./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 798a7b37 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 4f3466b08a64c7fddf78a299dda71b27bda6ead813da06152b5ee1cea2f1c203 --- Real Ultimate output --- This is Ultimate 0.3.0-?-798a7b3-m [2025-03-03 14:29:50,268 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-03-03 14:29:50,325 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-03-03 14:29:50,331 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-03-03 14:29:50,332 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-03-03 14:29:50,353 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-03-03 14:29:50,355 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-03-03 14:29:50,355 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-03-03 14:29:50,355 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-03-03 14:29:50,355 INFO L153 SettingsManager]: * Use memory slicer=true [2025-03-03 14:29:50,356 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-03-03 14:29:50,356 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-03-03 14:29:50,357 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-03-03 14:29:50,357 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-03-03 14:29:50,357 INFO L153 SettingsManager]: * Use SBE=true [2025-03-03 14:29:50,357 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-03-03 14:29:50,357 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-03-03 14:29:50,357 INFO L153 SettingsManager]: * sizeof long=4 [2025-03-03 14:29:50,358 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-03-03 14:29:50,358 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-03-03 14:29:50,358 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-03-03 14:29:50,358 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-03-03 14:29:50,358 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-03-03 14:29:50,358 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-03-03 14:29:50,358 INFO L153 SettingsManager]: * sizeof long double=12 [2025-03-03 14:29:50,358 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-03-03 14:29:50,358 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-03-03 14:29:50,358 INFO L153 SettingsManager]: * Use constant arrays=true [2025-03-03 14:29:50,358 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-03-03 14:29:50,358 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-03-03 14:29:50,359 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-03-03 14:29:50,359 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-03-03 14:29:50,359 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:29:50,359 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-03-03 14:29:50,359 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-03-03 14:29:50,359 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-03-03 14:29:50,359 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-03-03 14:29:50,359 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-03-03 14:29:50,359 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-03-03 14:29:50,359 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-03-03 14:29:50,359 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-03-03 14:29:50,360 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-03-03 14:29:50,360 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-03-03 14:29:50,360 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 4f3466b08a64c7fddf78a299dda71b27bda6ead813da06152b5ee1cea2f1c203 [2025-03-03 14:29:50,571 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-03-03 14:29:50,577 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-03-03 14:29:50,579 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-03-03 14:29:50,579 INFO L270 PluginConnector]: Initializing CDTParser... [2025-03-03 14:29:50,580 INFO L274 PluginConnector]: CDTParser initialized [2025-03-03 14:29:50,580 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c [2025-03-03 14:29:51,768 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/6e4dcfe60/10b8241bbfac4c11b1baf95c61b1ce9f/FLAG890af1b4a [2025-03-03 14:29:52,081 INFO L384 CDTParser]: Found 1 translation units. [2025-03-03 14:29:52,085 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c [2025-03-03 14:29:52,099 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/6e4dcfe60/10b8241bbfac4c11b1baf95c61b1ce9f/FLAG890af1b4a [2025-03-03 14:29:52,333 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/6e4dcfe60/10b8241bbfac4c11b1baf95c61b1ce9f [2025-03-03 14:29:52,335 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-03-03 14:29:52,336 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-03-03 14:29:52,338 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-03-03 14:29:52,339 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-03-03 14:29:52,342 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-03-03 14:29:52,343 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:29:52" (1/1) ... [2025-03-03 14:29:52,345 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@12fdff9b and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:52, skipping insertion in model container [2025-03-03 14:29:52,345 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:29:52" (1/1) ... [2025-03-03 14:29:52,375 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-03-03 14:29:52,560 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c[20836,20849] [2025-03-03 14:29:52,564 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:29:52,574 INFO L200 MainTranslator]: Completed pre-run [2025-03-03 14:29:52,579 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2025-03-03 14:29:52,581 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [168] [2025-03-03 14:29:52,581 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [507] [2025-03-03 14:29:52,581 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [609] [2025-03-03 14:29:52,581 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification2_spec.i","") [686] [2025-03-03 14:29:52,582 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [726] [2025-03-03 14:29:52,582 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1092] [2025-03-03 14:29:52,582 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1101] [2025-03-03 14:29:52,624 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c[20836,20849] [2025-03-03 14:29:52,626 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:29:52,645 INFO L204 MainTranslator]: Completed translation [2025-03-03 14:29:52,646 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:52 WrapperNode [2025-03-03 14:29:52,647 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-03-03 14:29:52,648 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-03-03 14:29:52,648 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-03-03 14:29:52,649 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-03-03 14:29:52,653 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:52" (1/1) ... [2025-03-03 14:29:52,664 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:52" (1/1) ... [2025-03-03 14:29:52,685 INFO L138 Inliner]: procedures = 64, calls = 122, calls flagged for inlining = 28, calls inlined = 25, statements flattened = 282 [2025-03-03 14:29:52,687 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-03-03 14:29:52,688 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-03-03 14:29:52,688 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-03-03 14:29:52,688 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-03-03 14:29:52,693 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:52" (1/1) ... [2025-03-03 14:29:52,694 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:52" (1/1) ... [2025-03-03 14:29:52,700 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:52" (1/1) ... [2025-03-03 14:29:52,713 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-03-03 14:29:52,717 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:52" (1/1) ... [2025-03-03 14:29:52,718 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:52" (1/1) ... [2025-03-03 14:29:52,721 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:52" (1/1) ... [2025-03-03 14:29:52,725 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:52" (1/1) ... [2025-03-03 14:29:52,726 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:52" (1/1) ... [2025-03-03 14:29:52,727 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:52" (1/1) ... [2025-03-03 14:29:52,733 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-03-03 14:29:52,733 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-03-03 14:29:52,733 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-03-03 14:29:52,733 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-03-03 14:29:52,734 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:52" (1/1) ... [2025-03-03 14:29:52,741 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:29:52,749 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:29:52,761 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-03-03 14:29:52,763 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-03-03 14:29:52,783 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-03-03 14:29:52,784 INFO L130 BoogieDeclarations]: Found specification of procedure activatePump__before__methaneQuery [2025-03-03 14:29:52,784 INFO L138 BoogieDeclarations]: Found implementation of procedure activatePump__before__methaneQuery [2025-03-03 14:29:52,784 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-03-03 14:29:52,784 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-03-03 14:29:52,784 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-03-03 14:29:52,784 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-03-03 14:29:52,784 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2025-03-03 14:29:52,784 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2025-03-03 14:29:52,784 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__highWaterSensor [2025-03-03 14:29:52,784 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__highWaterSensor [2025-03-03 14:29:52,784 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-03-03 14:29:52,785 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-03-03 14:29:52,785 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__methaneAlarm [2025-03-03 14:29:52,785 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__methaneAlarm [2025-03-03 14:29:52,785 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__lowWaterSensor [2025-03-03 14:29:52,785 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__lowWaterSensor [2025-03-03 14:29:52,785 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2025-03-03 14:29:52,785 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2025-03-03 14:29:52,785 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2025-03-03 14:29:52,786 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2025-03-03 14:29:52,786 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-03-03 14:29:52,786 INFO L130 BoogieDeclarations]: Found specification of procedure select_one [2025-03-03 14:29:52,786 INFO L138 BoogieDeclarations]: Found implementation of procedure select_one [2025-03-03 14:29:52,786 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-03-03 14:29:52,786 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-03-03 14:29:52,786 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-03-03 14:29:52,786 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-03-03 14:29:52,859 INFO L256 CfgBuilder]: Building ICFG [2025-03-03 14:29:52,861 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2025-03-03 14:29:52,971 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L156-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~2#1; [2025-03-03 14:29:52,971 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L462-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~6#1; [2025-03-03 14:29:52,982 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1110: #res := ~retValue_acc~12; [2025-03-03 14:29:53,057 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L407-1: isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~5#1; [2025-03-03 14:29:53,060 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L110: #res := ~retValue_acc~0; [2025-03-03 14:29:53,128 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L606-1: main_#res#1 := main_~retValue_acc~8#1; [2025-03-03 14:29:53,129 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1143-1: valid_product_#res#1 := valid_product_~retValue_acc~13#1; [2025-03-03 14:29:53,154 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L481-1: isLowWaterLevel_#res#1 := isLowWaterLevel_~retValue_acc~7#1; [2025-03-03 14:29:53,154 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L165-1: isLowWaterSensorDry_#res#1 := isLowWaterSensorDry_~retValue_acc~3#1; [2025-03-03 14:29:53,157 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L398: #res := ~retValue_acc~4; [2025-03-03 14:29:53,178 INFO L? ?]: Removed 52 outVars from TransFormulas that were not future-live. [2025-03-03 14:29:53,178 INFO L307 CfgBuilder]: Performing block encoding [2025-03-03 14:29:53,185 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-03-03 14:29:53,185 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2025-03-03 14:29:53,186 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:29:53 BoogieIcfgContainer [2025-03-03 14:29:53,186 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-03-03 14:29:53,187 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-03-03 14:29:53,187 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-03-03 14:29:53,190 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-03-03 14:29:53,191 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.03 02:29:52" (1/3) ... [2025-03-03 14:29:53,191 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2aef1919 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:29:53, skipping insertion in model container [2025-03-03 14:29:53,191 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:29:52" (2/3) ... [2025-03-03 14:29:53,191 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2aef1919 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:29:53, skipping insertion in model container [2025-03-03 14:29:53,191 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:29:53" (3/3) ... [2025-03-03 14:29:53,192 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec2_productSimulator.cil.c [2025-03-03 14:29:53,204 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-03-03 14:29:53,205 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec2_productSimulator.cil.c that has 13 procedures, 144 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-03-03 14:29:53,243 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-03-03 14:29:53,252 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@629c063b, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-03-03 14:29:53,253 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-03-03 14:29:53,255 INFO L276 IsEmpty]: Start isEmpty. Operand has 144 states, 100 states have (on average 1.35) internal successors, (135), 116 states have internal predecessors, (135), 30 states have call successors, (30), 12 states have call predecessors, (30), 12 states have return successors, (30), 25 states have call predecessors, (30), 30 states have call successors, (30) [2025-03-03 14:29:53,263 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2025-03-03 14:29:53,263 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:53,264 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:53,264 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:53,268 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:53,269 INFO L85 PathProgramCache]: Analyzing trace with hash -2037858373, now seen corresponding path program 1 times [2025-03-03 14:29:53,274 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:53,277 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [791539044] [2025-03-03 14:29:53,277 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:53,277 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:53,341 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 55 statements into 1 equivalence classes. [2025-03-03 14:29:53,366 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 55 of 55 statements. [2025-03-03 14:29:53,366 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:53,367 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:53,443 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-03 14:29:53,443 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:53,444 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [791539044] [2025-03-03 14:29:53,444 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [791539044] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:53,444 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:29:53,444 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2025-03-03 14:29:53,445 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [753750065] [2025-03-03 14:29:53,445 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:53,448 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-03-03 14:29:53,448 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:53,459 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-03-03 14:29:53,460 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-03-03 14:29:53,461 INFO L87 Difference]: Start difference. First operand has 144 states, 100 states have (on average 1.35) internal successors, (135), 116 states have internal predecessors, (135), 30 states have call successors, (30), 12 states have call predecessors, (30), 12 states have return successors, (30), 25 states have call predecessors, (30), 30 states have call successors, (30) Second operand has 2 states, 2 states have (on average 14.5) internal successors, (29), 2 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-03-03 14:29:53,482 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:53,482 INFO L93 Difference]: Finished difference Result 264 states and 364 transitions. [2025-03-03 14:29:53,483 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-03-03 14:29:53,484 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 14.5) internal successors, (29), 2 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 55 [2025-03-03 14:29:53,484 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:53,489 INFO L225 Difference]: With dead ends: 264 [2025-03-03 14:29:53,489 INFO L226 Difference]: Without dead ends: 135 [2025-03-03 14:29:53,503 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2025-03-03 14:29:53,505 INFO L435 NwaCegarLoop]: 191 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 191 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:53,505 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 191 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:29:53,513 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 135 states. [2025-03-03 14:29:53,534 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 135 to 135. [2025-03-03 14:29:53,535 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 135 states, 93 states have (on average 1.3225806451612903) internal successors, (123), 108 states have internal predecessors, (123), 30 states have call successors, (30), 12 states have call predecessors, (30), 11 states have return successors, (29), 24 states have call predecessors, (29), 29 states have call successors, (29) [2025-03-03 14:29:53,539 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 135 states to 135 states and 182 transitions. [2025-03-03 14:29:53,540 INFO L78 Accepts]: Start accepts. Automaton has 135 states and 182 transitions. Word has length 55 [2025-03-03 14:29:53,541 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:53,541 INFO L471 AbstractCegarLoop]: Abstraction has 135 states and 182 transitions. [2025-03-03 14:29:53,541 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 14.5) internal successors, (29), 2 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-03-03 14:29:53,541 INFO L276 IsEmpty]: Start isEmpty. Operand 135 states and 182 transitions. [2025-03-03 14:29:53,543 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2025-03-03 14:29:53,543 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:53,543 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:53,543 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-03-03 14:29:53,544 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:53,544 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:53,544 INFO L85 PathProgramCache]: Analyzing trace with hash 91640074, now seen corresponding path program 1 times [2025-03-03 14:29:53,544 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:53,544 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [625505099] [2025-03-03 14:29:53,544 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:53,544 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:53,555 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 56 statements into 1 equivalence classes. [2025-03-03 14:29:53,571 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 56 of 56 statements. [2025-03-03 14:29:53,572 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:53,572 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:53,653 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-03 14:29:53,653 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:53,653 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [625505099] [2025-03-03 14:29:53,653 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [625505099] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:53,653 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:29:53,653 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:29:53,653 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [213765866] [2025-03-03 14:29:53,653 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:53,654 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:29:53,654 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:53,655 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:29:53,655 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:29:53,655 INFO L87 Difference]: Start difference. First operand 135 states and 182 transitions. Second operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-03-03 14:29:53,681 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:53,683 INFO L93 Difference]: Finished difference Result 214 states and 289 transitions. [2025-03-03 14:29:53,684 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:29:53,684 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 56 [2025-03-03 14:29:53,684 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:53,685 INFO L225 Difference]: With dead ends: 214 [2025-03-03 14:29:53,685 INFO L226 Difference]: Without dead ends: 126 [2025-03-03 14:29:53,686 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:29:53,686 INFO L435 NwaCegarLoop]: 169 mSDtfsCounter, 20 mSDsluCounter, 144 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 24 SdHoareTripleChecker+Valid, 313 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:53,687 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [24 Valid, 313 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:29:53,687 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 126 states. [2025-03-03 14:29:53,694 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 126 to 126. [2025-03-03 14:29:53,697 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 126 states, 87 states have (on average 1.3333333333333333) internal successors, (116), 102 states have internal predecessors, (116), 27 states have call successors, (27), 11 states have call predecessors, (27), 11 states have return successors, (27), 22 states have call predecessors, (27), 27 states have call successors, (27) [2025-03-03 14:29:53,698 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 126 states to 126 states and 170 transitions. [2025-03-03 14:29:53,699 INFO L78 Accepts]: Start accepts. Automaton has 126 states and 170 transitions. Word has length 56 [2025-03-03 14:29:53,700 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:53,700 INFO L471 AbstractCegarLoop]: Abstraction has 126 states and 170 transitions. [2025-03-03 14:29:53,701 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-03-03 14:29:53,701 INFO L276 IsEmpty]: Start isEmpty. Operand 126 states and 170 transitions. [2025-03-03 14:29:53,702 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2025-03-03 14:29:53,702 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:53,702 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:53,702 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-03-03 14:29:53,702 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:53,703 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:53,703 INFO L85 PathProgramCache]: Analyzing trace with hash -1578914198, now seen corresponding path program 1 times [2025-03-03 14:29:53,703 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:53,703 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [675782744] [2025-03-03 14:29:53,703 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:53,703 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:53,712 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 60 statements into 1 equivalence classes. [2025-03-03 14:29:53,720 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 60 of 60 statements. [2025-03-03 14:29:53,720 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:53,720 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:53,807 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-03 14:29:53,808 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:53,808 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [675782744] [2025-03-03 14:29:53,808 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [675782744] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:53,809 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:29:53,809 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:29:53,809 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [980183451] [2025-03-03 14:29:53,809 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:53,810 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:29:53,810 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:53,810 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:29:53,810 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:29:53,810 INFO L87 Difference]: Start difference. First operand 126 states and 170 transitions. Second operand has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-03-03 14:29:53,842 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:53,843 INFO L93 Difference]: Finished difference Result 330 states and 453 transitions. [2025-03-03 14:29:53,843 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:29:53,843 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 60 [2025-03-03 14:29:53,844 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:53,847 INFO L225 Difference]: With dead ends: 330 [2025-03-03 14:29:53,847 INFO L226 Difference]: Without dead ends: 227 [2025-03-03 14:29:53,848 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:29:53,848 INFO L435 NwaCegarLoop]: 192 mSDtfsCounter, 136 mSDsluCounter, 137 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 136 SdHoareTripleChecker+Valid, 329 SdHoareTripleChecker+Invalid, 6 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:53,848 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [136 Valid, 329 Invalid, 6 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:29:53,849 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 227 states. [2025-03-03 14:29:53,867 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 227 to 224. [2025-03-03 14:29:53,868 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 224 states, 154 states have (on average 1.37012987012987) internal successors, (211), 183 states have internal predecessors, (211), 48 states have call successors, (48), 21 states have call predecessors, (48), 21 states have return successors, (48), 37 states have call predecessors, (48), 48 states have call successors, (48) [2025-03-03 14:29:53,871 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 224 states to 224 states and 307 transitions. [2025-03-03 14:29:53,872 INFO L78 Accepts]: Start accepts. Automaton has 224 states and 307 transitions. Word has length 60 [2025-03-03 14:29:53,873 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:53,873 INFO L471 AbstractCegarLoop]: Abstraction has 224 states and 307 transitions. [2025-03-03 14:29:53,873 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-03-03 14:29:53,873 INFO L276 IsEmpty]: Start isEmpty. Operand 224 states and 307 transitions. [2025-03-03 14:29:53,875 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 65 [2025-03-03 14:29:53,878 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:53,878 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:53,878 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-03-03 14:29:53,878 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:53,878 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:53,878 INFO L85 PathProgramCache]: Analyzing trace with hash -789242778, now seen corresponding path program 1 times [2025-03-03 14:29:53,878 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:53,879 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [69455331] [2025-03-03 14:29:53,879 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:53,879 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:53,895 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 64 statements into 1 equivalence classes. [2025-03-03 14:29:53,908 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 64 of 64 statements. [2025-03-03 14:29:53,910 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:53,910 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:53,985 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-03 14:29:53,985 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:53,985 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [69455331] [2025-03-03 14:29:53,985 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [69455331] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:53,985 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:29:53,985 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:29:53,985 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [666509648] [2025-03-03 14:29:53,985 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:53,985 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:29:53,985 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:53,986 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:29:53,986 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:29:53,986 INFO L87 Difference]: Start difference. First operand 224 states and 307 transitions. Second operand has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (8), 1 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-03-03 14:29:54,099 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:54,099 INFO L93 Difference]: Finished difference Result 546 states and 780 transitions. [2025-03-03 14:29:54,100 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:29:54,100 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (8), 1 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 64 [2025-03-03 14:29:54,100 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:54,104 INFO L225 Difference]: With dead ends: 546 [2025-03-03 14:29:54,105 INFO L226 Difference]: Without dead ends: 345 [2025-03-03 14:29:54,106 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:29:54,107 INFO L435 NwaCegarLoop]: 166 mSDtfsCounter, 131 mSDsluCounter, 430 mSDsCounter, 0 mSdLazyCounter, 34 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 131 SdHoareTripleChecker+Valid, 596 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 34 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:54,108 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [131 Valid, 596 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 34 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:29:54,109 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 345 states. [2025-03-03 14:29:54,139 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 345 to 344. [2025-03-03 14:29:54,140 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 344 states, 242 states have (on average 1.3388429752066116) internal successors, (324), 275 states have internal predecessors, (324), 64 states have call successors, (64), 37 states have call predecessors, (64), 37 states have return successors, (84), 59 states have call predecessors, (84), 64 states have call successors, (84) [2025-03-03 14:29:54,141 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 344 states to 344 states and 472 transitions. [2025-03-03 14:29:54,142 INFO L78 Accepts]: Start accepts. Automaton has 344 states and 472 transitions. Word has length 64 [2025-03-03 14:29:54,142 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:54,142 INFO L471 AbstractCegarLoop]: Abstraction has 344 states and 472 transitions. [2025-03-03 14:29:54,142 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (8), 1 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-03-03 14:29:54,142 INFO L276 IsEmpty]: Start isEmpty. Operand 344 states and 472 transitions. [2025-03-03 14:29:54,144 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 85 [2025-03-03 14:29:54,144 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:54,144 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:54,144 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-03-03 14:29:54,145 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:54,145 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:54,145 INFO L85 PathProgramCache]: Analyzing trace with hash 1821129517, now seen corresponding path program 1 times [2025-03-03 14:29:54,145 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:54,145 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1050190653] [2025-03-03 14:29:54,145 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:54,145 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:54,155 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 84 statements into 1 equivalence classes. [2025-03-03 14:29:54,165 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 84 of 84 statements. [2025-03-03 14:29:54,165 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:54,165 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:54,232 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-03 14:29:54,232 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:54,232 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1050190653] [2025-03-03 14:29:54,232 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1050190653] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:54,232 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:29:54,232 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:29:54,232 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [933570921] [2025-03-03 14:29:54,232 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:54,233 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:29:54,233 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:54,233 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:29:54,233 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:29:54,233 INFO L87 Difference]: Start difference. First operand 344 states and 472 transitions. Second operand has 5 states, 5 states have (on average 10.6) internal successors, (53), 5 states have internal predecessors, (53), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 2 states have call successors, (10) [2025-03-03 14:29:54,267 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:54,267 INFO L93 Difference]: Finished difference Result 671 states and 964 transitions. [2025-03-03 14:29:54,267 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:29:54,268 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 10.6) internal successors, (53), 5 states have internal predecessors, (53), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 2 states have call successors, (10) Word has length 84 [2025-03-03 14:29:54,268 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:54,270 INFO L225 Difference]: With dead ends: 671 [2025-03-03 14:29:54,270 INFO L226 Difference]: Without dead ends: 350 [2025-03-03 14:29:54,271 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:29:54,272 INFO L435 NwaCegarLoop]: 167 mSDtfsCounter, 0 mSDsluCounter, 494 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 661 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:54,272 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 661 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:29:54,272 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 350 states. [2025-03-03 14:29:54,294 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 350 to 350. [2025-03-03 14:29:54,295 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 350 states, 248 states have (on average 1.3306451612903225) internal successors, (330), 281 states have internal predecessors, (330), 64 states have call successors, (64), 37 states have call predecessors, (64), 37 states have return successors, (84), 59 states have call predecessors, (84), 64 states have call successors, (84) [2025-03-03 14:29:54,298 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 350 states to 350 states and 478 transitions. [2025-03-03 14:29:54,298 INFO L78 Accepts]: Start accepts. Automaton has 350 states and 478 transitions. Word has length 84 [2025-03-03 14:29:54,299 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:54,299 INFO L471 AbstractCegarLoop]: Abstraction has 350 states and 478 transitions. [2025-03-03 14:29:54,299 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 10.6) internal successors, (53), 5 states have internal predecessors, (53), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 2 states have call successors, (10) [2025-03-03 14:29:54,299 INFO L276 IsEmpty]: Start isEmpty. Operand 350 states and 478 transitions. [2025-03-03 14:29:54,301 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 85 [2025-03-03 14:29:54,301 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:54,301 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:54,301 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-03-03 14:29:54,301 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:54,302 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:54,302 INFO L85 PathProgramCache]: Analyzing trace with hash -1512223762, now seen corresponding path program 1 times [2025-03-03 14:29:54,302 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:54,302 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [246444415] [2025-03-03 14:29:54,302 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:54,302 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:54,312 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 84 statements into 1 equivalence classes. [2025-03-03 14:29:54,322 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 84 of 84 statements. [2025-03-03 14:29:54,322 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:54,323 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:54,422 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-03 14:29:54,423 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:54,423 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [246444415] [2025-03-03 14:29:54,424 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [246444415] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:54,424 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:29:54,424 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:29:54,424 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1312790823] [2025-03-03 14:29:54,424 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:54,424 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:29:54,425 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:54,425 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:29:54,425 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:29:54,425 INFO L87 Difference]: Start difference. First operand 350 states and 478 transitions. Second operand has 5 states, 5 states have (on average 10.6) internal successors, (53), 5 states have internal predecessors, (53), 3 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 3 states have call successors, (10) [2025-03-03 14:29:54,487 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:54,488 INFO L93 Difference]: Finished difference Result 685 states and 977 transitions. [2025-03-03 14:29:54,488 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-03-03 14:29:54,489 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 10.6) internal successors, (53), 5 states have internal predecessors, (53), 3 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 3 states have call successors, (10) Word has length 84 [2025-03-03 14:29:54,489 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:54,492 INFO L225 Difference]: With dead ends: 685 [2025-03-03 14:29:54,492 INFO L226 Difference]: Without dead ends: 358 [2025-03-03 14:29:54,494 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:29:54,495 INFO L435 NwaCegarLoop]: 180 mSDtfsCounter, 138 mSDsluCounter, 489 mSDsCounter, 0 mSdLazyCounter, 19 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 138 SdHoareTripleChecker+Valid, 669 SdHoareTripleChecker+Invalid, 21 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 19 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:54,496 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [138 Valid, 669 Invalid, 21 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 19 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:29:54,497 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 358 states. [2025-03-03 14:29:54,523 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 358 to 354. [2025-03-03 14:29:54,524 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 354 states, 252 states have (on average 1.3253968253968254) internal successors, (334), 285 states have internal predecessors, (334), 64 states have call successors, (64), 37 states have call predecessors, (64), 37 states have return successors, (84), 59 states have call predecessors, (84), 64 states have call successors, (84) [2025-03-03 14:29:54,528 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 354 states to 354 states and 482 transitions. [2025-03-03 14:29:54,529 INFO L78 Accepts]: Start accepts. Automaton has 354 states and 482 transitions. Word has length 84 [2025-03-03 14:29:54,530 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:54,530 INFO L471 AbstractCegarLoop]: Abstraction has 354 states and 482 transitions. [2025-03-03 14:29:54,530 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 10.6) internal successors, (53), 5 states have internal predecessors, (53), 3 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 3 states have call successors, (10) [2025-03-03 14:29:54,530 INFO L276 IsEmpty]: Start isEmpty. Operand 354 states and 482 transitions. [2025-03-03 14:29:54,532 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 85 [2025-03-03 14:29:54,532 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:54,533 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:54,533 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-03-03 14:29:54,533 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:54,533 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:54,533 INFO L85 PathProgramCache]: Analyzing trace with hash -126020368, now seen corresponding path program 1 times [2025-03-03 14:29:54,533 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:54,533 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [681619342] [2025-03-03 14:29:54,534 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:54,534 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:54,544 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 84 statements into 1 equivalence classes. [2025-03-03 14:29:54,553 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 84 of 84 statements. [2025-03-03 14:29:54,553 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:54,553 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:54,639 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-03 14:29:54,639 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:54,639 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [681619342] [2025-03-03 14:29:54,642 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [681619342] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:54,642 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:29:54,643 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-03-03 14:29:54,643 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1920191638] [2025-03-03 14:29:54,643 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:54,643 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-03-03 14:29:54,643 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:54,644 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-03-03 14:29:54,644 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-03 14:29:54,644 INFO L87 Difference]: Start difference. First operand 354 states and 482 transitions. Second operand has 4 states, 4 states have (on average 13.25) internal successors, (53), 4 states have internal predecessors, (53), 4 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 3 states have call predecessors, (10), 4 states have call successors, (10) [2025-03-03 14:29:54,795 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:54,795 INFO L93 Difference]: Finished difference Result 1092 states and 1553 transitions. [2025-03-03 14:29:54,795 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-03-03 14:29:54,796 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 13.25) internal successors, (53), 4 states have internal predecessors, (53), 4 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 3 states have call predecessors, (10), 4 states have call successors, (10) Word has length 84 [2025-03-03 14:29:54,796 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:54,801 INFO L225 Difference]: With dead ends: 1092 [2025-03-03 14:29:54,801 INFO L226 Difference]: Without dead ends: 761 [2025-03-03 14:29:54,802 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-03 14:29:54,803 INFO L435 NwaCegarLoop]: 268 mSDtfsCounter, 208 mSDsluCounter, 237 mSDsCounter, 0 mSdLazyCounter, 97 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 208 SdHoareTripleChecker+Valid, 505 SdHoareTripleChecker+Invalid, 102 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 97 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:54,803 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [208 Valid, 505 Invalid, 102 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 97 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:29:54,805 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 761 states. [2025-03-03 14:29:54,842 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 761 to 749. [2025-03-03 14:29:54,843 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 749 states, 537 states have (on average 1.3221601489757915) internal successors, (710), 604 states have internal predecessors, (710), 130 states have call successors, (130), 79 states have call predecessors, (130), 81 states have return successors, (208), 122 states have call predecessors, (208), 130 states have call successors, (208) [2025-03-03 14:29:54,849 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 749 states to 749 states and 1048 transitions. [2025-03-03 14:29:54,850 INFO L78 Accepts]: Start accepts. Automaton has 749 states and 1048 transitions. Word has length 84 [2025-03-03 14:29:54,851 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:54,851 INFO L471 AbstractCegarLoop]: Abstraction has 749 states and 1048 transitions. [2025-03-03 14:29:54,851 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 13.25) internal successors, (53), 4 states have internal predecessors, (53), 4 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 3 states have call predecessors, (10), 4 states have call successors, (10) [2025-03-03 14:29:54,852 INFO L276 IsEmpty]: Start isEmpty. Operand 749 states and 1048 transitions. [2025-03-03 14:29:54,854 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 89 [2025-03-03 14:29:54,854 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:54,854 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:54,854 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-03-03 14:29:54,854 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:54,855 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:54,857 INFO L85 PathProgramCache]: Analyzing trace with hash 1724940594, now seen corresponding path program 1 times [2025-03-03 14:29:54,858 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:54,858 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1942655161] [2025-03-03 14:29:54,858 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:54,858 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:54,869 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 88 statements into 1 equivalence classes. [2025-03-03 14:29:54,877 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 88 of 88 statements. [2025-03-03 14:29:54,877 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:54,877 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:54,921 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-03 14:29:54,921 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:54,921 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1942655161] [2025-03-03 14:29:54,921 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1942655161] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:54,922 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:29:54,922 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:29:54,922 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1009200456] [2025-03-03 14:29:54,922 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:54,922 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:29:54,922 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:54,923 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:29:54,923 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:29:54,923 INFO L87 Difference]: Start difference. First operand 749 states and 1048 transitions. Second operand has 3 states, 3 states have (on average 18.333333333333332) internal successors, (55), 3 states have internal predecessors, (55), 2 states have call successors, (12), 2 states have call predecessors, (12), 1 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) [2025-03-03 14:29:54,984 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:54,984 INFO L93 Difference]: Finished difference Result 1265 states and 1818 transitions. [2025-03-03 14:29:54,985 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:29:54,985 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 18.333333333333332) internal successors, (55), 3 states have internal predecessors, (55), 2 states have call successors, (12), 2 states have call predecessors, (12), 1 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) Word has length 88 [2025-03-03 14:29:54,985 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:54,991 INFO L225 Difference]: With dead ends: 1265 [2025-03-03 14:29:54,992 INFO L226 Difference]: Without dead ends: 1263 [2025-03-03 14:29:54,992 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:29:54,993 INFO L435 NwaCegarLoop]: 172 mSDtfsCounter, 142 mSDsluCounter, 138 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 142 SdHoareTripleChecker+Valid, 310 SdHoareTripleChecker+Invalid, 8 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:54,993 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [142 Valid, 310 Invalid, 8 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:29:54,994 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1263 states. [2025-03-03 14:29:55,073 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1263 to 1233. [2025-03-03 14:29:55,075 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1233 states, 873 states have (on average 1.3264604810996563) internal successors, (1158), 994 states have internal predecessors, (1158), 224 states have call successors, (224), 133 states have call predecessors, (224), 135 states have return successors, (397), 200 states have call predecessors, (397), 224 states have call successors, (397) [2025-03-03 14:29:55,083 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1233 states to 1233 states and 1779 transitions. [2025-03-03 14:29:55,084 INFO L78 Accepts]: Start accepts. Automaton has 1233 states and 1779 transitions. Word has length 88 [2025-03-03 14:29:55,085 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:55,085 INFO L471 AbstractCegarLoop]: Abstraction has 1233 states and 1779 transitions. [2025-03-03 14:29:55,085 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 18.333333333333332) internal successors, (55), 3 states have internal predecessors, (55), 2 states have call successors, (12), 2 states have call predecessors, (12), 1 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) [2025-03-03 14:29:55,085 INFO L276 IsEmpty]: Start isEmpty. Operand 1233 states and 1779 transitions. [2025-03-03 14:29:55,090 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 119 [2025-03-03 14:29:55,090 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:55,091 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:55,091 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-03-03 14:29:55,091 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:55,091 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:55,091 INFO L85 PathProgramCache]: Analyzing trace with hash 1392876070, now seen corresponding path program 1 times [2025-03-03 14:29:55,092 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:55,092 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2015851974] [2025-03-03 14:29:55,092 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:55,092 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:55,106 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 118 statements into 1 equivalence classes. [2025-03-03 14:29:55,114 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 118 of 118 statements. [2025-03-03 14:29:55,114 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:55,114 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:55,153 INFO L134 CoverageAnalysis]: Checked inductivity of 66 backedges. 18 proven. 0 refuted. 0 times theorem prover too weak. 48 trivial. 0 not checked. [2025-03-03 14:29:55,153 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:55,154 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2015851974] [2025-03-03 14:29:55,154 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2015851974] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:55,154 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:29:55,154 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-03-03 14:29:55,154 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1465682404] [2025-03-03 14:29:55,154 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:55,155 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-03-03 14:29:55,155 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:55,155 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-03-03 14:29:55,155 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-03 14:29:55,156 INFO L87 Difference]: Start difference. First operand 1233 states and 1779 transitions. Second operand has 4 states, 4 states have (on average 19.75) internal successors, (79), 4 states have internal predecessors, (79), 4 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 3 states have call predecessors, (13), 4 states have call successors, (13) [2025-03-03 14:29:55,308 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:55,309 INFO L93 Difference]: Finished difference Result 1959 states and 2815 transitions. [2025-03-03 14:29:55,310 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-03-03 14:29:55,310 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 19.75) internal successors, (79), 4 states have internal predecessors, (79), 4 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 3 states have call predecessors, (13), 4 states have call successors, (13) Word has length 118 [2025-03-03 14:29:55,310 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:55,315 INFO L225 Difference]: With dead ends: 1959 [2025-03-03 14:29:55,315 INFO L226 Difference]: Without dead ends: 749 [2025-03-03 14:29:55,319 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-03 14:29:55,320 INFO L435 NwaCegarLoop]: 211 mSDtfsCounter, 194 mSDsluCounter, 144 mSDsCounter, 0 mSdLazyCounter, 71 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 194 SdHoareTripleChecker+Valid, 355 SdHoareTripleChecker+Invalid, 75 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 71 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:55,320 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [194 Valid, 355 Invalid, 75 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 71 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:29:55,321 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 749 states. [2025-03-03 14:29:55,376 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 749 to 728. [2025-03-03 14:29:55,378 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 728 states, 523 states have (on average 1.311663479923518) internal successors, (686), 589 states have internal predecessors, (686), 125 states have call successors, (125), 77 states have call predecessors, (125), 79 states have return successors, (210), 114 states have call predecessors, (210), 125 states have call successors, (210) [2025-03-03 14:29:55,382 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 728 states to 728 states and 1021 transitions. [2025-03-03 14:29:55,383 INFO L78 Accepts]: Start accepts. Automaton has 728 states and 1021 transitions. Word has length 118 [2025-03-03 14:29:55,383 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:55,383 INFO L471 AbstractCegarLoop]: Abstraction has 728 states and 1021 transitions. [2025-03-03 14:29:55,383 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 19.75) internal successors, (79), 4 states have internal predecessors, (79), 4 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 3 states have call predecessors, (13), 4 states have call successors, (13) [2025-03-03 14:29:55,384 INFO L276 IsEmpty]: Start isEmpty. Operand 728 states and 1021 transitions. [2025-03-03 14:29:55,387 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 128 [2025-03-03 14:29:55,387 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:55,388 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:55,388 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-03-03 14:29:55,388 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:55,388 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:55,388 INFO L85 PathProgramCache]: Analyzing trace with hash -1995519145, now seen corresponding path program 1 times [2025-03-03 14:29:55,388 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:55,388 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [97338912] [2025-03-03 14:29:55,388 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:55,389 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:55,399 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 127 statements into 1 equivalence classes. [2025-03-03 14:29:55,407 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 127 of 127 statements. [2025-03-03 14:29:55,407 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:55,407 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:55,449 INFO L134 CoverageAnalysis]: Checked inductivity of 76 backedges. 21 proven. 4 refuted. 0 times theorem prover too weak. 51 trivial. 0 not checked. [2025-03-03 14:29:55,449 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:55,450 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [97338912] [2025-03-03 14:29:55,450 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [97338912] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:29:55,450 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1685159972] [2025-03-03 14:29:55,450 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:55,450 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:29:55,450 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:29:55,452 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:29:55,453 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-03-03 14:29:55,508 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 127 statements into 1 equivalence classes. [2025-03-03 14:29:55,553 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 127 of 127 statements. [2025-03-03 14:29:55,554 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:55,554 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:55,556 INFO L256 TraceCheckSpWp]: Trace formula consists of 436 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-03 14:29:55,565 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:29:55,647 INFO L134 CoverageAnalysis]: Checked inductivity of 76 backedges. 31 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-03 14:29:55,647 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:29:55,648 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1685159972] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:55,648 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:29:55,648 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [4] total 4 [2025-03-03 14:29:55,648 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [778094292] [2025-03-03 14:29:55,648 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:55,648 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:29:55,648 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:55,649 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:29:55,649 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-03 14:29:55,649 INFO L87 Difference]: Start difference. First operand 728 states and 1021 transitions. Second operand has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 3 states have call successors, (17), 3 states have call predecessors, (17), 3 states have return successors, (16), 3 states have call predecessors, (16), 3 states have call successors, (16) [2025-03-03 14:29:55,706 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:55,706 INFO L93 Difference]: Finished difference Result 1683 states and 2425 transitions. [2025-03-03 14:29:55,706 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:29:55,706 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 3 states have call successors, (17), 3 states have call predecessors, (17), 3 states have return successors, (16), 3 states have call predecessors, (16), 3 states have call successors, (16) Word has length 127 [2025-03-03 14:29:55,707 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:55,712 INFO L225 Difference]: With dead ends: 1683 [2025-03-03 14:29:55,712 INFO L226 Difference]: Without dead ends: 978 [2025-03-03 14:29:55,714 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 130 GetRequests, 128 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-03 14:29:55,715 INFO L435 NwaCegarLoop]: 239 mSDtfsCounter, 90 mSDsluCounter, 95 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 90 SdHoareTripleChecker+Valid, 334 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:55,715 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [90 Valid, 334 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:29:55,716 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 978 states. [2025-03-03 14:29:55,769 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 978 to 978. [2025-03-03 14:29:55,771 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 978 states, 714 states have (on average 1.2983193277310925) internal successors, (927), 787 states have internal predecessors, (927), 153 states have call successors, (153), 108 states have call predecessors, (153), 110 states have return successors, (272), 142 states have call predecessors, (272), 153 states have call successors, (272) [2025-03-03 14:29:55,777 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 978 states to 978 states and 1352 transitions. [2025-03-03 14:29:55,778 INFO L78 Accepts]: Start accepts. Automaton has 978 states and 1352 transitions. Word has length 127 [2025-03-03 14:29:55,778 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:55,778 INFO L471 AbstractCegarLoop]: Abstraction has 978 states and 1352 transitions. [2025-03-03 14:29:55,779 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 3 states have call successors, (17), 3 states have call predecessors, (17), 3 states have return successors, (16), 3 states have call predecessors, (16), 3 states have call successors, (16) [2025-03-03 14:29:55,779 INFO L276 IsEmpty]: Start isEmpty. Operand 978 states and 1352 transitions. [2025-03-03 14:29:55,783 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 130 [2025-03-03 14:29:55,783 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:55,783 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:55,790 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2025-03-03 14:29:55,988 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2025-03-03 14:29:55,989 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:55,989 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:55,989 INFO L85 PathProgramCache]: Analyzing trace with hash 17254627, now seen corresponding path program 1 times [2025-03-03 14:29:55,989 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:55,989 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [952700961] [2025-03-03 14:29:55,990 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:55,990 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:56,001 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 129 statements into 1 equivalence classes. [2025-03-03 14:29:56,013 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 129 of 129 statements. [2025-03-03 14:29:56,013 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:56,013 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:56,151 INFO L134 CoverageAnalysis]: Checked inductivity of 78 backedges. 21 proven. 2 refuted. 0 times theorem prover too weak. 55 trivial. 0 not checked. [2025-03-03 14:29:56,151 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:56,151 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [952700961] [2025-03-03 14:29:56,151 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [952700961] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:29:56,151 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2007415078] [2025-03-03 14:29:56,151 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:56,151 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:29:56,152 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:29:56,153 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:29:56,155 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2025-03-03 14:29:56,216 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 129 statements into 1 equivalence classes. [2025-03-03 14:29:56,263 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 129 of 129 statements. [2025-03-03 14:29:56,263 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:56,264 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:56,265 INFO L256 TraceCheckSpWp]: Trace formula consists of 437 conjuncts, 11 conjuncts are in the unsatisfiable core [2025-03-03 14:29:56,270 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:29:56,483 INFO L134 CoverageAnalysis]: Checked inductivity of 78 backedges. 5 proven. 2 refuted. 0 times theorem prover too weak. 71 trivial. 0 not checked. [2025-03-03 14:29:56,483 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-03 14:29:56,670 INFO L134 CoverageAnalysis]: Checked inductivity of 78 backedges. 14 proven. 0 refuted. 0 times theorem prover too weak. 64 trivial. 0 not checked. [2025-03-03 14:29:56,671 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2007415078] provided 1 perfect and 1 imperfect interpolant sequences [2025-03-03 14:29:56,671 INFO L185 FreeRefinementEngine]: Found 1 perfect and 2 imperfect interpolant sequences. [2025-03-03 14:29:56,671 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [7, 5] total 11 [2025-03-03 14:29:56,671 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1413191648] [2025-03-03 14:29:56,671 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:56,671 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-03-03 14:29:56,671 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:56,671 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-03-03 14:29:56,672 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=25, Invalid=85, Unknown=0, NotChecked=0, Total=110 [2025-03-03 14:29:56,672 INFO L87 Difference]: Start difference. First operand 978 states and 1352 transitions. Second operand has 6 states, 6 states have (on average 12.333333333333334) internal successors, (74), 5 states have internal predecessors, (74), 2 states have call successors, (16), 2 states have call predecessors, (16), 2 states have return successors, (15), 3 states have call predecessors, (15), 2 states have call successors, (15) [2025-03-03 14:29:56,867 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:56,868 INFO L93 Difference]: Finished difference Result 2824 states and 3991 transitions. [2025-03-03 14:29:56,868 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-03-03 14:29:56,868 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 12.333333333333334) internal successors, (74), 5 states have internal predecessors, (74), 2 states have call successors, (16), 2 states have call predecessors, (16), 2 states have return successors, (15), 3 states have call predecessors, (15), 2 states have call successors, (15) Word has length 129 [2025-03-03 14:29:56,868 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:56,879 INFO L225 Difference]: With dead ends: 2824 [2025-03-03 14:29:56,879 INFO L226 Difference]: Without dead ends: 1869 [2025-03-03 14:29:56,884 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 266 GetRequests, 254 SyntacticMatches, 1 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 10 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=35, Invalid=121, Unknown=0, NotChecked=0, Total=156 [2025-03-03 14:29:56,885 INFO L435 NwaCegarLoop]: 171 mSDtfsCounter, 120 mSDsluCounter, 584 mSDsCounter, 0 mSdLazyCounter, 82 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 122 SdHoareTripleChecker+Valid, 755 SdHoareTripleChecker+Invalid, 86 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 82 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:56,885 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [122 Valid, 755 Invalid, 86 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 82 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:29:56,887 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1869 states. [2025-03-03 14:29:57,004 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1869 to 1865. [2025-03-03 14:29:57,007 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1865 states, 1352 states have (on average 1.2832840236686391) internal successors, (1735), 1495 states have internal predecessors, (1735), 297 states have call successors, (297), 212 states have call predecessors, (297), 215 states have return successors, (538), 272 states have call predecessors, (538), 297 states have call successors, (538) [2025-03-03 14:29:57,017 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1865 states to 1865 states and 2570 transitions. [2025-03-03 14:29:57,018 INFO L78 Accepts]: Start accepts. Automaton has 1865 states and 2570 transitions. Word has length 129 [2025-03-03 14:29:57,019 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:57,019 INFO L471 AbstractCegarLoop]: Abstraction has 1865 states and 2570 transitions. [2025-03-03 14:29:57,019 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 12.333333333333334) internal successors, (74), 5 states have internal predecessors, (74), 2 states have call successors, (16), 2 states have call predecessors, (16), 2 states have return successors, (15), 3 states have call predecessors, (15), 2 states have call successors, (15) [2025-03-03 14:29:57,019 INFO L276 IsEmpty]: Start isEmpty. Operand 1865 states and 2570 transitions. [2025-03-03 14:29:57,028 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 138 [2025-03-03 14:29:57,028 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:57,028 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:57,034 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2025-03-03 14:29:57,228 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2025-03-03 14:29:57,229 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:57,229 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:57,229 INFO L85 PathProgramCache]: Analyzing trace with hash -1128112768, now seen corresponding path program 1 times [2025-03-03 14:29:57,229 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:57,229 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1901585547] [2025-03-03 14:29:57,229 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:57,229 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:57,241 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 137 statements into 1 equivalence classes. [2025-03-03 14:29:57,252 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 137 of 137 statements. [2025-03-03 14:29:57,252 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:57,252 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:57,342 INFO L134 CoverageAnalysis]: Checked inductivity of 82 backedges. 25 proven. 5 refuted. 0 times theorem prover too weak. 52 trivial. 0 not checked. [2025-03-03 14:29:57,343 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:29:57,343 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1901585547] [2025-03-03 14:29:57,343 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1901585547] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:29:57,343 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1176951008] [2025-03-03 14:29:57,343 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:57,343 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:29:57,343 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:29:57,345 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:29:57,347 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2025-03-03 14:29:57,396 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 137 statements into 1 equivalence classes. [2025-03-03 14:29:57,442 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 137 of 137 statements. [2025-03-03 14:29:57,442 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:57,442 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:29:57,444 INFO L256 TraceCheckSpWp]: Trace formula consists of 456 conjuncts, 4 conjuncts are in the unsatisfiable core [2025-03-03 14:29:57,447 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:29:57,508 INFO L134 CoverageAnalysis]: Checked inductivity of 82 backedges. 37 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-03 14:29:57,508 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:29:57,509 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1176951008] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:29:57,509 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:29:57,509 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [5] total 6 [2025-03-03 14:29:57,509 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1289470212] [2025-03-03 14:29:57,509 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:29:57,509 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:29:57,509 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:29:57,512 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:29:57,512 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:29:57,512 INFO L87 Difference]: Start difference. First operand 1865 states and 2570 transitions. Second operand has 5 states, 5 states have (on average 18.0) internal successors, (90), 4 states have internal predecessors, (90), 3 states have call successors, (19), 4 states have call predecessors, (19), 4 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) [2025-03-03 14:29:58,065 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:29:58,066 INFO L93 Difference]: Finished difference Result 4135 states and 5869 transitions. [2025-03-03 14:29:58,066 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-03-03 14:29:58,067 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 18.0) internal successors, (90), 4 states have internal predecessors, (90), 3 states have call successors, (19), 4 states have call predecessors, (19), 4 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) Word has length 137 [2025-03-03 14:29:58,067 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:29:58,085 INFO L225 Difference]: With dead ends: 4135 [2025-03-03 14:29:58,085 INFO L226 Difference]: Without dead ends: 2641 [2025-03-03 14:29:58,092 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 146 GetRequests, 139 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2025-03-03 14:29:58,092 INFO L435 NwaCegarLoop]: 184 mSDtfsCounter, 201 mSDsluCounter, 294 mSDsCounter, 0 mSdLazyCounter, 427 mSolverCounterSat, 77 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 214 SdHoareTripleChecker+Valid, 478 SdHoareTripleChecker+Invalid, 504 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 77 IncrementalHoareTripleChecker+Valid, 427 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2025-03-03 14:29:58,093 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [214 Valid, 478 Invalid, 504 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [77 Valid, 427 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2025-03-03 14:29:58,095 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2641 states. [2025-03-03 14:29:58,247 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2641 to 2594. [2025-03-03 14:29:58,251 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2594 states, 1890 states have (on average 1.265079365079365) internal successors, (2391), 2073 states have internal predecessors, (2391), 398 states have call successors, (398), 277 states have call predecessors, (398), 305 states have return successors, (867), 408 states have call predecessors, (867), 398 states have call successors, (867) [2025-03-03 14:29:58,264 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2594 states to 2594 states and 3656 transitions. [2025-03-03 14:29:58,267 INFO L78 Accepts]: Start accepts. Automaton has 2594 states and 3656 transitions. Word has length 137 [2025-03-03 14:29:58,268 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:29:58,268 INFO L471 AbstractCegarLoop]: Abstraction has 2594 states and 3656 transitions. [2025-03-03 14:29:58,268 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 18.0) internal successors, (90), 4 states have internal predecessors, (90), 3 states have call successors, (19), 4 states have call predecessors, (19), 4 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) [2025-03-03 14:29:58,268 INFO L276 IsEmpty]: Start isEmpty. Operand 2594 states and 3656 transitions. [2025-03-03 14:29:58,277 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 134 [2025-03-03 14:29:58,278 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:29:58,278 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:58,289 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2025-03-03 14:29:58,479 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11,4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:29:58,479 INFO L396 AbstractCegarLoop]: === Iteration 13 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:29:58,479 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:29:58,479 INFO L85 PathProgramCache]: Analyzing trace with hash -689467006, now seen corresponding path program 1 times [2025-03-03 14:29:58,479 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:29:58,479 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1747532854] [2025-03-03 14:29:58,479 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:29:58,480 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:29:58,488 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 133 statements into 1 equivalence classes. [2025-03-03 14:29:58,524 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 133 of 133 statements. [2025-03-03 14:29:58,524 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:58,524 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-03-03 14:29:58,524 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-03-03 14:29:58,529 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 133 statements into 1 equivalence classes. [2025-03-03 14:29:58,540 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 133 of 133 statements. [2025-03-03 14:29:58,541 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:29:58,541 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-03-03 14:29:58,581 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-03-03 14:29:58,582 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-03-03 14:29:58,582 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-03-03 14:29:58,584 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12 [2025-03-03 14:29:58,585 INFO L422 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:29:58,662 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-03-03 14:29:58,665 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 03.03 02:29:58 BoogieIcfgContainer [2025-03-03 14:29:58,666 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-03-03 14:29:58,667 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-03-03 14:29:58,667 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-03-03 14:29:58,667 INFO L274 PluginConnector]: Witness Printer initialized [2025-03-03 14:29:58,667 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:29:53" (3/4) ... [2025-03-03 14:29:58,668 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-03-03 14:29:58,762 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 106. [2025-03-03 14:29:58,833 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-03-03 14:29:58,833 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2025-03-03 14:29:58,833 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-03-03 14:29:58,834 INFO L158 Benchmark]: Toolchain (without parser) took 6497.76ms. Allocated memory was 142.6MB in the beginning and 352.3MB in the end (delta: 209.7MB). Free memory was 105.3MB in the beginning and 268.3MB in the end (delta: -162.9MB). Peak memory consumption was 44.4MB. Max. memory is 16.1GB. [2025-03-03 14:29:58,834 INFO L158 Benchmark]: CDTParser took 0.20ms. Allocated memory is still 201.3MB. Free memory is still 126.7MB. There was no memory consumed. Max. memory is 16.1GB. [2025-03-03 14:29:58,834 INFO L158 Benchmark]: CACSL2BoogieTranslator took 309.45ms. Allocated memory is still 142.6MB. Free memory was 105.3MB in the beginning and 85.8MB in the end (delta: 19.6MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-03-03 14:29:58,834 INFO L158 Benchmark]: Boogie Procedure Inliner took 39.15ms. Allocated memory is still 142.6MB. Free memory was 85.8MB in the beginning and 84.1MB in the end (delta: 1.6MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-03-03 14:29:58,834 INFO L158 Benchmark]: Boogie Preprocessor took 45.07ms. Allocated memory is still 142.6MB. Free memory was 84.1MB in the beginning and 81.9MB in the end (delta: 2.3MB). There was no memory consumed. Max. memory is 16.1GB. [2025-03-03 14:29:58,834 INFO L158 Benchmark]: IcfgBuilder took 452.61ms. Allocated memory is still 142.6MB. Free memory was 81.9MB in the beginning and 57.8MB in the end (delta: 24.0MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. [2025-03-03 14:29:58,835 INFO L158 Benchmark]: TraceAbstraction took 5479.04ms. Allocated memory was 142.6MB in the beginning and 352.3MB in the end (delta: 209.7MB). Free memory was 57.8MB in the beginning and 288.8MB in the end (delta: -231.0MB). There was no memory consumed. Max. memory is 16.1GB. [2025-03-03 14:29:58,835 INFO L158 Benchmark]: Witness Printer took 166.73ms. Allocated memory is still 352.3MB. Free memory was 288.8MB in the beginning and 268.3MB in the end (delta: 20.5MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-03-03 14:29:58,836 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.20ms. Allocated memory is still 201.3MB. Free memory is still 126.7MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 309.45ms. Allocated memory is still 142.6MB. Free memory was 105.3MB in the beginning and 85.8MB in the end (delta: 19.6MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 39.15ms. Allocated memory is still 142.6MB. Free memory was 85.8MB in the beginning and 84.1MB in the end (delta: 1.6MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Preprocessor took 45.07ms. Allocated memory is still 142.6MB. Free memory was 84.1MB in the beginning and 81.9MB in the end (delta: 2.3MB). There was no memory consumed. Max. memory is 16.1GB. * IcfgBuilder took 452.61ms. Allocated memory is still 142.6MB. Free memory was 81.9MB in the beginning and 57.8MB in the end (delta: 24.0MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. * TraceAbstraction took 5479.04ms. Allocated memory was 142.6MB in the beginning and 352.3MB in the end (delta: 209.7MB). Free memory was 57.8MB in the beginning and 288.8MB in the end (delta: -231.0MB). There was no memory consumed. Max. memory is 16.1GB. * Witness Printer took 166.73ms. Allocated memory is still 352.3MB. Free memory was 288.8MB in the beginning and 268.3MB in the end (delta: 20.5MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 168]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [168] - GenericResultAtLocation [Line: 507]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [507] - GenericResultAtLocation [Line: 609]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [609] - GenericResultAtLocation [Line: 686]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification2_spec.i","") [686] - GenericResultAtLocation [Line: 726]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [726] - GenericResultAtLocation [Line: 1092]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1092] - GenericResultAtLocation [Line: 1101]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1101] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 1097]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L50] int __SELECTED_FEATURE_base ; [L51] int __SELECTED_FEATURE_highWaterSensor ; [L52] int __SELECTED_FEATURE_lowWaterSensor ; [L53] int __SELECTED_FEATURE_methaneQuery ; [L54] int __SELECTED_FEATURE_methaneAlarm ; [L55] int __SELECTED_FEATURE_stopCommand ; [L56] int __SELECTED_FEATURE_startCommand ; [L57] int __GUIDSL_ROOT_PRODUCTION ; [L66] int waterLevel = 1; [L67] int methaneLevelCritical = 0; [L176] int pumpRunning = 0; [L177] int systemActive = 1; [L508] int cleanupTimeShifts = 4; [L688] int methAndRunningLastTime ; [L896] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; VAL [__GUIDSL_ROOT_PRODUCTION=0, __SELECTED_FEATURE_base=0, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L587] int retValue_acc ; [L588] int tmp ; [L592] CALL select_helpers() [L1133] __GUIDSL_ROOT_PRODUCTION = 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=0, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L592] RET select_helpers() [L593] CALL select_features() [L1118] __SELECTED_FEATURE_base = 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1119] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=16, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1119] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1119] __SELECTED_FEATURE_highWaterSensor = select_one() [L1120] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1120] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1120] __SELECTED_FEATURE_lowWaterSensor = select_one() [L1121] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1121] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1121] __SELECTED_FEATURE_methaneQuery = select_one() [L1122] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1122] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1122] __SELECTED_FEATURE_methaneAlarm = select_one() [L1123] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1123] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1123] __SELECTED_FEATURE_stopCommand = select_one() [L1124] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1124] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1124] __SELECTED_FEATURE_startCommand = select_one() [L593] RET select_features() [L594] CALL, EXPR valid_product() [L1138] int retValue_acc ; [L1141] retValue_acc = __SELECTED_FEATURE_base [L1142] return (retValue_acc); VAL [\result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L594] RET, EXPR valid_product() [L594] tmp = valid_product() [L596] COND TRUE \read(tmp) [L598] FCALL setup() [L599] CALL runTest() [L577] CALL __utac_acc__Specification2_spec__1() [L693] methAndRunningLastTime = 0 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L577] RET __utac_acc__Specification2_spec__1() [L578] CALL test() [L611] int splverifierCounter ; [L612] int tmp ; [L613] int tmp___0 ; [L614] int tmp___1 ; [L615] int tmp___2 ; [L618] splverifierCounter = 0 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L620] COND TRUE 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L622] COND TRUE splverifierCounter < 4 [L628] tmp = __VERIFIER_nondet_int() [L630] COND TRUE \read(tmp) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L632] CALL waterRise() VAL [\old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L84] COND TRUE waterLevel < 2 [L85] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L632] RET waterRise() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L638] tmp___0 = __VERIFIER_nondet_int() [L640] COND TRUE \read(tmp___0) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L642] CALL changeMethaneLevel() VAL [\old(methaneLevelCritical)=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L96] COND FALSE !(\read(methaneLevelCritical)) [L99] methaneLevelCritical = 1 VAL [\old(methaneLevelCritical)=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L642] RET changeMethaneLevel() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L648] tmp___2 = __VERIFIER_nondet_int() [L650] COND FALSE !(\read(tmp___2)) [L660] tmp___1 = __VERIFIER_nondet_int() [L662] COND FALSE !(\read(tmp___1)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L675] CALL timeShift() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L184] COND FALSE !(\read(pumpRunning)) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L191] COND TRUE \read(systemActive) [L193] CALL processEnvironment() [L327] COND FALSE !(\read(__SELECTED_FEATURE_methaneAlarm)) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L334] CALL processEnvironment__before__methaneAlarm() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L284] COND FALSE !(\read(__SELECTED_FEATURE_lowWaterSensor)) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L291] CALL processEnvironment__before__lowWaterSensor() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L241] COND TRUE \read(__SELECTED_FEATURE_highWaterSensor) [L243] CALL processEnvironment__role__highWaterSensor() [L213] int tmp ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L216] COND TRUE ! pumpRunning [L218] CALL, EXPR isHighWaterLevel() [L447] int retValue_acc ; [L448] int tmp ; [L449] int tmp___0 ; [L453] CALL, EXPR isHighWaterSensorDry() [L146] int retValue_acc ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L149] COND FALSE !(waterLevel < 2) [L153] retValue_acc = 0 [L154] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L453] RET, EXPR isHighWaterSensorDry() [L453] tmp = isHighWaterSensorDry() [L455] COND FALSE !(\read(tmp)) [L458] tmp___0 = 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L460] retValue_acc = tmp___0 [L461] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L218] RET, EXPR isHighWaterLevel() [L218] tmp = isHighWaterLevel() [L220] COND TRUE \read(tmp) [L222] CALL activatePump() [L369] COND FALSE !(\read(__SELECTED_FEATURE_methaneQuery)) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L376] CALL activatePump__before__methaneQuery() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L344] pumpRunning = 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L376] RET activatePump__before__methaneQuery() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L222] RET activatePump() [L243] RET processEnvironment__role__highWaterSensor() [L291] RET processEnvironment__before__lowWaterSensor() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L334] RET processEnvironment__before__methaneAlarm() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L193] RET processEnvironment() [L199] CALL __utac_acc__Specification2_spec__2() [L698] int tmp ; [L699] int tmp___0 ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L703] CALL, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L105] int retValue_acc ; [L108] retValue_acc = methaneLevelCritical [L109] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L703] RET, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L703] tmp = isMethaneLevelCritical() [L705] COND TRUE \read(tmp) [L707] CALL, EXPR isPumpRunning() [L402] int retValue_acc ; [L405] retValue_acc = pumpRunning [L406] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L707] RET, EXPR isPumpRunning() [L707] tmp___0 = isPumpRunning() [L709] COND TRUE \read(tmp___0) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L710] COND FALSE !(\read(methAndRunningLastTime)) [L715] methAndRunningLastTime = 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L199] RET __utac_acc__Specification2_spec__2() [L675] RET timeShift() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L620] COND TRUE 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L622] COND TRUE splverifierCounter < 4 [L628] tmp = __VERIFIER_nondet_int() [L630] COND FALSE !(\read(tmp)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L638] tmp___0 = __VERIFIER_nondet_int() [L640] COND FALSE !(\read(tmp___0)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L648] tmp___2 = __VERIFIER_nondet_int() [L650] COND FALSE !(\read(tmp___2)) [L660] tmp___1 = __VERIFIER_nondet_int() [L662] COND FALSE !(\read(tmp___1)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L675] CALL timeShift() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L184] COND TRUE \read(pumpRunning) [L186] CALL lowerWaterLevel() [L72] COND TRUE waterLevel > 0 [L73] waterLevel = waterLevel - 1 VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L186] RET lowerWaterLevel() [L191] COND TRUE \read(systemActive) [L193] CALL processEnvironment() [L327] COND FALSE !(\read(__SELECTED_FEATURE_methaneAlarm)) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L334] CALL processEnvironment__before__methaneAlarm() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L284] COND FALSE !(\read(__SELECTED_FEATURE_lowWaterSensor)) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L291] CALL processEnvironment__before__lowWaterSensor() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L241] COND TRUE \read(__SELECTED_FEATURE_highWaterSensor) [L243] CALL processEnvironment__role__highWaterSensor() [L213] int tmp ; VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L216] COND FALSE !(! pumpRunning) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L231] FCALL processEnvironment__before__highWaterSensor() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L243] RET processEnvironment__role__highWaterSensor() [L291] RET processEnvironment__before__lowWaterSensor() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L334] RET processEnvironment__before__methaneAlarm() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L193] RET processEnvironment() [L199] CALL __utac_acc__Specification2_spec__2() [L698] int tmp ; [L699] int tmp___0 ; VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L703] CALL, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L105] int retValue_acc ; [L108] retValue_acc = methaneLevelCritical [L109] return (retValue_acc); VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L703] RET, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L703] tmp = isMethaneLevelCritical() [L705] COND TRUE \read(tmp) [L707] CALL, EXPR isPumpRunning() [L402] int retValue_acc ; [L405] retValue_acc = pumpRunning [L406] return (retValue_acc); VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L707] RET, EXPR isPumpRunning() [L707] tmp___0 = isPumpRunning() [L709] COND TRUE \read(tmp___0) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L710] COND TRUE \read(methAndRunningLastTime) [L712] CALL __automaton_fail() [L1097] reach_error() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] - StatisticsResult: Ultimate Automizer benchmark data CFG has 13 procedures, 144 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 5.4s, OverallIterations: 13, TraceHistogramMax: 6, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 1.6s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1399 SdHoareTripleChecker+Valid, 0.8s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1380 mSDsluCounter, 5496 SdHoareTripleChecker+Invalid, 0.6s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3186 mSDsCounter, 110 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 760 IncrementalHoareTripleChecker+Invalid, 870 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 110 mSolverCounterUnsat, 2310 mSDtfsCounter, 760 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 584 GetRequests, 543 SyntacticMatches, 1 SemanticMatches, 40 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 13 ImplicationChecksByTransitivity, 0.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=2594occurred in iteration=12, InterpolantAutomatonStates: 53, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.7s AutomataMinimizationTime, 12 MinimizatonAttempts, 122 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 1.5s InterpolantComputationTime, 1612 NumberOfCodeBlocks, 1612 NumberOfCodeBlocksAsserted, 16 NumberOfCheckSat, 1592 ConstructedInterpolants, 0 QuantifiedInterpolants, 2821 SizeOfPredicates, 1 NumberOfNonLiveVariables, 1329 ConjunctsInSsa, 18 ConjunctsInUnsatCore, 16 InterpolantComputations, 12 PerfectInterpolantSequences, 963/976 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-03-03 14:29:58,858 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE