./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec1_product56.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 798a7b37 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec1_product56.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash a24146f0f51336ad73890bbd928f5403b02b7d1c9a9c70cce136ffcb124619cc --- Real Ultimate output --- This is Ultimate 0.3.0-?-798a7b3-m [2025-03-03 14:28:58,611 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-03-03 14:28:58,668 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-03-03 14:28:58,674 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-03-03 14:28:58,675 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-03-03 14:28:58,694 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-03-03 14:28:58,695 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-03-03 14:28:58,695 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-03-03 14:28:58,695 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-03-03 14:28:58,695 INFO L153 SettingsManager]: * Use memory slicer=true [2025-03-03 14:28:58,696 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-03-03 14:28:58,696 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-03-03 14:28:58,696 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-03-03 14:28:58,696 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-03-03 14:28:58,697 INFO L153 SettingsManager]: * Use SBE=true [2025-03-03 14:28:58,697 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-03-03 14:28:58,697 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-03-03 14:28:58,697 INFO L153 SettingsManager]: * sizeof long=4 [2025-03-03 14:28:58,697 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-03-03 14:28:58,698 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-03-03 14:28:58,698 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-03-03 14:28:58,698 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-03-03 14:28:58,698 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-03-03 14:28:58,698 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-03-03 14:28:58,698 INFO L153 SettingsManager]: * sizeof long double=12 [2025-03-03 14:28:58,698 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-03-03 14:28:58,698 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-03-03 14:28:58,698 INFO L153 SettingsManager]: * Use constant arrays=true [2025-03-03 14:28:58,698 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-03-03 14:28:58,698 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-03-03 14:28:58,699 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-03-03 14:28:58,699 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-03-03 14:28:58,699 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:28:58,699 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-03-03 14:28:58,699 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-03-03 14:28:58,699 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-03-03 14:28:58,699 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-03-03 14:28:58,699 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-03-03 14:28:58,699 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-03-03 14:28:58,699 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-03-03 14:28:58,699 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-03-03 14:28:58,700 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-03-03 14:28:58,700 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-03-03 14:28:58,700 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> a24146f0f51336ad73890bbd928f5403b02b7d1c9a9c70cce136ffcb124619cc [2025-03-03 14:28:58,928 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-03-03 14:28:58,933 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-03-03 14:28:58,934 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-03-03 14:28:58,935 INFO L270 PluginConnector]: Initializing CDTParser... [2025-03-03 14:28:58,935 INFO L274 PluginConnector]: CDTParser initialized [2025-03-03 14:28:58,936 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec1_product56.cil.c [2025-03-03 14:29:00,088 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/619674038/d53725aee4ba445897de2e26acd37497/FLAG77d622fc3 [2025-03-03 14:29:00,329 INFO L384 CDTParser]: Found 1 translation units. [2025-03-03 14:29:00,330 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product56.cil.c [2025-03-03 14:29:00,341 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/619674038/d53725aee4ba445897de2e26acd37497/FLAG77d622fc3 [2025-03-03 14:29:00,660 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/619674038/d53725aee4ba445897de2e26acd37497 [2025-03-03 14:29:00,662 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-03-03 14:29:00,663 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-03-03 14:29:00,664 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-03-03 14:29:00,664 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-03-03 14:29:00,667 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-03-03 14:29:00,667 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:29:00" (1/1) ... [2025-03-03 14:29:00,670 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@3da0fa94 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:00, skipping insertion in model container [2025-03-03 14:29:00,670 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:29:00" (1/1) ... [2025-03-03 14:29:00,691 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-03-03 14:29:00,882 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product56.cil.c[16679,16692] [2025-03-03 14:29:00,895 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:29:00,906 INFO L200 MainTranslator]: Completed pre-run [2025-03-03 14:29:00,912 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] [2025-03-03 14:29:00,913 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [415] [2025-03-03 14:29:00,913 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [490] [2025-03-03 14:29:00,913 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [746] [2025-03-03 14:29:00,914 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [784] [2025-03-03 14:29:00,914 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [811] [2025-03-03 14:29:00,914 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [820] [2025-03-03 14:29:00,914 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [916] [2025-03-03 14:29:00,962 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product56.cil.c[16679,16692] [2025-03-03 14:29:00,966 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:29:00,978 INFO L204 MainTranslator]: Completed translation [2025-03-03 14:29:00,979 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:00 WrapperNode [2025-03-03 14:29:00,979 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-03-03 14:29:00,981 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-03-03 14:29:00,981 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-03-03 14:29:00,981 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-03-03 14:29:00,984 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:00" (1/1) ... [2025-03-03 14:29:00,993 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:00" (1/1) ... [2025-03-03 14:29:01,006 INFO L138 Inliner]: procedures = 58, calls = 105, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 221 [2025-03-03 14:29:01,007 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-03-03 14:29:01,007 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-03-03 14:29:01,007 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-03-03 14:29:01,007 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-03-03 14:29:01,012 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:00" (1/1) ... [2025-03-03 14:29:01,013 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:00" (1/1) ... [2025-03-03 14:29:01,014 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:00" (1/1) ... [2025-03-03 14:29:01,029 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-03-03 14:29:01,029 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:00" (1/1) ... [2025-03-03 14:29:01,029 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:00" (1/1) ... [2025-03-03 14:29:01,036 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:00" (1/1) ... [2025-03-03 14:29:01,036 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:00" (1/1) ... [2025-03-03 14:29:01,037 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:00" (1/1) ... [2025-03-03 14:29:01,039 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:00" (1/1) ... [2025-03-03 14:29:01,040 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-03-03 14:29:01,040 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-03-03 14:29:01,040 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-03-03 14:29:01,040 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-03-03 14:29:01,041 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:00" (1/1) ... [2025-03-03 14:29:01,044 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:29:01,052 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:29:01,061 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-03-03 14:29:01,064 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-03-03 14:29:01,078 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-03-03 14:29:01,078 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2025-03-03 14:29:01,078 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2025-03-03 14:29:01,078 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2025-03-03 14:29:01,078 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2025-03-03 14:29:01,079 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-03-03 14:29:01,079 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-03-03 14:29:01,079 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-03-03 14:29:01,079 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-03-03 14:29:01,079 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2025-03-03 14:29:01,079 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2025-03-03 14:29:01,079 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-03-03 14:29:01,079 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-03-03 14:29:01,079 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2025-03-03 14:29:01,079 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2025-03-03 14:29:01,079 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2025-03-03 14:29:01,079 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2025-03-03 14:29:01,079 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-03-03 14:29:01,079 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-03-03 14:29:01,079 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-03-03 14:29:01,079 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-03-03 14:29:01,079 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-03-03 14:29:01,135 INFO L256 CfgBuilder]: Building ICFG [2025-03-03 14:29:01,136 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2025-03-03 14:29:01,177 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L962: #res := ~retValue_acc~10; [2025-03-03 14:29:01,273 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L637-1: isMethaneAlarm_#res#1 := isMethaneAlarm_~retValue_acc~3#1; [2025-03-03 14:29:01,273 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L646-1: isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~4#1; [2025-03-03 14:29:01,341 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L913-1: main_#res#1 := main_~retValue_acc~9#1; [2025-03-03 14:29:01,341 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L781-1: valid_product_#res#1 := valid_product_~retValue_acc~8#1; [2025-03-03 14:29:01,376 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L701-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~5#1; [2025-03-03 14:29:01,376 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1008-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~12#1; [2025-03-03 14:29:01,407 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1017-1: isLowWaterSensorDry_#res#1 := isLowWaterSensorDry_~retValue_acc~13#1; [2025-03-03 14:29:01,408 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L720-1: isLowWaterLevel_#res#1 := isLowWaterLevel_~retValue_acc~6#1; [2025-03-03 14:29:01,423 INFO L? ?]: Removed 49 outVars from TransFormulas that were not future-live. [2025-03-03 14:29:01,423 INFO L307 CfgBuilder]: Performing block encoding [2025-03-03 14:29:01,432 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-03-03 14:29:01,433 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2025-03-03 14:29:01,433 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:29:01 BoogieIcfgContainer [2025-03-03 14:29:01,433 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-03-03 14:29:01,434 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-03-03 14:29:01,435 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-03-03 14:29:01,438 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-03-03 14:29:01,438 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.03 02:29:00" (1/3) ... [2025-03-03 14:29:01,438 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@716e223 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:29:01, skipping insertion in model container [2025-03-03 14:29:01,438 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:00" (2/3) ... [2025-03-03 14:29:01,438 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@716e223 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:29:01, skipping insertion in model container [2025-03-03 14:29:01,439 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:29:01" (3/3) ... [2025-03-03 14:29:01,439 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product56.cil.c [2025-03-03 14:29:01,450 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-03-03 14:29:01,452 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec1_product56.cil.c that has 10 procedures, 104 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-03-03 14:29:01,491 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-03-03 14:29:01,501 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@7d5e2ffe, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-03-03 14:29:01,501 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-03-03 14:29:01,504 INFO L276 IsEmpty]: Start isEmpty. Operand has 104 states, 76 states have (on average 1.355263157894737) internal successors, (103), 87 states have internal predecessors, (103), 17 states have call successors, (17), 9 states have call predecessors, (17), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) [2025-03-03 14:29:01,509 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2025-03-03 14:29:01,510 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:01,510 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:01,511 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:01,514 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:01,515 INFO L85 PathProgramCache]: Analyzing trace with hash -235921351, now seen corresponding path program 1 times [2025-03-03 14:29:01,520 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:01,521 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1312239819] [2025-03-03 14:29:01,521 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:01,521 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:01,577 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 23 statements into 1 equivalence classes. [2025-03-03 14:29:01,590 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 23 of 23 statements. [2025-03-03 14:29:01,590 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:01,590 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:01,626 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-03 14:29:01,627 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:01,627 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1312239819] [2025-03-03 14:29:01,627 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1312239819] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:01,627 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:29:01,628 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2025-03-03 14:29:01,628 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [981080746] [2025-03-03 14:29:01,629 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:01,631 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-03-03 14:29:01,631 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:01,642 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-03-03 14:29:01,642 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-03-03 14:29:01,644 INFO L87 Difference]: Start difference. First operand has 104 states, 76 states have (on average 1.355263157894737) internal successors, (103), 87 states have internal predecessors, (103), 17 states have call successors, (17), 9 states have call predecessors, (17), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) Second operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:29:01,662 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:01,662 INFO L93 Difference]: Finished difference Result 200 states and 269 transitions. [2025-03-03 14:29:01,663 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-03-03 14:29:01,663 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2025-03-03 14:29:01,663 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:01,668 INFO L225 Difference]: With dead ends: 200 [2025-03-03 14:29:01,668 INFO L226 Difference]: Without dead ends: 95 [2025-03-03 14:29:01,671 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-03-03 14:29:01,672 INFO L435 NwaCegarLoop]: 133 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 133 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:01,673 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 133 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:29:01,681 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 95 states. [2025-03-03 14:29:01,694 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 95 to 95. [2025-03-03 14:29:01,695 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 95 states, 69 states have (on average 1.318840579710145) internal successors, (91), 79 states have internal predecessors, (91), 17 states have call successors, (17), 9 states have call predecessors, (17), 8 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2025-03-03 14:29:01,698 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 95 states to 95 states and 124 transitions. [2025-03-03 14:29:01,700 INFO L78 Accepts]: Start accepts. Automaton has 95 states and 124 transitions. Word has length 23 [2025-03-03 14:29:01,700 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:01,700 INFO L471 AbstractCegarLoop]: Abstraction has 95 states and 124 transitions. [2025-03-03 14:29:01,700 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:29:01,700 INFO L276 IsEmpty]: Start isEmpty. Operand 95 states and 124 transitions. [2025-03-03 14:29:01,701 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2025-03-03 14:29:01,701 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:01,701 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:01,702 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-03-03 14:29:01,702 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:01,702 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:01,702 INFO L85 PathProgramCache]: Analyzing trace with hash 1029095022, now seen corresponding path program 1 times [2025-03-03 14:29:01,702 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:01,702 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1439122100] [2025-03-03 14:29:01,702 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:01,702 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:01,708 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 24 statements into 1 equivalence classes. [2025-03-03 14:29:01,715 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 24 of 24 statements. [2025-03-03 14:29:01,715 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:01,715 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:01,780 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-03 14:29:01,781 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:01,781 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1439122100] [2025-03-03 14:29:01,781 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1439122100] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:01,782 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:29:01,782 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:29:01,782 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [437479420] [2025-03-03 14:29:01,782 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:01,783 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:29:01,783 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:01,783 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:29:01,783 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:29:01,783 INFO L87 Difference]: Start difference. First operand 95 states and 124 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:29:01,807 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:01,807 INFO L93 Difference]: Finished difference Result 152 states and 198 transitions. [2025-03-03 14:29:01,810 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:29:01,811 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2025-03-03 14:29:01,811 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:01,812 INFO L225 Difference]: With dead ends: 152 [2025-03-03 14:29:01,812 INFO L226 Difference]: Without dead ends: 86 [2025-03-03 14:29:01,812 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:29:01,813 INFO L435 NwaCegarLoop]: 111 mSDtfsCounter, 16 mSDsluCounter, 90 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 201 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:01,813 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [20 Valid, 201 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:29:01,814 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 86 states. [2025-03-03 14:29:01,825 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 86 to 86. [2025-03-03 14:29:01,829 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 86 states, 63 states have (on average 1.3333333333333333) internal successors, (84), 73 states have internal predecessors, (84), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) [2025-03-03 14:29:01,830 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 86 states to 86 states and 112 transitions. [2025-03-03 14:29:01,830 INFO L78 Accepts]: Start accepts. Automaton has 86 states and 112 transitions. Word has length 24 [2025-03-03 14:29:01,830 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:01,830 INFO L471 AbstractCegarLoop]: Abstraction has 86 states and 112 transitions. [2025-03-03 14:29:01,830 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:29:01,830 INFO L276 IsEmpty]: Start isEmpty. Operand 86 states and 112 transitions. [2025-03-03 14:29:01,833 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2025-03-03 14:29:01,833 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:01,833 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:01,833 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-03-03 14:29:01,833 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:01,834 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:01,834 INFO L85 PathProgramCache]: Analyzing trace with hash -532335419, now seen corresponding path program 1 times [2025-03-03 14:29:01,834 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:01,834 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1478723608] [2025-03-03 14:29:01,834 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:01,834 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:01,841 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 28 statements into 1 equivalence classes. [2025-03-03 14:29:01,849 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 28 of 28 statements. [2025-03-03 14:29:01,849 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:01,849 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:01,943 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-03 14:29:01,943 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:01,943 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1478723608] [2025-03-03 14:29:01,943 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1478723608] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:01,943 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:29:01,943 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:29:01,943 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1604280004] [2025-03-03 14:29:01,943 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:01,944 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:29:01,944 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:01,944 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:29:01,944 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:29:01,944 INFO L87 Difference]: Start difference. First operand 86 states and 112 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:29:01,979 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:01,979 INFO L93 Difference]: Finished difference Result 242 states and 321 transitions. [2025-03-03 14:29:01,980 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:29:01,980 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 28 [2025-03-03 14:29:01,980 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:01,981 INFO L225 Difference]: With dead ends: 242 [2025-03-03 14:29:01,981 INFO L226 Difference]: Without dead ends: 163 [2025-03-03 14:29:01,982 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:29:01,982 INFO L435 NwaCegarLoop]: 125 mSDtfsCounter, 91 mSDsluCounter, 100 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 91 SdHoareTripleChecker+Valid, 225 SdHoareTripleChecker+Invalid, 6 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:01,983 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [91 Valid, 225 Invalid, 6 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:29:01,983 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 163 states. [2025-03-03 14:29:01,996 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 163 to 160. [2025-03-03 14:29:01,997 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 160 states, 115 states have (on average 1.3565217391304347) internal successors, (156), 134 states have internal predecessors, (156), 28 states have call successors, (28), 16 states have call predecessors, (28), 16 states have return successors, (28), 17 states have call predecessors, (28), 28 states have call successors, (28) [2025-03-03 14:29:01,998 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 160 states to 160 states and 212 transitions. [2025-03-03 14:29:01,998 INFO L78 Accepts]: Start accepts. Automaton has 160 states and 212 transitions. Word has length 28 [2025-03-03 14:29:01,998 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:01,998 INFO L471 AbstractCegarLoop]: Abstraction has 160 states and 212 transitions. [2025-03-03 14:29:01,999 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:29:01,999 INFO L276 IsEmpty]: Start isEmpty. Operand 160 states and 212 transitions. [2025-03-03 14:29:02,000 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2025-03-03 14:29:02,000 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:02,000 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:02,000 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-03-03 14:29:02,000 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:02,001 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:02,001 INFO L85 PathProgramCache]: Analyzing trace with hash -2002750635, now seen corresponding path program 1 times [2025-03-03 14:29:02,001 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:02,001 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [803848447] [2025-03-03 14:29:02,001 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:02,001 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:02,008 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 31 statements into 1 equivalence classes. [2025-03-03 14:29:02,021 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 31 of 31 statements. [2025-03-03 14:29:02,021 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:02,021 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:02,150 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-03 14:29:02,150 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:02,150 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [803848447] [2025-03-03 14:29:02,150 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [803848447] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:02,150 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:29:02,150 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:29:02,150 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [807653947] [2025-03-03 14:29:02,150 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:02,150 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:29:02,150 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:02,151 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:29:02,151 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:29:02,151 INFO L87 Difference]: Start difference. First operand 160 states and 212 transitions. Second operand has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:29:02,267 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:02,267 INFO L93 Difference]: Finished difference Result 402 states and 549 transitions. [2025-03-03 14:29:02,268 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:29:02,268 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 31 [2025-03-03 14:29:02,268 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:02,270 INFO L225 Difference]: With dead ends: 402 [2025-03-03 14:29:02,270 INFO L226 Difference]: Without dead ends: 249 [2025-03-03 14:29:02,271 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:29:02,271 INFO L435 NwaCegarLoop]: 111 mSDtfsCounter, 56 mSDsluCounter, 293 mSDsCounter, 0 mSdLazyCounter, 34 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 56 SdHoareTripleChecker+Valid, 404 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 34 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:02,272 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [56 Valid, 404 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 34 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:29:02,272 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 249 states. [2025-03-03 14:29:02,305 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 249 to 248. [2025-03-03 14:29:02,306 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 248 states, 181 states have (on average 1.3093922651933703) internal successors, (237), 198 states have internal predecessors, (237), 36 states have call successors, (36), 30 states have call predecessors, (36), 30 states have return successors, (48), 31 states have call predecessors, (48), 36 states have call successors, (48) [2025-03-03 14:29:02,312 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 248 states to 248 states and 321 transitions. [2025-03-03 14:29:02,312 INFO L78 Accepts]: Start accepts. Automaton has 248 states and 321 transitions. Word has length 31 [2025-03-03 14:29:02,312 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:02,312 INFO L471 AbstractCegarLoop]: Abstraction has 248 states and 321 transitions. [2025-03-03 14:29:02,312 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:29:02,312 INFO L276 IsEmpty]: Start isEmpty. Operand 248 states and 321 transitions. [2025-03-03 14:29:02,313 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2025-03-03 14:29:02,313 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:02,314 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:02,314 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-03-03 14:29:02,314 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:02,314 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:02,314 INFO L85 PathProgramCache]: Analyzing trace with hash -416986280, now seen corresponding path program 1 times [2025-03-03 14:29:02,314 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:02,314 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1384147464] [2025-03-03 14:29:02,314 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:02,316 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:02,323 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 47 statements into 1 equivalence classes. [2025-03-03 14:29:02,334 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 47 of 47 statements. [2025-03-03 14:29:02,334 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:02,336 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:02,398 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-03 14:29:02,399 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:02,399 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1384147464] [2025-03-03 14:29:02,399 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1384147464] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:02,399 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:29:02,399 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:29:02,399 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1668480148] [2025-03-03 14:29:02,399 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:02,400 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:29:02,400 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:02,400 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:29:02,400 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:29:02,400 INFO L87 Difference]: Start difference. First operand 248 states and 321 transitions. Second operand has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2025-03-03 14:29:02,431 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:02,431 INFO L93 Difference]: Finished difference Result 495 states and 655 transitions. [2025-03-03 14:29:02,431 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:29:02,432 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 47 [2025-03-03 14:29:02,432 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:02,436 INFO L225 Difference]: With dead ends: 495 [2025-03-03 14:29:02,437 INFO L226 Difference]: Without dead ends: 254 [2025-03-03 14:29:02,438 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:29:02,441 INFO L435 NwaCegarLoop]: 109 mSDtfsCounter, 0 mSDsluCounter, 321 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 430 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:02,441 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 430 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:29:02,442 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 254 states. [2025-03-03 14:29:02,465 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 254 to 254. [2025-03-03 14:29:02,468 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 254 states, 187 states have (on average 1.2994652406417113) internal successors, (243), 204 states have internal predecessors, (243), 36 states have call successors, (36), 30 states have call predecessors, (36), 30 states have return successors, (48), 31 states have call predecessors, (48), 36 states have call successors, (48) [2025-03-03 14:29:02,469 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 254 states to 254 states and 327 transitions. [2025-03-03 14:29:02,470 INFO L78 Accepts]: Start accepts. Automaton has 254 states and 327 transitions. Word has length 47 [2025-03-03 14:29:02,470 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:02,470 INFO L471 AbstractCegarLoop]: Abstraction has 254 states and 327 transitions. [2025-03-03 14:29:02,470 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2025-03-03 14:29:02,470 INFO L276 IsEmpty]: Start isEmpty. Operand 254 states and 327 transitions. [2025-03-03 14:29:02,471 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2025-03-03 14:29:02,471 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:02,471 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:02,472 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-03-03 14:29:02,472 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:02,472 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:02,472 INFO L85 PathProgramCache]: Analyzing trace with hash -825810505, now seen corresponding path program 1 times [2025-03-03 14:29:02,472 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:02,472 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [912235968] [2025-03-03 14:29:02,472 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:02,472 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:02,480 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 47 statements into 1 equivalence classes. [2025-03-03 14:29:02,487 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 47 of 47 statements. [2025-03-03 14:29:02,487 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:02,487 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:02,543 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-03 14:29:02,543 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:02,543 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [912235968] [2025-03-03 14:29:02,543 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [912235968] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:02,543 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:29:02,543 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-03-03 14:29:02,543 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [619467889] [2025-03-03 14:29:02,544 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:02,544 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-03-03 14:29:02,544 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:02,544 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-03-03 14:29:02,544 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-03 14:29:02,544 INFO L87 Difference]: Start difference. First operand 254 states and 327 transitions. Second operand has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2025-03-03 14:29:02,580 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:02,580 INFO L93 Difference]: Finished difference Result 505 states and 677 transitions. [2025-03-03 14:29:02,580 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-03-03 14:29:02,581 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 47 [2025-03-03 14:29:02,581 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:02,582 INFO L225 Difference]: With dead ends: 505 [2025-03-03 14:29:02,582 INFO L226 Difference]: Without dead ends: 258 [2025-03-03 14:29:02,583 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-03 14:29:02,584 INFO L435 NwaCegarLoop]: 110 mSDtfsCounter, 0 mSDsluCounter, 214 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 324 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:02,586 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 324 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:29:02,587 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 258 states. [2025-03-03 14:29:02,601 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 258 to 258. [2025-03-03 14:29:02,601 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 258 states, 191 states have (on average 1.293193717277487) internal successors, (247), 208 states have internal predecessors, (247), 36 states have call successors, (36), 30 states have call predecessors, (36), 30 states have return successors, (48), 31 states have call predecessors, (48), 36 states have call successors, (48) [2025-03-03 14:29:02,604 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 258 states to 258 states and 331 transitions. [2025-03-03 14:29:02,605 INFO L78 Accepts]: Start accepts. Automaton has 258 states and 331 transitions. Word has length 47 [2025-03-03 14:29:02,606 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:02,606 INFO L471 AbstractCegarLoop]: Abstraction has 258 states and 331 transitions. [2025-03-03 14:29:02,606 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2025-03-03 14:29:02,606 INFO L276 IsEmpty]: Start isEmpty. Operand 258 states and 331 transitions. [2025-03-03 14:29:02,607 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2025-03-03 14:29:02,607 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:02,607 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:02,607 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-03-03 14:29:02,607 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:02,608 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:02,608 INFO L85 PathProgramCache]: Analyzing trace with hash -606955787, now seen corresponding path program 1 times [2025-03-03 14:29:02,609 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:02,609 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [418842928] [2025-03-03 14:29:02,609 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:02,609 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:02,616 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 47 statements into 1 equivalence classes. [2025-03-03 14:29:02,625 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 47 of 47 statements. [2025-03-03 14:29:02,625 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:02,625 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:02,698 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-03 14:29:02,699 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:02,699 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [418842928] [2025-03-03 14:29:02,699 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [418842928] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:02,699 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:29:02,699 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-03-03 14:29:02,700 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [112694939] [2025-03-03 14:29:02,700 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:02,700 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-03-03 14:29:02,700 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:02,700 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-03-03 14:29:02,700 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-03 14:29:02,701 INFO L87 Difference]: Start difference. First operand 258 states and 331 transitions. Second operand has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2025-03-03 14:29:02,825 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:02,825 INFO L93 Difference]: Finished difference Result 852 states and 1130 transitions. [2025-03-03 14:29:02,825 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-03-03 14:29:02,826 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 47 [2025-03-03 14:29:02,826 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:02,829 INFO L225 Difference]: With dead ends: 852 [2025-03-03 14:29:02,829 INFO L226 Difference]: Without dead ends: 601 [2025-03-03 14:29:02,829 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-03 14:29:02,830 INFO L435 NwaCegarLoop]: 193 mSDtfsCounter, 147 mSDsluCounter, 186 mSDsCounter, 0 mSdLazyCounter, 65 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 147 SdHoareTripleChecker+Valid, 379 SdHoareTripleChecker+Invalid, 70 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 65 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:02,830 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [147 Valid, 379 Invalid, 70 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 65 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:29:02,831 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 601 states. [2025-03-03 14:29:02,881 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 601 to 589. [2025-03-03 14:29:02,883 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 589 states, 434 states have (on average 1.2649769585253456) internal successors, (549), 467 states have internal predecessors, (549), 82 states have call successors, (82), 70 states have call predecessors, (82), 72 states have return successors, (132), 74 states have call predecessors, (132), 82 states have call successors, (132) [2025-03-03 14:29:02,887 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 589 states to 589 states and 763 transitions. [2025-03-03 14:29:02,888 INFO L78 Accepts]: Start accepts. Automaton has 589 states and 763 transitions. Word has length 47 [2025-03-03 14:29:02,888 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:02,889 INFO L471 AbstractCegarLoop]: Abstraction has 589 states and 763 transitions. [2025-03-03 14:29:02,889 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2025-03-03 14:29:02,889 INFO L276 IsEmpty]: Start isEmpty. Operand 589 states and 763 transitions. [2025-03-03 14:29:02,891 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2025-03-03 14:29:02,891 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:02,891 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:02,891 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-03-03 14:29:02,892 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:02,892 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:02,892 INFO L85 PathProgramCache]: Analyzing trace with hash -351861801, now seen corresponding path program 1 times [2025-03-03 14:29:02,892 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:02,893 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1416176365] [2025-03-03 14:29:02,893 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:02,893 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:02,902 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 51 statements into 1 equivalence classes. [2025-03-03 14:29:02,906 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 51 of 51 statements. [2025-03-03 14:29:02,907 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:02,907 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:02,995 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-03 14:29:02,995 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:02,995 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1416176365] [2025-03-03 14:29:02,995 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1416176365] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:02,995 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:29:02,995 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-03-03 14:29:02,995 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1012209582] [2025-03-03 14:29:02,995 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:02,995 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-03-03 14:29:02,996 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:02,996 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-03-03 14:29:02,996 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:29:02,996 INFO L87 Difference]: Start difference. First operand 589 states and 763 transitions. Second operand has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2025-03-03 14:29:03,128 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:03,129 INFO L93 Difference]: Finished difference Result 1731 states and 2298 transitions. [2025-03-03 14:29:03,129 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-03-03 14:29:03,129 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 51 [2025-03-03 14:29:03,130 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:03,136 INFO L225 Difference]: With dead ends: 1731 [2025-03-03 14:29:03,136 INFO L226 Difference]: Without dead ends: 1149 [2025-03-03 14:29:03,138 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2025-03-03 14:29:03,139 INFO L435 NwaCegarLoop]: 110 mSDtfsCounter, 80 mSDsluCounter, 393 mSDsCounter, 0 mSdLazyCounter, 55 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 82 SdHoareTripleChecker+Valid, 503 SdHoareTripleChecker+Invalid, 57 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 55 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:03,139 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [82 Valid, 503 Invalid, 57 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 55 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:29:03,140 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1149 states. [2025-03-03 14:29:03,195 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1149 to 1149. [2025-03-03 14:29:03,197 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1149 states, 840 states have (on average 1.2452380952380953) internal successors, (1046), 905 states have internal predecessors, (1046), 164 states have call successors, (164), 140 states have call predecessors, (164), 144 states have return successors, (274), 148 states have call predecessors, (274), 164 states have call successors, (274) [2025-03-03 14:29:03,202 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1149 states to 1149 states and 1484 transitions. [2025-03-03 14:29:03,204 INFO L78 Accepts]: Start accepts. Automaton has 1149 states and 1484 transitions. Word has length 51 [2025-03-03 14:29:03,204 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:03,204 INFO L471 AbstractCegarLoop]: Abstraction has 1149 states and 1484 transitions. [2025-03-03 14:29:03,204 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2025-03-03 14:29:03,204 INFO L276 IsEmpty]: Start isEmpty. Operand 1149 states and 1484 transitions. [2025-03-03 14:29:03,206 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2025-03-03 14:29:03,206 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:03,206 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:03,206 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-03-03 14:29:03,206 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:03,207 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:03,207 INFO L85 PathProgramCache]: Analyzing trace with hash 1989796888, now seen corresponding path program 1 times [2025-03-03 14:29:03,207 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:03,207 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [738050115] [2025-03-03 14:29:03,207 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:03,207 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:03,214 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 55 statements into 1 equivalence classes. [2025-03-03 14:29:03,223 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 55 of 55 statements. [2025-03-03 14:29:03,224 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:03,224 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-03-03 14:29:03,224 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-03-03 14:29:03,227 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 55 statements into 1 equivalence classes. [2025-03-03 14:29:03,231 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 55 of 55 statements. [2025-03-03 14:29:03,233 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:03,233 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-03-03 14:29:03,254 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-03-03 14:29:03,254 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-03-03 14:29:03,255 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-03-03 14:29:03,257 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-03-03 14:29:03,259 INFO L422 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:03,296 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-03-03 14:29:03,298 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 03.03 02:29:03 BoogieIcfgContainer [2025-03-03 14:29:03,298 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-03-03 14:29:03,299 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-03-03 14:29:03,299 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-03-03 14:29:03,299 INFO L274 PluginConnector]: Witness Printer initialized [2025-03-03 14:29:03,300 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:29:01" (3/4) ... [2025-03-03 14:29:03,300 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-03-03 14:29:03,360 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 47. [2025-03-03 14:29:03,423 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-03-03 14:29:03,424 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2025-03-03 14:29:03,424 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-03-03 14:29:03,424 INFO L158 Benchmark]: Toolchain (without parser) took 2761.15ms. Allocated memory is still 201.3MB. Free memory was 154.2MB in the beginning and 161.4MB in the end (delta: -7.1MB). Peak memory consumption was 100.3MB. Max. memory is 16.1GB. [2025-03-03 14:29:03,424 INFO L158 Benchmark]: CDTParser took 0.17ms. Allocated memory is still 201.3MB. Free memory is still 117.8MB. There was no memory consumed. Max. memory is 16.1GB. [2025-03-03 14:29:03,425 INFO L158 Benchmark]: CACSL2BoogieTranslator took 316.14ms. Allocated memory is still 201.3MB. Free memory was 153.9MB in the beginning and 135.0MB in the end (delta: 18.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-03-03 14:29:03,425 INFO L158 Benchmark]: Boogie Procedure Inliner took 26.26ms. Allocated memory is still 201.3MB. Free memory was 135.0MB in the beginning and 133.1MB in the end (delta: 2.0MB). There was no memory consumed. Max. memory is 16.1GB. [2025-03-03 14:29:03,426 INFO L158 Benchmark]: Boogie Preprocessor took 32.59ms. Allocated memory is still 201.3MB. Free memory was 133.1MB in the beginning and 131.5MB in the end (delta: 1.5MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-03-03 14:29:03,426 INFO L158 Benchmark]: IcfgBuilder took 392.71ms. Allocated memory is still 201.3MB. Free memory was 131.5MB in the beginning and 111.4MB in the end (delta: 20.1MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-03-03 14:29:03,426 INFO L158 Benchmark]: TraceAbstraction took 1863.95ms. Allocated memory is still 201.3MB. Free memory was 111.0MB in the beginning and 61.0MB in the end (delta: 50.1MB). Peak memory consumption was 50.0MB. Max. memory is 16.1GB. [2025-03-03 14:29:03,427 INFO L158 Benchmark]: Witness Printer took 124.70ms. Allocated memory is still 201.3MB. Free memory was 61.0MB in the beginning and 161.4MB in the end (delta: -100.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-03-03 14:29:03,428 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.17ms. Allocated memory is still 201.3MB. Free memory is still 117.8MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 316.14ms. Allocated memory is still 201.3MB. Free memory was 153.9MB in the beginning and 135.0MB in the end (delta: 18.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 26.26ms. Allocated memory is still 201.3MB. Free memory was 135.0MB in the beginning and 133.1MB in the end (delta: 2.0MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 32.59ms. Allocated memory is still 201.3MB. Free memory was 133.1MB in the beginning and 131.5MB in the end (delta: 1.5MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * IcfgBuilder took 392.71ms. Allocated memory is still 201.3MB. Free memory was 131.5MB in the beginning and 111.4MB in the end (delta: 20.1MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 1863.95ms. Allocated memory is still 201.3MB. Free memory was 111.0MB in the beginning and 61.0MB in the end (delta: 50.1MB). Peak memory consumption was 50.0MB. Max. memory is 16.1GB. * Witness Printer took 124.70ms. Allocated memory is still 201.3MB. Free memory was 61.0MB in the beginning and 161.4MB in the end (delta: -100.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] - GenericResultAtLocation [Line: 415]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [415] - GenericResultAtLocation [Line: 490]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [490] - GenericResultAtLocation [Line: 746]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [746] - GenericResultAtLocation [Line: 784]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [784] - GenericResultAtLocation [Line: 811]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [811] - GenericResultAtLocation [Line: 820]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [820] - GenericResultAtLocation [Line: 916]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [916] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 816]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L219] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; [L500] int pumpRunning = 0; [L501] int systemActive = 1; [L821] int cleanupTimeShifts = 4; [L918] int waterLevel = 1; [L919] int methaneLevelCritical = 0; VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L894] int retValue_acc ; [L895] int tmp ; [L899] FCALL select_helpers() [L900] FCALL select_features() [L901] CALL, EXPR valid_product() [L776] int retValue_acc ; [L779] retValue_acc = 1 [L780] return (retValue_acc); VAL [\result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L901] RET, EXPR valid_product() [L901] tmp = valid_product() [L903] COND TRUE \read(tmp) [L905] FCALL setup() [L906] CALL runTest() [L888] CALL test() [L423] int splverifierCounter ; [L424] int tmp ; [L425] int tmp___0 ; [L426] int tmp___1 ; [L427] int tmp___2 ; [L430] splverifierCounter = 0 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L432] COND TRUE 1 VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L434] COND TRUE splverifierCounter < 4 [L440] tmp = __VERIFIER_nondet_int() [L442] COND TRUE \read(tmp) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L444] CALL waterRise() VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L936] COND TRUE waterLevel < 2 [L937] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L444] RET waterRise() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L450] tmp___0 = __VERIFIER_nondet_int() [L452] COND TRUE \read(tmp___0) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L454] CALL changeMethaneLevel() VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L948] COND FALSE !(\read(methaneLevelCritical)) [L951] methaneLevelCritical = 1 VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L454] RET changeMethaneLevel() VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L460] tmp___2 = __VERIFIER_nondet_int() [L462] COND FALSE !(\read(tmp___2)) [L468] tmp___1 = __VERIFIER_nondet_int() [L470] COND FALSE !(\read(tmp___1)) VAL [cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L479] CALL timeShift() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L508] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L515] COND TRUE \read(systemActive) [L517] CALL processEnvironment() [L589] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L592] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L607] CALL processEnvironment__wrappee__lowWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L563] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L566] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L581] CALL processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L537] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L540] COND TRUE ! pumpRunning [L542] CALL, EXPR isHighWaterLevel() [L686] int retValue_acc ; [L687] int tmp ; [L688] int tmp___0 ; [L692] CALL, EXPR isHighWaterSensorDry() [L998] int retValue_acc ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L1001] COND FALSE !(waterLevel < 2) [L1005] retValue_acc = 0 [L1006] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L692] RET, EXPR isHighWaterSensorDry() [L692] tmp = isHighWaterSensorDry() [L694] COND FALSE !(\read(tmp)) [L697] tmp___0 = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L699] retValue_acc = tmp___0 [L700] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L542] RET, EXPR isHighWaterLevel() [L542] tmp = isHighWaterLevel() [L544] COND TRUE \read(tmp) [L546] CALL activatePump() [L617] pumpRunning = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L546] RET activatePump() [L581] RET processEnvironment__wrappee__highWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L607] RET processEnvironment__wrappee__lowWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L517] RET processEnvironment() [L523] CALL __utac_acc__Specification1_spec__1() [L787] int tmp ; [L788] int tmp___0 ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L792] CALL, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L957] int retValue_acc ; [L960] retValue_acc = methaneLevelCritical [L961] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L792] RET, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L792] tmp = isMethaneLevelCritical() [L794] COND TRUE \read(tmp) [L796] CALL, EXPR isPumpRunning() [L641] int retValue_acc ; [L644] retValue_acc = pumpRunning [L645] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L796] RET, EXPR isPumpRunning() [L796] tmp___0 = isPumpRunning() [L798] COND TRUE \read(tmp___0) [L800] CALL __automaton_fail() [L816] reach_error() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 104 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 1.8s, OverallIterations: 9, TraceHistogramMax: 1, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.6s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 396 SdHoareTripleChecker+Valid, 0.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 390 mSDsluCounter, 2599 SdHoareTripleChecker+Invalid, 0.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1597 mSDsCounter, 20 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 187 IncrementalHoareTripleChecker+Invalid, 207 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 20 mSolverCounterUnsat, 1002 mSDtfsCounter, 187 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 39 GetRequests, 18 SyntacticMatches, 0 SemanticMatches, 21 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1149occurred in iteration=8, InterpolantAutomatonStates: 33, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 8 MinimizatonAttempts, 16 StatesRemovedByMinimization, 3 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 0.6s InterpolantComputationTime, 353 NumberOfCodeBlocks, 353 NumberOfCodeBlocksAsserted, 9 NumberOfCheckSat, 290 ConstructedInterpolants, 0 QuantifiedInterpolants, 512 SizeOfPredicates, 0 NumberOfNonLiveVariables, 0 ConjunctsInSsa, 0 ConjunctsInUnsatCore, 8 InterpolantComputations, 8 PerfectInterpolantSequences, 0/0 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-03-03 14:29:03,446 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE