./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec2_product34.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 798a7b37 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec2_product34.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 72514ca2b4c5f09004dd08dec38f44e827aa0dd8844c3295d87b722cb68767ea --- Real Ultimate output --- This is Ultimate 0.3.0-?-798a7b3-m [2025-03-03 14:29:26,473 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-03-03 14:29:26,523 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-03-03 14:29:26,526 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-03-03 14:29:26,526 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-03-03 14:29:26,546 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-03-03 14:29:26,547 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-03-03 14:29:26,547 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-03-03 14:29:26,547 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-03-03 14:29:26,548 INFO L153 SettingsManager]: * Use memory slicer=true [2025-03-03 14:29:26,548 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-03-03 14:29:26,549 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-03-03 14:29:26,549 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-03-03 14:29:26,549 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-03-03 14:29:26,549 INFO L153 SettingsManager]: * Use SBE=true [2025-03-03 14:29:26,549 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-03-03 14:29:26,549 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-03-03 14:29:26,549 INFO L153 SettingsManager]: * sizeof long=4 [2025-03-03 14:29:26,549 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-03-03 14:29:26,549 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-03-03 14:29:26,549 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-03-03 14:29:26,549 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-03-03 14:29:26,549 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-03-03 14:29:26,549 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-03-03 14:29:26,549 INFO L153 SettingsManager]: * sizeof long double=12 [2025-03-03 14:29:26,549 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-03-03 14:29:26,549 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-03-03 14:29:26,549 INFO L153 SettingsManager]: * Use constant arrays=true [2025-03-03 14:29:26,550 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-03-03 14:29:26,550 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-03-03 14:29:26,550 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-03-03 14:29:26,550 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-03-03 14:29:26,550 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:29:26,550 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-03-03 14:29:26,550 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-03-03 14:29:26,550 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-03-03 14:29:26,550 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-03-03 14:29:26,550 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-03-03 14:29:26,550 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-03-03 14:29:26,550 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-03-03 14:29:26,550 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-03-03 14:29:26,550 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-03-03 14:29:26,550 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-03-03 14:29:26,550 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 72514ca2b4c5f09004dd08dec38f44e827aa0dd8844c3295d87b722cb68767ea [2025-03-03 14:29:26,835 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-03-03 14:29:26,842 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-03-03 14:29:26,845 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-03-03 14:29:26,846 INFO L270 PluginConnector]: Initializing CDTParser... [2025-03-03 14:29:26,847 INFO L274 PluginConnector]: CDTParser initialized [2025-03-03 14:29:26,847 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec2_product34.cil.c [2025-03-03 14:29:27,979 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/41566ff7a/cb93c9eee2cd490587b60fa821ee0c66/FLAG199b36795 [2025-03-03 14:29:28,233 INFO L384 CDTParser]: Found 1 translation units. [2025-03-03 14:29:28,233 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product34.cil.c [2025-03-03 14:29:28,241 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/41566ff7a/cb93c9eee2cd490587b60fa821ee0c66/FLAG199b36795 [2025-03-03 14:29:28,251 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/41566ff7a/cb93c9eee2cd490587b60fa821ee0c66 [2025-03-03 14:29:28,253 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-03-03 14:29:28,254 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-03-03 14:29:28,255 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-03-03 14:29:28,255 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-03-03 14:29:28,258 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-03-03 14:29:28,259 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:29:28" (1/1) ... [2025-03-03 14:29:28,259 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@7cc6820 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:28, skipping insertion in model container [2025-03-03 14:29:28,259 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:29:28" (1/1) ... [2025-03-03 14:29:28,282 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-03-03 14:29:28,425 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product34.cil.c[4389,4402] [2025-03-03 14:29:28,503 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:29:28,513 INFO L200 MainTranslator]: Completed pre-run [2025-03-03 14:29:28,519 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] [2025-03-03 14:29:28,521 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [155] [2025-03-03 14:29:28,521 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [254] [2025-03-03 14:29:28,521 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification2_spec.i","") [263] [2025-03-03 14:29:28,521 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [303] [2025-03-03 14:29:28,521 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [338] [2025-03-03 14:29:28,521 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [704] [2025-03-03 14:29:28,521 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [772] [2025-03-03 14:29:28,534 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product34.cil.c[4389,4402] [2025-03-03 14:29:28,581 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:29:28,598 INFO L204 MainTranslator]: Completed translation [2025-03-03 14:29:28,598 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:28 WrapperNode [2025-03-03 14:29:28,598 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-03-03 14:29:28,599 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-03-03 14:29:28,599 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-03-03 14:29:28,599 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-03-03 14:29:28,603 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:28" (1/1) ... [2025-03-03 14:29:28,612 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:28" (1/1) ... [2025-03-03 14:29:28,624 INFO L138 Inliner]: procedures = 54, calls = 95, calls flagged for inlining = 21, calls inlined = 18, statements flattened = 172 [2025-03-03 14:29:28,624 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-03-03 14:29:28,624 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-03-03 14:29:28,625 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-03-03 14:29:28,625 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-03-03 14:29:28,630 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:28" (1/1) ... [2025-03-03 14:29:28,630 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:28" (1/1) ... [2025-03-03 14:29:28,632 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:28" (1/1) ... [2025-03-03 14:29:28,642 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-03-03 14:29:28,643 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:28" (1/1) ... [2025-03-03 14:29:28,644 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:28" (1/1) ... [2025-03-03 14:29:28,647 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:28" (1/1) ... [2025-03-03 14:29:28,647 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:28" (1/1) ... [2025-03-03 14:29:28,648 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:28" (1/1) ... [2025-03-03 14:29:28,649 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:28" (1/1) ... [2025-03-03 14:29:28,650 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-03-03 14:29:28,651 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-03-03 14:29:28,651 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-03-03 14:29:28,651 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-03-03 14:29:28,651 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:28" (1/1) ... [2025-03-03 14:29:28,655 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:29:28,666 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:29:28,677 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-03-03 14:29:28,683 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-03-03 14:29:28,699 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-03-03 14:29:28,699 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2025-03-03 14:29:28,699 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2025-03-03 14:29:28,699 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2025-03-03 14:29:28,699 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2025-03-03 14:29:28,699 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-03-03 14:29:28,699 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-03-03 14:29:28,699 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-03-03 14:29:28,699 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-03-03 14:29:28,699 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-03-03 14:29:28,700 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-03-03 14:29:28,700 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-03-03 14:29:28,700 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-03-03 14:29:28,700 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-03-03 14:29:28,700 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-03-03 14:29:28,701 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-03-03 14:29:28,760 INFO L256 CfgBuilder]: Building ICFG [2025-03-03 14:29:28,761 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2025-03-03 14:29:28,801 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L205: #res := ~retValue_acc~1; [2025-03-03 14:29:28,889 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L923-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~11#1; [2025-03-03 14:29:28,889 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L868-1: isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~10#1; [2025-03-03 14:29:28,889 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L251-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~3#1; [2025-03-03 14:29:28,986 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L335-1: valid_product_#res#1 := valid_product_~retValue_acc~5#1; [2025-03-03 14:29:28,986 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L152-1: main_#res#1 := main_~retValue_acc~0#1; [2025-03-03 14:29:29,004 INFO L? ?]: Removed 36 outVars from TransFormulas that were not future-live. [2025-03-03 14:29:29,005 INFO L307 CfgBuilder]: Performing block encoding [2025-03-03 14:29:29,013 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-03-03 14:29:29,014 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2025-03-03 14:29:29,014 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:29:29 BoogieIcfgContainer [2025-03-03 14:29:29,014 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-03-03 14:29:29,016 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-03-03 14:29:29,016 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-03-03 14:29:29,019 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-03-03 14:29:29,019 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.03 02:29:28" (1/3) ... [2025-03-03 14:29:29,020 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@6ac66e1c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:29:29, skipping insertion in model container [2025-03-03 14:29:29,020 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:28" (2/3) ... [2025-03-03 14:29:29,021 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@6ac66e1c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:29:29, skipping insertion in model container [2025-03-03 14:29:29,021 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:29:29" (3/3) ... [2025-03-03 14:29:29,022 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec2_product34.cil.c [2025-03-03 14:29:29,033 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-03-03 14:29:29,035 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec2_product34.cil.c that has 7 procedures, 76 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-03-03 14:29:29,072 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-03-03 14:29:29,079 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@103b4e82, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-03-03 14:29:29,080 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-03-03 14:29:29,084 INFO L276 IsEmpty]: Start isEmpty. Operand has 76 states, 59 states have (on average 1.3728813559322033) internal successors, (81), 65 states have internal predecessors, (81), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2025-03-03 14:29:29,090 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2025-03-03 14:29:29,090 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:29,090 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:29,091 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:29,095 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:29,097 INFO L85 PathProgramCache]: Analyzing trace with hash 1012174404, now seen corresponding path program 1 times [2025-03-03 14:29:29,102 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:29,104 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2119620719] [2025-03-03 14:29:29,104 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:29,105 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:29,174 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 25 statements into 1 equivalence classes. [2025-03-03 14:29:29,195 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 25 of 25 statements. [2025-03-03 14:29:29,195 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:29,195 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:29,261 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-03 14:29:29,263 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:29,263 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2119620719] [2025-03-03 14:29:29,264 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2119620719] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:29,265 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:29:29,265 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2025-03-03 14:29:29,266 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1475692235] [2025-03-03 14:29:29,267 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:29,270 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-03-03 14:29:29,271 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:29,286 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-03-03 14:29:29,287 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-03-03 14:29:29,289 INFO L87 Difference]: Start difference. First operand has 76 states, 59 states have (on average 1.3728813559322033) internal successors, (81), 65 states have internal predecessors, (81), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:29:29,311 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:29,312 INFO L93 Difference]: Finished difference Result 143 states and 192 transitions. [2025-03-03 14:29:29,313 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-03-03 14:29:29,314 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2025-03-03 14:29:29,314 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:29,320 INFO L225 Difference]: With dead ends: 143 [2025-03-03 14:29:29,320 INFO L226 Difference]: Without dead ends: 67 [2025-03-03 14:29:29,323 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-03-03 14:29:29,326 INFO L435 NwaCegarLoop]: 95 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 95 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:29,327 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 95 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:29:29,338 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 67 states. [2025-03-03 14:29:29,354 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 67 to 67. [2025-03-03 14:29:29,356 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 67 states, 52 states have (on average 1.3269230769230769) internal successors, (69), 57 states have internal predecessors, (69), 9 states have call successors, (9), 6 states have call predecessors, (9), 5 states have return successors, (8), 7 states have call predecessors, (8), 8 states have call successors, (8) [2025-03-03 14:29:29,360 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 67 states to 67 states and 86 transitions. [2025-03-03 14:29:29,363 INFO L78 Accepts]: Start accepts. Automaton has 67 states and 86 transitions. Word has length 25 [2025-03-03 14:29:29,363 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:29,363 INFO L471 AbstractCegarLoop]: Abstraction has 67 states and 86 transitions. [2025-03-03 14:29:29,364 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:29:29,364 INFO L276 IsEmpty]: Start isEmpty. Operand 67 states and 86 transitions. [2025-03-03 14:29:29,365 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2025-03-03 14:29:29,365 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:29,365 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:29,365 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-03-03 14:29:29,366 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:29,366 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:29,366 INFO L85 PathProgramCache]: Analyzing trace with hash 610228976, now seen corresponding path program 1 times [2025-03-03 14:29:29,366 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:29,366 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1174597123] [2025-03-03 14:29:29,366 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:29,366 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:29,379 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 26 statements into 1 equivalence classes. [2025-03-03 14:29:29,391 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 26 of 26 statements. [2025-03-03 14:29:29,393 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:29,393 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:29,465 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-03 14:29:29,465 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:29,465 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1174597123] [2025-03-03 14:29:29,465 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1174597123] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:29,465 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:29:29,465 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:29:29,465 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1243232995] [2025-03-03 14:29:29,465 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:29,466 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:29:29,466 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:29,467 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:29:29,467 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:29:29,467 INFO L87 Difference]: Start difference. First operand 67 states and 86 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:29:29,479 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:29,480 INFO L93 Difference]: Finished difference Result 99 states and 127 transitions. [2025-03-03 14:29:29,481 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:29:29,481 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2025-03-03 14:29:29,481 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:29,481 INFO L225 Difference]: With dead ends: 99 [2025-03-03 14:29:29,481 INFO L226 Difference]: Without dead ends: 58 [2025-03-03 14:29:29,482 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:29:29,482 INFO L435 NwaCegarLoop]: 73 mSDtfsCounter, 12 mSDsluCounter, 57 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 130 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:29,482 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [15 Valid, 130 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:29:29,483 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 58 states. [2025-03-03 14:29:29,488 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 58 to 58. [2025-03-03 14:29:29,489 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 58 states, 46 states have (on average 1.3478260869565217) internal successors, (62), 51 states have internal predecessors, (62), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2025-03-03 14:29:29,489 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 58 states to 58 states and 74 transitions. [2025-03-03 14:29:29,490 INFO L78 Accepts]: Start accepts. Automaton has 58 states and 74 transitions. Word has length 26 [2025-03-03 14:29:29,490 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:29,490 INFO L471 AbstractCegarLoop]: Abstraction has 58 states and 74 transitions. [2025-03-03 14:29:29,491 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:29:29,491 INFO L276 IsEmpty]: Start isEmpty. Operand 58 states and 74 transitions. [2025-03-03 14:29:29,491 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2025-03-03 14:29:29,491 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:29,491 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:29,492 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-03-03 14:29:29,492 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:29,492 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:29,492 INFO L85 PathProgramCache]: Analyzing trace with hash 166291589, now seen corresponding path program 1 times [2025-03-03 14:29:29,492 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:29,492 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1926169473] [2025-03-03 14:29:29,493 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:29,493 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:29,501 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 30 statements into 1 equivalence classes. [2025-03-03 14:29:29,516 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 30 of 30 statements. [2025-03-03 14:29:29,517 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:29,517 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:29,643 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-03 14:29:29,643 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:29,643 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1926169473] [2025-03-03 14:29:29,643 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1926169473] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:29,643 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:29:29,643 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:29:29,643 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [553196533] [2025-03-03 14:29:29,644 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:29,644 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:29:29,644 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:29,644 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:29:29,645 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:29:29,645 INFO L87 Difference]: Start difference. First operand 58 states and 74 transitions. Second operand has 5 states, 5 states have (on average 5.4) internal successors, (27), 5 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:29:29,687 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:29,688 INFO L93 Difference]: Finished difference Result 108 states and 141 transitions. [2025-03-03 14:29:29,688 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:29:29,688 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.4) internal successors, (27), 5 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2025-03-03 14:29:29,688 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:29,689 INFO L225 Difference]: With dead ends: 108 [2025-03-03 14:29:29,689 INFO L226 Difference]: Without dead ends: 58 [2025-03-03 14:29:29,689 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:29:29,690 INFO L435 NwaCegarLoop]: 70 mSDtfsCounter, 68 mSDsluCounter, 138 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 68 SdHoareTripleChecker+Valid, 208 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:29,690 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [68 Valid, 208 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:29:29,691 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 58 states. [2025-03-03 14:29:29,694 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 58 to 58. [2025-03-03 14:29:29,694 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 58 states, 46 states have (on average 1.326086956521739) internal successors, (61), 51 states have internal predecessors, (61), 6 states have call successors, (6), 5 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2025-03-03 14:29:29,695 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 58 states to 58 states and 73 transitions. [2025-03-03 14:29:29,695 INFO L78 Accepts]: Start accepts. Automaton has 58 states and 73 transitions. Word has length 30 [2025-03-03 14:29:29,695 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:29,695 INFO L471 AbstractCegarLoop]: Abstraction has 58 states and 73 transitions. [2025-03-03 14:29:29,696 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.4) internal successors, (27), 5 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:29:29,696 INFO L276 IsEmpty]: Start isEmpty. Operand 58 states and 73 transitions. [2025-03-03 14:29:29,696 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2025-03-03 14:29:29,696 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:29,696 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:29,697 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-03-03 14:29:29,697 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:29,697 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:29,697 INFO L85 PathProgramCache]: Analyzing trace with hash 655097400, now seen corresponding path program 1 times [2025-03-03 14:29:29,697 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:29,697 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [336842473] [2025-03-03 14:29:29,697 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:29,697 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:29,703 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 35 statements into 1 equivalence classes. [2025-03-03 14:29:29,707 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 35 of 35 statements. [2025-03-03 14:29:29,708 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:29,708 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:29,741 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-03 14:29:29,741 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:29,742 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [336842473] [2025-03-03 14:29:29,742 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [336842473] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:29,742 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:29:29,742 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:29:29,742 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [964228395] [2025-03-03 14:29:29,742 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:29,742 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:29:29,742 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:29,743 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:29:29,743 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:29:29,743 INFO L87 Difference]: Start difference. First operand 58 states and 73 transitions. Second operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-03-03 14:29:29,763 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:29,764 INFO L93 Difference]: Finished difference Result 147 states and 190 transitions. [2025-03-03 14:29:29,764 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:29:29,764 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 35 [2025-03-03 14:29:29,764 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:29,765 INFO L225 Difference]: With dead ends: 147 [2025-03-03 14:29:29,765 INFO L226 Difference]: Without dead ends: 97 [2025-03-03 14:29:29,765 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:29:29,766 INFO L435 NwaCegarLoop]: 88 mSDtfsCounter, 62 mSDsluCounter, 49 mSDsCounter, 0 mSdLazyCounter, 7 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 62 SdHoareTripleChecker+Valid, 137 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 7 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:29,766 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [62 Valid, 137 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 7 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:29:29,767 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 97 states. [2025-03-03 14:29:29,774 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 97 to 95. [2025-03-03 14:29:29,775 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 95 states, 74 states have (on average 1.3243243243243243) internal successors, (98), 80 states have internal predecessors, (98), 10 states have call successors, (10), 10 states have call predecessors, (10), 10 states have return successors, (12), 10 states have call predecessors, (12), 10 states have call successors, (12) [2025-03-03 14:29:29,776 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 95 states to 95 states and 120 transitions. [2025-03-03 14:29:29,776 INFO L78 Accepts]: Start accepts. Automaton has 95 states and 120 transitions. Word has length 35 [2025-03-03 14:29:29,776 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:29,776 INFO L471 AbstractCegarLoop]: Abstraction has 95 states and 120 transitions. [2025-03-03 14:29:29,776 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-03-03 14:29:29,776 INFO L276 IsEmpty]: Start isEmpty. Operand 95 states and 120 transitions. [2025-03-03 14:29:29,777 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 40 [2025-03-03 14:29:29,777 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:29,777 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:29,777 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-03-03 14:29:29,777 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:29,778 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:29,778 INFO L85 PathProgramCache]: Analyzing trace with hash 2143001663, now seen corresponding path program 1 times [2025-03-03 14:29:29,778 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:29,778 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1119625257] [2025-03-03 14:29:29,778 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:29,778 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:29,785 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 39 statements into 1 equivalence classes. [2025-03-03 14:29:29,793 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 39 of 39 statements. [2025-03-03 14:29:29,794 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:29,794 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:29,877 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-03 14:29:29,877 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:29,877 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1119625257] [2025-03-03 14:29:29,877 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1119625257] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:29,877 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:29:29,877 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:29:29,878 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [679952451] [2025-03-03 14:29:29,878 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:29,878 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:29:29,878 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:29,878 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:29:29,878 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:29:29,878 INFO L87 Difference]: Start difference. First operand 95 states and 120 transitions. Second operand has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:29:29,917 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:29,919 INFO L93 Difference]: Finished difference Result 185 states and 238 transitions. [2025-03-03 14:29:29,920 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:29:29,920 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 39 [2025-03-03 14:29:29,920 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:29,922 INFO L225 Difference]: With dead ends: 185 [2025-03-03 14:29:29,922 INFO L226 Difference]: Without dead ends: 98 [2025-03-03 14:29:29,924 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:29:29,925 INFO L435 NwaCegarLoop]: 70 mSDtfsCounter, 0 mSDsluCounter, 203 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 273 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:29,925 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 273 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:29:29,925 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 98 states. [2025-03-03 14:29:29,935 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 98 to 98. [2025-03-03 14:29:29,937 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 98 states, 77 states have (on average 1.3116883116883118) internal successors, (101), 83 states have internal predecessors, (101), 10 states have call successors, (10), 10 states have call predecessors, (10), 10 states have return successors, (12), 10 states have call predecessors, (12), 10 states have call successors, (12) [2025-03-03 14:29:29,940 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 98 states to 98 states and 123 transitions. [2025-03-03 14:29:29,940 INFO L78 Accepts]: Start accepts. Automaton has 98 states and 123 transitions. Word has length 39 [2025-03-03 14:29:29,941 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:29,941 INFO L471 AbstractCegarLoop]: Abstraction has 98 states and 123 transitions. [2025-03-03 14:29:29,942 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:29:29,942 INFO L276 IsEmpty]: Start isEmpty. Operand 98 states and 123 transitions. [2025-03-03 14:29:29,942 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 40 [2025-03-03 14:29:29,944 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:29,944 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:29,945 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-03-03 14:29:29,945 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:29,945 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:29,945 INFO L85 PathProgramCache]: Analyzing trace with hash -798655936, now seen corresponding path program 1 times [2025-03-03 14:29:29,945 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:29,945 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1937359880] [2025-03-03 14:29:29,945 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:29,946 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:29,953 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 39 statements into 1 equivalence classes. [2025-03-03 14:29:29,959 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 39 of 39 statements. [2025-03-03 14:29:29,964 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:29,964 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:30,011 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-03 14:29:30,012 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:30,012 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1937359880] [2025-03-03 14:29:30,012 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1937359880] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:30,012 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:29:30,012 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-03-03 14:29:30,012 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [340691134] [2025-03-03 14:29:30,012 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:30,012 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-03-03 14:29:30,012 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:30,013 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-03-03 14:29:30,013 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-03 14:29:30,013 INFO L87 Difference]: Start difference. First operand 98 states and 123 transitions. Second operand has 4 states, 4 states have (on average 9.0) internal successors, (36), 4 states have internal predecessors, (36), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:29:30,040 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:30,043 INFO L93 Difference]: Finished difference Result 190 states and 245 transitions. [2025-03-03 14:29:30,044 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-03-03 14:29:30,044 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 9.0) internal successors, (36), 4 states have internal predecessors, (36), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 39 [2025-03-03 14:29:30,044 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:30,045 INFO L225 Difference]: With dead ends: 190 [2025-03-03 14:29:30,045 INFO L226 Difference]: Without dead ends: 100 [2025-03-03 14:29:30,046 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-03 14:29:30,046 INFO L435 NwaCegarLoop]: 71 mSDtfsCounter, 0 mSDsluCounter, 136 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 207 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:30,047 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 207 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:29:30,049 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 100 states. [2025-03-03 14:29:30,056 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 100 to 100. [2025-03-03 14:29:30,056 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 100 states, 79 states have (on average 1.3037974683544304) internal successors, (103), 85 states have internal predecessors, (103), 10 states have call successors, (10), 10 states have call predecessors, (10), 10 states have return successors, (12), 10 states have call predecessors, (12), 10 states have call successors, (12) [2025-03-03 14:29:30,057 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 100 states to 100 states and 125 transitions. [2025-03-03 14:29:30,057 INFO L78 Accepts]: Start accepts. Automaton has 100 states and 125 transitions. Word has length 39 [2025-03-03 14:29:30,057 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:30,058 INFO L471 AbstractCegarLoop]: Abstraction has 100 states and 125 transitions. [2025-03-03 14:29:30,058 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 9.0) internal successors, (36), 4 states have internal predecessors, (36), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:29:30,058 INFO L276 IsEmpty]: Start isEmpty. Operand 100 states and 125 transitions. [2025-03-03 14:29:30,058 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 40 [2025-03-03 14:29:30,058 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:30,058 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:30,059 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-03-03 14:29:30,059 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:30,059 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:30,060 INFO L85 PathProgramCache]: Analyzing trace with hash 1807367618, now seen corresponding path program 1 times [2025-03-03 14:29:30,060 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:30,060 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [972665355] [2025-03-03 14:29:30,060 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:30,060 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:30,071 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 39 statements into 1 equivalence classes. [2025-03-03 14:29:30,081 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 39 of 39 statements. [2025-03-03 14:29:30,082 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:30,082 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:30,140 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-03 14:29:30,140 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:30,140 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [972665355] [2025-03-03 14:29:30,140 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [972665355] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:30,140 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:29:30,140 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:29:30,140 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [188926002] [2025-03-03 14:29:30,141 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:30,141 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:29:30,141 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:30,142 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:29:30,142 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:29:30,142 INFO L87 Difference]: Start difference. First operand 100 states and 125 transitions. Second operand has 3 states, 3 states have (on average 12.0) internal successors, (36), 3 states have internal predecessors, (36), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:29:30,168 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:30,168 INFO L93 Difference]: Finished difference Result 236 states and 299 transitions. [2025-03-03 14:29:30,172 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:29:30,173 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 12.0) internal successors, (36), 3 states have internal predecessors, (36), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 39 [2025-03-03 14:29:30,173 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:30,174 INFO L225 Difference]: With dead ends: 236 [2025-03-03 14:29:30,174 INFO L226 Difference]: Without dead ends: 144 [2025-03-03 14:29:30,174 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:29:30,175 INFO L435 NwaCegarLoop]: 71 mSDtfsCounter, 38 mSDsluCounter, 59 mSDsCounter, 0 mSdLazyCounter, 8 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 38 SdHoareTripleChecker+Valid, 130 SdHoareTripleChecker+Invalid, 9 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 8 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:30,175 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [38 Valid, 130 Invalid, 9 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 8 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:29:30,175 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 144 states. [2025-03-03 14:29:30,188 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 144 to 142. [2025-03-03 14:29:30,192 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 142 states, 112 states have (on average 1.2857142857142858) internal successors, (144), 119 states have internal predecessors, (144), 15 states have call successors, (15), 15 states have call predecessors, (15), 14 states have return successors, (17), 14 states have call predecessors, (17), 15 states have call successors, (17) [2025-03-03 14:29:30,193 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 142 states to 142 states and 176 transitions. [2025-03-03 14:29:30,193 INFO L78 Accepts]: Start accepts. Automaton has 142 states and 176 transitions. Word has length 39 [2025-03-03 14:29:30,193 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:30,193 INFO L471 AbstractCegarLoop]: Abstraction has 142 states and 176 transitions. [2025-03-03 14:29:30,193 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 12.0) internal successors, (36), 3 states have internal predecessors, (36), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2025-03-03 14:29:30,193 INFO L276 IsEmpty]: Start isEmpty. Operand 142 states and 176 transitions. [2025-03-03 14:29:30,194 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2025-03-03 14:29:30,194 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:30,194 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:30,194 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-03-03 14:29:30,194 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:30,194 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:30,194 INFO L85 PathProgramCache]: Analyzing trace with hash 1446661404, now seen corresponding path program 1 times [2025-03-03 14:29:30,195 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:30,195 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1868645199] [2025-03-03 14:29:30,195 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:30,195 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:30,205 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 41 statements into 1 equivalence classes. [2025-03-03 14:29:30,211 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 41 of 41 statements. [2025-03-03 14:29:30,214 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:30,214 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:30,274 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-03 14:29:30,275 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:30,275 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1868645199] [2025-03-03 14:29:30,275 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1868645199] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:30,276 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:29:30,276 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:29:30,276 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2082676230] [2025-03-03 14:29:30,276 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:30,276 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:29:30,276 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:30,277 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:29:30,278 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:29:30,278 INFO L87 Difference]: Start difference. First operand 142 states and 176 transitions. Second operand has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-03-03 14:29:30,339 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:30,339 INFO L93 Difference]: Finished difference Result 274 states and 343 transitions. [2025-03-03 14:29:30,341 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:29:30,342 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 41 [2025-03-03 14:29:30,343 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:30,343 INFO L225 Difference]: With dead ends: 274 [2025-03-03 14:29:30,343 INFO L226 Difference]: Without dead ends: 140 [2025-03-03 14:29:30,344 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:29:30,344 INFO L435 NwaCegarLoop]: 69 mSDtfsCounter, 46 mSDsluCounter, 184 mSDsCounter, 0 mSdLazyCounter, 22 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 46 SdHoareTripleChecker+Valid, 253 SdHoareTripleChecker+Invalid, 24 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 22 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:30,344 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [46 Valid, 253 Invalid, 24 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 22 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:29:30,345 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 140 states. [2025-03-03 14:29:30,354 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 140 to 140. [2025-03-03 14:29:30,355 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 140 states, 110 states have (on average 1.2545454545454546) internal successors, (138), 117 states have internal predecessors, (138), 15 states have call successors, (15), 15 states have call predecessors, (15), 14 states have return successors, (17), 14 states have call predecessors, (17), 15 states have call successors, (17) [2025-03-03 14:29:30,356 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 140 states to 140 states and 170 transitions. [2025-03-03 14:29:30,356 INFO L78 Accepts]: Start accepts. Automaton has 140 states and 170 transitions. Word has length 41 [2025-03-03 14:29:30,357 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:30,357 INFO L471 AbstractCegarLoop]: Abstraction has 140 states and 170 transitions. [2025-03-03 14:29:30,357 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-03-03 14:29:30,357 INFO L276 IsEmpty]: Start isEmpty. Operand 140 states and 170 transitions. [2025-03-03 14:29:30,358 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2025-03-03 14:29:30,359 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:30,359 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:30,359 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-03-03 14:29:30,359 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:30,359 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:30,359 INFO L85 PathProgramCache]: Analyzing trace with hash 316455840, now seen corresponding path program 1 times [2025-03-03 14:29:30,359 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:30,361 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [856401768] [2025-03-03 14:29:30,361 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:30,361 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:30,368 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 43 statements into 1 equivalence classes. [2025-03-03 14:29:30,373 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 43 of 43 statements. [2025-03-03 14:29:30,374 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:30,374 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:30,414 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2025-03-03 14:29:30,414 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:30,414 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [856401768] [2025-03-03 14:29:30,414 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [856401768] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:30,414 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:29:30,414 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:29:30,414 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1071730210] [2025-03-03 14:29:30,415 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:30,415 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:29:30,415 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:30,415 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:29:30,415 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:29:30,415 INFO L87 Difference]: Start difference. First operand 140 states and 170 transitions. Second operand has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-03-03 14:29:30,435 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:30,435 INFO L93 Difference]: Finished difference Result 209 states and 258 transitions. [2025-03-03 14:29:30,436 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:29:30,436 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 43 [2025-03-03 14:29:30,437 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:30,438 INFO L225 Difference]: With dead ends: 209 [2025-03-03 14:29:30,439 INFO L226 Difference]: Without dead ends: 207 [2025-03-03 14:29:30,439 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:29:30,439 INFO L435 NwaCegarLoop]: 72 mSDtfsCounter, 39 mSDsluCounter, 61 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 39 SdHoareTripleChecker+Valid, 133 SdHoareTripleChecker+Invalid, 8 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:30,439 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [39 Valid, 133 Invalid, 8 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:29:30,440 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 207 states. [2025-03-03 14:29:30,457 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 207 to 189. [2025-03-03 14:29:30,457 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 189 states, 149 states have (on average 1.2818791946308725) internal successors, (191), 159 states have internal predecessors, (191), 20 states have call successors, (20), 20 states have call predecessors, (20), 19 states have return successors, (26), 19 states have call predecessors, (26), 20 states have call successors, (26) [2025-03-03 14:29:30,458 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 189 states to 189 states and 237 transitions. [2025-03-03 14:29:30,460 INFO L78 Accepts]: Start accepts. Automaton has 189 states and 237 transitions. Word has length 43 [2025-03-03 14:29:30,460 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:30,460 INFO L471 AbstractCegarLoop]: Abstraction has 189 states and 237 transitions. [2025-03-03 14:29:30,460 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2025-03-03 14:29:30,460 INFO L276 IsEmpty]: Start isEmpty. Operand 189 states and 237 transitions. [2025-03-03 14:29:30,461 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 75 [2025-03-03 14:29:30,462 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:30,462 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:30,462 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-03-03 14:29:30,462 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:30,463 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:30,463 INFO L85 PathProgramCache]: Analyzing trace with hash 1733433517, now seen corresponding path program 1 times [2025-03-03 14:29:30,463 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:30,463 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1585894344] [2025-03-03 14:29:30,463 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:30,464 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:30,474 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 74 statements into 1 equivalence classes. [2025-03-03 14:29:30,480 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 74 of 74 statements. [2025-03-03 14:29:30,480 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:30,480 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:30,614 INFO L134 CoverageAnalysis]: Checked inductivity of 23 backedges. 20 proven. 2 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2025-03-03 14:29:30,615 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:30,615 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1585894344] [2025-03-03 14:29:30,615 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1585894344] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:29:30,615 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1377012620] [2025-03-03 14:29:30,615 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:30,615 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:29:30,615 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:29:30,617 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:29:30,619 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-03-03 14:29:30,656 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 74 statements into 1 equivalence classes. [2025-03-03 14:29:30,682 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 74 of 74 statements. [2025-03-03 14:29:30,683 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:30,683 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:30,685 INFO L256 TraceCheckSpWp]: Trace formula consists of 270 conjuncts, 11 conjuncts are in the unsatisfiable core [2025-03-03 14:29:30,688 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:29:30,804 INFO L134 CoverageAnalysis]: Checked inductivity of 23 backedges. 5 proven. 2 refuted. 0 times theorem prover too weak. 16 trivial. 0 not checked. [2025-03-03 14:29:30,805 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-03 14:29:30,901 INFO L134 CoverageAnalysis]: Checked inductivity of 23 backedges. 13 proven. 0 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2025-03-03 14:29:30,901 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1377012620] provided 1 perfect and 1 imperfect interpolant sequences [2025-03-03 14:29:30,902 INFO L185 FreeRefinementEngine]: Found 1 perfect and 2 imperfect interpolant sequences. [2025-03-03 14:29:30,902 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [7, 5] total 11 [2025-03-03 14:29:30,902 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [925054540] [2025-03-03 14:29:30,902 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:30,902 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-03-03 14:29:30,902 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:30,903 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-03-03 14:29:30,903 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=25, Invalid=85, Unknown=0, NotChecked=0, Total=110 [2025-03-03 14:29:30,903 INFO L87 Difference]: Start difference. First operand 189 states and 237 transitions. Second operand has 6 states, 6 states have (on average 9.333333333333334) internal successors, (56), 5 states have internal predecessors, (56), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) [2025-03-03 14:29:31,008 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:31,009 INFO L93 Difference]: Finished difference Result 525 states and 677 transitions. [2025-03-03 14:29:31,010 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-03-03 14:29:31,010 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 9.333333333333334) internal successors, (56), 5 states have internal predecessors, (56), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) Word has length 74 [2025-03-03 14:29:31,011 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:31,012 INFO L225 Difference]: With dead ends: 525 [2025-03-03 14:29:31,012 INFO L226 Difference]: Without dead ends: 344 [2025-03-03 14:29:31,013 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 156 GetRequests, 144 SyntacticMatches, 1 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 10 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=35, Invalid=121, Unknown=0, NotChecked=0, Total=156 [2025-03-03 14:29:31,013 INFO L435 NwaCegarLoop]: 71 mSDtfsCounter, 36 mSDsluCounter, 250 mSDsCounter, 0 mSdLazyCounter, 39 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 37 SdHoareTripleChecker+Valid, 321 SdHoareTripleChecker+Invalid, 43 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 39 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:31,013 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [37 Valid, 321 Invalid, 43 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 39 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:29:31,016 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 344 states. [2025-03-03 14:29:31,038 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 344 to 314. [2025-03-03 14:29:31,040 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 314 states, 244 states have (on average 1.2540983606557377) internal successors, (306), 261 states have internal predecessors, (306), 35 states have call successors, (35), 35 states have call predecessors, (35), 34 states have return successors, (47), 33 states have call predecessors, (47), 35 states have call successors, (47) [2025-03-03 14:29:31,042 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 314 states to 314 states and 388 transitions. [2025-03-03 14:29:31,043 INFO L78 Accepts]: Start accepts. Automaton has 314 states and 388 transitions. Word has length 74 [2025-03-03 14:29:31,043 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:31,043 INFO L471 AbstractCegarLoop]: Abstraction has 314 states and 388 transitions. [2025-03-03 14:29:31,043 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 9.333333333333334) internal successors, (56), 5 states have internal predecessors, (56), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) [2025-03-03 14:29:31,043 INFO L276 IsEmpty]: Start isEmpty. Operand 314 states and 388 transitions. [2025-03-03 14:29:31,045 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 79 [2025-03-03 14:29:31,045 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:31,045 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:31,052 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2025-03-03 14:29:31,247 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2025-03-03 14:29:31,247 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:31,248 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:31,248 INFO L85 PathProgramCache]: Analyzing trace with hash -1322525874, now seen corresponding path program 1 times [2025-03-03 14:29:31,248 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:31,248 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1918517418] [2025-03-03 14:29:31,248 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:31,248 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:31,256 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 78 statements into 1 equivalence classes. [2025-03-03 14:29:31,267 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 78 of 78 statements. [2025-03-03 14:29:31,269 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:31,269 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-03-03 14:29:31,269 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-03-03 14:29:31,272 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 78 statements into 1 equivalence classes. [2025-03-03 14:29:31,279 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 78 of 78 statements. [2025-03-03 14:29:31,279 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:31,279 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-03-03 14:29:31,299 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-03-03 14:29:31,300 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-03-03 14:29:31,300 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-03-03 14:29:31,302 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2025-03-03 14:29:31,304 INFO L422 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:31,352 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-03-03 14:29:31,354 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 03.03 02:29:31 BoogieIcfgContainer [2025-03-03 14:29:31,355 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-03-03 14:29:31,356 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-03-03 14:29:31,356 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-03-03 14:29:31,356 INFO L274 PluginConnector]: Witness Printer initialized [2025-03-03 14:29:31,356 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:29:29" (3/4) ... [2025-03-03 14:29:31,357 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-03-03 14:29:31,428 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 71. [2025-03-03 14:29:31,497 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-03-03 14:29:31,499 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2025-03-03 14:29:31,499 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-03-03 14:29:31,500 INFO L158 Benchmark]: Toolchain (without parser) took 3245.54ms. Allocated memory is still 167.8MB. Free memory was 123.8MB in the beginning and 93.9MB in the end (delta: 29.9MB). Peak memory consumption was 26.3MB. Max. memory is 16.1GB. [2025-03-03 14:29:31,500 INFO L158 Benchmark]: CDTParser took 0.18ms. Allocated memory is still 201.3MB. Free memory is still 118.2MB. There was no memory consumed. Max. memory is 16.1GB. [2025-03-03 14:29:31,500 INFO L158 Benchmark]: CACSL2BoogieTranslator took 343.50ms. Allocated memory is still 167.8MB. Free memory was 123.2MB in the beginning and 105.0MB in the end (delta: 18.2MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-03-03 14:29:31,501 INFO L158 Benchmark]: Boogie Procedure Inliner took 25.00ms. Allocated memory is still 167.8MB. Free memory was 105.0MB in the beginning and 103.1MB in the end (delta: 1.9MB). There was no memory consumed. Max. memory is 16.1GB. [2025-03-03 14:29:31,501 INFO L158 Benchmark]: Boogie Preprocessor took 25.56ms. Allocated memory is still 167.8MB. Free memory was 103.1MB in the beginning and 101.6MB in the end (delta: 1.5MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-03-03 14:29:31,501 INFO L158 Benchmark]: IcfgBuilder took 363.50ms. Allocated memory is still 167.8MB. Free memory was 101.6MB in the beginning and 84.8MB in the end (delta: 16.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-03-03 14:29:31,501 INFO L158 Benchmark]: TraceAbstraction took 2339.25ms. Allocated memory is still 167.8MB. Free memory was 84.2MB in the beginning and 105.3MB in the end (delta: -21.1MB). There was no memory consumed. Max. memory is 16.1GB. [2025-03-03 14:29:31,501 INFO L158 Benchmark]: Witness Printer took 143.65ms. Allocated memory is still 167.8MB. Free memory was 105.3MB in the beginning and 93.9MB in the end (delta: 11.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-03-03 14:29:31,502 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.18ms. Allocated memory is still 201.3MB. Free memory is still 118.2MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 343.50ms. Allocated memory is still 167.8MB. Free memory was 123.2MB in the beginning and 105.0MB in the end (delta: 18.2MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 25.00ms. Allocated memory is still 167.8MB. Free memory was 105.0MB in the beginning and 103.1MB in the end (delta: 1.9MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 25.56ms. Allocated memory is still 167.8MB. Free memory was 103.1MB in the beginning and 101.6MB in the end (delta: 1.5MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * IcfgBuilder took 363.50ms. Allocated memory is still 167.8MB. Free memory was 101.6MB in the beginning and 84.8MB in the end (delta: 16.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 2339.25ms. Allocated memory is still 167.8MB. Free memory was 84.2MB in the beginning and 105.3MB in the end (delta: -21.1MB). There was no memory consumed. Max. memory is 16.1GB. * Witness Printer took 143.65ms. Allocated memory is still 167.8MB. Free memory was 105.3MB in the beginning and 93.9MB in the end (delta: 11.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] - GenericResultAtLocation [Line: 155]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [155] - GenericResultAtLocation [Line: 254]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [254] - GenericResultAtLocation [Line: 263]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification2_spec.i","") [263] - GenericResultAtLocation [Line: 303]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [303] - GenericResultAtLocation [Line: 338]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [338] - GenericResultAtLocation [Line: 704]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [704] - GenericResultAtLocation [Line: 772]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [772] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 259]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L50] int cleanupTimeShifts = 4; [L161] int waterLevel = 1; [L162] int methaneLevelCritical = 0; [L265] int methAndRunningLastTime ; [L508] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; [L775] int pumpRunning = 0; [L776] int systemActive = 1; VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L133] int retValue_acc ; [L134] int tmp ; [L138] FCALL select_helpers() [L139] FCALL select_features() [L140] CALL, EXPR valid_product() [L330] int retValue_acc ; [L333] retValue_acc = 1 [L334] return (retValue_acc); VAL [\result=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L140] RET, EXPR valid_product() [L140] tmp = valid_product() [L142] COND TRUE \read(tmp) [L144] FCALL setup() [L145] CALL runTest() [L123] CALL __utac_acc__Specification2_spec__1() [L270] methAndRunningLastTime = 0 VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L123] RET __utac_acc__Specification2_spec__1() [L124] CALL test() [L707] int splverifierCounter ; [L708] int tmp ; [L709] int tmp___0 ; [L710] int tmp___1 ; [L711] int tmp___2 ; [L714] splverifierCounter = 0 VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L716] COND TRUE 1 VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L718] COND TRUE splverifierCounter < 4 [L724] tmp = __VERIFIER_nondet_int() [L726] COND TRUE \read(tmp) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L728] CALL waterRise() VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L179] COND TRUE waterLevel < 2 [L180] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L728] RET waterRise() VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L734] tmp___0 = __VERIFIER_nondet_int() [L736] COND TRUE \read(tmp___0) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L738] CALL changeMethaneLevel() VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L191] COND FALSE !(\read(methaneLevelCritical)) [L194] methaneLevelCritical = 1 VAL [\old(methaneLevelCritical)=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L738] RET changeMethaneLevel() VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L744] tmp___2 = __VERIFIER_nondet_int() [L746] COND TRUE \read(tmp___2) [L748] CALL startSystem() [L930] systemActive = 1 VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L748] RET startSystem() [L761] CALL timeShift() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L782] COND FALSE !(\read(pumpRunning)) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L789] COND TRUE \read(systemActive) [L791] CALL processEnvironment() [L811] int tmp ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L814] COND TRUE ! pumpRunning [L816] CALL, EXPR isHighWaterLevel() [L908] int retValue_acc ; [L909] int tmp ; [L910] int tmp___0 ; [L914] CALL, EXPR isHighWaterSensorDry() [L241] int retValue_acc ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L244] COND FALSE !(waterLevel < 2) [L248] retValue_acc = 0 [L249] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L914] RET, EXPR isHighWaterSensorDry() [L914] tmp = isHighWaterSensorDry() [L916] COND FALSE !(\read(tmp)) [L919] tmp___0 = 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L921] retValue_acc = tmp___0 [L922] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L816] RET, EXPR isHighWaterLevel() [L816] tmp = isHighWaterLevel() [L818] COND TRUE \read(tmp) [L820] CALL activatePump() [L839] pumpRunning = 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L820] RET activatePump() [L791] RET processEnvironment() [L797] CALL __utac_acc__Specification2_spec__2() [L275] int tmp ; [L276] int tmp___0 ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L280] CALL, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L200] int retValue_acc ; [L203] retValue_acc = methaneLevelCritical [L204] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L280] RET, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L280] tmp = isMethaneLevelCritical() [L282] COND TRUE \read(tmp) [L284] CALL, EXPR isPumpRunning() [L863] int retValue_acc ; [L866] retValue_acc = pumpRunning [L867] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L284] RET, EXPR isPumpRunning() [L284] tmp___0 = isPumpRunning() [L286] COND TRUE \read(tmp___0) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L287] COND FALSE !(\read(methAndRunningLastTime)) [L292] methAndRunningLastTime = 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L797] RET __utac_acc__Specification2_spec__2() [L761] RET timeShift() VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L716] COND TRUE 1 VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L718] COND TRUE splverifierCounter < 4 [L724] tmp = __VERIFIER_nondet_int() [L726] COND FALSE !(\read(tmp)) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L734] tmp___0 = __VERIFIER_nondet_int() [L736] COND FALSE !(\read(tmp___0)) VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L744] tmp___2 = __VERIFIER_nondet_int() [L746] COND TRUE \read(tmp___2) [L748] CALL startSystem() [L930] systemActive = 1 VAL [cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L748] RET startSystem() [L761] CALL timeShift() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L782] COND TRUE \read(pumpRunning) [L784] CALL lowerWaterLevel() [L167] COND TRUE waterLevel > 0 [L168] waterLevel = waterLevel - 1 VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L784] RET lowerWaterLevel() [L789] COND TRUE \read(systemActive) [L791] CALL processEnvironment() [L811] int tmp ; VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L814] COND FALSE !(! pumpRunning) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L829] FCALL processEnvironment__wrappee__base() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L791] RET processEnvironment() [L797] CALL __utac_acc__Specification2_spec__2() [L275] int tmp ; [L276] int tmp___0 ; VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L280] CALL, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L200] int retValue_acc ; [L203] retValue_acc = methaneLevelCritical [L204] return (retValue_acc); VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L280] RET, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L280] tmp = isMethaneLevelCritical() [L282] COND TRUE \read(tmp) [L284] CALL, EXPR isPumpRunning() [L863] int retValue_acc ; [L866] retValue_acc = pumpRunning [L867] return (retValue_acc); VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, \result=1, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L284] RET, EXPR isPumpRunning() [L284] tmp___0 = isPumpRunning() [L286] COND TRUE \read(tmp___0) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L287] COND TRUE \read(methAndRunningLastTime) [L289] CALL __automaton_fail() [L259] reach_error() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 76 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 2.2s, OverallIterations: 11, TraceHistogramMax: 2, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.5s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 305 SdHoareTripleChecker+Valid, 0.2s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 301 mSDsluCounter, 1887 SdHoareTripleChecker+Invalid, 0.1s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1137 mSDsCounter, 16 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 118 IncrementalHoareTripleChecker+Invalid, 134 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 16 mSolverCounterUnsat, 750 mSDtfsCounter, 118 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 196 GetRequests, 165 SyntacticMatches, 1 SemanticMatches, 30 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 12 ImplicationChecksByTransitivity, 0.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=314occurred in iteration=10, InterpolantAutomatonStates: 40, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.1s AutomataMinimizationTime, 10 MinimizatonAttempts, 52 StatesRemovedByMinimization, 4 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 0.9s InterpolantComputationTime, 543 NumberOfCodeBlocks, 543 NumberOfCodeBlocksAsserted, 12 NumberOfCheckSat, 527 ConstructedInterpolants, 0 QuantifiedInterpolants, 1003 SizeOfPredicates, 1 NumberOfNonLiveVariables, 270 ConjunctsInSsa, 11 ConjunctsInUnsatCore, 12 InterpolantComputations, 10 PerfectInterpolantSequences, 65/69 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-03-03 14:29:31,518 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE