./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version c00e63dc Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c -s /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 4f3466b08a64c7fddf78a299dda71b27bda6ead813da06152b5ee1cea2f1c203 --- Real Ultimate output --- This is Ultimate 0.3.0-?-c00e63d-m [2025-02-05 15:52:06,915 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-02-05 15:52:06,971 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-02-05 15:52:06,976 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-02-05 15:52:06,979 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-02-05 15:52:06,999 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-02-05 15:52:07,000 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-02-05 15:52:07,000 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-02-05 15:52:07,000 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-02-05 15:52:07,000 INFO L153 SettingsManager]: * Use memory slicer=true [2025-02-05 15:52:07,001 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-02-05 15:52:07,001 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-02-05 15:52:07,001 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-02-05 15:52:07,001 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-02-05 15:52:07,001 INFO L153 SettingsManager]: * Use SBE=true [2025-02-05 15:52:07,002 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-02-05 15:52:07,002 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-02-05 15:52:07,002 INFO L153 SettingsManager]: * sizeof long=4 [2025-02-05 15:52:07,002 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-02-05 15:52:07,002 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-02-05 15:52:07,002 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-02-05 15:52:07,002 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-02-05 15:52:07,002 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-02-05 15:52:07,003 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-02-05 15:52:07,003 INFO L153 SettingsManager]: * sizeof long double=12 [2025-02-05 15:52:07,003 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-02-05 15:52:07,003 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-02-05 15:52:07,003 INFO L153 SettingsManager]: * Use constant arrays=true [2025-02-05 15:52:07,003 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-02-05 15:52:07,003 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-02-05 15:52:07,003 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-02-05 15:52:07,003 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-02-05 15:52:07,003 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-02-05 15:52:07,003 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-02-05 15:52:07,004 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-02-05 15:52:07,004 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-02-05 15:52:07,004 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-02-05 15:52:07,004 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-02-05 15:52:07,004 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-02-05 15:52:07,004 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-02-05 15:52:07,004 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-02-05 15:52:07,004 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-02-05 15:52:07,005 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-02-05 15:52:07,005 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 4f3466b08a64c7fddf78a299dda71b27bda6ead813da06152b5ee1cea2f1c203 [2025-02-05 15:52:07,228 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-02-05 15:52:07,234 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-02-05 15:52:07,237 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-02-05 15:52:07,238 INFO L270 PluginConnector]: Initializing CDTParser... [2025-02-05 15:52:07,238 INFO L274 PluginConnector]: CDTParser initialized [2025-02-05 15:52:07,239 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c [2025-02-05 15:52:08,363 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/02d6c71a3/ee5857e86b2043ca9ec806b854e276a5/FLAG5591ff361 [2025-02-05 15:52:08,661 INFO L384 CDTParser]: Found 1 translation units. [2025-02-05 15:52:08,662 INFO L180 CDTParser]: Scanning /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c [2025-02-05 15:52:08,678 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/02d6c71a3/ee5857e86b2043ca9ec806b854e276a5/FLAG5591ff361 [2025-02-05 15:52:08,928 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/02d6c71a3/ee5857e86b2043ca9ec806b854e276a5 [2025-02-05 15:52:08,931 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-02-05 15:52:08,932 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-02-05 15:52:08,933 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-02-05 15:52:08,933 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-02-05 15:52:08,936 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-02-05 15:52:08,937 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 05.02 03:52:08" (1/1) ... [2025-02-05 15:52:08,938 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@30c7e046 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:08, skipping insertion in model container [2025-02-05 15:52:08,940 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 05.02 03:52:08" (1/1) ... [2025-02-05 15:52:08,967 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-02-05 15:52:09,156 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c[20836,20849] [2025-02-05 15:52:09,163 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-02-05 15:52:09,172 INFO L200 MainTranslator]: Completed pre-run [2025-02-05 15:52:09,177 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2025-02-05 15:52:09,178 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [168] [2025-02-05 15:52:09,178 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [507] [2025-02-05 15:52:09,178 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [609] [2025-02-05 15:52:09,178 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification2_spec.i","") [686] [2025-02-05 15:52:09,179 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [726] [2025-02-05 15:52:09,179 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1092] [2025-02-05 15:52:09,179 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1101] [2025-02-05 15:52:09,212 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c[20836,20849] [2025-02-05 15:52:09,214 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-02-05 15:52:09,228 INFO L204 MainTranslator]: Completed translation [2025-02-05 15:52:09,228 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:09 WrapperNode [2025-02-05 15:52:09,228 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-02-05 15:52:09,229 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-02-05 15:52:09,229 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-02-05 15:52:09,229 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-02-05 15:52:09,233 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:09" (1/1) ... [2025-02-05 15:52:09,240 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:09" (1/1) ... [2025-02-05 15:52:09,256 INFO L138 Inliner]: procedures = 64, calls = 122, calls flagged for inlining = 28, calls inlined = 25, statements flattened = 282 [2025-02-05 15:52:09,256 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-02-05 15:52:09,256 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-02-05 15:52:09,256 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-02-05 15:52:09,257 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-02-05 15:52:09,262 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:09" (1/1) ... [2025-02-05 15:52:09,262 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:09" (1/1) ... [2025-02-05 15:52:09,264 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:09" (1/1) ... [2025-02-05 15:52:09,273 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-02-05 15:52:09,273 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:09" (1/1) ... [2025-02-05 15:52:09,273 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:09" (1/1) ... [2025-02-05 15:52:09,281 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:09" (1/1) ... [2025-02-05 15:52:09,285 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:09" (1/1) ... [2025-02-05 15:52:09,286 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:09" (1/1) ... [2025-02-05 15:52:09,286 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:09" (1/1) ... [2025-02-05 15:52:09,288 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-02-05 15:52:09,288 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-02-05 15:52:09,289 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-02-05 15:52:09,289 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-02-05 15:52:09,289 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:09" (1/1) ... [2025-02-05 15:52:09,293 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-02-05 15:52:09,303 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-02-05 15:52:09,313 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-02-05 15:52:09,317 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-02-05 15:52:09,330 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-02-05 15:52:09,330 INFO L130 BoogieDeclarations]: Found specification of procedure activatePump__before__methaneQuery [2025-02-05 15:52:09,330 INFO L138 BoogieDeclarations]: Found implementation of procedure activatePump__before__methaneQuery [2025-02-05 15:52:09,330 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-02-05 15:52:09,330 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-02-05 15:52:09,330 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-02-05 15:52:09,330 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-02-05 15:52:09,330 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2025-02-05 15:52:09,330 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2025-02-05 15:52:09,330 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__highWaterSensor [2025-02-05 15:52:09,330 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__highWaterSensor [2025-02-05 15:52:09,330 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-02-05 15:52:09,330 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-02-05 15:52:09,330 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__methaneAlarm [2025-02-05 15:52:09,330 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__methaneAlarm [2025-02-05 15:52:09,331 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__lowWaterSensor [2025-02-05 15:52:09,331 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__lowWaterSensor [2025-02-05 15:52:09,331 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2025-02-05 15:52:09,331 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2025-02-05 15:52:09,331 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2025-02-05 15:52:09,331 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2025-02-05 15:52:09,331 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-02-05 15:52:09,331 INFO L130 BoogieDeclarations]: Found specification of procedure select_one [2025-02-05 15:52:09,331 INFO L138 BoogieDeclarations]: Found implementation of procedure select_one [2025-02-05 15:52:09,331 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-02-05 15:52:09,331 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-02-05 15:52:09,332 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-02-05 15:52:09,332 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-02-05 15:52:09,391 INFO L257 CfgBuilder]: Building ICFG [2025-02-05 15:52:09,392 INFO L287 CfgBuilder]: Building CFG for each procedure with an implementation [2025-02-05 15:52:09,489 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L156-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~2#1; [2025-02-05 15:52:09,489 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L462-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~6#1; [2025-02-05 15:52:09,498 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L1110: #res := ~retValue_acc~12; [2025-02-05 15:52:09,520 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint cleanupFINAL: assume true; [2025-02-05 15:52:09,557 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L407-1: isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~5#1; [2025-02-05 15:52:09,563 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L110: #res := ~retValue_acc~0; [2025-02-05 15:52:09,634 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L606-1: main_#res#1 := main_~retValue_acc~8#1; [2025-02-05 15:52:09,634 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L1143-1: valid_product_#res#1 := valid_product_~retValue_acc~13#1; [2025-02-05 15:52:09,659 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L481-1: isLowWaterLevel_#res#1 := isLowWaterLevel_~retValue_acc~7#1; [2025-02-05 15:52:09,659 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L165-1: isLowWaterSensorDry_#res#1 := isLowWaterSensorDry_~retValue_acc~3#1; [2025-02-05 15:52:09,662 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L398: #res := ~retValue_acc~4; [2025-02-05 15:52:09,694 INFO L? ?]: Removed 52 outVars from TransFormulas that were not future-live. [2025-02-05 15:52:09,695 INFO L308 CfgBuilder]: Performing block encoding [2025-02-05 15:52:09,703 INFO L332 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-02-05 15:52:09,703 INFO L337 CfgBuilder]: Removed 0 assume(true) statements. [2025-02-05 15:52:09,703 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:52:09 BoogieIcfgContainer [2025-02-05 15:52:09,703 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-02-05 15:52:09,705 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-02-05 15:52:09,705 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-02-05 15:52:09,708 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-02-05 15:52:09,708 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 05.02 03:52:08" (1/3) ... [2025-02-05 15:52:09,708 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1cf1f6ec and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 05.02 03:52:09, skipping insertion in model container [2025-02-05 15:52:09,709 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:52:09" (2/3) ... [2025-02-05 15:52:09,709 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1cf1f6ec and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 05.02 03:52:09, skipping insertion in model container [2025-02-05 15:52:09,709 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:52:09" (3/3) ... [2025-02-05 15:52:09,710 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec2_productSimulator.cil.c [2025-02-05 15:52:09,719 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-02-05 15:52:09,720 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec2_productSimulator.cil.c that has 13 procedures, 144 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-02-05 15:52:09,763 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-02-05 15:52:09,770 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@730bedc7, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-02-05 15:52:09,771 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-02-05 15:52:09,775 INFO L276 IsEmpty]: Start isEmpty. Operand has 143 states, 99 states have (on average 1.3535353535353536) internal successors, (134), 115 states have internal predecessors, (134), 30 states have call successors, (30), 12 states have call predecessors, (30), 11 states have return successors, (29), 24 states have call predecessors, (29), 29 states have call successors, (29) [2025-02-05 15:52:09,782 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2025-02-05 15:52:09,783 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:52:09,784 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:52:09,784 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:52:09,788 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:52:09,788 INFO L85 PathProgramCache]: Analyzing trace with hash -2037858373, now seen corresponding path program 1 times [2025-02-05 15:52:09,792 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:52:09,792 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [49742719] [2025-02-05 15:52:09,793 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:52:09,793 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:52:09,855 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 55 statements into 1 equivalence classes. [2025-02-05 15:52:09,890 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 55 of 55 statements. [2025-02-05 15:52:09,893 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:52:09,893 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:52:09,986 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-02-05 15:52:09,987 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:52:09,987 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [49742719] [2025-02-05 15:52:09,988 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [49742719] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:52:09,988 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:52:09,988 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2025-02-05 15:52:09,990 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [400878363] [2025-02-05 15:52:09,990 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:52:09,993 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-02-05 15:52:09,995 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:52:10,010 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-02-05 15:52:10,011 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-02-05 15:52:10,029 INFO L87 Difference]: Start difference. First operand has 143 states, 99 states have (on average 1.3535353535353536) internal successors, (134), 115 states have internal predecessors, (134), 30 states have call successors, (30), 12 states have call predecessors, (30), 11 states have return successors, (29), 24 states have call predecessors, (29), 29 states have call successors, (29) Second operand has 2 states, 2 states have (on average 14.5) internal successors, (29), 2 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-02-05 15:52:10,063 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:52:10,063 INFO L93 Difference]: Finished difference Result 254 states and 352 transitions. [2025-02-05 15:52:10,064 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-02-05 15:52:10,065 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 14.5) internal successors, (29), 2 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 55 [2025-02-05 15:52:10,065 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:52:10,070 INFO L225 Difference]: With dead ends: 254 [2025-02-05 15:52:10,070 INFO L226 Difference]: Without dead ends: 135 [2025-02-05 15:52:10,073 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-02-05 15:52:10,074 INFO L435 NwaCegarLoop]: 187 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 187 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:52:10,075 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 187 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:52:10,085 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 135 states. [2025-02-05 15:52:10,101 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 135 to 135. [2025-02-05 15:52:10,104 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 135 states, 93 states have (on average 1.3225806451612903) internal successors, (123), 108 states have internal predecessors, (123), 30 states have call successors, (30), 12 states have call predecessors, (30), 11 states have return successors, (29), 24 states have call predecessors, (29), 29 states have call successors, (29) [2025-02-05 15:52:10,110 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 135 states to 135 states and 182 transitions. [2025-02-05 15:52:10,112 INFO L78 Accepts]: Start accepts. Automaton has 135 states and 182 transitions. Word has length 55 [2025-02-05 15:52:10,113 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:52:10,113 INFO L471 AbstractCegarLoop]: Abstraction has 135 states and 182 transitions. [2025-02-05 15:52:10,113 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 14.5) internal successors, (29), 2 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-02-05 15:52:10,113 INFO L276 IsEmpty]: Start isEmpty. Operand 135 states and 182 transitions. [2025-02-05 15:52:10,116 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2025-02-05 15:52:10,116 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:52:10,116 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:52:10,116 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-02-05 15:52:10,116 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:52:10,116 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:52:10,117 INFO L85 PathProgramCache]: Analyzing trace with hash 91640074, now seen corresponding path program 1 times [2025-02-05 15:52:10,117 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:52:10,117 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [759013030] [2025-02-05 15:52:10,117 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:52:10,117 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:52:10,137 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 56 statements into 1 equivalence classes. [2025-02-05 15:52:10,165 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 56 of 56 statements. [2025-02-05 15:52:10,166 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:52:10,166 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:52:10,260 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-02-05 15:52:10,260 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:52:10,260 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [759013030] [2025-02-05 15:52:10,260 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [759013030] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:52:10,260 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:52:10,260 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-02-05 15:52:10,260 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [645484495] [2025-02-05 15:52:10,260 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:52:10,261 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:52:10,261 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:52:10,262 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:52:10,262 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:52:10,262 INFO L87 Difference]: Start difference. First operand 135 states and 182 transitions. Second operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-02-05 15:52:10,282 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:52:10,283 INFO L93 Difference]: Finished difference Result 214 states and 289 transitions. [2025-02-05 15:52:10,283 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:52:10,283 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 56 [2025-02-05 15:52:10,284 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:52:10,285 INFO L225 Difference]: With dead ends: 214 [2025-02-05 15:52:10,285 INFO L226 Difference]: Without dead ends: 126 [2025-02-05 15:52:10,285 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:52:10,286 INFO L435 NwaCegarLoop]: 169 mSDtfsCounter, 20 mSDsluCounter, 144 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 24 SdHoareTripleChecker+Valid, 313 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:52:10,286 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [24 Valid, 313 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:52:10,287 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 126 states. [2025-02-05 15:52:10,293 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 126 to 126. [2025-02-05 15:52:10,293 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 126 states, 87 states have (on average 1.3333333333333333) internal successors, (116), 102 states have internal predecessors, (116), 27 states have call successors, (27), 11 states have call predecessors, (27), 11 states have return successors, (27), 22 states have call predecessors, (27), 27 states have call successors, (27) [2025-02-05 15:52:10,294 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 126 states to 126 states and 170 transitions. [2025-02-05 15:52:10,295 INFO L78 Accepts]: Start accepts. Automaton has 126 states and 170 transitions. Word has length 56 [2025-02-05 15:52:10,295 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:52:10,295 INFO L471 AbstractCegarLoop]: Abstraction has 126 states and 170 transitions. [2025-02-05 15:52:10,295 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-02-05 15:52:10,295 INFO L276 IsEmpty]: Start isEmpty. Operand 126 states and 170 transitions. [2025-02-05 15:52:10,296 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2025-02-05 15:52:10,296 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:52:10,296 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:52:10,296 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-02-05 15:52:10,296 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:52:10,297 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:52:10,297 INFO L85 PathProgramCache]: Analyzing trace with hash -1578914198, now seen corresponding path program 1 times [2025-02-05 15:52:10,297 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:52:10,297 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1791371268] [2025-02-05 15:52:10,297 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:52:10,297 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:52:10,309 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 60 statements into 1 equivalence classes. [2025-02-05 15:52:10,323 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 60 of 60 statements. [2025-02-05 15:52:10,324 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:52:10,324 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:52:10,408 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-02-05 15:52:10,408 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:52:10,408 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1791371268] [2025-02-05 15:52:10,408 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1791371268] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:52:10,408 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:52:10,408 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-02-05 15:52:10,409 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [109317313] [2025-02-05 15:52:10,409 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:52:10,409 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:52:10,409 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:52:10,409 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:52:10,409 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:52:10,409 INFO L87 Difference]: Start difference. First operand 126 states and 170 transitions. Second operand has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-02-05 15:52:10,445 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:52:10,445 INFO L93 Difference]: Finished difference Result 330 states and 453 transitions. [2025-02-05 15:52:10,446 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:52:10,446 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 60 [2025-02-05 15:52:10,447 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:52:10,448 INFO L225 Difference]: With dead ends: 330 [2025-02-05 15:52:10,450 INFO L226 Difference]: Without dead ends: 227 [2025-02-05 15:52:10,450 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:52:10,451 INFO L435 NwaCegarLoop]: 192 mSDtfsCounter, 136 mSDsluCounter, 137 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 136 SdHoareTripleChecker+Valid, 329 SdHoareTripleChecker+Invalid, 6 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:52:10,452 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [136 Valid, 329 Invalid, 6 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:52:10,453 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 227 states. [2025-02-05 15:52:10,475 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 227 to 224. [2025-02-05 15:52:10,475 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 224 states, 154 states have (on average 1.37012987012987) internal successors, (211), 183 states have internal predecessors, (211), 48 states have call successors, (48), 21 states have call predecessors, (48), 21 states have return successors, (48), 37 states have call predecessors, (48), 48 states have call successors, (48) [2025-02-05 15:52:10,479 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 224 states to 224 states and 307 transitions. [2025-02-05 15:52:10,479 INFO L78 Accepts]: Start accepts. Automaton has 224 states and 307 transitions. Word has length 60 [2025-02-05 15:52:10,479 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:52:10,479 INFO L471 AbstractCegarLoop]: Abstraction has 224 states and 307 transitions. [2025-02-05 15:52:10,479 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-02-05 15:52:10,479 INFO L276 IsEmpty]: Start isEmpty. Operand 224 states and 307 transitions. [2025-02-05 15:52:10,481 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 65 [2025-02-05 15:52:10,481 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:52:10,481 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:52:10,485 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-02-05 15:52:10,485 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:52:10,485 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:52:10,485 INFO L85 PathProgramCache]: Analyzing trace with hash -789242778, now seen corresponding path program 1 times [2025-02-05 15:52:10,486 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:52:10,486 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [300552961] [2025-02-05 15:52:10,486 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:52:10,486 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:52:10,501 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 64 statements into 1 equivalence classes. [2025-02-05 15:52:10,518 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 64 of 64 statements. [2025-02-05 15:52:10,518 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:52:10,518 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:52:10,610 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-02-05 15:52:10,610 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:52:10,611 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [300552961] [2025-02-05 15:52:10,611 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [300552961] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:52:10,611 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:52:10,611 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-02-05 15:52:10,611 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [328842575] [2025-02-05 15:52:10,611 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:52:10,611 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:52:10,611 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:52:10,611 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:52:10,611 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:52:10,612 INFO L87 Difference]: Start difference. First operand 224 states and 307 transitions. Second operand has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (8), 1 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-02-05 15:52:10,724 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:52:10,724 INFO L93 Difference]: Finished difference Result 546 states and 780 transitions. [2025-02-05 15:52:10,726 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:52:10,726 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (8), 1 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 64 [2025-02-05 15:52:10,726 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:52:10,728 INFO L225 Difference]: With dead ends: 546 [2025-02-05 15:52:10,728 INFO L226 Difference]: Without dead ends: 345 [2025-02-05 15:52:10,729 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-02-05 15:52:10,730 INFO L435 NwaCegarLoop]: 168 mSDtfsCounter, 131 mSDsluCounter, 434 mSDsCounter, 0 mSdLazyCounter, 34 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 131 SdHoareTripleChecker+Valid, 602 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 34 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-02-05 15:52:10,730 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [131 Valid, 602 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 34 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-02-05 15:52:10,731 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 345 states. [2025-02-05 15:52:10,752 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 345 to 344. [2025-02-05 15:52:10,753 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 344 states, 242 states have (on average 1.3388429752066116) internal successors, (324), 275 states have internal predecessors, (324), 64 states have call successors, (64), 37 states have call predecessors, (64), 37 states have return successors, (84), 59 states have call predecessors, (84), 64 states have call successors, (84) [2025-02-05 15:52:10,756 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 344 states to 344 states and 472 transitions. [2025-02-05 15:52:10,756 INFO L78 Accepts]: Start accepts. Automaton has 344 states and 472 transitions. Word has length 64 [2025-02-05 15:52:10,757 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:52:10,757 INFO L471 AbstractCegarLoop]: Abstraction has 344 states and 472 transitions. [2025-02-05 15:52:10,758 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (8), 1 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-02-05 15:52:10,758 INFO L276 IsEmpty]: Start isEmpty. Operand 344 states and 472 transitions. [2025-02-05 15:52:10,761 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 85 [2025-02-05 15:52:10,762 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:52:10,763 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:52:10,763 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-02-05 15:52:10,763 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:52:10,764 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:52:10,764 INFO L85 PathProgramCache]: Analyzing trace with hash 1821129517, now seen corresponding path program 1 times [2025-02-05 15:52:10,764 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:52:10,764 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [903930728] [2025-02-05 15:52:10,764 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:52:10,764 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:52:10,779 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 84 statements into 1 equivalence classes. [2025-02-05 15:52:10,786 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 84 of 84 statements. [2025-02-05 15:52:10,787 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:52:10,787 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:52:10,853 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-02-05 15:52:10,854 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:52:10,854 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [903930728] [2025-02-05 15:52:10,854 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [903930728] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:52:10,854 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:52:10,854 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-02-05 15:52:10,854 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2061365981] [2025-02-05 15:52:10,854 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:52:10,854 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:52:10,854 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:52:10,855 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:52:10,855 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:52:10,855 INFO L87 Difference]: Start difference. First operand 344 states and 472 transitions. Second operand has 5 states, 5 states have (on average 10.6) internal successors, (53), 5 states have internal predecessors, (53), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 2 states have call successors, (10) [2025-02-05 15:52:10,885 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:52:10,887 INFO L93 Difference]: Finished difference Result 671 states and 964 transitions. [2025-02-05 15:52:10,887 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:52:10,887 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 10.6) internal successors, (53), 5 states have internal predecessors, (53), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 2 states have call successors, (10) Word has length 84 [2025-02-05 15:52:10,888 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:52:10,890 INFO L225 Difference]: With dead ends: 671 [2025-02-05 15:52:10,890 INFO L226 Difference]: Without dead ends: 350 [2025-02-05 15:52:10,891 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:52:10,892 INFO L435 NwaCegarLoop]: 167 mSDtfsCounter, 0 mSDsluCounter, 494 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 661 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:52:10,892 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 661 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:52:10,893 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 350 states. [2025-02-05 15:52:10,907 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 350 to 350. [2025-02-05 15:52:10,908 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 350 states, 248 states have (on average 1.3306451612903225) internal successors, (330), 281 states have internal predecessors, (330), 64 states have call successors, (64), 37 states have call predecessors, (64), 37 states have return successors, (84), 59 states have call predecessors, (84), 64 states have call successors, (84) [2025-02-05 15:52:10,910 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 350 states to 350 states and 478 transitions. [2025-02-05 15:52:10,910 INFO L78 Accepts]: Start accepts. Automaton has 350 states and 478 transitions. Word has length 84 [2025-02-05 15:52:10,911 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:52:10,911 INFO L471 AbstractCegarLoop]: Abstraction has 350 states and 478 transitions. [2025-02-05 15:52:10,911 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 10.6) internal successors, (53), 5 states have internal predecessors, (53), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 2 states have call successors, (10) [2025-02-05 15:52:10,911 INFO L276 IsEmpty]: Start isEmpty. Operand 350 states and 478 transitions. [2025-02-05 15:52:10,912 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 85 [2025-02-05 15:52:10,912 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:52:10,912 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:52:10,912 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-02-05 15:52:10,912 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:52:10,913 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:52:10,913 INFO L85 PathProgramCache]: Analyzing trace with hash -1512223762, now seen corresponding path program 1 times [2025-02-05 15:52:10,913 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:52:10,913 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [396227736] [2025-02-05 15:52:10,913 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:52:10,913 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:52:10,927 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 84 statements into 1 equivalence classes. [2025-02-05 15:52:10,936 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 84 of 84 statements. [2025-02-05 15:52:10,936 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:52:10,936 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:52:11,039 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-02-05 15:52:11,040 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:52:11,040 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [396227736] [2025-02-05 15:52:11,040 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [396227736] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:52:11,040 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:52:11,040 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-02-05 15:52:11,040 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1687055374] [2025-02-05 15:52:11,040 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:52:11,040 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:52:11,040 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:52:11,041 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:52:11,041 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:52:11,042 INFO L87 Difference]: Start difference. First operand 350 states and 478 transitions. Second operand has 5 states, 5 states have (on average 10.6) internal successors, (53), 5 states have internal predecessors, (53), 3 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 3 states have call successors, (10) [2025-02-05 15:52:11,093 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:52:11,093 INFO L93 Difference]: Finished difference Result 685 states and 977 transitions. [2025-02-05 15:52:11,093 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-02-05 15:52:11,094 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 10.6) internal successors, (53), 5 states have internal predecessors, (53), 3 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 3 states have call successors, (10) Word has length 84 [2025-02-05 15:52:11,094 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:52:11,096 INFO L225 Difference]: With dead ends: 685 [2025-02-05 15:52:11,097 INFO L226 Difference]: Without dead ends: 358 [2025-02-05 15:52:11,098 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-02-05 15:52:11,098 INFO L435 NwaCegarLoop]: 180 mSDtfsCounter, 138 mSDsluCounter, 489 mSDsCounter, 0 mSdLazyCounter, 19 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 138 SdHoareTripleChecker+Valid, 669 SdHoareTripleChecker+Invalid, 21 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 19 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:52:11,098 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [138 Valid, 669 Invalid, 21 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 19 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:52:11,099 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 358 states. [2025-02-05 15:52:11,118 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 358 to 354. [2025-02-05 15:52:11,119 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 354 states, 252 states have (on average 1.3253968253968254) internal successors, (334), 285 states have internal predecessors, (334), 64 states have call successors, (64), 37 states have call predecessors, (64), 37 states have return successors, (84), 59 states have call predecessors, (84), 64 states have call successors, (84) [2025-02-05 15:52:11,122 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 354 states to 354 states and 482 transitions. [2025-02-05 15:52:11,123 INFO L78 Accepts]: Start accepts. Automaton has 354 states and 482 transitions. Word has length 84 [2025-02-05 15:52:11,123 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:52:11,123 INFO L471 AbstractCegarLoop]: Abstraction has 354 states and 482 transitions. [2025-02-05 15:52:11,124 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 10.6) internal successors, (53), 5 states have internal predecessors, (53), 3 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 3 states have call successors, (10) [2025-02-05 15:52:11,124 INFO L276 IsEmpty]: Start isEmpty. Operand 354 states and 482 transitions. [2025-02-05 15:52:11,125 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 85 [2025-02-05 15:52:11,125 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:52:11,125 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:52:11,125 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-02-05 15:52:11,125 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:52:11,125 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:52:11,125 INFO L85 PathProgramCache]: Analyzing trace with hash -126020368, now seen corresponding path program 1 times [2025-02-05 15:52:11,125 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:52:11,125 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1343388997] [2025-02-05 15:52:11,126 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:52:11,126 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:52:11,135 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 84 statements into 1 equivalence classes. [2025-02-05 15:52:11,142 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 84 of 84 statements. [2025-02-05 15:52:11,143 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:52:11,143 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:52:11,220 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-02-05 15:52:11,221 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:52:11,221 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1343388997] [2025-02-05 15:52:11,221 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1343388997] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:52:11,221 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:52:11,221 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-02-05 15:52:11,221 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1957973705] [2025-02-05 15:52:11,221 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:52:11,222 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-02-05 15:52:11,222 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:52:11,222 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-02-05 15:52:11,222 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-02-05 15:52:11,222 INFO L87 Difference]: Start difference. First operand 354 states and 482 transitions. Second operand has 4 states, 4 states have (on average 13.25) internal successors, (53), 4 states have internal predecessors, (53), 4 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 3 states have call predecessors, (10), 4 states have call successors, (10) [2025-02-05 15:52:11,378 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:52:11,378 INFO L93 Difference]: Finished difference Result 1092 states and 1553 transitions. [2025-02-05 15:52:11,379 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-02-05 15:52:11,379 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 13.25) internal successors, (53), 4 states have internal predecessors, (53), 4 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 3 states have call predecessors, (10), 4 states have call successors, (10) Word has length 84 [2025-02-05 15:52:11,379 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:52:11,384 INFO L225 Difference]: With dead ends: 1092 [2025-02-05 15:52:11,384 INFO L226 Difference]: Without dead ends: 761 [2025-02-05 15:52:11,386 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-02-05 15:52:11,387 INFO L435 NwaCegarLoop]: 268 mSDtfsCounter, 208 mSDsluCounter, 237 mSDsCounter, 0 mSdLazyCounter, 97 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 208 SdHoareTripleChecker+Valid, 505 SdHoareTripleChecker+Invalid, 102 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 97 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-02-05 15:52:11,387 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [208 Valid, 505 Invalid, 102 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 97 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-02-05 15:52:11,389 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 761 states. [2025-02-05 15:52:11,442 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 761 to 749. [2025-02-05 15:52:11,443 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 749 states, 537 states have (on average 1.3221601489757915) internal successors, (710), 604 states have internal predecessors, (710), 130 states have call successors, (130), 79 states have call predecessors, (130), 81 states have return successors, (208), 122 states have call predecessors, (208), 130 states have call successors, (208) [2025-02-05 15:52:11,447 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 749 states to 749 states and 1048 transitions. [2025-02-05 15:52:11,448 INFO L78 Accepts]: Start accepts. Automaton has 749 states and 1048 transitions. Word has length 84 [2025-02-05 15:52:11,448 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:52:11,448 INFO L471 AbstractCegarLoop]: Abstraction has 749 states and 1048 transitions. [2025-02-05 15:52:11,448 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 13.25) internal successors, (53), 4 states have internal predecessors, (53), 4 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 3 states have call predecessors, (10), 4 states have call successors, (10) [2025-02-05 15:52:11,448 INFO L276 IsEmpty]: Start isEmpty. Operand 749 states and 1048 transitions. [2025-02-05 15:52:11,450 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 89 [2025-02-05 15:52:11,450 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:52:11,450 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:52:11,450 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-02-05 15:52:11,450 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:52:11,451 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:52:11,451 INFO L85 PathProgramCache]: Analyzing trace with hash 1724940594, now seen corresponding path program 1 times [2025-02-05 15:52:11,451 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:52:11,451 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1609616978] [2025-02-05 15:52:11,451 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:52:11,451 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:52:11,462 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 88 statements into 1 equivalence classes. [2025-02-05 15:52:11,472 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 88 of 88 statements. [2025-02-05 15:52:11,472 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:52:11,472 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:52:11,521 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-02-05 15:52:11,521 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:52:11,521 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1609616978] [2025-02-05 15:52:11,522 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1609616978] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:52:11,522 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:52:11,522 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-02-05 15:52:11,522 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1709586201] [2025-02-05 15:52:11,522 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:52:11,522 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:52:11,523 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:52:11,523 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:52:11,523 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:52:11,523 INFO L87 Difference]: Start difference. First operand 749 states and 1048 transitions. Second operand has 3 states, 3 states have (on average 18.333333333333332) internal successors, (55), 3 states have internal predecessors, (55), 2 states have call successors, (12), 2 states have call predecessors, (12), 1 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) [2025-02-05 15:52:11,572 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:52:11,572 INFO L93 Difference]: Finished difference Result 1265 states and 1818 transitions. [2025-02-05 15:52:11,572 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:52:11,573 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 18.333333333333332) internal successors, (55), 3 states have internal predecessors, (55), 2 states have call successors, (12), 2 states have call predecessors, (12), 1 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) Word has length 88 [2025-02-05 15:52:11,573 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:52:11,581 INFO L225 Difference]: With dead ends: 1265 [2025-02-05 15:52:11,582 INFO L226 Difference]: Without dead ends: 1263 [2025-02-05 15:52:11,582 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:52:11,583 INFO L435 NwaCegarLoop]: 172 mSDtfsCounter, 142 mSDsluCounter, 138 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 142 SdHoareTripleChecker+Valid, 310 SdHoareTripleChecker+Invalid, 8 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:52:11,583 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [142 Valid, 310 Invalid, 8 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:52:11,584 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1263 states. [2025-02-05 15:52:11,662 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1263 to 1233. [2025-02-05 15:52:11,664 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1233 states, 873 states have (on average 1.3264604810996563) internal successors, (1158), 994 states have internal predecessors, (1158), 224 states have call successors, (224), 133 states have call predecessors, (224), 135 states have return successors, (397), 200 states have call predecessors, (397), 224 states have call successors, (397) [2025-02-05 15:52:11,671 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1233 states to 1233 states and 1779 transitions. [2025-02-05 15:52:11,672 INFO L78 Accepts]: Start accepts. Automaton has 1233 states and 1779 transitions. Word has length 88 [2025-02-05 15:52:11,672 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:52:11,672 INFO L471 AbstractCegarLoop]: Abstraction has 1233 states and 1779 transitions. [2025-02-05 15:52:11,673 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 18.333333333333332) internal successors, (55), 3 states have internal predecessors, (55), 2 states have call successors, (12), 2 states have call predecessors, (12), 1 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) [2025-02-05 15:52:11,673 INFO L276 IsEmpty]: Start isEmpty. Operand 1233 states and 1779 transitions. [2025-02-05 15:52:11,679 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 119 [2025-02-05 15:52:11,679 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:52:11,679 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:52:11,680 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-02-05 15:52:11,680 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:52:11,680 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:52:11,680 INFO L85 PathProgramCache]: Analyzing trace with hash 1392876070, now seen corresponding path program 1 times [2025-02-05 15:52:11,680 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:52:11,680 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1114906653] [2025-02-05 15:52:11,681 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:52:11,681 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:52:11,693 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 118 statements into 1 equivalence classes. [2025-02-05 15:52:11,703 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 118 of 118 statements. [2025-02-05 15:52:11,703 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:52:11,704 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:52:11,740 INFO L134 CoverageAnalysis]: Checked inductivity of 66 backedges. 18 proven. 0 refuted. 0 times theorem prover too weak. 48 trivial. 0 not checked. [2025-02-05 15:52:11,740 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:52:11,740 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1114906653] [2025-02-05 15:52:11,740 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1114906653] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:52:11,741 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:52:11,741 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-02-05 15:52:11,741 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [68579424] [2025-02-05 15:52:11,741 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:52:11,741 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-02-05 15:52:11,741 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:52:11,742 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-02-05 15:52:11,742 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-02-05 15:52:11,742 INFO L87 Difference]: Start difference. First operand 1233 states and 1779 transitions. Second operand has 4 states, 4 states have (on average 19.75) internal successors, (79), 4 states have internal predecessors, (79), 4 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 3 states have call predecessors, (13), 4 states have call successors, (13) [2025-02-05 15:52:11,885 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:52:11,885 INFO L93 Difference]: Finished difference Result 1959 states and 2815 transitions. [2025-02-05 15:52:11,886 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-02-05 15:52:11,886 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 19.75) internal successors, (79), 4 states have internal predecessors, (79), 4 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 3 states have call predecessors, (13), 4 states have call successors, (13) Word has length 118 [2025-02-05 15:52:11,886 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:52:11,890 INFO L225 Difference]: With dead ends: 1959 [2025-02-05 15:52:11,891 INFO L226 Difference]: Without dead ends: 749 [2025-02-05 15:52:11,895 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-02-05 15:52:11,895 INFO L435 NwaCegarLoop]: 211 mSDtfsCounter, 194 mSDsluCounter, 144 mSDsCounter, 0 mSdLazyCounter, 71 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 194 SdHoareTripleChecker+Valid, 355 SdHoareTripleChecker+Invalid, 75 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 71 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-02-05 15:52:11,896 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [194 Valid, 355 Invalid, 75 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 71 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-02-05 15:52:11,896 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 749 states. [2025-02-05 15:52:11,946 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 749 to 728. [2025-02-05 15:52:11,947 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 728 states, 523 states have (on average 1.311663479923518) internal successors, (686), 589 states have internal predecessors, (686), 125 states have call successors, (125), 77 states have call predecessors, (125), 79 states have return successors, (210), 114 states have call predecessors, (210), 125 states have call successors, (210) [2025-02-05 15:52:11,951 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 728 states to 728 states and 1021 transitions. [2025-02-05 15:52:11,952 INFO L78 Accepts]: Start accepts. Automaton has 728 states and 1021 transitions. Word has length 118 [2025-02-05 15:52:11,952 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:52:11,952 INFO L471 AbstractCegarLoop]: Abstraction has 728 states and 1021 transitions. [2025-02-05 15:52:11,952 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 19.75) internal successors, (79), 4 states have internal predecessors, (79), 4 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 3 states have call predecessors, (13), 4 states have call successors, (13) [2025-02-05 15:52:11,953 INFO L276 IsEmpty]: Start isEmpty. Operand 728 states and 1021 transitions. [2025-02-05 15:52:11,956 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 128 [2025-02-05 15:52:11,956 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:52:11,956 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:52:11,957 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-02-05 15:52:11,957 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:52:11,957 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:52:11,957 INFO L85 PathProgramCache]: Analyzing trace with hash -1995519145, now seen corresponding path program 1 times [2025-02-05 15:52:11,957 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:52:11,957 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1787571922] [2025-02-05 15:52:11,957 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:52:11,957 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:52:11,967 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 127 statements into 1 equivalence classes. [2025-02-05 15:52:11,974 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 127 of 127 statements. [2025-02-05 15:52:11,974 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:52:11,974 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:52:12,009 INFO L134 CoverageAnalysis]: Checked inductivity of 76 backedges. 21 proven. 4 refuted. 0 times theorem prover too weak. 51 trivial. 0 not checked. [2025-02-05 15:52:12,009 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:52:12,009 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1787571922] [2025-02-05 15:52:12,010 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1787571922] provided 0 perfect and 1 imperfect interpolant sequences [2025-02-05 15:52:12,010 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1546596761] [2025-02-05 15:52:12,010 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:52:12,010 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-02-05 15:52:12,010 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-02-05 15:52:12,012 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-02-05 15:52:12,014 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-02-05 15:52:12,069 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 127 statements into 1 equivalence classes. [2025-02-05 15:52:12,112 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 127 of 127 statements. [2025-02-05 15:52:12,113 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:52:12,113 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:52:12,115 INFO L256 TraceCheckSpWp]: Trace formula consists of 436 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-02-05 15:52:12,120 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-02-05 15:52:12,197 INFO L134 CoverageAnalysis]: Checked inductivity of 76 backedges. 31 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-02-05 15:52:12,197 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-02-05 15:52:12,197 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1546596761] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:52:12,197 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-02-05 15:52:12,197 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [4] total 4 [2025-02-05 15:52:12,197 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2030643203] [2025-02-05 15:52:12,197 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:52:12,198 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:52:12,198 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:52:12,198 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:52:12,198 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-02-05 15:52:12,198 INFO L87 Difference]: Start difference. First operand 728 states and 1021 transitions. Second operand has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 3 states have call successors, (17), 3 states have call predecessors, (17), 3 states have return successors, (16), 3 states have call predecessors, (16), 3 states have call successors, (16) [2025-02-05 15:52:12,270 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:52:12,270 INFO L93 Difference]: Finished difference Result 1683 states and 2425 transitions. [2025-02-05 15:52:12,270 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:52:12,270 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 3 states have call successors, (17), 3 states have call predecessors, (17), 3 states have return successors, (16), 3 states have call predecessors, (16), 3 states have call successors, (16) Word has length 127 [2025-02-05 15:52:12,271 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:52:12,293 INFO L225 Difference]: With dead ends: 1683 [2025-02-05 15:52:12,293 INFO L226 Difference]: Without dead ends: 978 [2025-02-05 15:52:12,295 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 130 GetRequests, 128 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-02-05 15:52:12,295 INFO L435 NwaCegarLoop]: 239 mSDtfsCounter, 90 mSDsluCounter, 95 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 90 SdHoareTripleChecker+Valid, 334 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:52:12,295 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [90 Valid, 334 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:52:12,296 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 978 states. [2025-02-05 15:52:12,341 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 978 to 978. [2025-02-05 15:52:12,343 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 978 states, 714 states have (on average 1.2983193277310925) internal successors, (927), 787 states have internal predecessors, (927), 153 states have call successors, (153), 108 states have call predecessors, (153), 110 states have return successors, (272), 142 states have call predecessors, (272), 153 states have call successors, (272) [2025-02-05 15:52:12,347 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 978 states to 978 states and 1352 transitions. [2025-02-05 15:52:12,348 INFO L78 Accepts]: Start accepts. Automaton has 978 states and 1352 transitions. Word has length 127 [2025-02-05 15:52:12,348 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:52:12,348 INFO L471 AbstractCegarLoop]: Abstraction has 978 states and 1352 transitions. [2025-02-05 15:52:12,349 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 3 states have call successors, (17), 3 states have call predecessors, (17), 3 states have return successors, (16), 3 states have call predecessors, (16), 3 states have call successors, (16) [2025-02-05 15:52:12,349 INFO L276 IsEmpty]: Start isEmpty. Operand 978 states and 1352 transitions. [2025-02-05 15:52:12,352 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 130 [2025-02-05 15:52:12,353 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:52:12,353 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:52:12,360 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2025-02-05 15:52:12,553 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2025-02-05 15:52:12,554 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:52:12,555 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:52:12,555 INFO L85 PathProgramCache]: Analyzing trace with hash 17254627, now seen corresponding path program 1 times [2025-02-05 15:52:12,555 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:52:12,555 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2141007458] [2025-02-05 15:52:12,555 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:52:12,555 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:52:12,566 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 129 statements into 1 equivalence classes. [2025-02-05 15:52:12,575 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 129 of 129 statements. [2025-02-05 15:52:12,577 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:52:12,577 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:52:12,713 INFO L134 CoverageAnalysis]: Checked inductivity of 78 backedges. 21 proven. 2 refuted. 0 times theorem prover too weak. 55 trivial. 0 not checked. [2025-02-05 15:52:12,713 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:52:12,713 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2141007458] [2025-02-05 15:52:12,713 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2141007458] provided 0 perfect and 1 imperfect interpolant sequences [2025-02-05 15:52:12,713 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [182491990] [2025-02-05 15:52:12,713 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:52:12,713 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-02-05 15:52:12,713 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-02-05 15:52:12,717 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-02-05 15:52:12,718 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2025-02-05 15:52:12,777 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 129 statements into 1 equivalence classes. [2025-02-05 15:52:12,820 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 129 of 129 statements. [2025-02-05 15:52:12,820 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:52:12,820 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:52:12,822 INFO L256 TraceCheckSpWp]: Trace formula consists of 437 conjuncts, 11 conjuncts are in the unsatisfiable core [2025-02-05 15:52:12,826 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-02-05 15:52:12,989 INFO L134 CoverageAnalysis]: Checked inductivity of 78 backedges. 5 proven. 2 refuted. 0 times theorem prover too weak. 71 trivial. 0 not checked. [2025-02-05 15:52:12,990 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-02-05 15:52:13,165 INFO L134 CoverageAnalysis]: Checked inductivity of 78 backedges. 14 proven. 0 refuted. 0 times theorem prover too weak. 64 trivial. 0 not checked. [2025-02-05 15:52:13,165 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [182491990] provided 1 perfect and 1 imperfect interpolant sequences [2025-02-05 15:52:13,165 INFO L185 FreeRefinementEngine]: Found 1 perfect and 2 imperfect interpolant sequences. [2025-02-05 15:52:13,165 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [7, 5] total 11 [2025-02-05 15:52:13,165 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [840593031] [2025-02-05 15:52:13,165 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:52:13,166 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-02-05 15:52:13,166 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:52:13,166 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-02-05 15:52:13,166 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=25, Invalid=85, Unknown=0, NotChecked=0, Total=110 [2025-02-05 15:52:13,167 INFO L87 Difference]: Start difference. First operand 978 states and 1352 transitions. Second operand has 6 states, 6 states have (on average 12.333333333333334) internal successors, (74), 5 states have internal predecessors, (74), 2 states have call successors, (16), 2 states have call predecessors, (16), 2 states have return successors, (15), 3 states have call predecessors, (15), 2 states have call successors, (15) [2025-02-05 15:52:13,357 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:52:13,358 INFO L93 Difference]: Finished difference Result 2824 states and 3991 transitions. [2025-02-05 15:52:13,358 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-02-05 15:52:13,358 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 12.333333333333334) internal successors, (74), 5 states have internal predecessors, (74), 2 states have call successors, (16), 2 states have call predecessors, (16), 2 states have return successors, (15), 3 states have call predecessors, (15), 2 states have call successors, (15) Word has length 129 [2025-02-05 15:52:13,358 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:52:13,367 INFO L225 Difference]: With dead ends: 2824 [2025-02-05 15:52:13,367 INFO L226 Difference]: Without dead ends: 1869 [2025-02-05 15:52:13,370 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 266 GetRequests, 254 SyntacticMatches, 1 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 10 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=35, Invalid=121, Unknown=0, NotChecked=0, Total=156 [2025-02-05 15:52:13,370 INFO L435 NwaCegarLoop]: 171 mSDtfsCounter, 120 mSDsluCounter, 584 mSDsCounter, 0 mSdLazyCounter, 82 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 122 SdHoareTripleChecker+Valid, 755 SdHoareTripleChecker+Invalid, 86 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 82 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-02-05 15:52:13,371 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [122 Valid, 755 Invalid, 86 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 82 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-02-05 15:52:13,372 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1869 states. [2025-02-05 15:52:13,450 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1869 to 1865. [2025-02-05 15:52:13,452 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1865 states, 1352 states have (on average 1.2832840236686391) internal successors, (1735), 1495 states have internal predecessors, (1735), 297 states have call successors, (297), 212 states have call predecessors, (297), 215 states have return successors, (538), 272 states have call predecessors, (538), 297 states have call successors, (538) [2025-02-05 15:52:13,460 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1865 states to 1865 states and 2570 transitions. [2025-02-05 15:52:13,462 INFO L78 Accepts]: Start accepts. Automaton has 1865 states and 2570 transitions. Word has length 129 [2025-02-05 15:52:13,463 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:52:13,463 INFO L471 AbstractCegarLoop]: Abstraction has 1865 states and 2570 transitions. [2025-02-05 15:52:13,463 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 12.333333333333334) internal successors, (74), 5 states have internal predecessors, (74), 2 states have call successors, (16), 2 states have call predecessors, (16), 2 states have return successors, (15), 3 states have call predecessors, (15), 2 states have call successors, (15) [2025-02-05 15:52:13,463 INFO L276 IsEmpty]: Start isEmpty. Operand 1865 states and 2570 transitions. [2025-02-05 15:52:13,470 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 138 [2025-02-05 15:52:13,470 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:52:13,470 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:52:13,476 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2025-02-05 15:52:13,674 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,3 /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-02-05 15:52:13,674 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:52:13,674 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:52:13,674 INFO L85 PathProgramCache]: Analyzing trace with hash -1128112768, now seen corresponding path program 1 times [2025-02-05 15:52:13,674 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:52:13,675 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [54712931] [2025-02-05 15:52:13,675 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:52:13,675 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:52:13,685 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 137 statements into 1 equivalence classes. [2025-02-05 15:52:13,690 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 137 of 137 statements. [2025-02-05 15:52:13,690 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:52:13,690 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:52:13,772 INFO L134 CoverageAnalysis]: Checked inductivity of 82 backedges. 25 proven. 5 refuted. 0 times theorem prover too weak. 52 trivial. 0 not checked. [2025-02-05 15:52:13,773 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:52:13,773 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [54712931] [2025-02-05 15:52:13,773 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [54712931] provided 0 perfect and 1 imperfect interpolant sequences [2025-02-05 15:52:13,773 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2054954174] [2025-02-05 15:52:13,773 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:52:13,773 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-02-05 15:52:13,773 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-02-05 15:52:13,775 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-02-05 15:52:13,776 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2025-02-05 15:52:13,826 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 137 statements into 1 equivalence classes. [2025-02-05 15:52:13,865 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 137 of 137 statements. [2025-02-05 15:52:13,865 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:52:13,865 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:52:13,866 INFO L256 TraceCheckSpWp]: Trace formula consists of 456 conjuncts, 4 conjuncts are in the unsatisfiable core [2025-02-05 15:52:13,869 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-02-05 15:52:13,917 INFO L134 CoverageAnalysis]: Checked inductivity of 82 backedges. 37 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-02-05 15:52:13,917 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-02-05 15:52:13,917 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2054954174] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:52:13,917 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-02-05 15:52:13,917 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [5] total 6 [2025-02-05 15:52:13,917 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [504567019] [2025-02-05 15:52:13,918 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:52:13,918 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:52:13,918 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:52:13,918 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:52:13,918 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2025-02-05 15:52:13,918 INFO L87 Difference]: Start difference. First operand 1865 states and 2570 transitions. Second operand has 5 states, 5 states have (on average 18.0) internal successors, (90), 4 states have internal predecessors, (90), 3 states have call successors, (19), 4 states have call predecessors, (19), 4 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) [2025-02-05 15:52:14,422 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:52:14,423 INFO L93 Difference]: Finished difference Result 4135 states and 5869 transitions. [2025-02-05 15:52:14,423 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-02-05 15:52:14,423 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 18.0) internal successors, (90), 4 states have internal predecessors, (90), 3 states have call successors, (19), 4 states have call predecessors, (19), 4 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) Word has length 137 [2025-02-05 15:52:14,424 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:52:14,437 INFO L225 Difference]: With dead ends: 4135 [2025-02-05 15:52:14,437 INFO L226 Difference]: Without dead ends: 2641 [2025-02-05 15:52:14,442 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 146 GetRequests, 139 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2025-02-05 15:52:14,443 INFO L435 NwaCegarLoop]: 184 mSDtfsCounter, 201 mSDsluCounter, 294 mSDsCounter, 0 mSdLazyCounter, 427 mSolverCounterSat, 77 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 214 SdHoareTripleChecker+Valid, 478 SdHoareTripleChecker+Invalid, 504 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 77 IncrementalHoareTripleChecker+Valid, 427 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2025-02-05 15:52:14,443 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [214 Valid, 478 Invalid, 504 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [77 Valid, 427 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2025-02-05 15:52:14,445 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2641 states. [2025-02-05 15:52:14,589 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2641 to 2594. [2025-02-05 15:52:14,592 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2594 states, 1890 states have (on average 1.265079365079365) internal successors, (2391), 2073 states have internal predecessors, (2391), 398 states have call successors, (398), 277 states have call predecessors, (398), 305 states have return successors, (867), 408 states have call predecessors, (867), 398 states have call successors, (867) [2025-02-05 15:52:14,601 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2594 states to 2594 states and 3656 transitions. [2025-02-05 15:52:14,604 INFO L78 Accepts]: Start accepts. Automaton has 2594 states and 3656 transitions. Word has length 137 [2025-02-05 15:52:14,604 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:52:14,604 INFO L471 AbstractCegarLoop]: Abstraction has 2594 states and 3656 transitions. [2025-02-05 15:52:14,604 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 18.0) internal successors, (90), 4 states have internal predecessors, (90), 3 states have call successors, (19), 4 states have call predecessors, (19), 4 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) [2025-02-05 15:52:14,604 INFO L276 IsEmpty]: Start isEmpty. Operand 2594 states and 3656 transitions. [2025-02-05 15:52:14,612 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 134 [2025-02-05 15:52:14,612 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:52:14,613 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:52:14,619 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2025-02-05 15:52:14,817 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11,4 /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-02-05 15:52:14,817 INFO L396 AbstractCegarLoop]: === Iteration 13 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:52:14,817 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:52:14,817 INFO L85 PathProgramCache]: Analyzing trace with hash -689467006, now seen corresponding path program 1 times [2025-02-05 15:52:14,817 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:52:14,817 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1445974543] [2025-02-05 15:52:14,818 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:52:14,818 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:52:14,826 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 133 statements into 1 equivalence classes. [2025-02-05 15:52:14,841 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 133 of 133 statements. [2025-02-05 15:52:14,841 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:52:14,841 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-02-05 15:52:14,842 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-02-05 15:52:14,847 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 133 statements into 1 equivalence classes. [2025-02-05 15:52:14,856 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 133 of 133 statements. [2025-02-05 15:52:14,856 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:52:14,856 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-02-05 15:52:14,888 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-02-05 15:52:14,889 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-02-05 15:52:14,890 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-02-05 15:52:14,891 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12 [2025-02-05 15:52:14,894 INFO L422 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:52:14,960 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-02-05 15:52:14,964 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 05.02 03:52:14 BoogieIcfgContainer [2025-02-05 15:52:14,964 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-02-05 15:52:14,965 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-02-05 15:52:14,965 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-02-05 15:52:14,965 INFO L274 PluginConnector]: Witness Printer initialized [2025-02-05 15:52:14,965 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:52:09" (3/4) ... [2025-02-05 15:52:14,966 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-02-05 15:52:15,065 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 106. [2025-02-05 15:52:15,143 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-02-05 15:52:15,146 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.yml [2025-02-05 15:52:15,146 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-02-05 15:52:15,146 INFO L158 Benchmark]: Toolchain (without parser) took 6214.39ms. Allocated memory was 142.6MB in the beginning and 318.8MB in the end (delta: 176.2MB). Free memory was 102.5MB in the beginning and 143.5MB in the end (delta: -41.0MB). Peak memory consumption was 133.9MB. Max. memory is 16.1GB. [2025-02-05 15:52:15,147 INFO L158 Benchmark]: CDTParser took 0.24ms. Allocated memory is still 201.3MB. Free memory is still 126.7MB. There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:52:15,147 INFO L158 Benchmark]: CACSL2BoogieTranslator took 295.23ms. Allocated memory is still 142.6MB. Free memory was 102.5MB in the beginning and 83.3MB in the end (delta: 19.2MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. [2025-02-05 15:52:15,147 INFO L158 Benchmark]: Boogie Procedure Inliner took 27.18ms. Allocated memory is still 142.6MB. Free memory was 83.3MB in the beginning and 81.1MB in the end (delta: 2.3MB). There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:52:15,147 INFO L158 Benchmark]: Boogie Preprocessor took 31.52ms. Allocated memory is still 142.6MB. Free memory was 81.1MB in the beginning and 78.9MB in the end (delta: 2.2MB). There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:52:15,148 INFO L158 Benchmark]: IcfgBuilder took 414.98ms. Allocated memory is still 142.6MB. Free memory was 78.9MB in the beginning and 56.0MB in the end (delta: 22.9MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. [2025-02-05 15:52:15,148 INFO L158 Benchmark]: TraceAbstraction took 5259.13ms. Allocated memory was 142.6MB in the beginning and 318.8MB in the end (delta: 176.2MB). Free memory was 54.9MB in the beginning and 162.2MB in the end (delta: -107.3MB). Peak memory consumption was 66.8MB. Max. memory is 16.1GB. [2025-02-05 15:52:15,148 INFO L158 Benchmark]: Witness Printer took 181.26ms. Allocated memory is still 318.8MB. Free memory was 162.2MB in the beginning and 143.5MB in the end (delta: 18.7MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-02-05 15:52:15,149 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.24ms. Allocated memory is still 201.3MB. Free memory is still 126.7MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 295.23ms. Allocated memory is still 142.6MB. Free memory was 102.5MB in the beginning and 83.3MB in the end (delta: 19.2MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 27.18ms. Allocated memory is still 142.6MB. Free memory was 83.3MB in the beginning and 81.1MB in the end (delta: 2.3MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 31.52ms. Allocated memory is still 142.6MB. Free memory was 81.1MB in the beginning and 78.9MB in the end (delta: 2.2MB). There was no memory consumed. Max. memory is 16.1GB. * IcfgBuilder took 414.98ms. Allocated memory is still 142.6MB. Free memory was 78.9MB in the beginning and 56.0MB in the end (delta: 22.9MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. * TraceAbstraction took 5259.13ms. Allocated memory was 142.6MB in the beginning and 318.8MB in the end (delta: 176.2MB). Free memory was 54.9MB in the beginning and 162.2MB in the end (delta: -107.3MB). Peak memory consumption was 66.8MB. Max. memory is 16.1GB. * Witness Printer took 181.26ms. Allocated memory is still 318.8MB. Free memory was 162.2MB in the beginning and 143.5MB in the end (delta: 18.7MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 168]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [168] - GenericResultAtLocation [Line: 507]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [507] - GenericResultAtLocation [Line: 609]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [609] - GenericResultAtLocation [Line: 686]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification2_spec.i","") [686] - GenericResultAtLocation [Line: 726]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [726] - GenericResultAtLocation [Line: 1092]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1092] - GenericResultAtLocation [Line: 1101]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1101] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 1097]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L50] int __SELECTED_FEATURE_base ; [L51] int __SELECTED_FEATURE_highWaterSensor ; [L52] int __SELECTED_FEATURE_lowWaterSensor ; [L53] int __SELECTED_FEATURE_methaneQuery ; [L54] int __SELECTED_FEATURE_methaneAlarm ; [L55] int __SELECTED_FEATURE_stopCommand ; [L56] int __SELECTED_FEATURE_startCommand ; [L57] int __GUIDSL_ROOT_PRODUCTION ; [L66] int waterLevel = 1; [L67] int methaneLevelCritical = 0; [L176] int pumpRunning = 0; [L177] int systemActive = 1; [L508] int cleanupTimeShifts = 4; [L688] int methAndRunningLastTime ; [L896] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; VAL [__GUIDSL_ROOT_PRODUCTION=0, __SELECTED_FEATURE_base=0, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L587] int retValue_acc ; [L588] int tmp ; [L592] CALL select_helpers() [L1133] __GUIDSL_ROOT_PRODUCTION = 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=0, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L592] RET select_helpers() [L593] CALL select_features() [L1118] __SELECTED_FEATURE_base = 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1119] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=16, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1119] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1119] __SELECTED_FEATURE_highWaterSensor = select_one() [L1120] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1120] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1120] __SELECTED_FEATURE_lowWaterSensor = select_one() [L1121] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1121] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1121] __SELECTED_FEATURE_methaneQuery = select_one() [L1122] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1122] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1122] __SELECTED_FEATURE_methaneAlarm = select_one() [L1123] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1123] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1123] __SELECTED_FEATURE_stopCommand = select_one() [L1124] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1124] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1124] __SELECTED_FEATURE_startCommand = select_one() [L593] RET select_features() [L594] CALL, EXPR valid_product() [L1138] int retValue_acc ; [L1141] retValue_acc = __SELECTED_FEATURE_base [L1142] return (retValue_acc); VAL [\result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L594] RET, EXPR valid_product() [L594] tmp = valid_product() [L596] COND TRUE \read(tmp) [L598] FCALL setup() [L599] CALL runTest() [L577] CALL __utac_acc__Specification2_spec__1() [L693] methAndRunningLastTime = 0 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L577] RET __utac_acc__Specification2_spec__1() [L578] CALL test() [L611] int splverifierCounter ; [L612] int tmp ; [L613] int tmp___0 ; [L614] int tmp___1 ; [L615] int tmp___2 ; [L618] splverifierCounter = 0 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L620] COND TRUE 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L622] COND TRUE splverifierCounter < 4 [L628] tmp = __VERIFIER_nondet_int() [L630] COND TRUE \read(tmp) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L632] CALL waterRise() VAL [\old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L84] COND TRUE waterLevel < 2 [L85] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L632] RET waterRise() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L638] tmp___0 = __VERIFIER_nondet_int() [L640] COND TRUE \read(tmp___0) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L642] CALL changeMethaneLevel() VAL [\old(methaneLevelCritical)=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L96] COND FALSE !(\read(methaneLevelCritical)) [L99] methaneLevelCritical = 1 VAL [\old(methaneLevelCritical)=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L642] RET changeMethaneLevel() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L648] tmp___2 = __VERIFIER_nondet_int() [L650] COND FALSE !(\read(tmp___2)) [L660] tmp___1 = __VERIFIER_nondet_int() [L662] COND FALSE !(\read(tmp___1)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L675] CALL timeShift() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L184] COND FALSE !(\read(pumpRunning)) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L191] COND TRUE \read(systemActive) [L193] CALL processEnvironment() [L327] COND FALSE !(\read(__SELECTED_FEATURE_methaneAlarm)) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L334] CALL processEnvironment__before__methaneAlarm() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L284] COND FALSE !(\read(__SELECTED_FEATURE_lowWaterSensor)) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L291] CALL processEnvironment__before__lowWaterSensor() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L241] COND TRUE \read(__SELECTED_FEATURE_highWaterSensor) [L243] CALL processEnvironment__role__highWaterSensor() [L213] int tmp ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L216] COND TRUE ! pumpRunning [L218] CALL, EXPR isHighWaterLevel() [L447] int retValue_acc ; [L448] int tmp ; [L449] int tmp___0 ; [L453] CALL, EXPR isHighWaterSensorDry() [L146] int retValue_acc ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L149] COND FALSE !(waterLevel < 2) [L153] retValue_acc = 0 [L154] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L453] RET, EXPR isHighWaterSensorDry() [L453] tmp = isHighWaterSensorDry() [L455] COND FALSE !(\read(tmp)) [L458] tmp___0 = 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L460] retValue_acc = tmp___0 [L461] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L218] RET, EXPR isHighWaterLevel() [L218] tmp = isHighWaterLevel() [L220] COND TRUE \read(tmp) [L222] CALL activatePump() [L369] COND FALSE !(\read(__SELECTED_FEATURE_methaneQuery)) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L376] CALL activatePump__before__methaneQuery() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L344] pumpRunning = 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L376] RET activatePump__before__methaneQuery() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L222] RET activatePump() [L243] RET processEnvironment__role__highWaterSensor() [L291] RET processEnvironment__before__lowWaterSensor() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L334] RET processEnvironment__before__methaneAlarm() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L193] RET processEnvironment() [L199] CALL __utac_acc__Specification2_spec__2() [L698] int tmp ; [L699] int tmp___0 ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L703] CALL, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L105] int retValue_acc ; [L108] retValue_acc = methaneLevelCritical [L109] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L703] RET, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L703] tmp = isMethaneLevelCritical() [L705] COND TRUE \read(tmp) [L707] CALL, EXPR isPumpRunning() [L402] int retValue_acc ; [L405] retValue_acc = pumpRunning [L406] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L707] RET, EXPR isPumpRunning() [L707] tmp___0 = isPumpRunning() [L709] COND TRUE \read(tmp___0) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L710] COND FALSE !(\read(methAndRunningLastTime)) [L715] methAndRunningLastTime = 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L199] RET __utac_acc__Specification2_spec__2() [L675] RET timeShift() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L620] COND TRUE 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L622] COND TRUE splverifierCounter < 4 [L628] tmp = __VERIFIER_nondet_int() [L630] COND FALSE !(\read(tmp)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L638] tmp___0 = __VERIFIER_nondet_int() [L640] COND FALSE !(\read(tmp___0)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L648] tmp___2 = __VERIFIER_nondet_int() [L650] COND FALSE !(\read(tmp___2)) [L660] tmp___1 = __VERIFIER_nondet_int() [L662] COND FALSE !(\read(tmp___1)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L675] CALL timeShift() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L184] COND TRUE \read(pumpRunning) [L186] CALL lowerWaterLevel() [L72] COND TRUE waterLevel > 0 [L73] waterLevel = waterLevel - 1 VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L186] RET lowerWaterLevel() [L191] COND TRUE \read(systemActive) [L193] CALL processEnvironment() [L327] COND FALSE !(\read(__SELECTED_FEATURE_methaneAlarm)) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L334] CALL processEnvironment__before__methaneAlarm() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L284] COND FALSE !(\read(__SELECTED_FEATURE_lowWaterSensor)) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L291] CALL processEnvironment__before__lowWaterSensor() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L241] COND TRUE \read(__SELECTED_FEATURE_highWaterSensor) [L243] CALL processEnvironment__role__highWaterSensor() [L213] int tmp ; VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L216] COND FALSE !(! pumpRunning) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L231] FCALL processEnvironment__before__highWaterSensor() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L243] RET processEnvironment__role__highWaterSensor() [L291] RET processEnvironment__before__lowWaterSensor() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L334] RET processEnvironment__before__methaneAlarm() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L193] RET processEnvironment() [L199] CALL __utac_acc__Specification2_spec__2() [L698] int tmp ; [L699] int tmp___0 ; VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L703] CALL, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L105] int retValue_acc ; [L108] retValue_acc = methaneLevelCritical [L109] return (retValue_acc); VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L703] RET, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L703] tmp = isMethaneLevelCritical() [L705] COND TRUE \read(tmp) [L707] CALL, EXPR isPumpRunning() [L402] int retValue_acc ; [L405] retValue_acc = pumpRunning [L406] return (retValue_acc); VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L707] RET, EXPR isPumpRunning() [L707] tmp___0 = isPumpRunning() [L709] COND TRUE \read(tmp___0) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L710] COND TRUE \read(methAndRunningLastTime) [L712] CALL __automaton_fail() [L1097] reach_error() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] - StatisticsResult: Ultimate Automizer benchmark data CFG has 13 procedures, 144 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 5.1s, OverallIterations: 13, TraceHistogramMax: 6, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 1.6s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1399 SdHoareTripleChecker+Valid, 0.7s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1380 mSDsluCounter, 5498 SdHoareTripleChecker+Invalid, 0.6s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3190 mSDsCounter, 110 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 760 IncrementalHoareTripleChecker+Invalid, 870 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 110 mSolverCounterUnsat, 2308 mSDtfsCounter, 760 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 584 GetRequests, 543 SyntacticMatches, 1 SemanticMatches, 40 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 13 ImplicationChecksByTransitivity, 0.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=2594occurred in iteration=12, InterpolantAutomatonStates: 53, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.6s AutomataMinimizationTime, 12 MinimizatonAttempts, 122 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 1.4s InterpolantComputationTime, 1612 NumberOfCodeBlocks, 1612 NumberOfCodeBlocksAsserted, 16 NumberOfCheckSat, 1592 ConstructedInterpolants, 0 QuantifiedInterpolants, 2821 SizeOfPredicates, 1 NumberOfNonLiveVariables, 1329 ConjunctsInSsa, 18 ConjunctsInUnsatCore, 16 InterpolantComputations, 12 PerfectInterpolantSequences, 963/976 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-02-05 15:52:15,170 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE