./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec1_productSimulator.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 551b0097 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec1_productSimulator.cil.c -s /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash e237a09aaa1bc75b51620084d47086dcaad161f8c8500bd0b8b901d1a9d4bb0a --- Real Ultimate output --- This is Ultimate 0.3.0-?-551b009-m [2025-01-09 03:59:57,386 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-01-09 03:59:57,420 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-01-09 03:59:57,423 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-01-09 03:59:57,423 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-01-09 03:59:57,437 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-01-09 03:59:57,437 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-01-09 03:59:57,437 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-01-09 03:59:57,438 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-01-09 03:59:57,438 INFO L153 SettingsManager]: * Use memory slicer=true [2025-01-09 03:59:57,438 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-01-09 03:59:57,438 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-01-09 03:59:57,438 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-01-09 03:59:57,438 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-01-09 03:59:57,438 INFO L153 SettingsManager]: * Use SBE=true [2025-01-09 03:59:57,438 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-01-09 03:59:57,438 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-01-09 03:59:57,438 INFO L153 SettingsManager]: * sizeof long=4 [2025-01-09 03:59:57,438 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-01-09 03:59:57,438 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-01-09 03:59:57,438 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-01-09 03:59:57,438 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-01-09 03:59:57,438 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-01-09 03:59:57,439 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-01-09 03:59:57,439 INFO L153 SettingsManager]: * sizeof long double=12 [2025-01-09 03:59:57,439 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-01-09 03:59:57,440 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-01-09 03:59:57,440 INFO L153 SettingsManager]: * Use constant arrays=true [2025-01-09 03:59:57,441 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-01-09 03:59:57,441 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-01-09 03:59:57,441 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-01-09 03:59:57,441 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-01-09 03:59:57,441 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 03:59:57,441 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2025-01-09 03:59:57,441 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-01-09 03:59:57,441 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-01-09 03:59:57,441 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-01-09 03:59:57,441 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 03:59:57,441 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-01-09 03:59:57,441 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-01-09 03:59:57,441 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-01-09 03:59:57,441 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-01-09 03:59:57,441 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-01-09 03:59:57,441 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-01-09 03:59:57,441 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-01-09 03:59:57,441 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-01-09 03:59:57,441 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-01-09 03:59:57,441 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-01-09 03:59:57,442 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> e237a09aaa1bc75b51620084d47086dcaad161f8c8500bd0b8b901d1a9d4bb0a [2025-01-09 03:59:57,644 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-01-09 03:59:57,650 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-01-09 03:59:57,651 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-01-09 03:59:57,652 INFO L270 PluginConnector]: Initializing CDTParser... [2025-01-09 03:59:57,652 INFO L274 PluginConnector]: CDTParser initialized [2025-01-09 03:59:57,653 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec1_productSimulator.cil.c [2025-01-09 03:59:58,901 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/f6f780679/4b81ea456c5048d3a2337c2269c4dc61/FLAG4af65f652 [2025-01-09 03:59:59,213 INFO L384 CDTParser]: Found 1 translation units. [2025-01-09 03:59:59,221 INFO L180 CDTParser]: Scanning /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_productSimulator.cil.c [2025-01-09 03:59:59,246 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/f6f780679/4b81ea456c5048d3a2337c2269c4dc61/FLAG4af65f652 [2025-01-09 03:59:59,271 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/f6f780679/4b81ea456c5048d3a2337c2269c4dc61 [2025-01-09 03:59:59,276 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-01-09 03:59:59,278 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-01-09 03:59:59,284 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-01-09 03:59:59,284 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-01-09 03:59:59,288 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-01-09 03:59:59,288 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.01 03:59:59" (1/1) ... [2025-01-09 03:59:59,289 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@67682a6e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:59, skipping insertion in model container [2025-01-09 03:59:59,289 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.01 03:59:59" (1/1) ... [2025-01-09 03:59:59,325 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-01-09 03:59:59,554 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_productSimulator.cil.c[20217,20230] [2025-01-09 03:59:59,560 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-01-09 03:59:59,571 INFO L200 MainTranslator]: Completed pre-run [2025-01-09 03:59:59,577 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [49] [2025-01-09 03:59:59,578 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [140] [2025-01-09 03:59:59,579 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [481] [2025-01-09 03:59:59,579 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [847] [2025-01-09 03:59:59,580 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [895] [2025-01-09 03:59:59,580 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [922] [2025-01-09 03:59:59,580 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1026] [2025-01-09 03:59:59,580 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [1035] [2025-01-09 03:59:59,637 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_productSimulator.cil.c[20217,20230] [2025-01-09 03:59:59,643 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-01-09 03:59:59,659 INFO L204 MainTranslator]: Completed translation [2025-01-09 03:59:59,661 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:59 WrapperNode [2025-01-09 03:59:59,661 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-01-09 03:59:59,662 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-01-09 03:59:59,663 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-01-09 03:59:59,663 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-01-09 03:59:59,667 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:59" (1/1) ... [2025-01-09 03:59:59,680 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:59" (1/1) ... [2025-01-09 03:59:59,709 INFO L138 Inliner]: procedures = 63, calls = 121, calls flagged for inlining = 27, calls inlined = 24, statements flattened = 274 [2025-01-09 03:59:59,712 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-01-09 03:59:59,713 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-01-09 03:59:59,713 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-01-09 03:59:59,713 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-01-09 03:59:59,719 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:59" (1/1) ... [2025-01-09 03:59:59,719 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:59" (1/1) ... [2025-01-09 03:59:59,723 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:59" (1/1) ... [2025-01-09 03:59:59,738 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-01-09 03:59:59,741 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:59" (1/1) ... [2025-01-09 03:59:59,742 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:59" (1/1) ... [2025-01-09 03:59:59,746 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:59" (1/1) ... [2025-01-09 03:59:59,752 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:59" (1/1) ... [2025-01-09 03:59:59,758 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:59" (1/1) ... [2025-01-09 03:59:59,759 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:59" (1/1) ... [2025-01-09 03:59:59,759 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:59" (1/1) ... [2025-01-09 03:59:59,765 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-01-09 03:59:59,765 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2025-01-09 03:59:59,766 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2025-01-09 03:59:59,766 INFO L274 PluginConnector]: RCFGBuilder initialized [2025-01-09 03:59:59,766 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:59" (1/1) ... [2025-01-09 03:59:59,774 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 03:59:59,795 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-01-09 03:59:59,806 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-01-09 03:59:59,816 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-01-09 03:59:59,832 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-01-09 03:59:59,832 INFO L130 BoogieDeclarations]: Found specification of procedure activatePump__before__methaneQuery [2025-01-09 03:59:59,832 INFO L138 BoogieDeclarations]: Found implementation of procedure activatePump__before__methaneQuery [2025-01-09 03:59:59,832 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2025-01-09 03:59:59,832 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2025-01-09 03:59:59,833 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-01-09 03:59:59,833 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-01-09 03:59:59,833 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-01-09 03:59:59,833 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-01-09 03:59:59,833 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__highWaterSensor [2025-01-09 03:59:59,833 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__highWaterSensor [2025-01-09 03:59:59,833 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-01-09 03:59:59,833 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-01-09 03:59:59,834 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__methaneAlarm [2025-01-09 03:59:59,834 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__methaneAlarm [2025-01-09 03:59:59,834 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__lowWaterSensor [2025-01-09 03:59:59,834 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__lowWaterSensor [2025-01-09 03:59:59,834 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2025-01-09 03:59:59,834 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2025-01-09 03:59:59,834 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2025-01-09 03:59:59,836 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2025-01-09 03:59:59,836 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-01-09 03:59:59,836 INFO L130 BoogieDeclarations]: Found specification of procedure select_one [2025-01-09 03:59:59,836 INFO L138 BoogieDeclarations]: Found implementation of procedure select_one [2025-01-09 03:59:59,836 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-01-09 03:59:59,837 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-01-09 03:59:59,837 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-01-09 03:59:59,837 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-01-09 03:59:59,886 INFO L234 CfgBuilder]: Building ICFG [2025-01-09 03:59:59,887 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2025-01-09 04:00:00,156 INFO L? ?]: Removed 52 outVars from TransFormulas that were not future-live. [2025-01-09 04:00:00,156 INFO L283 CfgBuilder]: Performing block encoding [2025-01-09 04:00:00,165 INFO L307 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-01-09 04:00:00,165 INFO L312 CfgBuilder]: Removed 2 assume(true) statements. [2025-01-09 04:00:00,165 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 04:00:00 BoogieIcfgContainer [2025-01-09 04:00:00,165 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2025-01-09 04:00:00,167 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-01-09 04:00:00,167 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-01-09 04:00:00,170 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-01-09 04:00:00,170 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 09.01 03:59:59" (1/3) ... [2025-01-09 04:00:00,171 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@54721db2 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.01 04:00:00, skipping insertion in model container [2025-01-09 04:00:00,171 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 03:59:59" (2/3) ... [2025-01-09 04:00:00,171 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@54721db2 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.01 04:00:00, skipping insertion in model container [2025-01-09 04:00:00,171 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 04:00:00" (3/3) ... [2025-01-09 04:00:00,172 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec1_productSimulator.cil.c [2025-01-09 04:00:00,181 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-01-09 04:00:00,182 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec1_productSimulator.cil.c that has 13 procedures, 141 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-01-09 04:00:00,219 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-01-09 04:00:00,229 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@5bf927c, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-01-09 04:00:00,230 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-01-09 04:00:00,233 INFO L276 IsEmpty]: Start isEmpty. Operand has 141 states, 97 states have (on average 1.3505154639175259) internal successors, (131), 113 states have internal predecessors, (131), 30 states have call successors, (30), 12 states have call predecessors, (30), 12 states have return successors, (30), 25 states have call predecessors, (30), 30 states have call successors, (30) [2025-01-09 04:00:00,240 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 54 [2025-01-09 04:00:00,241 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:00:00,241 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:00:00,242 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:00:00,245 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:00:00,246 INFO L85 PathProgramCache]: Analyzing trace with hash -1438197576, now seen corresponding path program 1 times [2025-01-09 04:00:00,253 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:00:00,253 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1099691229] [2025-01-09 04:00:00,253 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:00:00,254 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:00:00,307 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 53 statements into 1 equivalence classes. [2025-01-09 04:00:00,343 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 53 of 53 statements. [2025-01-09 04:00:00,344 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:00:00,344 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:00:00,482 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-01-09 04:00:00,483 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:00:00,483 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1099691229] [2025-01-09 04:00:00,483 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1099691229] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:00:00,484 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:00:00,484 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-01-09 04:00:00,485 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1906454491] [2025-01-09 04:00:00,485 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:00:00,488 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-01-09 04:00:00,488 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:00:00,508 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-01-09 04:00:00,508 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:00:00,510 INFO L87 Difference]: Start difference. First operand has 141 states, 97 states have (on average 1.3505154639175259) internal successors, (131), 113 states have internal predecessors, (131), 30 states have call successors, (30), 12 states have call predecessors, (30), 12 states have return successors, (30), 25 states have call predecessors, (30), 30 states have call successors, (30) Second operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-01-09 04:00:00,538 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:00:00,539 INFO L93 Difference]: Finished difference Result 247 states and 338 transitions. [2025-01-09 04:00:00,540 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-01-09 04:00:00,540 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 53 [2025-01-09 04:00:00,541 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:00:00,546 INFO L225 Difference]: With dead ends: 247 [2025-01-09 04:00:00,546 INFO L226 Difference]: Without dead ends: 124 [2025-01-09 04:00:00,549 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:00:00,551 INFO L435 NwaCegarLoop]: 170 mSDtfsCounter, 21 mSDsluCounter, 145 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 25 SdHoareTripleChecker+Valid, 315 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:00:00,551 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [25 Valid, 315 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:00:00,560 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 124 states. [2025-01-09 04:00:00,575 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 124 to 124. [2025-01-09 04:00:00,576 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 124 states, 85 states have (on average 1.3294117647058823) internal successors, (113), 100 states have internal predecessors, (113), 27 states have call successors, (27), 11 states have call predecessors, (27), 11 states have return successors, (27), 22 states have call predecessors, (27), 27 states have call successors, (27) [2025-01-09 04:00:00,580 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 124 states to 124 states and 167 transitions. [2025-01-09 04:00:00,583 INFO L78 Accepts]: Start accepts. Automaton has 124 states and 167 transitions. Word has length 53 [2025-01-09 04:00:00,584 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:00:00,584 INFO L471 AbstractCegarLoop]: Abstraction has 124 states and 167 transitions. [2025-01-09 04:00:00,584 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-01-09 04:00:00,584 INFO L276 IsEmpty]: Start isEmpty. Operand 124 states and 167 transitions. [2025-01-09 04:00:00,586 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 59 [2025-01-09 04:00:00,586 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:00:00,586 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:00:00,586 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-01-09 04:00:00,587 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:00:00,589 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:00:00,589 INFO L85 PathProgramCache]: Analyzing trace with hash -675875998, now seen corresponding path program 1 times [2025-01-09 04:00:00,589 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:00:00,589 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [129284304] [2025-01-09 04:00:00,589 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:00:00,589 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:00:00,616 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 58 statements into 1 equivalence classes. [2025-01-09 04:00:00,627 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 58 of 58 statements. [2025-01-09 04:00:00,628 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:00:00,628 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:00:00,738 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-01-09 04:00:00,739 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:00:00,739 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [129284304] [2025-01-09 04:00:00,739 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [129284304] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:00:00,739 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:00:00,739 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-01-09 04:00:00,739 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [897865595] [2025-01-09 04:00:00,739 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:00:00,740 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-01-09 04:00:00,740 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:00:00,741 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-01-09 04:00:00,741 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:00:00,741 INFO L87 Difference]: Start difference. First operand 124 states and 167 transitions. Second operand has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-01-09 04:00:00,785 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:00:00,785 INFO L93 Difference]: Finished difference Result 326 states and 446 transitions. [2025-01-09 04:00:00,785 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-01-09 04:00:00,786 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 58 [2025-01-09 04:00:00,786 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:00:00,788 INFO L225 Difference]: With dead ends: 326 [2025-01-09 04:00:00,788 INFO L226 Difference]: Without dead ends: 224 [2025-01-09 04:00:00,789 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:00:00,789 INFO L435 NwaCegarLoop]: 188 mSDtfsCounter, 134 mSDsluCounter, 135 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 134 SdHoareTripleChecker+Valid, 323 SdHoareTripleChecker+Invalid, 6 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:00:00,790 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [134 Valid, 323 Invalid, 6 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:00:00,790 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 224 states. [2025-01-09 04:00:00,809 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 224 to 221. [2025-01-09 04:00:00,810 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 221 states, 151 states have (on average 1.3642384105960266) internal successors, (206), 180 states have internal predecessors, (206), 48 states have call successors, (48), 21 states have call predecessors, (48), 21 states have return successors, (48), 37 states have call predecessors, (48), 48 states have call successors, (48) [2025-01-09 04:00:00,812 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 221 states to 221 states and 302 transitions. [2025-01-09 04:00:00,812 INFO L78 Accepts]: Start accepts. Automaton has 221 states and 302 transitions. Word has length 58 [2025-01-09 04:00:00,812 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:00:00,812 INFO L471 AbstractCegarLoop]: Abstraction has 221 states and 302 transitions. [2025-01-09 04:00:00,812 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-01-09 04:00:00,812 INFO L276 IsEmpty]: Start isEmpty. Operand 221 states and 302 transitions. [2025-01-09 04:00:00,818 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 63 [2025-01-09 04:00:00,818 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:00:00,818 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:00:00,819 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-01-09 04:00:00,819 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:00:00,819 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:00:00,819 INFO L85 PathProgramCache]: Analyzing trace with hash 1740883500, now seen corresponding path program 1 times [2025-01-09 04:00:00,819 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:00:00,819 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1863666763] [2025-01-09 04:00:00,819 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:00:00,819 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:00:00,842 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 62 statements into 1 equivalence classes. [2025-01-09 04:00:00,863 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 62 of 62 statements. [2025-01-09 04:00:00,863 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:00:00,863 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:00:01,002 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-01-09 04:00:01,002 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:00:01,002 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1863666763] [2025-01-09 04:00:01,002 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1863666763] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:00:01,002 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:00:01,002 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-01-09 04:00:01,002 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [105836282] [2025-01-09 04:00:01,002 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:00:01,003 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-01-09 04:00:01,003 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:00:01,004 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-01-09 04:00:01,004 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 04:00:01,004 INFO L87 Difference]: Start difference. First operand 221 states and 302 transitions. Second operand has 5 states, 5 states have (on average 7.4) internal successors, (37), 5 states have internal predecessors, (37), 1 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 1 states have call predecessors, (7), 1 states have call successors, (7) [2025-01-09 04:00:01,123 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:00:01,124 INFO L93 Difference]: Finished difference Result 541 states and 771 transitions. [2025-01-09 04:00:01,124 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-01-09 04:00:01,125 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.4) internal successors, (37), 5 states have internal predecessors, (37), 1 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 1 states have call predecessors, (7), 1 states have call successors, (7) Word has length 62 [2025-01-09 04:00:01,126 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:00:01,129 INFO L225 Difference]: With dead ends: 541 [2025-01-09 04:00:01,131 INFO L226 Difference]: Without dead ends: 342 [2025-01-09 04:00:01,133 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-01-09 04:00:01,134 INFO L435 NwaCegarLoop]: 163 mSDtfsCounter, 99 mSDsluCounter, 422 mSDsCounter, 0 mSdLazyCounter, 34 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 99 SdHoareTripleChecker+Valid, 585 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 34 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-01-09 04:00:01,134 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [99 Valid, 585 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 34 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-01-09 04:00:01,135 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 342 states. [2025-01-09 04:00:01,179 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 342 to 341. [2025-01-09 04:00:01,182 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 341 states, 239 states have (on average 1.3347280334728033) internal successors, (319), 272 states have internal predecessors, (319), 64 states have call successors, (64), 37 states have call predecessors, (64), 37 states have return successors, (84), 59 states have call predecessors, (84), 64 states have call successors, (84) [2025-01-09 04:00:01,186 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 341 states to 341 states and 467 transitions. [2025-01-09 04:00:01,189 INFO L78 Accepts]: Start accepts. Automaton has 341 states and 467 transitions. Word has length 62 [2025-01-09 04:00:01,190 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:00:01,190 INFO L471 AbstractCegarLoop]: Abstraction has 341 states and 467 transitions. [2025-01-09 04:00:01,190 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.4) internal successors, (37), 5 states have internal predecessors, (37), 1 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 1 states have call predecessors, (7), 1 states have call successors, (7) [2025-01-09 04:00:01,191 INFO L276 IsEmpty]: Start isEmpty. Operand 341 states and 467 transitions. [2025-01-09 04:00:01,192 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 83 [2025-01-09 04:00:01,195 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:00:01,195 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:00:01,196 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-01-09 04:00:01,196 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:00:01,196 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:00:01,196 INFO L85 PathProgramCache]: Analyzing trace with hash 1532682812, now seen corresponding path program 1 times [2025-01-09 04:00:01,196 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:00:01,196 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2092043954] [2025-01-09 04:00:01,196 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:00:01,197 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:00:01,217 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 82 statements into 1 equivalence classes. [2025-01-09 04:00:01,230 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 82 of 82 statements. [2025-01-09 04:00:01,230 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:00:01,230 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:00:01,380 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-01-09 04:00:01,381 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:00:01,381 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2092043954] [2025-01-09 04:00:01,381 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2092043954] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:00:01,382 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:00:01,382 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-01-09 04:00:01,382 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1750355001] [2025-01-09 04:00:01,382 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:00:01,382 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-01-09 04:00:01,382 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:00:01,383 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-01-09 04:00:01,383 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 04:00:01,384 INFO L87 Difference]: Start difference. First operand 341 states and 467 transitions. Second operand has 5 states, 5 states have (on average 10.2) internal successors, (51), 5 states have internal predecessors, (51), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 2 states have call successors, (10) [2025-01-09 04:00:01,443 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:00:01,443 INFO L93 Difference]: Finished difference Result 666 states and 955 transitions. [2025-01-09 04:00:01,444 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-01-09 04:00:01,444 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 10.2) internal successors, (51), 5 states have internal predecessors, (51), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 2 states have call successors, (10) Word has length 82 [2025-01-09 04:00:01,444 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:00:01,446 INFO L225 Difference]: With dead ends: 666 [2025-01-09 04:00:01,447 INFO L226 Difference]: Without dead ends: 347 [2025-01-09 04:00:01,450 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 04:00:01,450 INFO L435 NwaCegarLoop]: 164 mSDtfsCounter, 0 mSDsluCounter, 485 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 649 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:00:01,450 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 649 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:00:01,451 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 347 states. [2025-01-09 04:00:01,482 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 347 to 347. [2025-01-09 04:00:01,483 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 347 states, 245 states have (on average 1.3265306122448979) internal successors, (325), 278 states have internal predecessors, (325), 64 states have call successors, (64), 37 states have call predecessors, (64), 37 states have return successors, (84), 59 states have call predecessors, (84), 64 states have call successors, (84) [2025-01-09 04:00:01,485 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 347 states to 347 states and 473 transitions. [2025-01-09 04:00:01,486 INFO L78 Accepts]: Start accepts. Automaton has 347 states and 473 transitions. Word has length 82 [2025-01-09 04:00:01,487 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:00:01,487 INFO L471 AbstractCegarLoop]: Abstraction has 347 states and 473 transitions. [2025-01-09 04:00:01,487 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 10.2) internal successors, (51), 5 states have internal predecessors, (51), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 2 states have call successors, (10) [2025-01-09 04:00:01,488 INFO L276 IsEmpty]: Start isEmpty. Operand 347 states and 473 transitions. [2025-01-09 04:00:01,489 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 83 [2025-01-09 04:00:01,489 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:00:01,490 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:00:01,490 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-01-09 04:00:01,490 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:00:01,491 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:00:01,491 INFO L85 PathProgramCache]: Analyzing trace with hash 1594722426, now seen corresponding path program 1 times [2025-01-09 04:00:01,491 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:00:01,491 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1118539731] [2025-01-09 04:00:01,491 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:00:01,491 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:00:01,500 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 82 statements into 1 equivalence classes. [2025-01-09 04:00:01,505 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 82 of 82 statements. [2025-01-09 04:00:01,506 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:00:01,506 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:00:01,561 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-01-09 04:00:01,562 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:00:01,562 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1118539731] [2025-01-09 04:00:01,562 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1118539731] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:00:01,562 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:00:01,562 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-01-09 04:00:01,562 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1589977421] [2025-01-09 04:00:01,562 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:00:01,563 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-01-09 04:00:01,563 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:00:01,563 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-01-09 04:00:01,563 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 04:00:01,563 INFO L87 Difference]: Start difference. First operand 347 states and 473 transitions. Second operand has 5 states, 5 states have (on average 10.2) internal successors, (51), 5 states have internal predecessors, (51), 3 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 3 states have call successors, (10) [2025-01-09 04:00:01,611 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:00:01,611 INFO L93 Difference]: Finished difference Result 680 states and 968 transitions. [2025-01-09 04:00:01,612 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-01-09 04:00:01,612 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 10.2) internal successors, (51), 5 states have internal predecessors, (51), 3 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 3 states have call successors, (10) Word has length 82 [2025-01-09 04:00:01,612 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:00:01,614 INFO L225 Difference]: With dead ends: 680 [2025-01-09 04:00:01,614 INFO L226 Difference]: Without dead ends: 355 [2025-01-09 04:00:01,615 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-01-09 04:00:01,616 INFO L435 NwaCegarLoop]: 177 mSDtfsCounter, 136 mSDsluCounter, 481 mSDsCounter, 0 mSdLazyCounter, 19 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 136 SdHoareTripleChecker+Valid, 658 SdHoareTripleChecker+Invalid, 21 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 19 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:00:01,616 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [136 Valid, 658 Invalid, 21 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 19 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:00:01,617 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 355 states. [2025-01-09 04:00:01,634 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 355 to 351. [2025-01-09 04:00:01,635 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 351 states, 249 states have (on average 1.321285140562249) internal successors, (329), 282 states have internal predecessors, (329), 64 states have call successors, (64), 37 states have call predecessors, (64), 37 states have return successors, (84), 59 states have call predecessors, (84), 64 states have call successors, (84) [2025-01-09 04:00:01,638 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 351 states to 351 states and 477 transitions. [2025-01-09 04:00:01,638 INFO L78 Accepts]: Start accepts. Automaton has 351 states and 477 transitions. Word has length 82 [2025-01-09 04:00:01,638 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:00:01,638 INFO L471 AbstractCegarLoop]: Abstraction has 351 states and 477 transitions. [2025-01-09 04:00:01,639 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 10.2) internal successors, (51), 5 states have internal predecessors, (51), 3 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 3 states have call successors, (10) [2025-01-09 04:00:01,639 INFO L276 IsEmpty]: Start isEmpty. Operand 351 states and 477 transitions. [2025-01-09 04:00:01,640 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 83 [2025-01-09 04:00:01,640 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:00:01,640 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:00:01,640 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-01-09 04:00:01,640 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:00:01,641 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:00:01,641 INFO L85 PathProgramCache]: Analyzing trace with hash 1085249336, now seen corresponding path program 1 times [2025-01-09 04:00:01,641 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:00:01,641 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2003371995] [2025-01-09 04:00:01,641 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:00:01,641 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:00:01,650 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 82 statements into 1 equivalence classes. [2025-01-09 04:00:01,656 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 82 of 82 statements. [2025-01-09 04:00:01,657 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:00:01,657 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:00:01,723 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-01-09 04:00:01,723 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:00:01,724 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2003371995] [2025-01-09 04:00:01,724 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2003371995] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:00:01,724 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:00:01,724 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-01-09 04:00:01,724 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [13835975] [2025-01-09 04:00:01,724 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:00:01,724 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-01-09 04:00:01,724 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:00:01,725 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-01-09 04:00:01,725 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 04:00:01,725 INFO L87 Difference]: Start difference. First operand 351 states and 477 transitions. Second operand has 4 states, 4 states have (on average 12.75) internal successors, (51), 4 states have internal predecessors, (51), 4 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 3 states have call predecessors, (10), 4 states have call successors, (10) [2025-01-09 04:00:01,883 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:00:01,883 INFO L93 Difference]: Finished difference Result 1085 states and 1540 transitions. [2025-01-09 04:00:01,883 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-01-09 04:00:01,883 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 12.75) internal successors, (51), 4 states have internal predecessors, (51), 4 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 3 states have call predecessors, (10), 4 states have call successors, (10) Word has length 82 [2025-01-09 04:00:01,884 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:00:01,887 INFO L225 Difference]: With dead ends: 1085 [2025-01-09 04:00:01,887 INFO L226 Difference]: Without dead ends: 756 [2025-01-09 04:00:01,889 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 04:00:01,889 INFO L435 NwaCegarLoop]: 266 mSDtfsCounter, 206 mSDsluCounter, 234 mSDsCounter, 0 mSdLazyCounter, 97 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 206 SdHoareTripleChecker+Valid, 500 SdHoareTripleChecker+Invalid, 102 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 97 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-01-09 04:00:01,890 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [206 Valid, 500 Invalid, 102 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 97 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-01-09 04:00:01,890 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 756 states. [2025-01-09 04:00:01,927 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 756 to 744. [2025-01-09 04:00:01,928 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 744 states, 532 states have (on average 1.3176691729323309) internal successors, (701), 599 states have internal predecessors, (701), 130 states have call successors, (130), 79 states have call predecessors, (130), 81 states have return successors, (208), 122 states have call predecessors, (208), 130 states have call successors, (208) [2025-01-09 04:00:01,933 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 744 states to 744 states and 1039 transitions. [2025-01-09 04:00:01,933 INFO L78 Accepts]: Start accepts. Automaton has 744 states and 1039 transitions. Word has length 82 [2025-01-09 04:00:01,934 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:00:01,934 INFO L471 AbstractCegarLoop]: Abstraction has 744 states and 1039 transitions. [2025-01-09 04:00:01,934 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 12.75) internal successors, (51), 4 states have internal predecessors, (51), 4 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 3 states have call predecessors, (10), 4 states have call successors, (10) [2025-01-09 04:00:01,934 INFO L276 IsEmpty]: Start isEmpty. Operand 744 states and 1039 transitions. [2025-01-09 04:00:01,935 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 87 [2025-01-09 04:00:01,935 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:00:01,935 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:00:01,936 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-01-09 04:00:01,936 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:00:01,936 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:00:01,936 INFO L85 PathProgramCache]: Analyzing trace with hash 536605202, now seen corresponding path program 1 times [2025-01-09 04:00:01,936 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:00:01,936 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [806134112] [2025-01-09 04:00:01,936 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:00:01,937 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:00:01,944 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 86 statements into 1 equivalence classes. [2025-01-09 04:00:01,951 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 86 of 86 statements. [2025-01-09 04:00:01,951 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:00:01,951 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:00:02,037 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-01-09 04:00:02,037 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:00:02,037 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [806134112] [2025-01-09 04:00:02,037 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [806134112] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:00:02,038 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:00:02,038 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-01-09 04:00:02,038 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1685232280] [2025-01-09 04:00:02,038 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:00:02,038 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-01-09 04:00:02,038 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:00:02,039 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-01-09 04:00:02,039 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-01-09 04:00:02,040 INFO L87 Difference]: Start difference. First operand 744 states and 1039 transitions. Second operand has 6 states, 6 states have (on average 8.833333333333334) internal successors, (53), 5 states have internal predecessors, (53), 2 states have call successors, (12), 2 states have call predecessors, (12), 2 states have return successors, (11), 3 states have call predecessors, (11), 2 states have call successors, (11) [2025-01-09 04:00:02,234 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:00:02,235 INFO L93 Difference]: Finished difference Result 2166 states and 3086 transitions. [2025-01-09 04:00:02,235 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-01-09 04:00:02,235 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 8.833333333333334) internal successors, (53), 5 states have internal predecessors, (53), 2 states have call successors, (12), 2 states have call predecessors, (12), 2 states have return successors, (11), 3 states have call predecessors, (11), 2 states have call successors, (11) Word has length 86 [2025-01-09 04:00:02,236 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:00:02,248 INFO L225 Difference]: With dead ends: 2166 [2025-01-09 04:00:02,248 INFO L226 Difference]: Without dead ends: 1444 [2025-01-09 04:00:02,250 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2025-01-09 04:00:02,251 INFO L435 NwaCegarLoop]: 165 mSDtfsCounter, 124 mSDsluCounter, 564 mSDsCounter, 0 mSdLazyCounter, 82 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 126 SdHoareTripleChecker+Valid, 729 SdHoareTripleChecker+Invalid, 86 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 82 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-01-09 04:00:02,251 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [126 Valid, 729 Invalid, 86 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 82 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-01-09 04:00:02,254 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1444 states. [2025-01-09 04:00:02,339 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1444 to 1444. [2025-01-09 04:00:02,342 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1444 states, 1028 states have (on average 1.3054474708171206) internal successors, (1342), 1161 states have internal predecessors, (1342), 254 states have call successors, (254), 157 states have call predecessors, (254), 161 states have return successors, (420), 238 states have call predecessors, (420), 254 states have call successors, (420) [2025-01-09 04:00:02,351 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1444 states to 1444 states and 2016 transitions. [2025-01-09 04:00:02,352 INFO L78 Accepts]: Start accepts. Automaton has 1444 states and 2016 transitions. Word has length 86 [2025-01-09 04:00:02,353 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:00:02,353 INFO L471 AbstractCegarLoop]: Abstraction has 1444 states and 2016 transitions. [2025-01-09 04:00:02,353 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 8.833333333333334) internal successors, (53), 5 states have internal predecessors, (53), 2 states have call successors, (12), 2 states have call predecessors, (12), 2 states have return successors, (11), 3 states have call predecessors, (11), 2 states have call successors, (11) [2025-01-09 04:00:02,353 INFO L276 IsEmpty]: Start isEmpty. Operand 1444 states and 2016 transitions. [2025-01-09 04:00:02,358 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 91 [2025-01-09 04:00:02,359 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:00:02,360 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:00:02,360 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-01-09 04:00:02,360 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:00:02,360 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:00:02,361 INFO L85 PathProgramCache]: Analyzing trace with hash -488291474, now seen corresponding path program 1 times [2025-01-09 04:00:02,361 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:00:02,361 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1898501837] [2025-01-09 04:00:02,361 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:00:02,363 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:00:02,372 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 90 statements into 1 equivalence classes. [2025-01-09 04:00:02,383 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 90 of 90 statements. [2025-01-09 04:00:02,383 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:00:02,383 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-01-09 04:00:02,383 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-01-09 04:00:02,389 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 90 statements into 1 equivalence classes. [2025-01-09 04:00:02,396 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 90 of 90 statements. [2025-01-09 04:00:02,398 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:00:02,399 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-01-09 04:00:02,427 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-01-09 04:00:02,428 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-01-09 04:00:02,429 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-01-09 04:00:02,430 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-01-09 04:00:02,432 INFO L422 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:00:02,503 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-01-09 04:00:02,508 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 09.01 04:00:02 BoogieIcfgContainer [2025-01-09 04:00:02,509 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-01-09 04:00:02,509 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-01-09 04:00:02,509 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-01-09 04:00:02,509 INFO L274 PluginConnector]: Witness Printer initialized [2025-01-09 04:00:02,510 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 04:00:00" (3/4) ... [2025-01-09 04:00:02,510 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-01-09 04:00:02,599 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 68. [2025-01-09 04:00:02,676 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-01-09 04:00:02,676 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.yml [2025-01-09 04:00:02,677 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-01-09 04:00:02,677 INFO L158 Benchmark]: Toolchain (without parser) took 3399.53ms. Allocated memory is still 167.8MB. Free memory was 129.1MB in the beginning and 52.9MB in the end (delta: 76.1MB). Peak memory consumption was 79.2MB. Max. memory is 16.1GB. [2025-01-09 04:00:02,679 INFO L158 Benchmark]: CDTParser took 0.15ms. Allocated memory is still 201.3MB. Free memory is still 125.9MB. There was no memory consumed. Max. memory is 16.1GB. [2025-01-09 04:00:02,679 INFO L158 Benchmark]: CACSL2BoogieTranslator took 377.74ms. Allocated memory is still 167.8MB. Free memory was 128.6MB in the beginning and 109.1MB in the end (delta: 19.5MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-01-09 04:00:02,679 INFO L158 Benchmark]: Boogie Procedure Inliner took 49.91ms. Allocated memory is still 167.8MB. Free memory was 109.1MB in the beginning and 107.1MB in the end (delta: 2.1MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-01-09 04:00:02,680 INFO L158 Benchmark]: Boogie Preprocessor took 52.43ms. Allocated memory is still 167.8MB. Free memory was 107.1MB in the beginning and 104.7MB in the end (delta: 2.3MB). There was no memory consumed. Max. memory is 16.1GB. [2025-01-09 04:00:02,680 INFO L158 Benchmark]: RCFGBuilder took 399.99ms. Allocated memory is still 167.8MB. Free memory was 104.7MB in the beginning and 83.3MB in the end (delta: 21.4MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-01-09 04:00:02,680 INFO L158 Benchmark]: TraceAbstraction took 2341.64ms. Allocated memory is still 167.8MB. Free memory was 82.8MB in the beginning and 66.8MB in the end (delta: 15.9MB). Peak memory consumption was 12.1MB. Max. memory is 16.1GB. [2025-01-09 04:00:02,680 INFO L158 Benchmark]: Witness Printer took 167.52ms. Allocated memory is still 167.8MB. Free memory was 66.8MB in the beginning and 52.9MB in the end (delta: 13.9MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-01-09 04:00:02,681 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.15ms. Allocated memory is still 201.3MB. Free memory is still 125.9MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 377.74ms. Allocated memory is still 167.8MB. Free memory was 128.6MB in the beginning and 109.1MB in the end (delta: 19.5MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 49.91ms. Allocated memory is still 167.8MB. Free memory was 109.1MB in the beginning and 107.1MB in the end (delta: 2.1MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Preprocessor took 52.43ms. Allocated memory is still 167.8MB. Free memory was 107.1MB in the beginning and 104.7MB in the end (delta: 2.3MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 399.99ms. Allocated memory is still 167.8MB. Free memory was 104.7MB in the beginning and 83.3MB in the end (delta: 21.4MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 2341.64ms. Allocated memory is still 167.8MB. Free memory was 82.8MB in the beginning and 66.8MB in the end (delta: 15.9MB). Peak memory consumption was 12.1MB. Max. memory is 16.1GB. * Witness Printer took 167.52ms. Allocated memory is still 167.8MB. Free memory was 66.8MB in the beginning and 52.9MB in the end (delta: 13.9MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [49] - GenericResultAtLocation [Line: 140]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [140] - GenericResultAtLocation [Line: 481]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [481] - GenericResultAtLocation [Line: 847]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [847] - GenericResultAtLocation [Line: 895]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [895] - GenericResultAtLocation [Line: 922]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [922] - GenericResultAtLocation [Line: 1026]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1026] - GenericResultAtLocation [Line: 1035]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [1035] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 1031]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L50] int __SELECTED_FEATURE_base ; [L51] int __SELECTED_FEATURE_highWaterSensor ; [L52] int __SELECTED_FEATURE_lowWaterSensor ; [L53] int __SELECTED_FEATURE_methaneQuery ; [L54] int __SELECTED_FEATURE_methaneAlarm ; [L55] int __SELECTED_FEATURE_stopCommand ; [L56] int __SELECTED_FEATURE_startCommand ; [L57] int __GUIDSL_ROOT_PRODUCTION ; [L150] int pumpRunning = 0; [L151] int systemActive = 1; [L651] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; [L924] int waterLevel = 1; [L925] int methaneLevelCritical = 0; [L1036] int cleanupTimeShifts = 4; VAL [__GUIDSL_ROOT_PRODUCTION=0, __SELECTED_FEATURE_base=0, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1109] int retValue_acc ; [L1110] int tmp ; [L1114] CALL select_helpers() [L882] __GUIDSL_ROOT_PRODUCTION = 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=0, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1114] RET select_helpers() [L1115] CALL select_features() [L867] __SELECTED_FEATURE_base = 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L868] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L853] int retValue_acc ; [L854] int choice = __VERIFIER_nondet_int(); [L857] retValue_acc = choice [L858] return (retValue_acc); VAL [\result=16, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L868] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L868] __SELECTED_FEATURE_highWaterSensor = select_one() [L869] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L853] int retValue_acc ; [L854] int choice = __VERIFIER_nondet_int(); [L857] retValue_acc = choice [L858] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L869] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L869] __SELECTED_FEATURE_lowWaterSensor = select_one() [L870] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L853] int retValue_acc ; [L854] int choice = __VERIFIER_nondet_int(); [L857] retValue_acc = choice [L858] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L870] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L870] __SELECTED_FEATURE_methaneQuery = select_one() [L871] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L853] int retValue_acc ; [L854] int choice = __VERIFIER_nondet_int(); [L857] retValue_acc = choice [L858] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L871] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L871] __SELECTED_FEATURE_methaneAlarm = select_one() [L872] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L853] int retValue_acc ; [L854] int choice = __VERIFIER_nondet_int(); [L857] retValue_acc = choice [L858] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L872] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L872] __SELECTED_FEATURE_stopCommand = select_one() [L873] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L853] int retValue_acc ; [L854] int choice = __VERIFIER_nondet_int(); [L857] retValue_acc = choice [L858] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L873] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L873] __SELECTED_FEATURE_startCommand = select_one() [L1115] RET select_features() [L1116] CALL, EXPR valid_product() [L887] int retValue_acc ; [L890] retValue_acc = __SELECTED_FEATURE_base [L891] return (retValue_acc); VAL [\result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1116] RET, EXPR valid_product() [L1116] tmp = valid_product() [L1118] COND TRUE \read(tmp) [L1120] FCALL setup() [L1121] CALL runTest() [L1103] CALL test() [L65] int splverifierCounter ; [L66] int tmp ; [L67] int tmp___0 ; [L68] int tmp___1 ; [L69] int tmp___2 ; [L72] splverifierCounter = 0 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L76] COND TRUE splverifierCounter < 4 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L82] tmp = __VERIFIER_nondet_int() [L84] COND TRUE \read(tmp) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L86] CALL waterRise() VAL [\old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L942] COND TRUE waterLevel < 2 [L943] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L86] RET waterRise() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L92] tmp___0 = __VERIFIER_nondet_int() [L94] COND TRUE \read(tmp___0) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L96] CALL changeMethaneLevel() VAL [\old(methaneLevelCritical)=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L954] COND FALSE !(\read(methaneLevelCritical)) [L957] methaneLevelCritical = 1 VAL [\old(methaneLevelCritical)=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L96] RET changeMethaneLevel() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L102] tmp___2 = __VERIFIER_nondet_int() [L104] COND FALSE !(\read(tmp___2)) [L114] tmp___1 = __VERIFIER_nondet_int() [L116] COND FALSE !(\read(tmp___1)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L129] CALL timeShift() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L158] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L165] COND TRUE \read(systemActive) [L167] CALL processEnvironment() [L301] COND FALSE !(\read(__SELECTED_FEATURE_methaneAlarm)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L308] CALL processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L258] COND FALSE !(\read(__SELECTED_FEATURE_lowWaterSensor)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L265] CALL processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L215] COND TRUE \read(__SELECTED_FEATURE_highWaterSensor) [L217] CALL processEnvironment__role__highWaterSensor() [L187] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L190] COND TRUE ! pumpRunning [L192] CALL, EXPR isHighWaterLevel() [L421] int retValue_acc ; [L422] int tmp ; [L423] int tmp___0 ; [L427] CALL, EXPR isHighWaterSensorDry() [L1004] int retValue_acc ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L1007] COND FALSE !(waterLevel < 2) [L1011] retValue_acc = 0 [L1012] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L427] RET, EXPR isHighWaterSensorDry() [L427] tmp = isHighWaterSensorDry() [L429] COND FALSE !(\read(tmp)) [L432] tmp___0 = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L434] retValue_acc = tmp___0 [L435] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L192] RET, EXPR isHighWaterLevel() [L192] tmp = isHighWaterLevel() [L194] COND TRUE \read(tmp) [L196] CALL activatePump() [L343] COND FALSE !(\read(__SELECTED_FEATURE_methaneQuery)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L350] CALL activatePump__before__methaneQuery() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L318] pumpRunning = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L350] RET activatePump__before__methaneQuery() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L196] RET activatePump() [L217] RET processEnvironment__role__highWaterSensor() [L265] RET processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L308] RET processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L167] RET processEnvironment() [L173] CALL __utac_acc__Specification1_spec__1() [L898] int tmp ; [L899] int tmp___0 ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L903] CALL, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L963] int retValue_acc ; [L966] retValue_acc = methaneLevelCritical [L967] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L903] RET, EXPR isMethaneLevelCritical() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L903] tmp = isMethaneLevelCritical() [L905] COND TRUE \read(tmp) [L907] CALL, EXPR isPumpRunning() [L376] int retValue_acc ; [L379] retValue_acc = pumpRunning [L380] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L907] RET, EXPR isPumpRunning() [L907] tmp___0 = isPumpRunning() [L909] COND TRUE \read(tmp___0) [L911] CALL __automaton_fail() [L1031] reach_error() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] - StatisticsResult: Ultimate Automizer benchmark data CFG has 13 procedures, 141 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 2.2s, OverallIterations: 8, TraceHistogramMax: 6, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.7s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 726 SdHoareTripleChecker+Valid, 0.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 720 mSDsluCounter, 3759 SdHoareTripleChecker+Invalid, 0.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2466 mSDsCounter, 24 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 255 IncrementalHoareTripleChecker+Invalid, 279 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 24 mSolverCounterUnsat, 1293 mSDtfsCounter, 255 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 42 GetRequests, 18 SyntacticMatches, 0 SemanticMatches, 24 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5 ImplicationChecksByTransitivity, 0.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1444occurred in iteration=7, InterpolantAutomatonStates: 34, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 7 MinimizatonAttempts, 20 StatesRemovedByMinimization, 4 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 0.7s InterpolantComputationTime, 595 NumberOfCodeBlocks, 595 NumberOfCodeBlocksAsserted, 8 NumberOfCheckSat, 498 ConstructedInterpolants, 0 QuantifiedInterpolants, 893 SizeOfPredicates, 0 NumberOfNonLiveVariables, 0 ConjunctsInSsa, 0 ConjunctsInUnsatCore, 7 InterpolantComputations, 7 PerfectInterpolantSequences, 315/315 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-01-09 04:00:02,705 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE