51,796 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2025-03-03 14:28:51,796 INFO L276 IsEmpty]: Start isEmpty. Operand 251 states and 320 transitions. [2025-03-03 14:28:51,798 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2025-03-03 14:28:51,799 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:28:51,799 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:28:51,799 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-03-03 14:28:51,799 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:28:51,799 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:28:51,799 INFO L85 PathProgramCache]: Analyzing trace with hash -1470313129, now seen corresponding path program 1 times [2025-03-03 14:28:51,799 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:28:51,800 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1375284235] [2025-03-03 14:28:51,800 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:28:51,800 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:28:51,809 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 41 statements into 1 equivalence classes. [2025-03-03 14:28:51,813 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 41 of 41 statements. [2025-03-03 14:28:51,815 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:28:51,815 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:28:51,872 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-03 14:28:51,872 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:28:51,872 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1375284235] [2025-03-03 14:28:51,872 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1375284235] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:28:51,872 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:28:51,872 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-03-03 14:28:51,872 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [226003909] [2025-03-03 14:28:51,873 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:28:51,873 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-03-03 14:28:51,873 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:28:51,874 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-03-03 14:28:51,874 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-03 14:28:51,874 INFO L87 Difference]: Start difference. First operand 251 states and 320 transitions. Second operand has 4 states, 4 states have (on average 9.0) internal successors, (36), 4 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2025-03-03 14:28:51,903 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:28:51,903 INFO L93 Difference]: Finished difference Result 499 states and 657 transitions. [2025-03-03 14:28:51,904 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-03-03 14:28:51,904 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 9.0) internal successors, (36), 4 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) Word has length 41 [2025-03-03 14:28:51,905 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:28:51,906 INFO L225 Difference]: With dead ends: 499 [2025-03-03 14:28:51,908 INFO L226 Difference]: Without dead ends: 255 [2025-03-03 14:28:51,909 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-03 14:28:51,909 INFO L435 NwaCegarLoop]: 92 mSDtfsCounter, 0 mSDsluCounter, 178 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 270 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:28:51,909 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 270 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:28:51,910 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 255 states. [2025-03-03 14:28:51,942 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 255 to 255. [2025-03-03 14:28:51,943 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 255 states, 190 states have (on average 1.2947368421052632) internal successors, (246), 207 states have internal predecessors, (246), 34 states have call successors, (34), 30 states have call predecessors, (34), 30 states have return successors, (44), 31 states have call predecessors, (44), 34 states have call successors, (44) [2025-03-03 14:28:51,944 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 255 states to 255 states and 324 transitions. [2025-03-03 14:28:51,945 INFO L78 Accepts]: Start accepts. Automaton has 255 states and 324 transitions. Word has length 41 [2025-03-03 14:28:51,945 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:28:51,945 INFO L471 AbstractCegarLoop]: Abstraction has 255 states and 324 transitions. [2025-03-03 14:28:51,945 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 9.0) internal successors, (36), 4 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2025-03-03 14:28:51,945 INFO L276 IsEmpty]: Start isEmpty. Operand 255 states and 324 transitions. [2025-03-03 14:28:51,946 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2025-03-03 14:28:51,946 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:28:51,946 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:28:51,946 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-03-03 14:28:51,946 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:28:51,947 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:28:51,947 INFO L85 PathProgramCache]: Analyzing trace with hash 2007005717, now seen corresponding path program 1 times [2025-03-03 14:28:51,947 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:28:51,947 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1439459955] [2025-03-03 14:28:51,947 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:28:51,947 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:28:51,952 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 41 statements into 1 equivalence classes. [2025-03-03 14:28:51,956 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 41 of 41 statements. [2025-03-03 14:28:51,956 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:28:51,956 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:28:52,012 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-03 14:28:52,012 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:28:52,012 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1439459955] [2025-03-03 14:28:52,012 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1439459955] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:28:52,012 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:28:52,012 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-03-03 14:28:52,012 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1683219633] [2025-03-03 14:28:52,012 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:28:52,013 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-03-03 14:28:52,013 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:28:52,013 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-03-03 14:28:52,013 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-03 14:28:52,013 INFO L87 Difference]: Start difference. First operand 255 states and 324 transitions. Second operand has 4 states, 4 states have (on average 9.0) internal successors, (36), 4 states have internal predecessors, (36), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2025-03-03 14:28:52,119 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:28:52,121 INFO L93 Difference]: Finished difference Result 861 states and 1132 transitions. [2025-03-03 14:28:52,126 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-03-03 14:28:52,126 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 9.0) internal successors, (36), 4 states have internal predecessors, (36), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) Word has length 41 [2025-03-03 14:28:52,126 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:28:52,129 INFO L225 Difference]: With dead ends: 861 [2025-03-03 14:28:52,129 INFO L226 Difference]: Without dead ends: 613 [2025-03-03 14:28:52,130 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-03 14:28:52,130 INFO L435 NwaCegarLoop]: 158 mSDtfsCounter, 125 mSDsluCounter, 149 mSDsCounter, 0 mSdLazyCounter, 53 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 125 SdHoareTripleChecker+Valid, 307 SdHoareTripleChecker+Invalid, 58 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 53 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:28:52,131 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [125 Valid, 307 Invalid, 58 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 53 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:28:52,131 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 613 states. [2025-03-03 14:28:52,171 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 613 to 599. [2025-03-03 14:28:52,172 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 599 states, 446 states have (on average 1.2690582959641257) internal successors, (566), 480 states have internal predecessors, (566), 79 states have call successors, (79), 71 states have call predecessors, (79), 73 states have return successors, (122), 75 states have call predecessors, (122), 79 states have call successors, (122) [2025-03-03 14:28:52,178 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 599 states to 599 states and 767 transitions. [2025-03-03 14:28:52,180 INFO L78 Accepts]: Start accepts. Automaton has 599 states and 767 transitions. Word has length 41 [2025-03-03 14:28:52,180 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:28:52,180 INFO L471 AbstractCegarLoop]: Abstraction has 599 states and 767 transitions. [2025-03-03 14:28:52,180 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 9.0) internal successors, (36), 4 states have internal predecessors, (36), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2025-03-03 14:28:52,180 INFO L276 IsEmpty]: Start isEmpty. Operand 599 states and 767 transitions. [2025-03-03 14:28:52,181 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2025-03-03 14:28:52,181 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:28:52,181 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:28:52,181 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-03-03 14:28:52,181 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:28:52,182 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:28:52,182 INFO L85 PathProgramCache]: Analyzing trace with hash 758980727, now seen corresponding path program 1 times [2025-03-03 14:28:52,182 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:28:52,182 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1430088609] [2025-03-03 14:28:52,182 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:28:52,182 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:28:52,191 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 45 statements into 1 equivalence classes. [2025-03-03 14:28:52,198 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 45 of 45 statements. [2025-03-03 14:28:52,199 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:28:52,199 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:28:52,283 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-03 14:28:52,284 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:28:52,284 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1430088609] [2025-03-03 14:28:52,285 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1430088609] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:28:52,285 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:28:52,285 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-03-03 14:28:52,285 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [841268996] [2025-03-03 14:28:52,285 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:28:52,285 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-03-03 14:28:52,285 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:28:52,285 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-03-03 14:28:52,286 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:28:52,286 INFO L87 Difference]: Start difference. First operand 599 states and 767 transitions. Second operand has 6 states, 6 states have (on average 6.333333333333333) internal successors, (38), 5 states have internal predecessors, (38), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2025-03-03 14:28:52,442 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:28:52,443 INFO L93 Difference]: Finished difference Result 1755 states and 2319 transitions. [2025-03-03 14:28:52,443 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-03-03 14:28:52,443 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.333333333333333) internal successors, (38), 5 states have internal predecessors, (38), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 45 [2025-03-03 14:28:52,444 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:28:52,450 INFO L225 Difference]: With dead ends: 1755 [2025-03-03 14:28:52,451 INFO L226 Difference]: Without dead ends: 1163 [2025-03-03 14:28:52,453 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2025-03-03 14:28:52,453 INFO L435 NwaCegarLoop]: 92 mSDtfsCounter, 64 mSDsluCounter, 324 mSDsCounter, 0 mSdLazyCounter, 50 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 66 SdHoareTripleChecker+Valid, 416 SdHoareTripleChecker+Invalid, 54 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 50 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:28:52,453 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [66 Valid, 416 Invalid, 54 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 50 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:28:52,455 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1163 states. [2025-03-03 14:28:52,534 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1163 to 1163. [2025-03-03 14:28:52,536 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1163 states, 858 states have (on average 1.2447552447552448) internal successors, (1068), 925 states have internal predecessors, (1068), 158 states have call successors, (158), 142 states have call predecessors, (158), 146 states have return successors, (257), 150 states have call predecessors, (257), 158 states have call successors, (257) [2025-03-03 14:28:52,546 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1163 states to 1163 states and 1483 transitions. [2025-03-03 14:28:52,547 INFO L78 Accepts]: Start accepts. Automaton has 1163 states and 1483 transitions. Word has length 45 [2025-03-03 14:28:52,547 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:28:52,547 INFO L471 AbstractCegarLoop]: Abstraction has 1163 states and 1483 transitions. [2025-03-03 14:28:52,548 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.333333333333333) internal successors, (38), 5 states have internal predecessors, (38), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2025-03-03 14:28:52,548 INFO L276 IsEmpty]: Start isEmpty. Operand 1163 states and 1483 transitions. [2025-03-03 14:28:52,549 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2025-03-03 14:28:52,549 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:28:52,549 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:28:52,550 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-03-03 14:28:52,550 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:28:52,550 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:28:52,550 INFO L85 PathProgramCache]: Analyzing trace with hash 42458552, now seen corresponding path program 1 times [2025-03-03 14:28:52,551 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:28:52,551 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [773987376] [2025-03-03 14:28:52,551 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:28:52,551 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:28:52,557 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 49 statements into 1 equivalence classes. [2025-03-03 14:28:52,563 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 49 of 49 statements. [2025-03-03 14:28:52,564 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:28:52,564 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-03-03 14:28:52,564 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-03-03 14:28:52,566 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 49 statements into 1 equivalence classes. [2025-03-03 14:28:52,573 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 49 of 49 statements. [2025-03-03 14:28:52,573 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:28:52,573 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-03-03 14:28:52,596 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-03-03 14:28:52,596 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-03-03 14:28:52,597 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-03-03 14:28:52,598 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-03-03 14:28:52,602 INFO L422 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:28:52,645 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-03-03 14:28:52,649 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 03.03 02:28:52 BoogieIcfgContainer [2025-03-03 14:28:52,649 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-03-03 14:28:52,649 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-03-03 14:28:52,649 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-03-03 14:28:52,649 INFO L274 PluginConnector]: Witness Printer initialized [2025-03-03 14:28:52,650 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:28:50" (3/4) ... [2025-03-03 14:28:52,650 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-03-03 14:28:52,699 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 43. [2025-03-03 14:28:52,758 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-03-03 14:28:52,759 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2025-03-03 14:28:52,759 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-03-03 14:28:52,759 INFO L158 Benchmark]: Toolchain (without parser) took 2905.33ms. Allocated memory is still 167.8MB. Free memory was 124.1MB in the beginning and 66.8MB in the end (delta: 57.3MB). Peak memory consumption was 53.6MB. Max. memory is 16.1GB. [2025-03-03 14:28:52,759 INFO L158 Benchmark]: CDTParser took 0.74ms. Allocated memory is still 201.3MB. Free memory is still 117.6MB. There was no memory consumed. Max. memory is 16.1GB. [2025-03-03 14:28:52,760 INFO L158 Benchmark]: CACSL2BoogieTranslator took 330.20ms. Allocated memory is still 167.8MB. Free memory was 123.2MB in the beginning and 105.1MB in the end (delta: 18.2MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-03-03 14:28:52,760 INFO L158 Benchmark]: Boogie Procedure Inliner took 32.19ms. Allocated memory is still 167.8MB. Free memory was 105.1MB in the beginning and 103.4MB in the end (delta: 1.7MB). There was no memory consumed. Max. memory is 16.1GB. [2025-03-03 14:28:52,760 INFO L158 Benchmark]: Boogie Preprocessor took 39.82ms. Allocated memory is still 167.8MB. Free memory was 103.4MB in the beginning and 101.6MB in the end (delta: 1.8MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-03-03 14:28:52,760 INFO L158 Benchmark]: IcfgBuilder took 339.30ms. Allocated memory is still 167.8MB. Free memory was 101.6MB in the beginning and 84.0MB in the end (delta: 17.6MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-03-03 14:28:52,760 INFO L158 Benchmark]: TraceAbstraction took 2049.26ms. Allocated memory is still 167.8MB. Free memory was 83.2MB in the beginning and 76.3MB in the end (delta: 6.9MB). Peak memory consumption was 3.3MB. Max. memory is 16.1GB. [2025-03-03 14:28:52,760 INFO L158 Benchmark]: Witness Printer took 109.47ms. Allocated memory is still 167.8MB. Free memory was 76.3MB in the beginning and 66.8MB in the end (delta: 9.5MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-03-03 14:28:52,761 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.74ms. Allocated memory is still 201.3MB. Free memory is still 117.6MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 330.20ms. Allocated memory is still 167.8MB. Free memory was 123.2MB in the beginning and 105.1MB in the end (delta: 18.2MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 32.19ms. Allocated memory is still 167.8MB. Free memory was 105.1MB in the beginning and 103.4MB in the end (delta: 1.7MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 39.82ms. Allocated memory is still 167.8MB. Free memory was 103.4MB in the beginning and 101.6MB in the end (delta: 1.8MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * IcfgBuilder took 339.30ms. Allocated memory is still 167.8MB. Free memory was 101.6MB in the beginning and 84.0MB in the end (delta: 17.6MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 2049.26ms. Allocated memory is still 167.8MB. Free memory was 83.2MB in the beginning and 76.3MB in the end (delta: 6.9MB). Peak memory consumption was 3.3MB. Max. memory is 16.1GB. * Witness Printer took 109.47ms. Allocated memory is still 167.8MB. Free memory was 76.3MB in the beginning and 66.8MB in the end (delta: 9.5MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] - GenericResultAtLocation [Line: 415]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [415] - GenericResultAtLocation [Line: 444]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [444] - GenericResultAtLocation [Line: 453]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [453] - GenericResultAtLocation [Line: 553]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [553] - GenericResultAtLocation [Line: 623]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [623] - GenericResultAtLocation [Line: 819]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [819] - GenericResultAtLocation [Line: 857]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [857] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 449]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L219] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; [L460] int waterLevel = 1; [L461] int methaneLevelCritical = 0; [L627] int pumpRunning = 0; [L628] int systemActive = 1; [L858] int cleanupTimeShifts = 4; VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L931] int retValue_acc ; [L932] int tmp ; [L936] FCALL select_helpers() [L937] FCALL select_features() [L938] CALL, EXPR valid_product() [L849] int retValue_acc ; [L852] retValue_acc = 1 [L853] return (retValue_acc); VAL [\result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L938] RET, EXPR valid_product() [L938] tmp = valid_product() [L940] COND TRUE \read(tmp) [L942] FCALL setup() [L943] CALL runTest() [L925] CALL test() [L558] int splverifierCounter ; [L559] int tmp ; [L560] int tmp___0 ; [L561] int tmp___1 ; [L562] int tmp___2 ; [L565] splverifierCounter = 0 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L567] COND TRUE 1 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L569] COND TRUE splverifierCounter < 4 [L575] tmp = __VERIFIER_nondet_int() [L577] COND TRUE \read(tmp) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L579] CALL waterRise() VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L478] COND TRUE waterLevel < 2 [L479] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L579] RET waterRise() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L585] tmp___0 = __VERIFIER_nondet_int() [L587] COND TRUE \read(tmp___0) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L589] CALL changeMethaneLevel() VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L490] COND FALSE !(\read(methaneLevelCritical)) [L493] methaneLevelCritical = 1 VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L589] RET changeMethaneLevel() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L595] tmp___2 = __VERIFIER_nondet_int() [L597] COND TRUE \read(tmp___2) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L612] CALL timeShift() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L634] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L641] COND TRUE \read(systemActive) [L643] CALL processEnvironment() [L689] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L692] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L707] CALL processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L663] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L666] COND TRUE ! pumpRunning [L668] CALL, EXPR isHighWaterLevel() [L786] int retValue_acc ; [L787] int tmp ; [L788] int tmp___0 ; [L792] CALL, EXPR isHighWaterSensorDry() [L540] int retValue_acc ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L543] COND FALSE !(waterLevel < 2) [L547] retValue_acc = 0 [L548] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L792] RET, EXPR isHighWaterSensorDry() [L792] tmp = isHighWaterSensorDry() [L794] COND FALSE !(\read(tmp)) [L797] tmp___0 = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L799] retValue_acc = tmp___0 [L800] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L668] RET, EXPR isHighWaterLevel() [L668] tmp = isHighWaterLevel() [L670] COND TRUE \read(tmp) [L672] CALL activatePump() [L717] pumpRunning = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L672] RET activatePump() [L707] RET processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L643] RET processEnvironment() [L649] CALL __utac_acc__Specification1_spec__1() [L420] int tmp ; [L421] int tmp___0 ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L425] CALL, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L499] int retValue_acc ; [L502] retValue_acc = methaneLevelCritical [L503] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L425] RET, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L425] tmp = isMethaneLevelCritical() [L427] COND TRUE \read(tmp) [L429] CALL, EXPR isPumpRunning() [L741] int retValue_acc ; [L744] retValue_acc = pumpRunning [L745] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L429] RET, EXPR isPumpRunning() [L429] tmp___0 = isPumpRunning() [L431] COND TRUE \read(tmp___0) [L433] CALL __automaton_fail() [L449] reach_error() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 91 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 2.0s, OverallIterations: 9, TraceHistogramMax: 1, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.7s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 420 SdHoareTripleChecker+Valid, 0.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 414 mSDsluCounter, 2379 SdHoareTripleChecker+Invalid, 0.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1542 mSDsCounter, 19 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 252 IncrementalHoareTripleChecker+Invalid, 271 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 19 mSolverCounterUnsat, 837 mSDtfsCounter, 252 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 44 GetRequests, 18 SyntacticMatches, 0 SemanticMatches, 26 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5 ImplicationChecksByTransitivity, 0.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1163occurred in iteration=8, InterpolantAutomatonStates: 36, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 8 MinimizatonAttempts, 22 StatesRemovedByMinimization, 3 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 0.6s InterpolantComputationTime, 322 NumberOfCodeBlocks, 322 NumberOfCodeBlocksAsserted, 9 NumberOfCheckSat, 265 ConstructedInterpolants, 0 QuantifiedInterpolants, 496 SizeOfPredicates, 0 NumberOfNonLiveVariables, 0 ConjunctsInSsa, 0 ConjunctsInUnsatCore, 8 InterpolantComputations, 8 PerfectInterpolantSequences, 0/0 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-03-03 14:28:52,775 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE