./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version c00e63dc Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c -s /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 45558e1c10008e5b16efe572a84fcf92b08797f54d586c51d45827b7e38254a6 --- Real Ultimate output --- This is Ultimate 0.3.0-?-c00e63d-m [2025-02-05 15:53:45,637 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-02-05 15:53:45,688 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-02-05 15:53:45,697 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-02-05 15:53:45,700 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-02-05 15:53:45,724 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-02-05 15:53:45,725 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-02-05 15:53:45,725 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-02-05 15:53:45,726 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-02-05 15:53:45,726 INFO L153 SettingsManager]: * Use memory slicer=true [2025-02-05 15:53:45,726 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-02-05 15:53:45,726 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-02-05 15:53:45,726 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-02-05 15:53:45,726 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-02-05 15:53:45,727 INFO L153 SettingsManager]: * Use SBE=true [2025-02-05 15:53:45,727 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-02-05 15:53:45,728 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-02-05 15:53:45,728 INFO L153 SettingsManager]: * sizeof long=4 [2025-02-05 15:53:45,728 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-02-05 15:53:45,728 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-02-05 15:53:45,728 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-02-05 15:53:45,728 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-02-05 15:53:45,728 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-02-05 15:53:45,728 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-02-05 15:53:45,729 INFO L153 SettingsManager]: * sizeof long double=12 [2025-02-05 15:53:45,729 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-02-05 15:53:45,729 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-02-05 15:53:45,729 INFO L153 SettingsManager]: * Use constant arrays=true [2025-02-05 15:53:45,729 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-02-05 15:53:45,729 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-02-05 15:53:45,729 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-02-05 15:53:45,729 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-02-05 15:53:45,729 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-02-05 15:53:45,729 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-02-05 15:53:45,730 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-02-05 15:53:45,730 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-02-05 15:53:45,730 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-02-05 15:53:45,730 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-02-05 15:53:45,730 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-02-05 15:53:45,730 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-02-05 15:53:45,730 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-02-05 15:53:45,731 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-02-05 15:53:45,731 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-02-05 15:53:45,731 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 45558e1c10008e5b16efe572a84fcf92b08797f54d586c51d45827b7e38254a6 [2025-02-05 15:53:45,974 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-02-05 15:53:45,986 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-02-05 15:53:45,989 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-02-05 15:53:45,991 INFO L270 PluginConnector]: Initializing CDTParser... [2025-02-05 15:53:45,991 INFO L274 PluginConnector]: CDTParser initialized [2025-02-05 15:53:45,992 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c [2025-02-05 15:53:47,209 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/43193a28c/27e77ff02ec84532a3c71eeb5c9b48f7/FLAGc5f963fc1 [2025-02-05 15:53:47,476 INFO L384 CDTParser]: Found 1 translation units. [2025-02-05 15:53:47,477 INFO L180 CDTParser]: Scanning /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c [2025-02-05 15:53:47,490 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/43193a28c/27e77ff02ec84532a3c71eeb5c9b48f7/FLAGc5f963fc1 [2025-02-05 15:53:47,511 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/43193a28c/27e77ff02ec84532a3c71eeb5c9b48f7 [2025-02-05 15:53:47,512 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-02-05 15:53:47,513 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-02-05 15:53:47,515 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-02-05 15:53:47,515 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-02-05 15:53:47,518 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-02-05 15:53:47,519 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 05.02 03:53:47" (1/1) ... [2025-02-05 15:53:47,520 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@eedfe96 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:47, skipping insertion in model container [2025-02-05 15:53:47,520 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 05.02 03:53:47" (1/1) ... [2025-02-05 15:53:47,552 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-02-05 15:53:47,705 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c[9333,9346] [2025-02-05 15:53:47,766 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-02-05 15:53:47,774 INFO L200 MainTranslator]: Completed pre-run [2025-02-05 15:53:47,780 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] [2025-02-05 15:53:47,781 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification4_spec.i","") [153] [2025-02-05 15:53:47,781 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [190] [2025-02-05 15:53:47,781 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [530] [2025-02-05 15:53:47,781 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [607] [2025-02-05 15:53:47,781 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [616] [2025-02-05 15:53:47,782 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [982] [2025-02-05 15:53:47,782 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1085] [2025-02-05 15:53:47,810 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c[9333,9346] [2025-02-05 15:53:47,842 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-02-05 15:53:47,870 INFO L204 MainTranslator]: Completed translation [2025-02-05 15:53:47,870 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:47 WrapperNode [2025-02-05 15:53:47,870 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-02-05 15:53:47,871 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-02-05 15:53:47,871 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-02-05 15:53:47,871 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-02-05 15:53:47,878 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:47" (1/1) ... [2025-02-05 15:53:47,890 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:47" (1/1) ... [2025-02-05 15:53:47,913 INFO L138 Inliner]: procedures = 63, calls = 121, calls flagged for inlining = 29, calls inlined = 26, statements flattened = 295 [2025-02-05 15:53:47,914 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-02-05 15:53:47,914 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-02-05 15:53:47,914 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-02-05 15:53:47,914 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-02-05 15:53:47,920 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:47" (1/1) ... [2025-02-05 15:53:47,920 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:47" (1/1) ... [2025-02-05 15:53:47,922 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:47" (1/1) ... [2025-02-05 15:53:47,939 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-02-05 15:53:47,939 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:47" (1/1) ... [2025-02-05 15:53:47,940 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:47" (1/1) ... [2025-02-05 15:53:47,946 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:47" (1/1) ... [2025-02-05 15:53:47,947 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:47" (1/1) ... [2025-02-05 15:53:47,950 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:47" (1/1) ... [2025-02-05 15:53:47,951 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:47" (1/1) ... [2025-02-05 15:53:47,952 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-02-05 15:53:47,953 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-02-05 15:53:47,956 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-02-05 15:53:47,957 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-02-05 15:53:47,957 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:47" (1/1) ... [2025-02-05 15:53:47,963 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-02-05 15:53:47,973 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-02-05 15:53:47,986 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-02-05 15:53:47,992 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-02-05 15:53:48,007 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-02-05 15:53:48,007 INFO L130 BoogieDeclarations]: Found specification of procedure activatePump__before__methaneQuery [2025-02-05 15:53:48,008 INFO L138 BoogieDeclarations]: Found implementation of procedure activatePump__before__methaneQuery [2025-02-05 15:53:48,008 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-02-05 15:53:48,008 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-02-05 15:53:48,008 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-02-05 15:53:48,008 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-02-05 15:53:48,008 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__highWaterSensor [2025-02-05 15:53:48,008 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__highWaterSensor [2025-02-05 15:53:48,008 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-02-05 15:53:48,008 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-02-05 15:53:48,008 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__methaneAlarm [2025-02-05 15:53:48,008 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__methaneAlarm [2025-02-05 15:53:48,008 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__lowWaterSensor [2025-02-05 15:53:48,008 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__lowWaterSensor [2025-02-05 15:53:48,008 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2025-02-05 15:53:48,008 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2025-02-05 15:53:48,008 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2025-02-05 15:53:48,008 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2025-02-05 15:53:48,008 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-02-05 15:53:48,008 INFO L130 BoogieDeclarations]: Found specification of procedure select_one [2025-02-05 15:53:48,008 INFO L138 BoogieDeclarations]: Found implementation of procedure select_one [2025-02-05 15:53:48,008 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-02-05 15:53:48,008 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-02-05 15:53:48,008 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-02-05 15:53:48,008 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-02-05 15:53:48,075 INFO L257 CfgBuilder]: Building ICFG [2025-02-05 15:53:48,077 INFO L287 CfgBuilder]: Building CFG for each procedure with an implementation [2025-02-05 15:53:48,176 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L1073-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~10#1; [2025-02-05 15:53:48,176 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L485-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~3#1; [2025-02-05 15:53:48,183 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L1094: #res := ~retValue_acc~12; [2025-02-05 15:53:48,305 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L430-1: isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~2#1; [2025-02-05 15:53:48,307 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L1059-1: getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~9#1; [2025-02-05 15:53:48,334 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint cleanupFINAL: assume true; [2025-02-05 15:53:48,487 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L1127-1: valid_product_#res#1 := valid_product_~retValue_acc~13#1; [2025-02-05 15:53:48,488 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L150-1: main_#res#1 := main_~retValue_acc~0#1; [2025-02-05 15:53:48,561 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L1082-1: isLowWaterSensorDry_#res#1 := isLowWaterSensorDry_~retValue_acc~11#1; [2025-02-05 15:53:48,564 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L504-1: isLowWaterLevel_#res#1 := isLowWaterLevel_~retValue_acc~4#1; [2025-02-05 15:53:48,571 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L421: #res#1 := ~retValue_acc~1#1; [2025-02-05 15:53:48,571 INFO L1309 $ProcedureCfgBuilder]: dead code at ProgramPoint L1027-1: isMethaneLevelCritical_#res#1 := isMethaneLevelCritical_~retValue_acc~8#1; [2025-02-05 15:53:48,588 INFO L? ?]: Removed 55 outVars from TransFormulas that were not future-live. [2025-02-05 15:53:48,592 INFO L308 CfgBuilder]: Performing block encoding [2025-02-05 15:53:48,605 INFO L332 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-02-05 15:53:48,607 INFO L337 CfgBuilder]: Removed 0 assume(true) statements. [2025-02-05 15:53:48,608 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:53:48 BoogieIcfgContainer [2025-02-05 15:53:48,608 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-02-05 15:53:48,610 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-02-05 15:53:48,610 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-02-05 15:53:48,617 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-02-05 15:53:48,618 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 05.02 03:53:47" (1/3) ... [2025-02-05 15:53:48,618 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3c80ac22 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 05.02 03:53:48, skipping insertion in model container [2025-02-05 15:53:48,618 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 05.02 03:53:47" (2/3) ... [2025-02-05 15:53:48,620 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3c80ac22 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 05.02 03:53:48, skipping insertion in model container [2025-02-05 15:53:48,629 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:53:48" (3/3) ... [2025-02-05 15:53:48,630 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec4_productSimulator.cil.c [2025-02-05 15:53:48,650 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-02-05 15:53:48,651 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec4_productSimulator.cil.c that has 12 procedures, 137 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-02-05 15:53:48,700 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-02-05 15:53:48,710 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@61ab4776, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-02-05 15:53:48,710 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-02-05 15:53:48,713 INFO L276 IsEmpty]: Start isEmpty. Operand has 136 states, 95 states have (on average 1.3578947368421053) internal successors, (129), 111 states have internal predecessors, (129), 28 states have call successors, (28), 11 states have call predecessors, (28), 10 states have return successors, (27), 22 states have call predecessors, (27), 27 states have call successors, (27) [2025-02-05 15:53:48,720 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2025-02-05 15:53:48,720 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:53:48,721 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:53:48,721 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:53:48,725 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:53:48,726 INFO L85 PathProgramCache]: Analyzing trace with hash 120397226, now seen corresponding path program 1 times [2025-02-05 15:53:48,731 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:53:48,732 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [382658570] [2025-02-05 15:53:48,732 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:48,732 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:53:48,805 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 49 statements into 1 equivalence classes. [2025-02-05 15:53:48,844 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 49 of 49 statements. [2025-02-05 15:53:48,845 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:48,846 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:48,922 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-02-05 15:53:48,922 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:53:48,924 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [382658570] [2025-02-05 15:53:48,924 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [382658570] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:53:48,924 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:53:48,924 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2025-02-05 15:53:48,925 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [801552772] [2025-02-05 15:53:48,925 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:53:48,929 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-02-05 15:53:48,930 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:53:48,949 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-02-05 15:53:48,950 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-02-05 15:53:48,951 INFO L87 Difference]: Start difference. First operand has 136 states, 95 states have (on average 1.3578947368421053) internal successors, (129), 111 states have internal predecessors, (129), 28 states have call successors, (28), 11 states have call predecessors, (28), 10 states have return successors, (27), 22 states have call predecessors, (27), 27 states have call successors, (27) Second operand has 2 states, 2 states have (on average 12.5) internal successors, (25), 2 states have internal predecessors, (25), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2025-02-05 15:53:48,997 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:53:48,999 INFO L93 Difference]: Finished difference Result 241 states and 335 transitions. [2025-02-05 15:53:49,000 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-02-05 15:53:49,001 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.5) internal successors, (25), 2 states have internal predecessors, (25), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) Word has length 49 [2025-02-05 15:53:49,001 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:53:49,008 INFO L225 Difference]: With dead ends: 241 [2025-02-05 15:53:49,008 INFO L226 Difference]: Without dead ends: 128 [2025-02-05 15:53:49,013 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-02-05 15:53:49,020 INFO L435 NwaCegarLoop]: 178 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 178 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:53:49,020 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 178 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:53:49,032 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 128 states. [2025-02-05 15:53:49,072 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 128 to 128. [2025-02-05 15:53:49,074 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 128 states, 89 states have (on average 1.3258426966292134) internal successors, (118), 104 states have internal predecessors, (118), 28 states have call successors, (28), 11 states have call predecessors, (28), 10 states have return successors, (27), 22 states have call predecessors, (27), 27 states have call successors, (27) [2025-02-05 15:53:49,080 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 128 states to 128 states and 173 transitions. [2025-02-05 15:53:49,083 INFO L78 Accepts]: Start accepts. Automaton has 128 states and 173 transitions. Word has length 49 [2025-02-05 15:53:49,084 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:53:49,084 INFO L471 AbstractCegarLoop]: Abstraction has 128 states and 173 transitions. [2025-02-05 15:53:49,084 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.5) internal successors, (25), 2 states have internal predecessors, (25), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2025-02-05 15:53:49,085 INFO L276 IsEmpty]: Start isEmpty. Operand 128 states and 173 transitions. [2025-02-05 15:53:49,086 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2025-02-05 15:53:49,086 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:53:49,086 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:53:49,086 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-02-05 15:53:49,086 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:53:49,087 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:53:49,087 INFO L85 PathProgramCache]: Analyzing trace with hash -1917652350, now seen corresponding path program 1 times [2025-02-05 15:53:49,087 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:53:49,087 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1680259372] [2025-02-05 15:53:49,087 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:49,087 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:53:49,104 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 50 statements into 1 equivalence classes. [2025-02-05 15:53:49,128 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 50 of 50 statements. [2025-02-05 15:53:49,130 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:49,131 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:49,262 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-02-05 15:53:49,263 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:53:49,263 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1680259372] [2025-02-05 15:53:49,263 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1680259372] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:53:49,263 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:53:49,263 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-02-05 15:53:49,264 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1376989174] [2025-02-05 15:53:49,264 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:53:49,265 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:53:49,265 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:53:49,266 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:53:49,266 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:53:49,267 INFO L87 Difference]: Start difference. First operand 128 states and 173 transitions. Second operand has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2025-02-05 15:53:49,286 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:53:49,286 INFO L93 Difference]: Finished difference Result 201 states and 272 transitions. [2025-02-05 15:53:49,286 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:53:49,287 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) Word has length 50 [2025-02-05 15:53:49,287 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:53:49,288 INFO L225 Difference]: With dead ends: 201 [2025-02-05 15:53:49,288 INFO L226 Difference]: Without dead ends: 119 [2025-02-05 15:53:49,288 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:53:49,289 INFO L435 NwaCegarLoop]: 160 mSDtfsCounter, 20 mSDsluCounter, 135 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 24 SdHoareTripleChecker+Valid, 295 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:53:49,289 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [24 Valid, 295 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:53:49,290 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 119 states. [2025-02-05 15:53:49,295 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 119 to 119. [2025-02-05 15:53:49,296 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 119 states, 83 states have (on average 1.3373493975903614) internal successors, (111), 98 states have internal predecessors, (111), 25 states have call successors, (25), 10 states have call predecessors, (25), 10 states have return successors, (25), 20 states have call predecessors, (25), 25 states have call successors, (25) [2025-02-05 15:53:49,297 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 119 states to 119 states and 161 transitions. [2025-02-05 15:53:49,297 INFO L78 Accepts]: Start accepts. Automaton has 119 states and 161 transitions. Word has length 50 [2025-02-05 15:53:49,298 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:53:49,298 INFO L471 AbstractCegarLoop]: Abstraction has 119 states and 161 transitions. [2025-02-05 15:53:49,298 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2025-02-05 15:53:49,298 INFO L276 IsEmpty]: Start isEmpty. Operand 119 states and 161 transitions. [2025-02-05 15:53:49,299 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2025-02-05 15:53:49,299 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:53:49,299 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:53:49,299 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-02-05 15:53:49,299 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:53:49,300 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:53:49,300 INFO L85 PathProgramCache]: Analyzing trace with hash -2702584, now seen corresponding path program 1 times [2025-02-05 15:53:49,300 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:53:49,300 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [46770512] [2025-02-05 15:53:49,300 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:49,300 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:53:49,311 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 54 statements into 1 equivalence classes. [2025-02-05 15:53:49,326 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 54 of 54 statements. [2025-02-05 15:53:49,327 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:49,327 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:49,494 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-02-05 15:53:49,495 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:53:49,495 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [46770512] [2025-02-05 15:53:49,495 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [46770512] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:53:49,495 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:53:49,495 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2025-02-05 15:53:49,495 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1676771959] [2025-02-05 15:53:49,495 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:53:49,496 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2025-02-05 15:53:49,496 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:53:49,496 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2025-02-05 15:53:49,496 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=30, Unknown=0, NotChecked=0, Total=42 [2025-02-05 15:53:49,497 INFO L87 Difference]: Start difference. First operand 119 states and 161 transitions. Second operand has 7 states, 7 states have (on average 4.428571428571429) internal successors, (31), 7 states have internal predecessors, (31), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2025-02-05 15:53:49,877 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:53:49,877 INFO L93 Difference]: Finished difference Result 446 states and 616 transitions. [2025-02-05 15:53:49,878 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-02-05 15:53:49,878 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 4.428571428571429) internal successors, (31), 7 states have internal predecessors, (31), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) Word has length 54 [2025-02-05 15:53:49,878 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:53:49,881 INFO L225 Difference]: With dead ends: 446 [2025-02-05 15:53:49,881 INFO L226 Difference]: Without dead ends: 349 [2025-02-05 15:53:49,881 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=31, Invalid=59, Unknown=0, NotChecked=0, Total=90 [2025-02-05 15:53:49,882 INFO L435 NwaCegarLoop]: 172 mSDtfsCounter, 550 mSDsluCounter, 590 mSDsCounter, 0 mSdLazyCounter, 253 mSolverCounterSat, 145 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 550 SdHoareTripleChecker+Valid, 762 SdHoareTripleChecker+Invalid, 398 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 145 IncrementalHoareTripleChecker+Valid, 253 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2025-02-05 15:53:49,882 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [550 Valid, 762 Invalid, 398 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [145 Valid, 253 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2025-02-05 15:53:49,883 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 349 states. [2025-02-05 15:53:49,907 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 349 to 247. [2025-02-05 15:53:49,907 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 247 states, 175 states have (on average 1.3885714285714286) internal successors, (243), 207 states have internal predecessors, (243), 48 states have call successors, (48), 23 states have call predecessors, (48), 23 states have return successors, (49), 36 states have call predecessors, (49), 48 states have call successors, (49) [2025-02-05 15:53:49,909 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 247 states to 247 states and 340 transitions. [2025-02-05 15:53:49,909 INFO L78 Accepts]: Start accepts. Automaton has 247 states and 340 transitions. Word has length 54 [2025-02-05 15:53:49,909 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:53:49,909 INFO L471 AbstractCegarLoop]: Abstraction has 247 states and 340 transitions. [2025-02-05 15:53:49,910 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 4.428571428571429) internal successors, (31), 7 states have internal predecessors, (31), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2025-02-05 15:53:49,910 INFO L276 IsEmpty]: Start isEmpty. Operand 247 states and 340 transitions. [2025-02-05 15:53:49,911 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 59 [2025-02-05 15:53:49,911 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:53:49,911 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:53:49,912 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-02-05 15:53:49,912 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:53:49,912 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:53:49,912 INFO L85 PathProgramCache]: Analyzing trace with hash 675116492, now seen corresponding path program 1 times [2025-02-05 15:53:49,912 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:53:49,912 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [488924713] [2025-02-05 15:53:49,912 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:49,913 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:53:49,925 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 58 statements into 1 equivalence classes. [2025-02-05 15:53:49,939 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 58 of 58 statements. [2025-02-05 15:53:49,939 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:49,939 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:50,141 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-02-05 15:53:50,141 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:53:50,141 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [488924713] [2025-02-05 15:53:50,141 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [488924713] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:53:50,141 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:53:50,141 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2025-02-05 15:53:50,142 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [627616669] [2025-02-05 15:53:50,142 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:53:50,142 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2025-02-05 15:53:50,142 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:53:50,142 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2025-02-05 15:53:50,142 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=56, Unknown=0, NotChecked=0, Total=72 [2025-02-05 15:53:50,143 INFO L87 Difference]: Start difference. First operand 247 states and 340 transitions. Second operand has 9 states, 9 states have (on average 3.888888888888889) internal successors, (35), 9 states have internal predecessors, (35), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2025-02-05 15:53:50,521 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:53:50,522 INFO L93 Difference]: Finished difference Result 897 states and 1311 transitions. [2025-02-05 15:53:50,522 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2025-02-05 15:53:50,522 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 3.888888888888889) internal successors, (35), 9 states have internal predecessors, (35), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) Word has length 58 [2025-02-05 15:53:50,522 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:53:50,527 INFO L225 Difference]: With dead ends: 897 [2025-02-05 15:53:50,527 INFO L226 Difference]: Without dead ends: 672 [2025-02-05 15:53:50,528 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 19 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=59, Invalid=181, Unknown=0, NotChecked=0, Total=240 [2025-02-05 15:53:50,529 INFO L435 NwaCegarLoop]: 154 mSDtfsCounter, 306 mSDsluCounter, 982 mSDsCounter, 0 mSdLazyCounter, 291 mSolverCounterSat, 98 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 306 SdHoareTripleChecker+Valid, 1136 SdHoareTripleChecker+Invalid, 389 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 98 IncrementalHoareTripleChecker+Valid, 291 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2025-02-05 15:53:50,529 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [306 Valid, 1136 Invalid, 389 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [98 Valid, 291 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2025-02-05 15:53:50,530 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 672 states. [2025-02-05 15:53:50,579 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 672 to 666. [2025-02-05 15:53:50,580 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 666 states, 472 states have (on average 1.3834745762711864) internal successors, (653), 563 states have internal predecessors, (653), 129 states have call successors, (129), 64 states have call predecessors, (129), 64 states have return successors, (161), 93 states have call predecessors, (161), 129 states have call successors, (161) [2025-02-05 15:53:50,585 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 666 states to 666 states and 943 transitions. [2025-02-05 15:53:50,586 INFO L78 Accepts]: Start accepts. Automaton has 666 states and 943 transitions. Word has length 58 [2025-02-05 15:53:50,586 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:53:50,586 INFO L471 AbstractCegarLoop]: Abstraction has 666 states and 943 transitions. [2025-02-05 15:53:50,586 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 3.888888888888889) internal successors, (35), 9 states have internal predecessors, (35), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2025-02-05 15:53:50,587 INFO L276 IsEmpty]: Start isEmpty. Operand 666 states and 943 transitions. [2025-02-05 15:53:50,589 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2025-02-05 15:53:50,589 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:53:50,589 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:53:50,592 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-02-05 15:53:50,592 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:53:50,593 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:53:50,593 INFO L85 PathProgramCache]: Analyzing trace with hash -1072279537, now seen corresponding path program 1 times [2025-02-05 15:53:50,593 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:53:50,593 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1207299091] [2025-02-05 15:53:50,593 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:50,594 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:53:50,604 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 60 statements into 1 equivalence classes. [2025-02-05 15:53:50,619 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 60 of 60 statements. [2025-02-05 15:53:50,622 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:50,623 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:50,673 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-02-05 15:53:50,674 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:53:50,674 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1207299091] [2025-02-05 15:53:50,674 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1207299091] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:53:50,674 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:53:50,674 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-02-05 15:53:50,674 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1097160044] [2025-02-05 15:53:50,674 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:53:50,675 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:53:50,676 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:53:50,676 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:53:50,676 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:53:50,677 INFO L87 Difference]: Start difference. First operand 666 states and 943 transitions. Second operand has 3 states, 3 states have (on average 12.333333333333334) internal successors, (37), 3 states have internal predecessors, (37), 1 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2025-02-05 15:53:50,762 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:53:50,762 INFO L93 Difference]: Finished difference Result 1554 states and 2318 transitions. [2025-02-05 15:53:50,763 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:53:50,763 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 12.333333333333334) internal successors, (37), 3 states have internal predecessors, (37), 1 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) Word has length 60 [2025-02-05 15:53:50,763 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:53:50,770 INFO L225 Difference]: With dead ends: 1554 [2025-02-05 15:53:50,770 INFO L226 Difference]: Without dead ends: 910 [2025-02-05 15:53:50,772 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-02-05 15:53:50,773 INFO L435 NwaCegarLoop]: 159 mSDtfsCounter, 100 mSDsluCounter, 92 mSDsCounter, 0 mSdLazyCounter, 13 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 100 SdHoareTripleChecker+Valid, 251 SdHoareTripleChecker+Invalid, 23 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 13 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:53:50,774 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [100 Valid, 251 Invalid, 23 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 13 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:53:50,775 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 910 states. [2025-02-05 15:53:50,836 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 910 to 897. [2025-02-05 15:53:50,838 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 897 states, 659 states have (on average 1.3338391502276177) internal successors, (879), 744 states have internal predecessors, (879), 141 states have call successors, (141), 92 states have call predecessors, (141), 96 states have return successors, (258), 139 states have call predecessors, (258), 141 states have call successors, (258) [2025-02-05 15:53:50,845 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 897 states to 897 states and 1278 transitions. [2025-02-05 15:53:50,846 INFO L78 Accepts]: Start accepts. Automaton has 897 states and 1278 transitions. Word has length 60 [2025-02-05 15:53:50,847 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:53:50,847 INFO L471 AbstractCegarLoop]: Abstraction has 897 states and 1278 transitions. [2025-02-05 15:53:50,847 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 12.333333333333334) internal successors, (37), 3 states have internal predecessors, (37), 1 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2025-02-05 15:53:50,847 INFO L276 IsEmpty]: Start isEmpty. Operand 897 states and 1278 transitions. [2025-02-05 15:53:50,850 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 84 [2025-02-05 15:53:50,850 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:53:50,850 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:53:50,850 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-02-05 15:53:50,850 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:53:50,851 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:53:50,851 INFO L85 PathProgramCache]: Analyzing trace with hash 1952624049, now seen corresponding path program 1 times [2025-02-05 15:53:50,851 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:53:50,851 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [829945536] [2025-02-05 15:53:50,851 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:50,851 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:53:50,860 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 83 statements into 1 equivalence classes. [2025-02-05 15:53:50,866 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 83 of 83 statements. [2025-02-05 15:53:50,866 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:50,866 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:50,948 INFO L134 CoverageAnalysis]: Checked inductivity of 63 backedges. 11 proven. 0 refuted. 0 times theorem prover too weak. 52 trivial. 0 not checked. [2025-02-05 15:53:50,948 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:53:50,948 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [829945536] [2025-02-05 15:53:50,948 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [829945536] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:53:50,948 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:53:50,949 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-02-05 15:53:50,949 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [150648653] [2025-02-05 15:53:50,949 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:53:50,949 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:53:50,949 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:53:50,949 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:53:50,950 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:53:50,950 INFO L87 Difference]: Start difference. First operand 897 states and 1278 transitions. Second operand has 5 states, 5 states have (on average 9.8) internal successors, (49), 5 states have internal predecessors, (49), 2 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) [2025-02-05 15:53:51,038 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:53:51,038 INFO L93 Difference]: Finished difference Result 899 states and 1279 transitions. [2025-02-05 15:53:51,039 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:53:51,039 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.8) internal successors, (49), 5 states have internal predecessors, (49), 2 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) Word has length 83 [2025-02-05 15:53:51,039 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:53:51,043 INFO L225 Difference]: With dead ends: 899 [2025-02-05 15:53:51,043 INFO L226 Difference]: Without dead ends: 897 [2025-02-05 15:53:51,043 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-02-05 15:53:51,044 INFO L435 NwaCegarLoop]: 157 mSDtfsCounter, 110 mSDsluCounter, 403 mSDsCounter, 0 mSdLazyCounter, 34 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 110 SdHoareTripleChecker+Valid, 560 SdHoareTripleChecker+Invalid, 40 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 34 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:53:51,044 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [110 Valid, 560 Invalid, 40 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 34 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:53:51,045 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 897 states. [2025-02-05 15:53:51,097 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 897 to 897. [2025-02-05 15:53:51,098 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 897 states, 659 states have (on average 1.3292867981790593) internal successors, (876), 744 states have internal predecessors, (876), 141 states have call successors, (141), 92 states have call predecessors, (141), 96 states have return successors, (258), 139 states have call predecessors, (258), 141 states have call successors, (258) [2025-02-05 15:53:51,103 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 897 states to 897 states and 1275 transitions. [2025-02-05 15:53:51,104 INFO L78 Accepts]: Start accepts. Automaton has 897 states and 1275 transitions. Word has length 83 [2025-02-05 15:53:51,104 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:53:51,104 INFO L471 AbstractCegarLoop]: Abstraction has 897 states and 1275 transitions. [2025-02-05 15:53:51,104 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.8) internal successors, (49), 5 states have internal predecessors, (49), 2 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) [2025-02-05 15:53:51,104 INFO L276 IsEmpty]: Start isEmpty. Operand 897 states and 1275 transitions. [2025-02-05 15:53:51,111 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 121 [2025-02-05 15:53:51,111 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:53:51,112 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:53:51,112 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-02-05 15:53:51,112 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:53:51,112 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:53:51,113 INFO L85 PathProgramCache]: Analyzing trace with hash -725843198, now seen corresponding path program 1 times [2025-02-05 15:53:51,113 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:53:51,113 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1758873090] [2025-02-05 15:53:51,113 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:51,113 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:53:51,124 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 120 statements into 1 equivalence classes. [2025-02-05 15:53:51,129 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 120 of 120 statements. [2025-02-05 15:53:51,129 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:51,129 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:51,154 INFO L134 CoverageAnalysis]: Checked inductivity of 73 backedges. 18 proven. 0 refuted. 0 times theorem prover too weak. 55 trivial. 0 not checked. [2025-02-05 15:53:51,154 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:53:51,154 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1758873090] [2025-02-05 15:53:51,154 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1758873090] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:53:51,154 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-02-05 15:53:51,154 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-02-05 15:53:51,154 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [853159555] [2025-02-05 15:53:51,155 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:53:51,155 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-02-05 15:53:51,155 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:53:51,155 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-02-05 15:53:51,155 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-02-05 15:53:51,156 INFO L87 Difference]: Start difference. First operand 897 states and 1275 transitions. Second operand has 4 states, 4 states have (on average 18.5) internal successors, (74), 4 states have internal predecessors, (74), 4 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (14), 3 states have call predecessors, (14), 4 states have call successors, (14) [2025-02-05 15:53:51,284 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:53:51,284 INFO L93 Difference]: Finished difference Result 1391 states and 1973 transitions. [2025-02-05 15:53:51,285 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-02-05 15:53:51,285 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 18.5) internal successors, (74), 4 states have internal predecessors, (74), 4 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (14), 3 states have call predecessors, (14), 4 states have call successors, (14) Word has length 120 [2025-02-05 15:53:51,285 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:53:51,291 INFO L225 Difference]: With dead ends: 1391 [2025-02-05 15:53:51,291 INFO L226 Difference]: Without dead ends: 516 [2025-02-05 15:53:51,294 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-02-05 15:53:51,295 INFO L435 NwaCegarLoop]: 198 mSDtfsCounter, 185 mSDsluCounter, 137 mSDsCounter, 0 mSdLazyCounter, 65 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 185 SdHoareTripleChecker+Valid, 335 SdHoareTripleChecker+Invalid, 69 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 65 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-02-05 15:53:51,296 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [185 Valid, 335 Invalid, 69 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 65 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-02-05 15:53:51,297 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 516 states. [2025-02-05 15:53:51,337 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 516 to 510. [2025-02-05 15:53:51,338 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 510 states, 378 states have (on average 1.3148148148148149) internal successors, (497), 424 states have internal predecessors, (497), 78 states have call successors, (78), 51 states have call predecessors, (78), 53 states have return successors, (133), 78 states have call predecessors, (133), 78 states have call successors, (133) [2025-02-05 15:53:51,341 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 510 states to 510 states and 708 transitions. [2025-02-05 15:53:51,342 INFO L78 Accepts]: Start accepts. Automaton has 510 states and 708 transitions. Word has length 120 [2025-02-05 15:53:51,343 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:53:51,343 INFO L471 AbstractCegarLoop]: Abstraction has 510 states and 708 transitions. [2025-02-05 15:53:51,343 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 18.5) internal successors, (74), 4 states have internal predecessors, (74), 4 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (14), 3 states have call predecessors, (14), 4 states have call successors, (14) [2025-02-05 15:53:51,343 INFO L276 IsEmpty]: Start isEmpty. Operand 510 states and 708 transitions. [2025-02-05 15:53:51,347 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 128 [2025-02-05 15:53:51,348 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:53:51,348 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:53:51,348 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-02-05 15:53:51,348 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:53:51,349 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:53:51,349 INFO L85 PathProgramCache]: Analyzing trace with hash 764208405, now seen corresponding path program 1 times [2025-02-05 15:53:51,349 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:53:51,349 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1022719625] [2025-02-05 15:53:51,349 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:51,349 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:53:51,367 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 127 statements into 1 equivalence classes. [2025-02-05 15:53:51,375 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 127 of 127 statements. [2025-02-05 15:53:51,377 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:51,377 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:51,515 INFO L134 CoverageAnalysis]: Checked inductivity of 87 backedges. 14 proven. 11 refuted. 0 times theorem prover too weak. 62 trivial. 0 not checked. [2025-02-05 15:53:51,516 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:53:51,516 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1022719625] [2025-02-05 15:53:51,516 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1022719625] provided 0 perfect and 1 imperfect interpolant sequences [2025-02-05 15:53:51,516 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [917216102] [2025-02-05 15:53:51,516 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:51,516 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-02-05 15:53:51,516 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-02-05 15:53:51,522 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-02-05 15:53:51,563 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-02-05 15:53:51,626 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 127 statements into 1 equivalence classes. [2025-02-05 15:53:51,668 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 127 of 127 statements. [2025-02-05 15:53:51,668 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:51,668 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:51,670 INFO L256 TraceCheckSpWp]: Trace formula consists of 432 conjuncts, 7 conjuncts are in the unsatisfiable core [2025-02-05 15:53:51,675 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-02-05 15:53:51,847 INFO L134 CoverageAnalysis]: Checked inductivity of 87 backedges. 42 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-02-05 15:53:51,847 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-02-05 15:53:51,847 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [917216102] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:53:51,847 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-02-05 15:53:51,847 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [5] total 11 [2025-02-05 15:53:51,848 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1863747251] [2025-02-05 15:53:51,848 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:53:51,848 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2025-02-05 15:53:51,848 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:53:51,848 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2025-02-05 15:53:51,848 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=23, Invalid=87, Unknown=0, NotChecked=0, Total=110 [2025-02-05 15:53:51,849 INFO L87 Difference]: Start difference. First operand 510 states and 708 transitions. Second operand has 8 states, 8 states have (on average 10.75) internal successors, (86), 8 states have internal predecessors, (86), 6 states have call successors, (16), 5 states have call predecessors, (16), 5 states have return successors, (15), 5 states have call predecessors, (15), 6 states have call successors, (15) [2025-02-05 15:53:52,655 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:53:52,656 INFO L93 Difference]: Finished difference Result 1486 states and 2204 transitions. [2025-02-05 15:53:52,656 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2025-02-05 15:53:52,656 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 10.75) internal successors, (86), 8 states have internal predecessors, (86), 6 states have call successors, (16), 5 states have call predecessors, (16), 5 states have return successors, (15), 5 states have call predecessors, (15), 6 states have call successors, (15) Word has length 127 [2025-02-05 15:53:52,656 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:53:52,661 INFO L225 Difference]: With dead ends: 1486 [2025-02-05 15:53:52,662 INFO L226 Difference]: Without dead ends: 1136 [2025-02-05 15:53:52,663 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 139 GetRequests, 125 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 18 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=53, Invalid=187, Unknown=0, NotChecked=0, Total=240 [2025-02-05 15:53:52,663 INFO L435 NwaCegarLoop]: 157 mSDtfsCounter, 825 mSDsluCounter, 346 mSDsCounter, 0 mSdLazyCounter, 678 mSolverCounterSat, 338 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 864 SdHoareTripleChecker+Valid, 503 SdHoareTripleChecker+Invalid, 1016 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 338 IncrementalHoareTripleChecker+Valid, 678 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2025-02-05 15:53:52,663 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [864 Valid, 503 Invalid, 1016 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [338 Valid, 678 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2025-02-05 15:53:52,664 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1136 states. [2025-02-05 15:53:52,715 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1136 to 1122. [2025-02-05 15:53:52,716 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1122 states, 847 states have (on average 1.3105076741440378) internal successors, (1110), 935 states have internal predecessors, (1110), 158 states have call successors, (158), 109 states have call predecessors, (158), 116 states have return successors, (329), 164 states have call predecessors, (329), 158 states have call successors, (329) [2025-02-05 15:53:52,721 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1122 states to 1122 states and 1597 transitions. [2025-02-05 15:53:52,722 INFO L78 Accepts]: Start accepts. Automaton has 1122 states and 1597 transitions. Word has length 127 [2025-02-05 15:53:52,723 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:53:52,723 INFO L471 AbstractCegarLoop]: Abstraction has 1122 states and 1597 transitions. [2025-02-05 15:53:52,723 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 10.75) internal successors, (86), 8 states have internal predecessors, (86), 6 states have call successors, (16), 5 states have call predecessors, (16), 5 states have return successors, (15), 5 states have call predecessors, (15), 6 states have call successors, (15) [2025-02-05 15:53:52,723 INFO L276 IsEmpty]: Start isEmpty. Operand 1122 states and 1597 transitions. [2025-02-05 15:53:52,725 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 111 [2025-02-05 15:53:52,725 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:53:52,725 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:53:52,733 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2025-02-05 15:53:52,928 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7,2 /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-02-05 15:53:52,928 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:53:52,929 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:53:52,929 INFO L85 PathProgramCache]: Analyzing trace with hash -2140481019, now seen corresponding path program 1 times [2025-02-05 15:53:52,929 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:53:52,929 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1834828586] [2025-02-05 15:53:52,929 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:52,929 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:53:52,941 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 110 statements into 1 equivalence classes. [2025-02-05 15:53:52,949 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 110 of 110 statements. [2025-02-05 15:53:52,950 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:52,950 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:53,008 INFO L134 CoverageAnalysis]: Checked inductivity of 69 backedges. 13 proven. 4 refuted. 0 times theorem prover too weak. 52 trivial. 0 not checked. [2025-02-05 15:53:53,008 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:53:53,009 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1834828586] [2025-02-05 15:53:53,009 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1834828586] provided 0 perfect and 1 imperfect interpolant sequences [2025-02-05 15:53:53,009 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [640694215] [2025-02-05 15:53:53,009 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:53,009 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-02-05 15:53:53,009 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-02-05 15:53:53,011 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-02-05 15:53:53,012 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2025-02-05 15:53:53,062 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 110 statements into 1 equivalence classes. [2025-02-05 15:53:53,099 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 110 of 110 statements. [2025-02-05 15:53:53,099 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:53,099 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:53,100 INFO L256 TraceCheckSpWp]: Trace formula consists of 387 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-02-05 15:53:53,102 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-02-05 15:53:53,175 INFO L134 CoverageAnalysis]: Checked inductivity of 69 backedges. 24 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-02-05 15:53:53,175 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-02-05 15:53:53,175 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [640694215] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:53:53,175 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-02-05 15:53:53,175 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-02-05 15:53:53,175 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1289499793] [2025-02-05 15:53:53,175 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:53:53,176 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-02-05 15:53:53,176 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:53:53,176 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-02-05 15:53:53,176 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-02-05 15:53:53,176 INFO L87 Difference]: Start difference. First operand 1122 states and 1597 transitions. Second operand has 3 states, 3 states have (on average 24.333333333333332) internal successors, (73), 3 states have internal predecessors, (73), 3 states have call successors, (14), 3 states have call predecessors, (14), 3 states have return successors, (13), 3 states have call predecessors, (13), 3 states have call successors, (13) [2025-02-05 15:53:53,239 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:53:53,239 INFO L93 Difference]: Finished difference Result 2318 states and 3381 transitions. [2025-02-05 15:53:53,240 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-02-05 15:53:53,240 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 24.333333333333332) internal successors, (73), 3 states have internal predecessors, (73), 3 states have call successors, (14), 3 states have call predecessors, (14), 3 states have return successors, (13), 3 states have call predecessors, (13), 3 states have call successors, (13) Word has length 110 [2025-02-05 15:53:53,240 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:53:53,247 INFO L225 Difference]: With dead ends: 2318 [2025-02-05 15:53:53,247 INFO L226 Difference]: Without dead ends: 1218 [2025-02-05 15:53:53,251 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 114 GetRequests, 110 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-02-05 15:53:53,252 INFO L435 NwaCegarLoop]: 226 mSDtfsCounter, 88 mSDsluCounter, 87 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 88 SdHoareTripleChecker+Valid, 313 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:53:53,252 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [88 Valid, 313 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:53:53,253 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1218 states. [2025-02-05 15:53:53,328 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1218 to 1200. [2025-02-05 15:53:53,331 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1200 states, 911 states have (on average 1.305159165751921) internal successors, (1189), 999 states have internal predecessors, (1189), 164 states have call successors, (164), 120 states have call predecessors, (164), 124 states have return successors, (323), 163 states have call predecessors, (323), 164 states have call successors, (323) [2025-02-05 15:53:53,336 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1200 states to 1200 states and 1676 transitions. [2025-02-05 15:53:53,338 INFO L78 Accepts]: Start accepts. Automaton has 1200 states and 1676 transitions. Word has length 110 [2025-02-05 15:53:53,338 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:53:53,338 INFO L471 AbstractCegarLoop]: Abstraction has 1200 states and 1676 transitions. [2025-02-05 15:53:53,338 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 24.333333333333332) internal successors, (73), 3 states have internal predecessors, (73), 3 states have call successors, (14), 3 states have call predecessors, (14), 3 states have return successors, (13), 3 states have call predecessors, (13), 3 states have call successors, (13) [2025-02-05 15:53:53,338 INFO L276 IsEmpty]: Start isEmpty. Operand 1200 states and 1676 transitions. [2025-02-05 15:53:53,341 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 113 [2025-02-05 15:53:53,341 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:53:53,341 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:53:53,349 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2025-02-05 15:53:53,545 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,3 /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-02-05 15:53:53,545 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:53:53,546 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:53:53,546 INFO L85 PathProgramCache]: Analyzing trace with hash -1713143853, now seen corresponding path program 1 times [2025-02-05 15:53:53,546 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:53:53,546 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [988001725] [2025-02-05 15:53:53,546 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:53,546 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:53:53,556 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 112 statements into 1 equivalence classes. [2025-02-05 15:53:53,561 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 112 of 112 statements. [2025-02-05 15:53:53,561 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:53,561 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:53,608 INFO L134 CoverageAnalysis]: Checked inductivity of 71 backedges. 13 proven. 5 refuted. 0 times theorem prover too weak. 53 trivial. 0 not checked. [2025-02-05 15:53:53,608 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:53:53,609 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [988001725] [2025-02-05 15:53:53,609 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [988001725] provided 0 perfect and 1 imperfect interpolant sequences [2025-02-05 15:53:53,609 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1483117671] [2025-02-05 15:53:53,609 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:53,609 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-02-05 15:53:53,609 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-02-05 15:53:53,611 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-02-05 15:53:53,612 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2025-02-05 15:53:53,656 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 112 statements into 1 equivalence classes. [2025-02-05 15:53:53,689 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 112 of 112 statements. [2025-02-05 15:53:53,689 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:53,689 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:53,690 INFO L256 TraceCheckSpWp]: Trace formula consists of 388 conjuncts, 9 conjuncts are in the unsatisfiable core [2025-02-05 15:53:53,693 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-02-05 15:53:53,706 INFO L134 CoverageAnalysis]: Checked inductivity of 71 backedges. 17 proven. 0 refuted. 0 times theorem prover too weak. 54 trivial. 0 not checked. [2025-02-05 15:53:53,706 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-02-05 15:53:53,706 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1483117671] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:53:53,706 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-02-05 15:53:53,706 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [5] total 5 [2025-02-05 15:53:53,706 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1470225933] [2025-02-05 15:53:53,706 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:53:53,707 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-02-05 15:53:53,707 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:53:53,707 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-02-05 15:53:53,707 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:53:53,707 INFO L87 Difference]: Start difference. First operand 1200 states and 1676 transitions. Second operand has 5 states, 5 states have (on average 13.8) internal successors, (69), 5 states have internal predecessors, (69), 2 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 2 states have call predecessors, (13), 2 states have call successors, (13) [2025-02-05 15:53:53,790 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:53:53,790 INFO L93 Difference]: Finished difference Result 2236 states and 3317 transitions. [2025-02-05 15:53:53,791 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-02-05 15:53:53,791 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 13.8) internal successors, (69), 5 states have internal predecessors, (69), 2 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 2 states have call predecessors, (13), 2 states have call successors, (13) Word has length 112 [2025-02-05 15:53:53,791 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:53:53,799 INFO L225 Difference]: With dead ends: 2236 [2025-02-05 15:53:53,799 INFO L226 Difference]: Without dead ends: 1212 [2025-02-05 15:53:53,804 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 116 GetRequests, 113 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-02-05 15:53:53,805 INFO L435 NwaCegarLoop]: 158 mSDtfsCounter, 0 mSDsluCounter, 467 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 625 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:53:53,805 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 625 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:53:53,807 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1212 states. [2025-02-05 15:53:53,888 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1212 to 1212. [2025-02-05 15:53:53,890 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1212 states, 923 states have (on average 1.3011917659804983) internal successors, (1201), 1011 states have internal predecessors, (1201), 164 states have call successors, (164), 120 states have call predecessors, (164), 124 states have return successors, (323), 163 states have call predecessors, (323), 164 states have call successors, (323) [2025-02-05 15:53:53,896 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1212 states to 1212 states and 1688 transitions. [2025-02-05 15:53:53,898 INFO L78 Accepts]: Start accepts. Automaton has 1212 states and 1688 transitions. Word has length 112 [2025-02-05 15:53:53,898 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:53:53,898 INFO L471 AbstractCegarLoop]: Abstraction has 1212 states and 1688 transitions. [2025-02-05 15:53:53,899 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 13.8) internal successors, (69), 5 states have internal predecessors, (69), 2 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 2 states have call predecessors, (13), 2 states have call successors, (13) [2025-02-05 15:53:53,899 INFO L276 IsEmpty]: Start isEmpty. Operand 1212 states and 1688 transitions. [2025-02-05 15:53:53,901 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 113 [2025-02-05 15:53:53,902 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:53:53,902 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:53:53,909 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2025-02-05 15:53:54,103 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9,4 /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-02-05 15:53:54,103 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:53:54,104 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:53:54,104 INFO L85 PathProgramCache]: Analyzing trace with hash -1692806478, now seen corresponding path program 1 times [2025-02-05 15:53:54,104 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:53:54,105 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [803513468] [2025-02-05 15:53:54,105 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:54,105 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:53:54,115 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 112 statements into 1 equivalence classes. [2025-02-05 15:53:54,121 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 112 of 112 statements. [2025-02-05 15:53:54,121 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:54,122 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:54,212 INFO L134 CoverageAnalysis]: Checked inductivity of 71 backedges. 13 proven. 5 refuted. 0 times theorem prover too weak. 53 trivial. 0 not checked. [2025-02-05 15:53:54,212 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:53:54,212 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [803513468] [2025-02-05 15:53:54,212 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [803513468] provided 0 perfect and 1 imperfect interpolant sequences [2025-02-05 15:53:54,212 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [701050667] [2025-02-05 15:53:54,212 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:54,212 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-02-05 15:53:54,212 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-02-05 15:53:54,215 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-02-05 15:53:54,217 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2025-02-05 15:53:54,268 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 112 statements into 1 equivalence classes. [2025-02-05 15:53:54,303 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 112 of 112 statements. [2025-02-05 15:53:54,303 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:54,303 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:54,305 INFO L256 TraceCheckSpWp]: Trace formula consists of 389 conjuncts, 4 conjuncts are in the unsatisfiable core [2025-02-05 15:53:54,311 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-02-05 15:53:54,353 INFO L134 CoverageAnalysis]: Checked inductivity of 71 backedges. 17 proven. 0 refuted. 0 times theorem prover too weak. 54 trivial. 0 not checked. [2025-02-05 15:53:54,354 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-02-05 15:53:54,354 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [701050667] provided 1 perfect and 0 imperfect interpolant sequences [2025-02-05 15:53:54,354 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-02-05 15:53:54,354 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [7] total 9 [2025-02-05 15:53:54,354 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [364589375] [2025-02-05 15:53:54,355 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-02-05 15:53:54,355 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-02-05 15:53:54,355 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:53:54,355 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-02-05 15:53:54,356 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=55, Unknown=0, NotChecked=0, Total=72 [2025-02-05 15:53:54,357 INFO L87 Difference]: Start difference. First operand 1212 states and 1688 transitions. Second operand has 4 states, 4 states have (on average 17.25) internal successors, (69), 4 states have internal predecessors, (69), 2 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 2 states have call predecessors, (13), 2 states have call successors, (13) [2025-02-05 15:53:54,420 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:53:54,421 INFO L93 Difference]: Finished difference Result 2097 states and 3013 transitions. [2025-02-05 15:53:54,421 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-02-05 15:53:54,421 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 17.25) internal successors, (69), 4 states have internal predecessors, (69), 2 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 2 states have call predecessors, (13), 2 states have call successors, (13) Word has length 112 [2025-02-05 15:53:54,421 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:53:54,429 INFO L225 Difference]: With dead ends: 2097 [2025-02-05 15:53:54,429 INFO L226 Difference]: Without dead ends: 1061 [2025-02-05 15:53:54,434 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 120 GetRequests, 113 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=55, Unknown=0, NotChecked=0, Total=72 [2025-02-05 15:53:54,435 INFO L435 NwaCegarLoop]: 159 mSDtfsCounter, 0 mSDsluCounter, 312 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 471 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-02-05 15:53:54,435 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 471 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-02-05 15:53:54,437 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1061 states. [2025-02-05 15:53:54,485 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1061 to 1061. [2025-02-05 15:53:54,487 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1061 states, 807 states have (on average 1.3023543990086741) internal successors, (1051), 883 states have internal predecessors, (1051), 147 states have call successors, (147), 106 states have call predecessors, (147), 106 states have return successors, (255), 138 states have call predecessors, (255), 147 states have call successors, (255) [2025-02-05 15:53:54,493 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1061 states to 1061 states and 1453 transitions. [2025-02-05 15:53:54,495 INFO L78 Accepts]: Start accepts. Automaton has 1061 states and 1453 transitions. Word has length 112 [2025-02-05 15:53:54,495 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:53:54,495 INFO L471 AbstractCegarLoop]: Abstraction has 1061 states and 1453 transitions. [2025-02-05 15:53:54,495 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 17.25) internal successors, (69), 4 states have internal predecessors, (69), 2 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 2 states have call predecessors, (13), 2 states have call successors, (13) [2025-02-05 15:53:54,496 INFO L276 IsEmpty]: Start isEmpty. Operand 1061 states and 1453 transitions. [2025-02-05 15:53:54,498 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 117 [2025-02-05 15:53:54,499 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:53:54,499 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:53:54,506 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2025-02-05 15:53:54,703 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2025-02-05 15:53:54,703 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:53:54,704 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:53:54,705 INFO L85 PathProgramCache]: Analyzing trace with hash -254574162, now seen corresponding path program 1 times [2025-02-05 15:53:54,705 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:53:54,705 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1846216233] [2025-02-05 15:53:54,705 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:54,705 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:53:54,718 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 116 statements into 1 equivalence classes. [2025-02-05 15:53:54,726 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 116 of 116 statements. [2025-02-05 15:53:54,727 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:54,727 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:54,876 INFO L134 CoverageAnalysis]: Checked inductivity of 71 backedges. 13 proven. 9 refuted. 0 times theorem prover too weak. 49 trivial. 0 not checked. [2025-02-05 15:53:54,876 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-02-05 15:53:54,876 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1846216233] [2025-02-05 15:53:54,876 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1846216233] provided 0 perfect and 1 imperfect interpolant sequences [2025-02-05 15:53:54,876 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [162308032] [2025-02-05 15:53:54,876 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-02-05 15:53:54,876 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-02-05 15:53:54,876 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-02-05 15:53:54,879 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-02-05 15:53:54,880 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2025-02-05 15:53:54,929 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 116 statements into 1 equivalence classes. [2025-02-05 15:53:54,962 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 116 of 116 statements. [2025-02-05 15:53:54,962 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:54,962 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-02-05 15:53:54,964 INFO L256 TraceCheckSpWp]: Trace formula consists of 398 conjuncts, 8 conjuncts are in the unsatisfiable core [2025-02-05 15:53:54,966 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-02-05 15:53:55,066 INFO L134 CoverageAnalysis]: Checked inductivity of 71 backedges. 17 proven. 9 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-02-05 15:53:55,067 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-02-05 15:53:55,213 INFO L134 CoverageAnalysis]: Checked inductivity of 71 backedges. 13 proven. 9 refuted. 0 times theorem prover too weak. 49 trivial. 0 not checked. [2025-02-05 15:53:55,214 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [162308032] provided 0 perfect and 2 imperfect interpolant sequences [2025-02-05 15:53:55,214 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2025-02-05 15:53:55,214 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [6, 6, 6] total 6 [2025-02-05 15:53:55,214 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [936001398] [2025-02-05 15:53:55,215 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2025-02-05 15:53:55,215 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-02-05 15:53:55,215 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-02-05 15:53:55,215 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-02-05 15:53:55,216 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2025-02-05 15:53:55,216 INFO L87 Difference]: Start difference. First operand 1061 states and 1453 transitions. Second operand has 6 states, 6 states have (on average 14.0) internal successors, (84), 6 states have internal predecessors, (84), 3 states have call successors, (18), 3 states have call predecessors, (18), 3 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) [2025-02-05 15:53:55,367 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-02-05 15:53:55,368 INFO L93 Difference]: Finished difference Result 1847 states and 2563 transitions. [2025-02-05 15:53:55,368 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2025-02-05 15:53:55,368 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 14.0) internal successors, (84), 6 states have internal predecessors, (84), 3 states have call successors, (18), 3 states have call predecessors, (18), 3 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) Word has length 116 [2025-02-05 15:53:55,368 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-02-05 15:53:55,375 INFO L225 Difference]: With dead ends: 1847 [2025-02-05 15:53:55,375 INFO L226 Difference]: Without dead ends: 1047 [2025-02-05 15:53:55,378 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 241 GetRequests, 228 SyntacticMatches, 5 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 10 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=30, Invalid=60, Unknown=0, NotChecked=0, Total=90 [2025-02-05 15:53:55,379 INFO L435 NwaCegarLoop]: 223 mSDtfsCounter, 186 mSDsluCounter, 640 mSDsCounter, 0 mSdLazyCounter, 96 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 186 SdHoareTripleChecker+Valid, 863 SdHoareTripleChecker+Invalid, 100 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 96 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-02-05 15:53:55,379 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [186 Valid, 863 Invalid, 100 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 96 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-02-05 15:53:55,380 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1047 states. [2025-02-05 15:53:55,433 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1047 to 996. [2025-02-05 15:53:55,435 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 996 states, 752 states have (on average 1.2898936170212767) internal successors, (970), 826 states have internal predecessors, (970), 142 states have call successors, (142), 101 states have call predecessors, (142), 101 states have return successors, (250), 130 states have call predecessors, (250), 142 states have call successors, (250) [2025-02-05 15:53:55,438 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 996 states to 996 states and 1362 transitions. [2025-02-05 15:53:55,440 INFO L78 Accepts]: Start accepts. Automaton has 996 states and 1362 transitions. Word has length 116 [2025-02-05 15:53:55,440 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-02-05 15:53:55,440 INFO L471 AbstractCegarLoop]: Abstraction has 996 states and 1362 transitions. [2025-02-05 15:53:55,440 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 14.0) internal successors, (84), 6 states have internal predecessors, (84), 3 states have call successors, (18), 3 states have call predecessors, (18), 3 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) [2025-02-05 15:53:55,440 INFO L276 IsEmpty]: Start isEmpty. Operand 996 states and 1362 transitions. [2025-02-05 15:53:55,443 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 151 [2025-02-05 15:53:55,443 INFO L210 NwaCegarLoop]: Found error trace [2025-02-05 15:53:55,443 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:53:55,450 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Ended with exit code 0 [2025-02-05 15:53:55,648 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable11 [2025-02-05 15:53:55,648 INFO L396 AbstractCegarLoop]: === Iteration 13 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-02-05 15:53:55,649 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-02-05 15:53:55,649 INFO L85 PathProgramCache]: Analyzing trace with hash 1017247196, now seen corresponding path program 2 times [2025-02-05 15:53:55,649 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-02-05 15:53:55,649 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1188963466] [2025-02-05 15:53:55,649 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-02-05 15:53:55,649 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-02-05 15:53:55,658 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 150 statements into 2 equivalence classes. [2025-02-05 15:53:55,673 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) and asserted 150 of 150 statements. [2025-02-05 15:53:55,674 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2025-02-05 15:53:55,674 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-02-05 15:53:55,674 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-02-05 15:53:55,679 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 150 statements into 1 equivalence classes. [2025-02-05 15:53:55,687 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 150 of 150 statements. [2025-02-05 15:53:55,688 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-02-05 15:53:55,689 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-02-05 15:53:55,725 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-02-05 15:53:55,725 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-02-05 15:53:55,726 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-02-05 15:53:55,728 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12 [2025-02-05 15:53:55,730 INFO L422 BasicCegarLoop]: Path program histogram: [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-02-05 15:53:55,832 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-02-05 15:53:55,834 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 05.02 03:53:55 BoogieIcfgContainer [2025-02-05 15:53:55,835 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-02-05 15:53:55,835 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-02-05 15:53:55,835 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-02-05 15:53:55,836 INFO L274 PluginConnector]: Witness Printer initialized [2025-02-05 15:53:55,836 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 05.02 03:53:48" (3/4) ... [2025-02-05 15:53:55,837 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-02-05 15:53:55,939 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 126. [2025-02-05 15:53:56,030 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-02-05 15:53:56,031 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.yml [2025-02-05 15:53:56,031 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-02-05 15:53:56,031 INFO L158 Benchmark]: Toolchain (without parser) took 8518.01ms. Allocated memory was 142.6MB in the beginning and 234.9MB in the end (delta: 92.3MB). Free memory was 110.7MB in the beginning and 136.3MB in the end (delta: -25.6MB). Peak memory consumption was 68.8MB. Max. memory is 16.1GB. [2025-02-05 15:53:56,035 INFO L158 Benchmark]: CDTParser took 0.22ms. Allocated memory is still 201.3MB. Free memory is still 124.2MB. There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:53:56,035 INFO L158 Benchmark]: CACSL2BoogieTranslator took 356.45ms. Allocated memory is still 142.6MB. Free memory was 110.3MB in the beginning and 90.7MB in the end (delta: 19.6MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-02-05 15:53:56,036 INFO L158 Benchmark]: Boogie Procedure Inliner took 42.63ms. Allocated memory is still 142.6MB. Free memory was 90.7MB in the beginning and 88.6MB in the end (delta: 2.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-02-05 15:53:56,036 INFO L158 Benchmark]: Boogie Preprocessor took 38.21ms. Allocated memory is still 142.6MB. Free memory was 88.6MB in the beginning and 86.8MB in the end (delta: 1.8MB). There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:53:56,036 INFO L158 Benchmark]: IcfgBuilder took 654.99ms. Allocated memory is still 142.6MB. Free memory was 86.8MB in the beginning and 63.9MB in the end (delta: 22.9MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. [2025-02-05 15:53:56,036 INFO L158 Benchmark]: TraceAbstraction took 7225.21ms. Allocated memory was 142.6MB in the beginning and 234.9MB in the end (delta: 92.3MB). Free memory was 63.0MB in the beginning and 155.4MB in the end (delta: -92.4MB). There was no memory consumed. Max. memory is 16.1GB. [2025-02-05 15:53:56,037 INFO L158 Benchmark]: Witness Printer took 195.39ms. Allocated memory is still 234.9MB. Free memory was 155.4MB in the beginning and 136.3MB in the end (delta: 19.1MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. [2025-02-05 15:53:56,038 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.22ms. Allocated memory is still 201.3MB. Free memory is still 124.2MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 356.45ms. Allocated memory is still 142.6MB. Free memory was 110.3MB in the beginning and 90.7MB in the end (delta: 19.6MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 42.63ms. Allocated memory is still 142.6MB. Free memory was 90.7MB in the beginning and 88.6MB in the end (delta: 2.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Preprocessor took 38.21ms. Allocated memory is still 142.6MB. Free memory was 88.6MB in the beginning and 86.8MB in the end (delta: 1.8MB). There was no memory consumed. Max. memory is 16.1GB. * IcfgBuilder took 654.99ms. Allocated memory is still 142.6MB. Free memory was 86.8MB in the beginning and 63.9MB in the end (delta: 22.9MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. * TraceAbstraction took 7225.21ms. Allocated memory was 142.6MB in the beginning and 234.9MB in the end (delta: 92.3MB). Free memory was 63.0MB in the beginning and 155.4MB in the end (delta: -92.4MB). There was no memory consumed. Max. memory is 16.1GB. * Witness Printer took 195.39ms. Allocated memory is still 234.9MB. Free memory was 155.4MB in the beginning and 136.3MB in the end (delta: 19.1MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] - GenericResultAtLocation [Line: 153]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification4_spec.i","") [153] - GenericResultAtLocation [Line: 190]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [190] - GenericResultAtLocation [Line: 530]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [530] - GenericResultAtLocation [Line: 607]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [607] - GenericResultAtLocation [Line: 616]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [616] - GenericResultAtLocation [Line: 982]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [982] - GenericResultAtLocation [Line: 1085]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1085] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 612]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L50] int cleanupTimeShifts = 4; [L155] int __SELECTED_FEATURE_base ; [L156] int __SELECTED_FEATURE_highWaterSensor ; [L157] int __SELECTED_FEATURE_lowWaterSensor ; [L158] int __SELECTED_FEATURE_methaneQuery ; [L159] int __SELECTED_FEATURE_methaneAlarm ; [L160] int __SELECTED_FEATURE_stopCommand ; [L161] int __SELECTED_FEATURE_startCommand ; [L162] int __GUIDSL_ROOT_PRODUCTION ; [L200] int pumpRunning = 0; [L201] int systemActive = 1; [L786] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; [L983] int waterLevel = 1; [L984] int methaneLevelCritical = 0; VAL [__GUIDSL_ROOT_PRODUCTION=0, __SELECTED_FEATURE_base=0, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L131] int retValue_acc ; [L132] int tmp ; [L136] CALL select_helpers() [L1117] __GUIDSL_ROOT_PRODUCTION = 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=0, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L136] RET select_helpers() [L137] CALL select_features() [L1102] __SELECTED_FEATURE_base = 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1103] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=16, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1103] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1103] __SELECTED_FEATURE_highWaterSensor = select_one() [L1104] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] __SELECTED_FEATURE_lowWaterSensor = select_one() [L1105] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1105] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1105] __SELECTED_FEATURE_methaneQuery = select_one() [L1106] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1106] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1106] __SELECTED_FEATURE_methaneAlarm = select_one() [L1107] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1107] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1107] __SELECTED_FEATURE_stopCommand = select_one() [L1108] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1108] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1108] __SELECTED_FEATURE_startCommand = select_one() [L137] RET select_features() [L138] CALL, EXPR valid_product() [L1122] int retValue_acc ; [L1125] retValue_acc = __SELECTED_FEATURE_base [L1126] return (retValue_acc); VAL [\result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L138] RET, EXPR valid_product() [L138] tmp = valid_product() [L140] COND TRUE \read(tmp) [L142] FCALL setup() [L143] CALL runTest() [L122] CALL test() [L532] int splverifierCounter ; [L533] int tmp ; [L534] int tmp___0 ; [L535] int tmp___1 ; [L536] int tmp___2 ; [L539] splverifierCounter = 0 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L541] COND TRUE 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L543] COND TRUE splverifierCounter < 4 [L549] tmp = __VERIFIER_nondet_int() [L551] COND TRUE \read(tmp) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L553] CALL waterRise() VAL [\old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1001] COND TRUE waterLevel < 2 [L1002] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L553] RET waterRise() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L559] tmp___0 = __VERIFIER_nondet_int() [L561] COND FALSE !(\read(tmp___0)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L569] tmp___2 = __VERIFIER_nondet_int() [L571] COND FALSE !(\read(tmp___2)) [L581] tmp___1 = __VERIFIER_nondet_int() [L583] COND FALSE !(\read(tmp___1)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L596] CALL timeShift() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L207] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L214] COND TRUE \read(systemActive) [L216] CALL processEnvironment() [L350] COND FALSE !(\read(__SELECTED_FEATURE_methaneAlarm)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L357] CALL processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L307] COND FALSE !(\read(__SELECTED_FEATURE_lowWaterSensor)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L314] CALL processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L264] COND TRUE \read(__SELECTED_FEATURE_highWaterSensor) [L266] CALL processEnvironment__role__highWaterSensor() [L236] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L239] COND TRUE ! pumpRunning [L241] CALL, EXPR isHighWaterLevel() [L470] int retValue_acc ; [L471] int tmp ; [L472] int tmp___0 ; [L476] CALL, EXPR isHighWaterSensorDry() [L1063] int retValue_acc ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L1066] COND FALSE !(waterLevel < 2) [L1070] retValue_acc = 0 [L1071] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L476] RET, EXPR isHighWaterSensorDry() [L476] tmp = isHighWaterSensorDry() [L478] COND FALSE !(\read(tmp)) [L481] tmp___0 = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L483] retValue_acc = tmp___0 [L484] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L241] RET, EXPR isHighWaterLevel() [L241] tmp = isHighWaterLevel() [L243] COND TRUE \read(tmp) [L245] CALL activatePump() [L392] COND FALSE !(\read(__SELECTED_FEATURE_methaneQuery)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L399] CALL activatePump__before__methaneQuery() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L367] pumpRunning = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L399] RET activatePump__before__methaneQuery() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L245] RET activatePump() [L266] RET processEnvironment__role__highWaterSensor() [L314] RET processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L357] RET processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L216] RET processEnvironment() [L222] CALL __utac_acc__Specification4_spec__1() [L166] int tmp ; [L167] int tmp___0 ; [L171] CALL, EXPR getWaterLevel() [L1054] int retValue_acc ; [L1057] retValue_acc = waterLevel [L1058] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L171] RET, EXPR getWaterLevel() [L171] tmp = getWaterLevel() [L173] COND FALSE !(tmp == 0) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L222] RET __utac_acc__Specification4_spec__1() [L596] RET timeShift() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L541] COND TRUE 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L543] COND TRUE splverifierCounter < 4 [L549] tmp = __VERIFIER_nondet_int() [L551] COND FALSE !(\read(tmp)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L559] tmp___0 = __VERIFIER_nondet_int() [L561] COND FALSE !(\read(tmp___0)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L569] tmp___2 = __VERIFIER_nondet_int() [L571] COND FALSE !(\read(tmp___2)) [L581] tmp___1 = __VERIFIER_nondet_int() [L583] COND FALSE !(\read(tmp___1)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L596] CALL timeShift() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L207] COND TRUE \read(pumpRunning) [L209] CALL lowerWaterLevel() [L989] COND TRUE waterLevel > 0 [L990] waterLevel = waterLevel - 1 VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L209] RET lowerWaterLevel() [L214] COND TRUE \read(systemActive) [L216] CALL processEnvironment() [L350] COND FALSE !(\read(__SELECTED_FEATURE_methaneAlarm)) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L357] CALL processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L307] COND FALSE !(\read(__SELECTED_FEATURE_lowWaterSensor)) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L314] CALL processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L264] COND TRUE \read(__SELECTED_FEATURE_highWaterSensor) [L266] CALL processEnvironment__role__highWaterSensor() [L236] int tmp ; VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L239] COND FALSE !(! pumpRunning) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L254] FCALL processEnvironment__before__highWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L266] RET processEnvironment__role__highWaterSensor() [L314] RET processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L357] RET processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L216] RET processEnvironment() [L222] CALL __utac_acc__Specification4_spec__1() [L166] int tmp ; [L167] int tmp___0 ; [L171] CALL, EXPR getWaterLevel() [L1054] int retValue_acc ; [L1057] retValue_acc = waterLevel [L1058] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L171] RET, EXPR getWaterLevel() [L171] tmp = getWaterLevel() [L173] COND FALSE !(tmp == 0) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L222] RET __utac_acc__Specification4_spec__1() [L596] RET timeShift() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L541] COND TRUE 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L543] COND TRUE splverifierCounter < 4 [L549] tmp = __VERIFIER_nondet_int() [L551] COND FALSE !(\read(tmp)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L559] tmp___0 = __VERIFIER_nondet_int() [L561] COND FALSE !(\read(tmp___0)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L569] tmp___2 = __VERIFIER_nondet_int() [L571] COND FALSE !(\read(tmp___2)) [L581] tmp___1 = __VERIFIER_nondet_int() [L583] COND FALSE !(\read(tmp___1)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L596] CALL timeShift() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L207] COND TRUE \read(pumpRunning) [L209] CALL lowerWaterLevel() [L989] COND TRUE waterLevel > 0 [L990] waterLevel = waterLevel - 1 VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L209] RET lowerWaterLevel() [L214] COND TRUE \read(systemActive) [L216] CALL processEnvironment() [L350] COND FALSE !(\read(__SELECTED_FEATURE_methaneAlarm)) VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L357] CALL processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L307] COND FALSE !(\read(__SELECTED_FEATURE_lowWaterSensor)) VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L314] CALL processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L264] COND TRUE \read(__SELECTED_FEATURE_highWaterSensor) [L266] CALL processEnvironment__role__highWaterSensor() [L236] int tmp ; VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L239] COND FALSE !(! pumpRunning) VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L254] FCALL processEnvironment__before__highWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L266] RET processEnvironment__role__highWaterSensor() [L314] RET processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L357] RET processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L216] RET processEnvironment() [L222] CALL __utac_acc__Specification4_spec__1() [L166] int tmp ; [L167] int tmp___0 ; [L171] CALL, EXPR getWaterLevel() [L1054] int retValue_acc ; [L1057] retValue_acc = waterLevel [L1058] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=1, \result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L171] RET, EXPR getWaterLevel() [L171] tmp = getWaterLevel() [L173] COND TRUE tmp == 0 [L175] CALL, EXPR isPumpRunning() [L425] int retValue_acc ; [L428] retValue_acc = pumpRunning [L429] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=1, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L175] RET, EXPR isPumpRunning() [L175] tmp___0 = isPumpRunning() [L177] COND TRUE \read(tmp___0) [L179] CALL __automaton_fail() [L612] reach_error() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] - StatisticsResult: Ultimate Automizer benchmark data CFG has 12 procedures, 137 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 7.0s, OverallIterations: 13, TraceHistogramMax: 6, PathProgramHistogramMax: 2, EmptinessCheckTime: 0.0s, AutomataDifference: 2.5s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2413 SdHoareTripleChecker+Valid, 1.5s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2370 mSDsluCounter, 6292 SdHoareTripleChecker+Invalid, 1.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 4191 mSDsCounter, 605 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1464 IncrementalHoareTripleChecker+Invalid, 2069 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 605 mSolverCounterUnsat, 2101 mSDtfsCounter, 1464 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 780 GetRequests, 708 SyntacticMatches, 5 SemanticMatches, 67 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 50 ImplicationChecksByTransitivity, 0.4s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1212occurred in iteration=10, InterpolantAutomatonStates: 68, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.7s AutomataMinimizationTime, 12 MinimizatonAttempts, 210 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.4s SatisfiabilityAnalysisTime, 1.8s InterpolantComputationTime, 1778 NumberOfCodeBlocks, 1778 NumberOfCodeBlocksAsserted, 19 NumberOfCheckSat, 1726 ConstructedInterpolants, 0 QuantifiedInterpolants, 2673 SizeOfPredicates, 2 NumberOfNonLiveVariables, 1994 ConjunctsInSsa, 31 ConjunctsInUnsatCore, 18 InterpolantComputations, 11 PerfectInterpolantSequences, 1118/1170 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-02-05 15:53:56,058 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE