./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 551b0097 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c -s /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 4f3466b08a64c7fddf78a299dda71b27bda6ead813da06152b5ee1cea2f1c203 --- Real Ultimate output --- This is Ultimate 0.3.0-?-551b009-m [2025-01-09 04:00:52,835 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-01-09 04:00:52,895 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-01-09 04:00:52,901 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-01-09 04:00:52,904 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-01-09 04:00:52,924 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-01-09 04:00:52,927 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-01-09 04:00:52,927 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-01-09 04:00:52,927 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-01-09 04:00:52,927 INFO L153 SettingsManager]: * Use memory slicer=true [2025-01-09 04:00:52,928 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-01-09 04:00:52,928 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-01-09 04:00:52,928 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-01-09 04:00:52,928 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-01-09 04:00:52,929 INFO L153 SettingsManager]: * Use SBE=true [2025-01-09 04:00:52,930 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-01-09 04:00:52,930 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-01-09 04:00:52,930 INFO L153 SettingsManager]: * sizeof long=4 [2025-01-09 04:00:52,930 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-01-09 04:00:52,930 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-01-09 04:00:52,930 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-01-09 04:00:52,930 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-01-09 04:00:52,930 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-01-09 04:00:52,930 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-01-09 04:00:52,930 INFO L153 SettingsManager]: * sizeof long double=12 [2025-01-09 04:00:52,930 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-01-09 04:00:52,930 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-01-09 04:00:52,930 INFO L153 SettingsManager]: * Use constant arrays=true [2025-01-09 04:00:52,931 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-01-09 04:00:52,931 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-01-09 04:00:52,931 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-01-09 04:00:52,931 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-01-09 04:00:52,931 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 04:00:52,932 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2025-01-09 04:00:52,932 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-01-09 04:00:52,932 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-01-09 04:00:52,932 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-01-09 04:00:52,932 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 04:00:52,932 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-01-09 04:00:52,932 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-01-09 04:00:52,932 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-01-09 04:00:52,932 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-01-09 04:00:52,932 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-01-09 04:00:52,932 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-01-09 04:00:52,932 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-01-09 04:00:52,932 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-01-09 04:00:52,932 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-01-09 04:00:52,932 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-01-09 04:00:52,933 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 4f3466b08a64c7fddf78a299dda71b27bda6ead813da06152b5ee1cea2f1c203 [2025-01-09 04:00:53,166 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-01-09 04:00:53,174 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-01-09 04:00:53,176 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-01-09 04:00:53,177 INFO L270 PluginConnector]: Initializing CDTParser... [2025-01-09 04:00:53,178 INFO L274 PluginConnector]: CDTParser initialized [2025-01-09 04:00:53,178 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c [2025-01-09 04:00:54,271 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/9b7415db7/a5b844975d1b4f10a9da5a0e9105a171/FLAGeac6b7452 [2025-01-09 04:00:54,563 INFO L384 CDTParser]: Found 1 translation units. [2025-01-09 04:00:54,565 INFO L180 CDTParser]: Scanning /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c [2025-01-09 04:00:54,574 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/9b7415db7/a5b844975d1b4f10a9da5a0e9105a171/FLAGeac6b7452 [2025-01-09 04:00:54,600 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/9b7415db7/a5b844975d1b4f10a9da5a0e9105a171 [2025-01-09 04:00:54,601 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-01-09 04:00:54,606 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-01-09 04:00:54,607 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-01-09 04:00:54,607 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-01-09 04:00:54,610 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-01-09 04:00:54,610 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.01 04:00:54" (1/1) ... [2025-01-09 04:00:54,616 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@74781be9 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:00:54, skipping insertion in model container [2025-01-09 04:00:54,616 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.01 04:00:54" (1/1) ... [2025-01-09 04:00:54,659 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-01-09 04:00:55,013 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c[20836,20849] [2025-01-09 04:00:55,023 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-01-09 04:00:55,050 INFO L200 MainTranslator]: Completed pre-run [2025-01-09 04:00:55,059 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2025-01-09 04:00:55,060 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [168] [2025-01-09 04:00:55,063 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [507] [2025-01-09 04:00:55,064 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [609] [2025-01-09 04:00:55,064 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification2_spec.i","") [686] [2025-01-09 04:00:55,064 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [726] [2025-01-09 04:00:55,064 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1092] [2025-01-09 04:00:55,065 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1101] [2025-01-09 04:00:55,148 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c[20836,20849] [2025-01-09 04:00:55,154 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-01-09 04:00:55,186 INFO L204 MainTranslator]: Completed translation [2025-01-09 04:00:55,190 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:00:55 WrapperNode [2025-01-09 04:00:55,190 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-01-09 04:00:55,191 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-01-09 04:00:55,191 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-01-09 04:00:55,191 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-01-09 04:00:55,200 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:00:55" (1/1) ... [2025-01-09 04:00:55,217 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:00:55" (1/1) ... [2025-01-09 04:00:55,255 INFO L138 Inliner]: procedures = 64, calls = 122, calls flagged for inlining = 28, calls inlined = 25, statements flattened = 282 [2025-01-09 04:00:55,255 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-01-09 04:00:55,260 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-01-09 04:00:55,261 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-01-09 04:00:55,261 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-01-09 04:00:55,268 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:00:55" (1/1) ... [2025-01-09 04:00:55,268 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:00:55" (1/1) ... [2025-01-09 04:00:55,274 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:00:55" (1/1) ... [2025-01-09 04:00:55,294 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-01-09 04:00:55,294 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:00:55" (1/1) ... [2025-01-09 04:00:55,294 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:00:55" (1/1) ... [2025-01-09 04:00:55,310 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:00:55" (1/1) ... [2025-01-09 04:00:55,311 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:00:55" (1/1) ... [2025-01-09 04:00:55,318 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:00:55" (1/1) ... [2025-01-09 04:00:55,319 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:00:55" (1/1) ... [2025-01-09 04:00:55,319 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:00:55" (1/1) ... [2025-01-09 04:00:55,320 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-01-09 04:00:55,329 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2025-01-09 04:00:55,329 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2025-01-09 04:00:55,329 INFO L274 PluginConnector]: RCFGBuilder initialized [2025-01-09 04:00:55,330 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:00:55" (1/1) ... [2025-01-09 04:00:55,340 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 04:00:55,366 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-01-09 04:00:55,384 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-01-09 04:00:55,390 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-01-09 04:00:55,408 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-01-09 04:00:55,412 INFO L130 BoogieDeclarations]: Found specification of procedure activatePump__before__methaneQuery [2025-01-09 04:00:55,412 INFO L138 BoogieDeclarations]: Found implementation of procedure activatePump__before__methaneQuery [2025-01-09 04:00:55,412 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-01-09 04:00:55,412 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-01-09 04:00:55,412 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-01-09 04:00:55,412 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-01-09 04:00:55,412 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2025-01-09 04:00:55,412 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2025-01-09 04:00:55,412 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__highWaterSensor [2025-01-09 04:00:55,412 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__highWaterSensor [2025-01-09 04:00:55,412 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-01-09 04:00:55,413 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-01-09 04:00:55,413 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__methaneAlarm [2025-01-09 04:00:55,413 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__methaneAlarm [2025-01-09 04:00:55,413 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__lowWaterSensor [2025-01-09 04:00:55,413 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__lowWaterSensor [2025-01-09 04:00:55,413 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2025-01-09 04:00:55,413 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2025-01-09 04:00:55,413 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2025-01-09 04:00:55,413 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2025-01-09 04:00:55,413 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-01-09 04:00:55,413 INFO L130 BoogieDeclarations]: Found specification of procedure select_one [2025-01-09 04:00:55,413 INFO L138 BoogieDeclarations]: Found implementation of procedure select_one [2025-01-09 04:00:55,413 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-01-09 04:00:55,413 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-01-09 04:00:55,413 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-01-09 04:00:55,414 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-01-09 04:00:55,523 INFO L234 CfgBuilder]: Building ICFG [2025-01-09 04:00:55,529 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2025-01-09 04:00:55,816 INFO L? ?]: Removed 52 outVars from TransFormulas that were not future-live. [2025-01-09 04:00:55,816 INFO L283 CfgBuilder]: Performing block encoding [2025-01-09 04:00:55,826 INFO L307 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-01-09 04:00:55,831 INFO L312 CfgBuilder]: Removed 2 assume(true) statements. [2025-01-09 04:00:55,831 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 04:00:55 BoogieIcfgContainer [2025-01-09 04:00:55,832 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2025-01-09 04:00:55,834 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-01-09 04:00:55,837 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-01-09 04:00:55,841 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-01-09 04:00:55,845 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 09.01 04:00:54" (1/3) ... [2025-01-09 04:00:55,846 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4d1bb88 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.01 04:00:55, skipping insertion in model container [2025-01-09 04:00:55,846 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:00:55" (2/3) ... [2025-01-09 04:00:55,846 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4d1bb88 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.01 04:00:55, skipping insertion in model container [2025-01-09 04:00:55,846 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 04:00:55" (3/3) ... [2025-01-09 04:00:55,847 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec2_productSimulator.cil.c [2025-01-09 04:00:55,869 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-01-09 04:00:55,871 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec2_productSimulator.cil.c that has 13 procedures, 143 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-01-09 04:00:55,936 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-01-09 04:00:55,949 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@2f2ded64, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-01-09 04:00:55,949 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-01-09 04:00:55,956 INFO L276 IsEmpty]: Start isEmpty. Operand has 143 states, 99 states have (on average 1.3535353535353536) internal successors, (134), 115 states have internal predecessors, (134), 30 states have call successors, (30), 12 states have call predecessors, (30), 12 states have return successors, (30), 25 states have call predecessors, (30), 30 states have call successors, (30) [2025-01-09 04:00:55,966 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2025-01-09 04:00:55,966 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:00:55,966 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:00:55,971 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:00:55,974 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:00:55,974 INFO L85 PathProgramCache]: Analyzing trace with hash 270464845, now seen corresponding path program 1 times [2025-01-09 04:00:55,982 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:00:55,986 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1315538716] [2025-01-09 04:00:55,986 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:00:55,986 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:00:56,076 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 55 statements into 1 equivalence classes. [2025-01-09 04:00:56,122 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 55 of 55 statements. [2025-01-09 04:00:56,123 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:00:56,123 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:00:56,210 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-01-09 04:00:56,210 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:00:56,210 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1315538716] [2025-01-09 04:00:56,211 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1315538716] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:00:56,211 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:00:56,212 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2025-01-09 04:00:56,213 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1303162012] [2025-01-09 04:00:56,214 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:00:56,216 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-01-09 04:00:56,217 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:00:56,229 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-01-09 04:00:56,229 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-01-09 04:00:56,231 INFO L87 Difference]: Start difference. First operand has 143 states, 99 states have (on average 1.3535353535353536) internal successors, (134), 115 states have internal predecessors, (134), 30 states have call successors, (30), 12 states have call predecessors, (30), 12 states have return successors, (30), 25 states have call predecessors, (30), 30 states have call successors, (30) Second operand has 2 states, 2 states have (on average 14.5) internal successors, (29), 2 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-01-09 04:00:56,254 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:00:56,254 INFO L93 Difference]: Finished difference Result 262 states and 362 transitions. [2025-01-09 04:00:56,255 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-01-09 04:00:56,256 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 14.5) internal successors, (29), 2 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 55 [2025-01-09 04:00:56,256 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:00:56,262 INFO L225 Difference]: With dead ends: 262 [2025-01-09 04:00:56,262 INFO L226 Difference]: Without dead ends: 134 [2025-01-09 04:00:56,265 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-01-09 04:00:56,267 INFO L435 NwaCegarLoop]: 190 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 190 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:00:56,267 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 190 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:00:56,276 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 134 states. [2025-01-09 04:00:56,323 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 134 to 134. [2025-01-09 04:00:56,324 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 134 states, 92 states have (on average 1.326086956521739) internal successors, (122), 107 states have internal predecessors, (122), 30 states have call successors, (30), 12 states have call predecessors, (30), 11 states have return successors, (29), 24 states have call predecessors, (29), 29 states have call successors, (29) [2025-01-09 04:00:56,330 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 134 states to 134 states and 181 transitions. [2025-01-09 04:00:56,332 INFO L78 Accepts]: Start accepts. Automaton has 134 states and 181 transitions. Word has length 55 [2025-01-09 04:00:56,333 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:00:56,333 INFO L471 AbstractCegarLoop]: Abstraction has 134 states and 181 transitions. [2025-01-09 04:00:56,334 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 14.5) internal successors, (29), 2 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-01-09 04:00:56,334 INFO L276 IsEmpty]: Start isEmpty. Operand 134 states and 181 transitions. [2025-01-09 04:00:56,336 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2025-01-09 04:00:56,337 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:00:56,337 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:00:56,337 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-01-09 04:00:56,337 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:00:56,341 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:00:56,342 INFO L85 PathProgramCache]: Analyzing trace with hash 1794533141, now seen corresponding path program 1 times [2025-01-09 04:00:56,342 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:00:56,342 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1016296513] [2025-01-09 04:00:56,342 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:00:56,342 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:00:56,352 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 55 statements into 1 equivalence classes. [2025-01-09 04:00:56,376 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 55 of 55 statements. [2025-01-09 04:00:56,376 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:00:56,376 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:00:56,475 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-01-09 04:00:56,475 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:00:56,475 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1016296513] [2025-01-09 04:00:56,475 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1016296513] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:00:56,475 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:00:56,475 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-01-09 04:00:56,476 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1392123391] [2025-01-09 04:00:56,476 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:00:56,476 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-01-09 04:00:56,476 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:00:56,477 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-01-09 04:00:56,477 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:00:56,477 INFO L87 Difference]: Start difference. First operand 134 states and 181 transitions. Second operand has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-01-09 04:00:56,504 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:00:56,504 INFO L93 Difference]: Finished difference Result 213 states and 288 transitions. [2025-01-09 04:00:56,505 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-01-09 04:00:56,505 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 55 [2025-01-09 04:00:56,505 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:00:56,506 INFO L225 Difference]: With dead ends: 213 [2025-01-09 04:00:56,507 INFO L226 Difference]: Without dead ends: 126 [2025-01-09 04:00:56,508 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:00:56,508 INFO L435 NwaCegarLoop]: 169 mSDtfsCounter, 21 mSDsluCounter, 144 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 25 SdHoareTripleChecker+Valid, 313 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:00:56,508 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [25 Valid, 313 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:00:56,509 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 126 states. [2025-01-09 04:00:56,516 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 126 to 126. [2025-01-09 04:00:56,516 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 126 states, 87 states have (on average 1.3333333333333333) internal successors, (116), 102 states have internal predecessors, (116), 27 states have call successors, (27), 11 states have call predecessors, (27), 11 states have return successors, (27), 22 states have call predecessors, (27), 27 states have call successors, (27) [2025-01-09 04:00:56,520 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 126 states to 126 states and 170 transitions. [2025-01-09 04:00:56,520 INFO L78 Accepts]: Start accepts. Automaton has 126 states and 170 transitions. Word has length 55 [2025-01-09 04:00:56,521 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:00:56,521 INFO L471 AbstractCegarLoop]: Abstraction has 126 states and 170 transitions. [2025-01-09 04:00:56,522 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-01-09 04:00:56,522 INFO L276 IsEmpty]: Start isEmpty. Operand 126 states and 170 transitions. [2025-01-09 04:00:56,523 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2025-01-09 04:00:56,525 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:00:56,525 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:00:56,526 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-01-09 04:00:56,526 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:00:56,526 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:00:56,526 INFO L85 PathProgramCache]: Analyzing trace with hash -764557665, now seen corresponding path program 1 times [2025-01-09 04:00:56,526 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:00:56,527 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1155331880] [2025-01-09 04:00:56,527 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:00:56,527 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:00:56,541 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 60 statements into 1 equivalence classes. [2025-01-09 04:00:56,556 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 60 of 60 statements. [2025-01-09 04:00:56,556 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:00:56,557 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:00:56,640 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-01-09 04:00:56,640 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:00:56,640 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1155331880] [2025-01-09 04:00:56,640 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1155331880] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:00:56,640 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:00:56,640 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-01-09 04:00:56,640 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1021792435] [2025-01-09 04:00:56,641 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:00:56,641 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-01-09 04:00:56,641 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:00:56,641 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-01-09 04:00:56,641 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:00:56,642 INFO L87 Difference]: Start difference. First operand 126 states and 170 transitions. Second operand has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-01-09 04:00:56,682 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:00:56,685 INFO L93 Difference]: Finished difference Result 330 states and 453 transitions. [2025-01-09 04:00:56,686 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-01-09 04:00:56,686 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 60 [2025-01-09 04:00:56,686 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:00:56,688 INFO L225 Difference]: With dead ends: 330 [2025-01-09 04:00:56,688 INFO L226 Difference]: Without dead ends: 227 [2025-01-09 04:00:56,688 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:00:56,689 INFO L435 NwaCegarLoop]: 193 mSDtfsCounter, 136 mSDsluCounter, 137 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 136 SdHoareTripleChecker+Valid, 330 SdHoareTripleChecker+Invalid, 6 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:00:56,689 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [136 Valid, 330 Invalid, 6 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:00:56,692 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 227 states. [2025-01-09 04:00:56,714 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 227 to 224. [2025-01-09 04:00:56,718 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 224 states, 154 states have (on average 1.37012987012987) internal successors, (211), 183 states have internal predecessors, (211), 48 states have call successors, (48), 21 states have call predecessors, (48), 21 states have return successors, (48), 37 states have call predecessors, (48), 48 states have call successors, (48) [2025-01-09 04:00:56,719 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 224 states to 224 states and 307 transitions. [2025-01-09 04:00:56,720 INFO L78 Accepts]: Start accepts. Automaton has 224 states and 307 transitions. Word has length 60 [2025-01-09 04:00:56,722 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:00:56,722 INFO L471 AbstractCegarLoop]: Abstraction has 224 states and 307 transitions. [2025-01-09 04:00:56,722 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-01-09 04:00:56,722 INFO L276 IsEmpty]: Start isEmpty. Operand 224 states and 307 transitions. [2025-01-09 04:00:56,724 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 65 [2025-01-09 04:00:56,726 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:00:56,726 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:00:56,726 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-01-09 04:00:56,727 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:00:56,727 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:00:56,727 INFO L85 PathProgramCache]: Analyzing trace with hash 1488658403, now seen corresponding path program 1 times [2025-01-09 04:00:56,727 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:00:56,727 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1361183517] [2025-01-09 04:00:56,727 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:00:56,727 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:00:56,738 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 64 statements into 1 equivalence classes. [2025-01-09 04:00:56,754 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 64 of 64 statements. [2025-01-09 04:00:56,754 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:00:56,754 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:00:56,850 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-01-09 04:00:56,850 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:00:56,850 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1361183517] [2025-01-09 04:00:56,850 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1361183517] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:00:56,851 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:00:56,851 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-01-09 04:00:56,852 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1348439255] [2025-01-09 04:00:56,852 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:00:56,852 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-01-09 04:00:56,852 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:00:56,852 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-01-09 04:00:56,852 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 04:00:56,853 INFO L87 Difference]: Start difference. First operand 224 states and 307 transitions. Second operand has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (8), 1 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-01-09 04:00:56,983 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:00:56,984 INFO L93 Difference]: Finished difference Result 546 states and 780 transitions. [2025-01-09 04:00:56,984 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-01-09 04:00:56,984 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (8), 1 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 64 [2025-01-09 04:00:56,985 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:00:56,987 INFO L225 Difference]: With dead ends: 546 [2025-01-09 04:00:56,989 INFO L226 Difference]: Without dead ends: 345 [2025-01-09 04:00:56,990 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-01-09 04:00:56,991 INFO L435 NwaCegarLoop]: 168 mSDtfsCounter, 131 mSDsluCounter, 434 mSDsCounter, 0 mSdLazyCounter, 34 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 131 SdHoareTripleChecker+Valid, 602 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 34 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:00:56,991 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [131 Valid, 602 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 34 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:00:56,992 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 345 states. [2025-01-09 04:00:57,024 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 345 to 344. [2025-01-09 04:00:57,024 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 344 states, 242 states have (on average 1.3388429752066116) internal successors, (324), 275 states have internal predecessors, (324), 64 states have call successors, (64), 37 states have call predecessors, (64), 37 states have return successors, (84), 59 states have call predecessors, (84), 64 states have call successors, (84) [2025-01-09 04:00:57,028 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 344 states to 344 states and 472 transitions. [2025-01-09 04:00:57,029 INFO L78 Accepts]: Start accepts. Automaton has 344 states and 472 transitions. Word has length 64 [2025-01-09 04:00:57,029 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:00:57,029 INFO L471 AbstractCegarLoop]: Abstraction has 344 states and 472 transitions. [2025-01-09 04:00:57,030 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (8), 1 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-01-09 04:00:57,030 INFO L276 IsEmpty]: Start isEmpty. Operand 344 states and 472 transitions. [2025-01-09 04:00:57,031 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 85 [2025-01-09 04:00:57,031 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:00:57,031 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:00:57,031 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-01-09 04:00:57,032 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:00:57,032 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:00:57,032 INFO L85 PathProgramCache]: Analyzing trace with hash -289333051, now seen corresponding path program 1 times [2025-01-09 04:00:57,032 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:00:57,032 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1820050587] [2025-01-09 04:00:57,032 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:00:57,032 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:00:57,049 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 84 statements into 1 equivalence classes. [2025-01-09 04:00:57,067 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 84 of 84 statements. [2025-01-09 04:00:57,068 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:00:57,068 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:00:57,139 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-01-09 04:00:57,139 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:00:57,139 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1820050587] [2025-01-09 04:00:57,139 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1820050587] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:00:57,140 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:00:57,140 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-01-09 04:00:57,140 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1468551683] [2025-01-09 04:00:57,140 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:00:57,140 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-01-09 04:00:57,140 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:00:57,140 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-01-09 04:00:57,140 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 04:00:57,141 INFO L87 Difference]: Start difference. First operand 344 states and 472 transitions. Second operand has 5 states, 5 states have (on average 10.6) internal successors, (53), 5 states have internal predecessors, (53), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 2 states have call successors, (10) [2025-01-09 04:00:57,188 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:00:57,190 INFO L93 Difference]: Finished difference Result 671 states and 964 transitions. [2025-01-09 04:00:57,191 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-01-09 04:00:57,191 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 10.6) internal successors, (53), 5 states have internal predecessors, (53), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 2 states have call successors, (10) Word has length 84 [2025-01-09 04:00:57,191 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:00:57,193 INFO L225 Difference]: With dead ends: 671 [2025-01-09 04:00:57,196 INFO L226 Difference]: Without dead ends: 350 [2025-01-09 04:00:57,197 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 04:00:57,198 INFO L435 NwaCegarLoop]: 167 mSDtfsCounter, 0 mSDsluCounter, 494 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 661 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:00:57,198 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 661 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:00:57,199 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 350 states. [2025-01-09 04:00:57,223 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 350 to 350. [2025-01-09 04:00:57,223 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 350 states, 248 states have (on average 1.3306451612903225) internal successors, (330), 281 states have internal predecessors, (330), 64 states have call successors, (64), 37 states have call predecessors, (64), 37 states have return successors, (84), 59 states have call predecessors, (84), 64 states have call successors, (84) [2025-01-09 04:00:57,226 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 350 states to 350 states and 478 transitions. [2025-01-09 04:00:57,226 INFO L78 Accepts]: Start accepts. Automaton has 350 states and 478 transitions. Word has length 84 [2025-01-09 04:00:57,227 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:00:57,227 INFO L471 AbstractCegarLoop]: Abstraction has 350 states and 478 transitions. [2025-01-09 04:00:57,227 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 10.6) internal successors, (53), 5 states have internal predecessors, (53), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 2 states have call successors, (10) [2025-01-09 04:00:57,227 INFO L276 IsEmpty]: Start isEmpty. Operand 350 states and 478 transitions. [2025-01-09 04:00:57,228 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 85 [2025-01-09 04:00:57,229 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:00:57,230 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:00:57,230 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-01-09 04:00:57,230 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:00:57,230 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:00:57,230 INFO L85 PathProgramCache]: Analyzing trace with hash 1633894983, now seen corresponding path program 1 times [2025-01-09 04:00:57,230 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:00:57,231 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1914662968] [2025-01-09 04:00:57,231 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:00:57,231 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:00:57,240 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 84 statements into 1 equivalence classes. [2025-01-09 04:00:57,249 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 84 of 84 statements. [2025-01-09 04:00:57,249 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:00:57,249 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:00:57,319 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-01-09 04:00:57,319 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:00:57,319 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1914662968] [2025-01-09 04:00:57,319 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1914662968] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:00:57,319 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:00:57,319 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-01-09 04:00:57,319 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [968382473] [2025-01-09 04:00:57,319 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:00:57,319 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-01-09 04:00:57,319 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:00:57,320 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-01-09 04:00:57,320 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 04:00:57,320 INFO L87 Difference]: Start difference. First operand 350 states and 478 transitions. Second operand has 5 states, 5 states have (on average 10.6) internal successors, (53), 5 states have internal predecessors, (53), 3 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 3 states have call successors, (10) [2025-01-09 04:00:57,392 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:00:57,393 INFO L93 Difference]: Finished difference Result 685 states and 977 transitions. [2025-01-09 04:00:57,393 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-01-09 04:00:57,393 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 10.6) internal successors, (53), 5 states have internal predecessors, (53), 3 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 3 states have call successors, (10) Word has length 84 [2025-01-09 04:00:57,393 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:00:57,395 INFO L225 Difference]: With dead ends: 685 [2025-01-09 04:00:57,395 INFO L226 Difference]: Without dead ends: 358 [2025-01-09 04:00:57,396 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-01-09 04:00:57,397 INFO L435 NwaCegarLoop]: 180 mSDtfsCounter, 138 mSDsluCounter, 489 mSDsCounter, 0 mSdLazyCounter, 19 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 138 SdHoareTripleChecker+Valid, 669 SdHoareTripleChecker+Invalid, 21 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 19 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:00:57,397 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [138 Valid, 669 Invalid, 21 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 19 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:00:57,398 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 358 states. [2025-01-09 04:00:57,411 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 358 to 354. [2025-01-09 04:00:57,412 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 354 states, 252 states have (on average 1.3253968253968254) internal successors, (334), 285 states have internal predecessors, (334), 64 states have call successors, (64), 37 states have call predecessors, (64), 37 states have return successors, (84), 59 states have call predecessors, (84), 64 states have call successors, (84) [2025-01-09 04:00:57,414 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 354 states to 354 states and 482 transitions. [2025-01-09 04:00:57,414 INFO L78 Accepts]: Start accepts. Automaton has 354 states and 482 transitions. Word has length 84 [2025-01-09 04:00:57,414 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:00:57,414 INFO L471 AbstractCegarLoop]: Abstraction has 354 states and 482 transitions. [2025-01-09 04:00:57,415 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 10.6) internal successors, (53), 5 states have internal predecessors, (53), 3 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 3 states have call successors, (10) [2025-01-09 04:00:57,415 INFO L276 IsEmpty]: Start isEmpty. Operand 354 states and 482 transitions. [2025-01-09 04:00:57,416 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 85 [2025-01-09 04:00:57,416 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:00:57,416 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:00:57,416 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-01-09 04:00:57,416 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:00:57,416 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:00:57,417 INFO L85 PathProgramCache]: Analyzing trace with hash -1274868919, now seen corresponding path program 1 times [2025-01-09 04:00:57,417 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:00:57,417 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1439516285] [2025-01-09 04:00:57,417 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:00:57,417 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:00:57,425 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 84 statements into 1 equivalence classes. [2025-01-09 04:00:57,430 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 84 of 84 statements. [2025-01-09 04:00:57,430 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:00:57,430 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:00:57,498 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-01-09 04:00:57,498 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:00:57,498 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1439516285] [2025-01-09 04:00:57,498 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1439516285] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:00:57,498 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:00:57,498 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-01-09 04:00:57,499 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [200446834] [2025-01-09 04:00:57,499 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:00:57,499 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-01-09 04:00:57,499 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:00:57,500 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-01-09 04:00:57,500 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 04:00:57,500 INFO L87 Difference]: Start difference. First operand 354 states and 482 transitions. Second operand has 4 states, 4 states have (on average 13.25) internal successors, (53), 4 states have internal predecessors, (53), 4 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 3 states have call predecessors, (10), 4 states have call successors, (10) [2025-01-09 04:00:57,631 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:00:57,631 INFO L93 Difference]: Finished difference Result 1092 states and 1553 transitions. [2025-01-09 04:00:57,632 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-01-09 04:00:57,632 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 13.25) internal successors, (53), 4 states have internal predecessors, (53), 4 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 3 states have call predecessors, (10), 4 states have call successors, (10) Word has length 84 [2025-01-09 04:00:57,632 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:00:57,636 INFO L225 Difference]: With dead ends: 1092 [2025-01-09 04:00:57,636 INFO L226 Difference]: Without dead ends: 761 [2025-01-09 04:00:57,638 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 04:00:57,638 INFO L435 NwaCegarLoop]: 250 mSDtfsCounter, 208 mSDsluCounter, 221 mSDsCounter, 0 mSdLazyCounter, 96 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 208 SdHoareTripleChecker+Valid, 471 SdHoareTripleChecker+Invalid, 101 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 96 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-01-09 04:00:57,638 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [208 Valid, 471 Invalid, 101 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 96 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-01-09 04:00:57,639 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 761 states. [2025-01-09 04:00:57,736 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 761 to 749. [2025-01-09 04:00:57,744 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 749 states, 537 states have (on average 1.3221601489757915) internal successors, (710), 604 states have internal predecessors, (710), 130 states have call successors, (130), 79 states have call predecessors, (130), 81 states have return successors, (208), 122 states have call predecessors, (208), 130 states have call successors, (208) [2025-01-09 04:00:57,753 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 749 states to 749 states and 1048 transitions. [2025-01-09 04:00:57,753 INFO L78 Accepts]: Start accepts. Automaton has 749 states and 1048 transitions. Word has length 84 [2025-01-09 04:00:57,754 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:00:57,754 INFO L471 AbstractCegarLoop]: Abstraction has 749 states and 1048 transitions. [2025-01-09 04:00:57,754 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 13.25) internal successors, (53), 4 states have internal predecessors, (53), 4 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 3 states have call predecessors, (10), 4 states have call successors, (10) [2025-01-09 04:00:57,754 INFO L276 IsEmpty]: Start isEmpty. Operand 749 states and 1048 transitions. [2025-01-09 04:00:57,755 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 89 [2025-01-09 04:00:57,755 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:00:57,756 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:00:57,756 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-01-09 04:00:57,756 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:00:57,756 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:00:57,756 INFO L85 PathProgramCache]: Analyzing trace with hash 80166319, now seen corresponding path program 1 times [2025-01-09 04:00:57,756 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:00:57,756 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1268356962] [2025-01-09 04:00:57,756 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:00:57,757 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:00:57,769 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 88 statements into 1 equivalence classes. [2025-01-09 04:00:57,781 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 88 of 88 statements. [2025-01-09 04:00:57,782 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:00:57,782 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:00:57,829 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-01-09 04:00:57,830 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:00:57,830 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1268356962] [2025-01-09 04:00:57,830 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1268356962] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:00:57,830 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:00:57,830 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-01-09 04:00:57,830 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1450757382] [2025-01-09 04:00:57,830 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:00:57,831 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-01-09 04:00:57,831 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:00:57,831 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-01-09 04:00:57,831 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:00:57,832 INFO L87 Difference]: Start difference. First operand 749 states and 1048 transitions. Second operand has 3 states, 3 states have (on average 18.333333333333332) internal successors, (55), 3 states have internal predecessors, (55), 2 states have call successors, (12), 2 states have call predecessors, (12), 1 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) [2025-01-09 04:00:57,893 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:00:57,894 INFO L93 Difference]: Finished difference Result 1265 states and 1818 transitions. [2025-01-09 04:00:57,894 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-01-09 04:00:57,894 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 18.333333333333332) internal successors, (55), 3 states have internal predecessors, (55), 2 states have call successors, (12), 2 states have call predecessors, (12), 1 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) Word has length 88 [2025-01-09 04:00:57,895 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:00:57,901 INFO L225 Difference]: With dead ends: 1265 [2025-01-09 04:00:57,901 INFO L226 Difference]: Without dead ends: 1263 [2025-01-09 04:00:57,902 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:00:57,902 INFO L435 NwaCegarLoop]: 174 mSDtfsCounter, 142 mSDsluCounter, 138 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 142 SdHoareTripleChecker+Valid, 312 SdHoareTripleChecker+Invalid, 8 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:00:57,902 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [142 Valid, 312 Invalid, 8 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:00:57,904 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1263 states. [2025-01-09 04:00:57,976 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1263 to 1233. [2025-01-09 04:00:57,978 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1233 states, 873 states have (on average 1.3264604810996563) internal successors, (1158), 994 states have internal predecessors, (1158), 224 states have call successors, (224), 133 states have call predecessors, (224), 135 states have return successors, (397), 200 states have call predecessors, (397), 224 states have call successors, (397) [2025-01-09 04:00:57,986 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1233 states to 1233 states and 1779 transitions. [2025-01-09 04:00:57,987 INFO L78 Accepts]: Start accepts. Automaton has 1233 states and 1779 transitions. Word has length 88 [2025-01-09 04:00:57,987 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:00:57,987 INFO L471 AbstractCegarLoop]: Abstraction has 1233 states and 1779 transitions. [2025-01-09 04:00:57,987 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 18.333333333333332) internal successors, (55), 3 states have internal predecessors, (55), 2 states have call successors, (12), 2 states have call predecessors, (12), 1 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) [2025-01-09 04:00:57,988 INFO L276 IsEmpty]: Start isEmpty. Operand 1233 states and 1779 transitions. [2025-01-09 04:00:57,993 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 123 [2025-01-09 04:00:57,993 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:00:57,993 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:00:57,993 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-01-09 04:00:57,993 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:00:57,994 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:00:57,994 INFO L85 PathProgramCache]: Analyzing trace with hash 727485138, now seen corresponding path program 1 times [2025-01-09 04:00:57,994 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:00:57,994 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1599477886] [2025-01-09 04:00:57,994 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:00:57,994 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:00:58,004 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 122 statements into 1 equivalence classes. [2025-01-09 04:00:58,009 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 122 of 122 statements. [2025-01-09 04:00:58,009 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:00:58,009 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:00:58,041 INFO L134 CoverageAnalysis]: Checked inductivity of 69 backedges. 18 proven. 0 refuted. 0 times theorem prover too weak. 51 trivial. 0 not checked. [2025-01-09 04:00:58,041 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:00:58,041 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1599477886] [2025-01-09 04:00:58,041 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1599477886] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:00:58,041 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:00:58,041 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-01-09 04:00:58,041 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1601921998] [2025-01-09 04:00:58,041 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:00:58,042 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-01-09 04:00:58,042 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:00:58,042 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-01-09 04:00:58,042 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 04:00:58,043 INFO L87 Difference]: Start difference. First operand 1233 states and 1779 transitions. Second operand has 4 states, 4 states have (on average 19.75) internal successors, (79), 4 states have internal predecessors, (79), 4 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (14), 3 states have call predecessors, (14), 4 states have call successors, (14) [2025-01-09 04:00:58,185 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:00:58,186 INFO L93 Difference]: Finished difference Result 1959 states and 2815 transitions. [2025-01-09 04:00:58,186 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-01-09 04:00:58,186 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 19.75) internal successors, (79), 4 states have internal predecessors, (79), 4 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (14), 3 states have call predecessors, (14), 4 states have call successors, (14) Word has length 122 [2025-01-09 04:00:58,186 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:00:58,191 INFO L225 Difference]: With dead ends: 1959 [2025-01-09 04:00:58,191 INFO L226 Difference]: Without dead ends: 749 [2025-01-09 04:00:58,196 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 04:00:58,196 INFO L435 NwaCegarLoop]: 211 mSDtfsCounter, 194 mSDsluCounter, 144 mSDsCounter, 0 mSdLazyCounter, 71 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 194 SdHoareTripleChecker+Valid, 355 SdHoareTripleChecker+Invalid, 75 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 71 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-01-09 04:00:58,197 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [194 Valid, 355 Invalid, 75 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 71 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-01-09 04:00:58,198 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 749 states. [2025-01-09 04:00:58,249 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 749 to 728. [2025-01-09 04:00:58,284 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 728 states, 523 states have (on average 1.311663479923518) internal successors, (686), 589 states have internal predecessors, (686), 125 states have call successors, (125), 77 states have call predecessors, (125), 79 states have return successors, (210), 114 states have call predecessors, (210), 125 states have call successors, (210) [2025-01-09 04:00:58,288 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 728 states to 728 states and 1021 transitions. [2025-01-09 04:00:58,289 INFO L78 Accepts]: Start accepts. Automaton has 728 states and 1021 transitions. Word has length 122 [2025-01-09 04:00:58,289 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:00:58,289 INFO L471 AbstractCegarLoop]: Abstraction has 728 states and 1021 transitions. [2025-01-09 04:00:58,289 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 19.75) internal successors, (79), 4 states have internal predecessors, (79), 4 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (14), 3 states have call predecessors, (14), 4 states have call successors, (14) [2025-01-09 04:00:58,290 INFO L276 IsEmpty]: Start isEmpty. Operand 728 states and 1021 transitions. [2025-01-09 04:00:58,292 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 128 [2025-01-09 04:00:58,293 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:00:58,293 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:00:58,293 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-01-09 04:00:58,293 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:00:58,293 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:00:58,294 INFO L85 PathProgramCache]: Analyzing trace with hash -1949281855, now seen corresponding path program 1 times [2025-01-09 04:00:58,294 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:00:58,294 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1662451768] [2025-01-09 04:00:58,294 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:00:58,294 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:00:58,303 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 127 statements into 1 equivalence classes. [2025-01-09 04:00:58,308 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 127 of 127 statements. [2025-01-09 04:00:58,308 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:00:58,308 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:00:58,363 INFO L134 CoverageAnalysis]: Checked inductivity of 76 backedges. 21 proven. 4 refuted. 0 times theorem prover too weak. 51 trivial. 0 not checked. [2025-01-09 04:00:58,363 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:00:58,364 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1662451768] [2025-01-09 04:00:58,364 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1662451768] provided 0 perfect and 1 imperfect interpolant sequences [2025-01-09 04:00:58,364 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1041060534] [2025-01-09 04:00:58,364 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:00:58,364 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-01-09 04:00:58,364 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-01-09 04:00:58,366 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-01-09 04:00:58,367 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-01-09 04:00:58,459 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 127 statements into 1 equivalence classes. [2025-01-09 04:00:58,531 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 127 of 127 statements. [2025-01-09 04:00:58,532 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:00:58,532 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:00:58,538 INFO L256 TraceCheckSpWp]: Trace formula consists of 426 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-01-09 04:00:58,547 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-01-09 04:00:58,681 INFO L134 CoverageAnalysis]: Checked inductivity of 76 backedges. 31 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-01-09 04:00:58,682 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-01-09 04:00:58,683 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1041060534] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:00:58,685 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-01-09 04:00:58,685 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [3] total 4 [2025-01-09 04:00:58,685 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [346600055] [2025-01-09 04:00:58,685 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:00:58,685 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-01-09 04:00:58,685 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:00:58,686 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-01-09 04:00:58,686 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 04:00:58,686 INFO L87 Difference]: Start difference. First operand 728 states and 1021 transitions. Second operand has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 3 states have call successors, (17), 3 states have call predecessors, (17), 3 states have return successors, (16), 3 states have call predecessors, (16), 3 states have call successors, (16) [2025-01-09 04:00:58,807 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:00:58,810 INFO L93 Difference]: Finished difference Result 1683 states and 2425 transitions. [2025-01-09 04:00:58,812 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-01-09 04:00:58,812 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 3 states have call successors, (17), 3 states have call predecessors, (17), 3 states have return successors, (16), 3 states have call predecessors, (16), 3 states have call successors, (16) Word has length 127 [2025-01-09 04:00:58,813 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:00:58,822 INFO L225 Difference]: With dead ends: 1683 [2025-01-09 04:00:58,825 INFO L226 Difference]: Without dead ends: 978 [2025-01-09 04:00:58,829 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 130 GetRequests, 128 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 04:00:58,833 INFO L435 NwaCegarLoop]: 238 mSDtfsCounter, 90 mSDsluCounter, 95 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 90 SdHoareTripleChecker+Valid, 333 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:00:58,833 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [90 Valid, 333 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:00:58,835 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 978 states. [2025-01-09 04:00:58,950 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 978 to 978. [2025-01-09 04:00:58,956 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 978 states, 714 states have (on average 1.2983193277310925) internal successors, (927), 787 states have internal predecessors, (927), 153 states have call successors, (153), 108 states have call predecessors, (153), 110 states have return successors, (272), 142 states have call predecessors, (272), 153 states have call successors, (272) [2025-01-09 04:00:58,964 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 978 states to 978 states and 1352 transitions. [2025-01-09 04:00:58,966 INFO L78 Accepts]: Start accepts. Automaton has 978 states and 1352 transitions. Word has length 127 [2025-01-09 04:00:58,967 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:00:58,970 INFO L471 AbstractCegarLoop]: Abstraction has 978 states and 1352 transitions. [2025-01-09 04:00:58,971 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 3 states have call successors, (17), 3 states have call predecessors, (17), 3 states have return successors, (16), 3 states have call predecessors, (16), 3 states have call successors, (16) [2025-01-09 04:00:58,971 INFO L276 IsEmpty]: Start isEmpty. Operand 978 states and 1352 transitions. [2025-01-09 04:00:58,975 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 134 [2025-01-09 04:00:58,978 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:00:58,979 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:00:58,992 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2025-01-09 04:00:59,179 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2025-01-09 04:00:59,180 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:00:59,180 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:00:59,180 INFO L85 PathProgramCache]: Analyzing trace with hash 1663212035, now seen corresponding path program 1 times [2025-01-09 04:00:59,180 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:00:59,181 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [292693433] [2025-01-09 04:00:59,182 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:00:59,182 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:00:59,195 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 133 statements into 1 equivalence classes. [2025-01-09 04:00:59,204 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 133 of 133 statements. [2025-01-09 04:00:59,205 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:00:59,205 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:00:59,339 INFO L134 CoverageAnalysis]: Checked inductivity of 82 backedges. 25 proven. 5 refuted. 0 times theorem prover too weak. 52 trivial. 0 not checked. [2025-01-09 04:00:59,339 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:00:59,339 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [292693433] [2025-01-09 04:00:59,339 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [292693433] provided 0 perfect and 1 imperfect interpolant sequences [2025-01-09 04:00:59,339 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1601347306] [2025-01-09 04:00:59,339 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:00:59,339 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-01-09 04:00:59,339 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-01-09 04:00:59,343 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-01-09 04:00:59,344 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2025-01-09 04:00:59,397 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 133 statements into 1 equivalence classes. [2025-01-09 04:00:59,451 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 133 of 133 statements. [2025-01-09 04:00:59,452 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:00:59,452 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:00:59,453 INFO L256 TraceCheckSpWp]: Trace formula consists of 436 conjuncts, 4 conjuncts are in the unsatisfiable core [2025-01-09 04:00:59,458 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-01-09 04:00:59,531 INFO L134 CoverageAnalysis]: Checked inductivity of 82 backedges. 37 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-01-09 04:00:59,531 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-01-09 04:00:59,532 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1601347306] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:00:59,532 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-01-09 04:00:59,532 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [5] total 6 [2025-01-09 04:00:59,532 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1105743405] [2025-01-09 04:00:59,532 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:00:59,532 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-01-09 04:00:59,533 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:00:59,534 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-01-09 04:00:59,534 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2025-01-09 04:00:59,534 INFO L87 Difference]: Start difference. First operand 978 states and 1352 transitions. Second operand has 5 states, 5 states have (on average 17.6) internal successors, (88), 4 states have internal predecessors, (88), 3 states have call successors, (18), 4 states have call predecessors, (18), 4 states have return successors, (17), 3 states have call predecessors, (17), 3 states have call successors, (17) [2025-01-09 04:00:59,994 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:00:59,994 INFO L93 Difference]: Finished difference Result 2175 states and 3102 transitions. [2025-01-09 04:00:59,994 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-01-09 04:00:59,994 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 17.6) internal successors, (88), 4 states have internal predecessors, (88), 3 states have call successors, (18), 4 states have call predecessors, (18), 4 states have return successors, (17), 3 states have call predecessors, (17), 3 states have call successors, (17) Word has length 133 [2025-01-09 04:00:59,995 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:01:00,002 INFO L225 Difference]: With dead ends: 2175 [2025-01-09 04:01:00,002 INFO L226 Difference]: Without dead ends: 1398 [2025-01-09 04:01:00,006 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 142 GetRequests, 135 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2025-01-09 04:01:00,007 INFO L435 NwaCegarLoop]: 183 mSDtfsCounter, 201 mSDsluCounter, 294 mSDsCounter, 0 mSdLazyCounter, 426 mSolverCounterSat, 76 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 214 SdHoareTripleChecker+Valid, 477 SdHoareTripleChecker+Invalid, 502 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 76 IncrementalHoareTripleChecker+Valid, 426 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2025-01-09 04:01:00,008 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [214 Valid, 477 Invalid, 502 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [76 Valid, 426 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2025-01-09 04:01:00,009 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1398 states. [2025-01-09 04:01:00,093 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1398 to 1378. [2025-01-09 04:01:00,095 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1378 states, 1014 states have (on average 1.2830374753451677) internal successors, (1301), 1107 states have internal predecessors, (1301), 206 states have call successors, (206), 142 states have call predecessors, (206), 157 states have return successors, (446), 215 states have call predecessors, (446), 206 states have call successors, (446) [2025-01-09 04:01:00,102 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1378 states to 1378 states and 1953 transitions. [2025-01-09 04:01:00,104 INFO L78 Accepts]: Start accepts. Automaton has 1378 states and 1953 transitions. Word has length 133 [2025-01-09 04:01:00,104 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:01:00,104 INFO L471 AbstractCegarLoop]: Abstraction has 1378 states and 1953 transitions. [2025-01-09 04:01:00,104 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 17.6) internal successors, (88), 4 states have internal predecessors, (88), 3 states have call successors, (18), 4 states have call predecessors, (18), 4 states have return successors, (17), 3 states have call predecessors, (17), 3 states have call successors, (17) [2025-01-09 04:01:00,104 INFO L276 IsEmpty]: Start isEmpty. Operand 1378 states and 1953 transitions. [2025-01-09 04:01:00,109 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 130 [2025-01-09 04:01:00,109 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:01:00,109 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:01:00,119 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2025-01-09 04:01:00,314 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,3 /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-01-09 04:01:00,314 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:01:00,314 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:01:00,314 INFO L85 PathProgramCache]: Analyzing trace with hash 413541543, now seen corresponding path program 1 times [2025-01-09 04:01:00,314 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:01:00,314 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1789334884] [2025-01-09 04:01:00,314 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:01:00,314 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:01:00,346 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 129 statements into 1 equivalence classes. [2025-01-09 04:01:00,357 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 129 of 129 statements. [2025-01-09 04:01:00,358 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:01:00,358 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:01:00,490 INFO L134 CoverageAnalysis]: Checked inductivity of 78 backedges. 21 proven. 2 refuted. 0 times theorem prover too weak. 55 trivial. 0 not checked. [2025-01-09 04:01:00,491 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:01:00,491 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1789334884] [2025-01-09 04:01:00,491 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1789334884] provided 0 perfect and 1 imperfect interpolant sequences [2025-01-09 04:01:00,491 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1868758207] [2025-01-09 04:01:00,491 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:01:00,491 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-01-09 04:01:00,491 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-01-09 04:01:00,493 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-01-09 04:01:00,494 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2025-01-09 04:01:00,545 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 129 statements into 1 equivalence classes. [2025-01-09 04:01:00,583 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 129 of 129 statements. [2025-01-09 04:01:00,583 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:01:00,583 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:01:00,584 INFO L256 TraceCheckSpWp]: Trace formula consists of 429 conjuncts, 11 conjuncts are in the unsatisfiable core [2025-01-09 04:01:00,587 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-01-09 04:01:00,733 INFO L134 CoverageAnalysis]: Checked inductivity of 78 backedges. 5 proven. 2 refuted. 0 times theorem prover too weak. 71 trivial. 0 not checked. [2025-01-09 04:01:00,733 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-01-09 04:01:00,866 INFO L134 CoverageAnalysis]: Checked inductivity of 78 backedges. 14 proven. 0 refuted. 0 times theorem prover too weak. 64 trivial. 0 not checked. [2025-01-09 04:01:00,866 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1868758207] provided 1 perfect and 1 imperfect interpolant sequences [2025-01-09 04:01:00,866 INFO L185 FreeRefinementEngine]: Found 1 perfect and 2 imperfect interpolant sequences. [2025-01-09 04:01:00,866 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [7, 5] total 10 [2025-01-09 04:01:00,866 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1172006645] [2025-01-09 04:01:00,867 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:01:00,867 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-01-09 04:01:00,867 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:01:00,867 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-01-09 04:01:00,867 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=24, Invalid=66, Unknown=0, NotChecked=0, Total=90 [2025-01-09 04:01:00,868 INFO L87 Difference]: Start difference. First operand 1378 states and 1953 transitions. Second operand has 6 states, 6 states have (on average 12.333333333333334) internal successors, (74), 5 states have internal predecessors, (74), 2 states have call successors, (16), 2 states have call predecessors, (16), 2 states have return successors, (15), 3 states have call predecessors, (15), 2 states have call successors, (15) [2025-01-09 04:01:01,083 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:01:01,084 INFO L93 Difference]: Finished difference Result 3974 states and 5791 transitions. [2025-01-09 04:01:01,084 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-01-09 04:01:01,084 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 12.333333333333334) internal successors, (74), 5 states have internal predecessors, (74), 2 states have call successors, (16), 2 states have call predecessors, (16), 2 states have return successors, (15), 3 states have call predecessors, (15), 2 states have call successors, (15) Word has length 129 [2025-01-09 04:01:01,085 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:01:01,099 INFO L225 Difference]: With dead ends: 3974 [2025-01-09 04:01:01,099 INFO L226 Difference]: Without dead ends: 2619 [2025-01-09 04:01:01,105 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 266 GetRequests, 255 SyntacticMatches, 1 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 16 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=34, Invalid=98, Unknown=0, NotChecked=0, Total=132 [2025-01-09 04:01:01,105 INFO L435 NwaCegarLoop]: 168 mSDtfsCounter, 120 mSDsluCounter, 575 mSDsCounter, 0 mSdLazyCounter, 82 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 122 SdHoareTripleChecker+Valid, 743 SdHoareTripleChecker+Invalid, 86 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 82 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-01-09 04:01:01,105 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [122 Valid, 743 Invalid, 86 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 82 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-01-09 04:01:01,107 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2619 states. [2025-01-09 04:01:01,293 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2619 to 2594. [2025-01-09 04:01:01,297 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2594 states, 1890 states have (on average 1.265079365079365) internal successors, (2391), 2073 states have internal predecessors, (2391), 398 states have call successors, (398), 277 states have call predecessors, (398), 305 states have return successors, (867), 408 states have call predecessors, (867), 398 states have call successors, (867) [2025-01-09 04:01:01,308 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2594 states to 2594 states and 3656 transitions. [2025-01-09 04:01:01,311 INFO L78 Accepts]: Start accepts. Automaton has 2594 states and 3656 transitions. Word has length 129 [2025-01-09 04:01:01,311 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:01:01,311 INFO L471 AbstractCegarLoop]: Abstraction has 2594 states and 3656 transitions. [2025-01-09 04:01:01,312 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 12.333333333333334) internal successors, (74), 5 states have internal predecessors, (74), 2 states have call successors, (16), 2 states have call predecessors, (16), 2 states have return successors, (15), 3 states have call predecessors, (15), 2 states have call successors, (15) [2025-01-09 04:01:01,312 INFO L276 IsEmpty]: Start isEmpty. Operand 2594 states and 3656 transitions. [2025-01-09 04:01:01,320 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 134 [2025-01-09 04:01:01,320 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:01:01,320 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:01:01,326 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2025-01-09 04:01:01,520 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11,4 /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-01-09 04:01:01,521 INFO L396 AbstractCegarLoop]: === Iteration 13 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:01:01,521 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:01:01,521 INFO L85 PathProgramCache]: Analyzing trace with hash -1480347133, now seen corresponding path program 1 times [2025-01-09 04:01:01,521 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:01:01,521 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [729766566] [2025-01-09 04:01:01,521 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:01:01,521 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:01:01,536 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 133 statements into 1 equivalence classes. [2025-01-09 04:01:01,556 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 133 of 133 statements. [2025-01-09 04:01:01,557 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:01:01,557 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-01-09 04:01:01,557 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-01-09 04:01:01,564 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 133 statements into 1 equivalence classes. [2025-01-09 04:01:01,580 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 133 of 133 statements. [2025-01-09 04:01:01,580 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:01:01,580 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-01-09 04:01:01,633 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-01-09 04:01:01,634 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-01-09 04:01:01,634 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-01-09 04:01:01,640 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12 [2025-01-09 04:01:01,641 INFO L422 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:01:01,735 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-01-09 04:01:01,738 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 09.01 04:01:01 BoogieIcfgContainer [2025-01-09 04:01:01,738 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-01-09 04:01:01,739 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-01-09 04:01:01,739 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-01-09 04:01:01,739 INFO L274 PluginConnector]: Witness Printer initialized [2025-01-09 04:01:01,740 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 04:00:55" (3/4) ... [2025-01-09 04:01:01,740 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-01-09 04:01:01,820 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 104. [2025-01-09 04:01:01,877 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-01-09 04:01:01,878 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.yml [2025-01-09 04:01:01,878 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-01-09 04:01:01,878 INFO L158 Benchmark]: Toolchain (without parser) took 7274.63ms. Allocated memory was 142.6MB in the beginning and 436.2MB in the end (delta: 293.6MB). Free memory was 106.6MB in the beginning and 189.4MB in the end (delta: -82.8MB). Peak memory consumption was 208.3MB. Max. memory is 16.1GB. [2025-01-09 04:01:01,878 INFO L158 Benchmark]: CDTParser took 0.74ms. Allocated memory is still 201.3MB. Free memory is still 115.9MB. There was no memory consumed. Max. memory is 16.1GB. [2025-01-09 04:01:01,879 INFO L158 Benchmark]: CACSL2BoogieTranslator took 583.11ms. Allocated memory is still 142.6MB. Free memory was 106.6MB in the beginning and 87.1MB in the end (delta: 19.5MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-01-09 04:01:01,879 INFO L158 Benchmark]: Boogie Procedure Inliner took 64.48ms. Allocated memory is still 142.6MB. Free memory was 86.5MB in the beginning and 84.6MB in the end (delta: 1.9MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-01-09 04:01:01,879 INFO L158 Benchmark]: Boogie Preprocessor took 59.82ms. Allocated memory is still 142.6MB. Free memory was 84.6MB in the beginning and 82.7MB in the end (delta: 2.0MB). There was no memory consumed. Max. memory is 16.1GB. [2025-01-09 04:01:01,879 INFO L158 Benchmark]: RCFGBuilder took 502.81ms. Allocated memory is still 142.6MB. Free memory was 82.7MB in the beginning and 61.0MB in the end (delta: 21.6MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-01-09 04:01:01,879 INFO L158 Benchmark]: TraceAbstraction took 5904.93ms. Allocated memory was 142.6MB in the beginning and 436.2MB in the end (delta: 293.6MB). Free memory was 60.4MB in the beginning and 209.4MB in the end (delta: -149.0MB). Peak memory consumption was 149.5MB. Max. memory is 16.1GB. [2025-01-09 04:01:01,879 INFO L158 Benchmark]: Witness Printer took 138.79ms. Allocated memory is still 436.2MB. Free memory was 209.4MB in the beginning and 189.4MB in the end (delta: 20.0MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-01-09 04:01:01,880 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.74ms. Allocated memory is still 201.3MB. Free memory is still 115.9MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 583.11ms. Allocated memory is still 142.6MB. Free memory was 106.6MB in the beginning and 87.1MB in the end (delta: 19.5MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 64.48ms. Allocated memory is still 142.6MB. Free memory was 86.5MB in the beginning and 84.6MB in the end (delta: 1.9MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Preprocessor took 59.82ms. Allocated memory is still 142.6MB. Free memory was 84.6MB in the beginning and 82.7MB in the end (delta: 2.0MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 502.81ms. Allocated memory is still 142.6MB. Free memory was 82.7MB in the beginning and 61.0MB in the end (delta: 21.6MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 5904.93ms. Allocated memory was 142.6MB in the beginning and 436.2MB in the end (delta: 293.6MB). Free memory was 60.4MB in the beginning and 209.4MB in the end (delta: -149.0MB). Peak memory consumption was 149.5MB. Max. memory is 16.1GB. * Witness Printer took 138.79ms. Allocated memory is still 436.2MB. Free memory was 209.4MB in the beginning and 189.4MB in the end (delta: 20.0MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 168]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [168] - GenericResultAtLocation [Line: 507]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [507] - GenericResultAtLocation [Line: 609]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [609] - GenericResultAtLocation [Line: 686]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification2_spec.i","") [686] - GenericResultAtLocation [Line: 726]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [726] - GenericResultAtLocation [Line: 1092]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1092] - GenericResultAtLocation [Line: 1101]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1101] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 1097]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L50] int __SELECTED_FEATURE_base ; [L51] int __SELECTED_FEATURE_highWaterSensor ; [L52] int __SELECTED_FEATURE_lowWaterSensor ; [L53] int __SELECTED_FEATURE_methaneQuery ; [L54] int __SELECTED_FEATURE_methaneAlarm ; [L55] int __SELECTED_FEATURE_stopCommand ; [L56] int __SELECTED_FEATURE_startCommand ; [L57] int __GUIDSL_ROOT_PRODUCTION ; [L66] int waterLevel = 1; [L67] int methaneLevelCritical = 0; [L176] int pumpRunning = 0; [L177] int systemActive = 1; [L508] int cleanupTimeShifts = 4; [L688] int methAndRunningLastTime ; [L896] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; VAL [__GUIDSL_ROOT_PRODUCTION=0, __SELECTED_FEATURE_base=0, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L587] int retValue_acc ; [L588] int tmp ; [L592] CALL select_helpers() [L1133] __GUIDSL_ROOT_PRODUCTION = 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=0, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L592] RET select_helpers() [L593] CALL select_features() [L1118] __SELECTED_FEATURE_base = 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1119] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=16, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1119] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1119] __SELECTED_FEATURE_highWaterSensor = select_one() [L1120] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1120] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1120] __SELECTED_FEATURE_lowWaterSensor = select_one() [L1121] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1121] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1121] __SELECTED_FEATURE_methaneQuery = select_one() [L1122] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1122] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1122] __SELECTED_FEATURE_methaneAlarm = select_one() [L1123] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1123] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1123] __SELECTED_FEATURE_stopCommand = select_one() [L1124] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1124] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1124] __SELECTED_FEATURE_startCommand = select_one() [L593] RET select_features() [L594] CALL, EXPR valid_product() [L1138] int retValue_acc ; [L1141] retValue_acc = __SELECTED_FEATURE_base [L1142] return (retValue_acc); VAL [\result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L594] RET, EXPR valid_product() [L594] tmp = valid_product() [L596] COND TRUE \read(tmp) [L598] FCALL setup() [L599] CALL runTest() [L577] CALL __utac_acc__Specification2_spec__1() [L693] methAndRunningLastTime = 0 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L577] RET __utac_acc__Specification2_spec__1() [L578] CALL test() [L611] int splverifierCounter ; [L612] int tmp ; [L613] int tmp___0 ; [L614] int tmp___1 ; [L615] int tmp___2 ; [L618] splverifierCounter = 0 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L622] COND TRUE splverifierCounter < 4 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L628] tmp = __VERIFIER_nondet_int() [L630] COND TRUE \read(tmp) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L632] CALL waterRise() VAL [\old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L84] COND TRUE waterLevel < 2 [L85] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L632] RET waterRise() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L638] tmp___0 = __VERIFIER_nondet_int() [L640] COND TRUE \read(tmp___0) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L642] CALL changeMethaneLevel() VAL [\old(methaneLevelCritical)=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L96] COND FALSE !(\read(methaneLevelCritical)) [L99] methaneLevelCritical = 1 VAL [\old(methaneLevelCritical)=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L642] RET changeMethaneLevel() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L648] tmp___2 = __VERIFIER_nondet_int() [L650] COND TRUE \read(tmp___2) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L651] COND FALSE !(\read(__SELECTED_FEATURE_startCommand)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L675] CALL timeShift() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L184] COND FALSE !(\read(pumpRunning)) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L191] COND TRUE \read(systemActive) [L193] CALL processEnvironment() [L327] COND FALSE !(\read(__SELECTED_FEATURE_methaneAlarm)) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L334] CALL processEnvironment__before__methaneAlarm() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L284] COND FALSE !(\read(__SELECTED_FEATURE_lowWaterSensor)) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L291] CALL processEnvironment__before__lowWaterSensor() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L241] COND TRUE \read(__SELECTED_FEATURE_highWaterSensor) [L243] CALL processEnvironment__role__highWaterSensor() [L213] int tmp ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L216] COND TRUE ! pumpRunning [L218] CALL, EXPR isHighWaterLevel() [L447] int retValue_acc ; [L448] int tmp ; [L449] int tmp___0 ; [L453] CALL, EXPR isHighWaterSensorDry() [L146] int retValue_acc ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L149] COND FALSE !(waterLevel < 2) [L153] retValue_acc = 0 [L154] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L453] RET, EXPR isHighWaterSensorDry() [L453] tmp = isHighWaterSensorDry() [L455] COND FALSE !(\read(tmp)) [L458] tmp___0 = 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L460] retValue_acc = tmp___0 [L461] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L218] RET, EXPR isHighWaterLevel() [L218] tmp = isHighWaterLevel() [L220] COND TRUE \read(tmp) [L222] CALL activatePump() [L369] COND FALSE !(\read(__SELECTED_FEATURE_methaneQuery)) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L376] CALL activatePump__before__methaneQuery() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L344] pumpRunning = 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L376] RET activatePump__before__methaneQuery() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L222] RET activatePump() [L243] RET processEnvironment__role__highWaterSensor() [L291] RET processEnvironment__before__lowWaterSensor() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L334] RET processEnvironment__before__methaneAlarm() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L193] RET processEnvironment() [L199] CALL __utac_acc__Specification2_spec__2() [L698] int tmp ; [L699] int tmp___0 ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L703] CALL, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L105] int retValue_acc ; [L108] retValue_acc = methaneLevelCritical [L109] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L703] RET, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L703] tmp = isMethaneLevelCritical() [L705] COND TRUE \read(tmp) [L707] CALL, EXPR isPumpRunning() [L402] int retValue_acc ; [L405] retValue_acc = pumpRunning [L406] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L707] RET, EXPR isPumpRunning() [L707] tmp___0 = isPumpRunning() [L709] COND TRUE \read(tmp___0) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L710] COND FALSE !(\read(methAndRunningLastTime)) [L715] methAndRunningLastTime = 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L199] RET __utac_acc__Specification2_spec__2() [L675] RET timeShift() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L622] COND TRUE splverifierCounter < 4 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L628] tmp = __VERIFIER_nondet_int() [L630] COND FALSE !(\read(tmp)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L638] tmp___0 = __VERIFIER_nondet_int() [L640] COND FALSE !(\read(tmp___0)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L648] tmp___2 = __VERIFIER_nondet_int() [L650] COND TRUE \read(tmp___2) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L651] COND FALSE !(\read(__SELECTED_FEATURE_startCommand)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L675] CALL timeShift() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L184] COND TRUE \read(pumpRunning) [L186] CALL lowerWaterLevel() [L72] COND TRUE waterLevel > 0 [L73] waterLevel = waterLevel - 1 VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L186] RET lowerWaterLevel() [L191] COND TRUE \read(systemActive) [L193] CALL processEnvironment() [L327] COND FALSE !(\read(__SELECTED_FEATURE_methaneAlarm)) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L334] CALL processEnvironment__before__methaneAlarm() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L284] COND FALSE !(\read(__SELECTED_FEATURE_lowWaterSensor)) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L291] CALL processEnvironment__before__lowWaterSensor() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L241] COND TRUE \read(__SELECTED_FEATURE_highWaterSensor) [L243] CALL processEnvironment__role__highWaterSensor() [L213] int tmp ; VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L216] COND FALSE !(! pumpRunning) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L231] FCALL processEnvironment__before__highWaterSensor() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L243] RET processEnvironment__role__highWaterSensor() [L291] RET processEnvironment__before__lowWaterSensor() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L334] RET processEnvironment__before__methaneAlarm() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L193] RET processEnvironment() [L199] CALL __utac_acc__Specification2_spec__2() [L698] int tmp ; [L699] int tmp___0 ; VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L703] CALL, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L105] int retValue_acc ; [L108] retValue_acc = methaneLevelCritical [L109] return (retValue_acc); VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L703] RET, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L703] tmp = isMethaneLevelCritical() [L705] COND TRUE \read(tmp) [L707] CALL, EXPR isPumpRunning() [L402] int retValue_acc ; [L405] retValue_acc = pumpRunning [L406] return (retValue_acc); VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L707] RET, EXPR isPumpRunning() [L707] tmp___0 = isPumpRunning() [L709] COND TRUE \read(tmp___0) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L710] COND TRUE \read(methAndRunningLastTime) [L712] CALL __automaton_fail() [L1097] reach_error() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] - StatisticsResult: Ultimate Automizer benchmark data CFG has 13 procedures, 143 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 5.7s, OverallIterations: 13, TraceHistogramMax: 6, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 1.6s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1400 SdHoareTripleChecker+Valid, 0.7s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1381 mSDsluCounter, 5456 SdHoareTripleChecker+Invalid, 0.6s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3165 mSDsCounter, 109 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 758 IncrementalHoareTripleChecker+Invalid, 867 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 109 mSolverCounterUnsat, 2291 mSDtfsCounter, 758 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 580 GetRequests, 540 SyntacticMatches, 1 SemanticMatches, 39 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 19 ImplicationChecksByTransitivity, 0.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=2594occurred in iteration=12, InterpolantAutomatonStates: 53, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.9s AutomataMinimizationTime, 12 MinimizatonAttempts, 116 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.4s SatisfiabilityAnalysisTime, 1.5s InterpolantComputationTime, 1607 NumberOfCodeBlocks, 1607 NumberOfCodeBlocksAsserted, 16 NumberOfCheckSat, 1587 ConstructedInterpolants, 0 QuantifiedInterpolants, 2753 SizeOfPredicates, 1 NumberOfNonLiveVariables, 1291 ConjunctsInSsa, 18 ConjunctsInUnsatCore, 16 InterpolantComputations, 12 PerfectInterpolantSequences, 966/979 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-01-09 04:01:01,902 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE