./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version e2fb8bed Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 4f3466b08a64c7fddf78a299dda71b27bda6ead813da06152b5ee1cea2f1c203 --- Real Ultimate output --- This is Ultimate 0.3.0-?-e2fb8be-m [2025-03-08 05:39:49,295 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-03-08 05:39:49,356 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-03-08 05:39:49,362 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-03-08 05:39:49,362 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-03-08 05:39:49,382 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-03-08 05:39:49,384 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-03-08 05:39:49,384 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-03-08 05:39:49,384 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-03-08 05:39:49,385 INFO L153 SettingsManager]: * Use memory slicer=true [2025-03-08 05:39:49,385 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-03-08 05:39:49,386 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-03-08 05:39:49,386 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-03-08 05:39:49,386 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-03-08 05:39:49,387 INFO L153 SettingsManager]: * Use SBE=true [2025-03-08 05:39:49,387 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-03-08 05:39:49,387 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-03-08 05:39:49,387 INFO L153 SettingsManager]: * sizeof long=4 [2025-03-08 05:39:49,387 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-03-08 05:39:49,387 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-03-08 05:39:49,387 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-03-08 05:39:49,388 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-03-08 05:39:49,388 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-03-08 05:39:49,388 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-03-08 05:39:49,388 INFO L153 SettingsManager]: * sizeof long double=12 [2025-03-08 05:39:49,388 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-03-08 05:39:49,388 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-03-08 05:39:49,388 INFO L153 SettingsManager]: * Use constant arrays=true [2025-03-08 05:39:49,389 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-03-08 05:39:49,389 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-03-08 05:39:49,389 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-03-08 05:39:49,389 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-03-08 05:39:49,389 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-08 05:39:49,390 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-03-08 05:39:49,390 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-03-08 05:39:49,390 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-03-08 05:39:49,390 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-03-08 05:39:49,390 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-03-08 05:39:49,390 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-03-08 05:39:49,390 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-03-08 05:39:49,390 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-03-08 05:39:49,390 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-03-08 05:39:49,391 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-03-08 05:39:49,391 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 4f3466b08a64c7fddf78a299dda71b27bda6ead813da06152b5ee1cea2f1c203 [2025-03-08 05:39:49,645 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-03-08 05:39:49,654 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-03-08 05:39:49,656 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-03-08 05:39:49,657 INFO L270 PluginConnector]: Initializing CDTParser... [2025-03-08 05:39:49,657 INFO L274 PluginConnector]: CDTParser initialized [2025-03-08 05:39:49,659 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c [2025-03-08 05:39:50,810 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/1c84d24fd/a80c8c6e7b7a4f62b737b51d9af55d67/FLAGe313c9899 [2025-03-08 05:39:51,088 INFO L384 CDTParser]: Found 1 translation units. [2025-03-08 05:39:51,088 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c [2025-03-08 05:39:51,101 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/1c84d24fd/a80c8c6e7b7a4f62b737b51d9af55d67/FLAGe313c9899 [2025-03-08 05:39:51,383 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/1c84d24fd/a80c8c6e7b7a4f62b737b51d9af55d67 [2025-03-08 05:39:51,385 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-03-08 05:39:51,387 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-03-08 05:39:51,388 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-03-08 05:39:51,389 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-03-08 05:39:51,391 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-03-08 05:39:51,393 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.03 05:39:51" (1/1) ... [2025-03-08 05:39:51,394 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@92bc385 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:51, skipping insertion in model container [2025-03-08 05:39:51,394 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.03 05:39:51" (1/1) ... [2025-03-08 05:39:51,424 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-03-08 05:39:51,634 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c[20836,20849] [2025-03-08 05:39:51,639 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-08 05:39:51,654 INFO L200 MainTranslator]: Completed pre-run [2025-03-08 05:39:51,660 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2025-03-08 05:39:51,661 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [168] [2025-03-08 05:39:51,662 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [507] [2025-03-08 05:39:51,662 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [609] [2025-03-08 05:39:51,662 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification2_spec.i","") [686] [2025-03-08 05:39:51,662 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [726] [2025-03-08 05:39:51,662 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1092] [2025-03-08 05:39:51,662 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1101] [2025-03-08 05:39:51,712 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c[20836,20849] [2025-03-08 05:39:51,714 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-08 05:39:51,733 INFO L204 MainTranslator]: Completed translation [2025-03-08 05:39:51,734 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:51 WrapperNode [2025-03-08 05:39:51,734 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-03-08 05:39:51,735 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-03-08 05:39:51,735 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-03-08 05:39:51,736 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-03-08 05:39:51,740 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:51" (1/1) ... [2025-03-08 05:39:51,754 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:51" (1/1) ... [2025-03-08 05:39:51,771 INFO L138 Inliner]: procedures = 64, calls = 122, calls flagged for inlining = 28, calls inlined = 25, statements flattened = 282 [2025-03-08 05:39:51,772 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-03-08 05:39:51,772 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-03-08 05:39:51,772 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-03-08 05:39:51,772 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-03-08 05:39:51,778 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:51" (1/1) ... [2025-03-08 05:39:51,778 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:51" (1/1) ... [2025-03-08 05:39:51,781 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:51" (1/1) ... [2025-03-08 05:39:51,793 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-03-08 05:39:51,793 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:51" (1/1) ... [2025-03-08 05:39:51,793 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:51" (1/1) ... [2025-03-08 05:39:51,798 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:51" (1/1) ... [2025-03-08 05:39:51,799 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:51" (1/1) ... [2025-03-08 05:39:51,799 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:51" (1/1) ... [2025-03-08 05:39:51,800 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:51" (1/1) ... [2025-03-08 05:39:51,802 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-03-08 05:39:51,802 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-03-08 05:39:51,802 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-03-08 05:39:51,802 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-03-08 05:39:51,803 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:51" (1/1) ... [2025-03-08 05:39:51,807 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-08 05:39:51,816 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-08 05:39:51,826 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-03-08 05:39:51,829 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-03-08 05:39:51,845 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-03-08 05:39:51,845 INFO L130 BoogieDeclarations]: Found specification of procedure activatePump__before__methaneQuery [2025-03-08 05:39:51,845 INFO L138 BoogieDeclarations]: Found implementation of procedure activatePump__before__methaneQuery [2025-03-08 05:39:51,846 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-03-08 05:39:51,846 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-03-08 05:39:51,846 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-03-08 05:39:51,846 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-03-08 05:39:51,846 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2025-03-08 05:39:51,846 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2025-03-08 05:39:51,846 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__highWaterSensor [2025-03-08 05:39:51,846 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__highWaterSensor [2025-03-08 05:39:51,846 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-03-08 05:39:51,846 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-03-08 05:39:51,846 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__methaneAlarm [2025-03-08 05:39:51,846 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__methaneAlarm [2025-03-08 05:39:51,846 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__lowWaterSensor [2025-03-08 05:39:51,846 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__lowWaterSensor [2025-03-08 05:39:51,846 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2025-03-08 05:39:51,846 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2025-03-08 05:39:51,846 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2025-03-08 05:39:51,846 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2025-03-08 05:39:51,846 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-03-08 05:39:51,846 INFO L130 BoogieDeclarations]: Found specification of procedure select_one [2025-03-08 05:39:51,846 INFO L138 BoogieDeclarations]: Found implementation of procedure select_one [2025-03-08 05:39:51,846 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-03-08 05:39:51,846 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-03-08 05:39:51,846 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-03-08 05:39:51,846 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-03-08 05:39:51,906 INFO L256 CfgBuilder]: Building ICFG [2025-03-08 05:39:51,908 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2025-03-08 05:39:51,976 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L156-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~2#1; [2025-03-08 05:39:51,976 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L462-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~6#1; [2025-03-08 05:39:51,981 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L1110: #res := ~retValue_acc~12; [2025-03-08 05:39:52,043 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L407-1: isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~5#1; [2025-03-08 05:39:52,046 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L110: #res := ~retValue_acc~0; [2025-03-08 05:39:52,134 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L606-1: main_#res#1 := main_~retValue_acc~8#1; [2025-03-08 05:39:52,134 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L1143-1: valid_product_#res#1 := valid_product_~retValue_acc~13#1; [2025-03-08 05:39:52,166 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L481-1: isLowWaterLevel_#res#1 := isLowWaterLevel_~retValue_acc~7#1; [2025-03-08 05:39:52,166 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L165-1: isLowWaterSensorDry_#res#1 := isLowWaterSensorDry_~retValue_acc~3#1; [2025-03-08 05:39:52,173 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L398: #res := ~retValue_acc~4; [2025-03-08 05:39:52,201 INFO L? ?]: Removed 52 outVars from TransFormulas that were not future-live. [2025-03-08 05:39:52,201 INFO L307 CfgBuilder]: Performing block encoding [2025-03-08 05:39:52,213 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-03-08 05:39:52,214 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2025-03-08 05:39:52,214 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 08.03 05:39:52 BoogieIcfgContainer [2025-03-08 05:39:52,215 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-03-08 05:39:52,216 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-03-08 05:39:52,217 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-03-08 05:39:52,220 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-03-08 05:39:52,220 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 08.03 05:39:51" (1/3) ... [2025-03-08 05:39:52,220 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@17a9e37c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.03 05:39:52, skipping insertion in model container [2025-03-08 05:39:52,220 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:39:51" (2/3) ... [2025-03-08 05:39:52,220 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@17a9e37c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.03 05:39:52, skipping insertion in model container [2025-03-08 05:39:52,220 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 08.03 05:39:52" (3/3) ... [2025-03-08 05:39:52,221 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec2_productSimulator.cil.c [2025-03-08 05:39:52,232 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-03-08 05:39:52,233 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec2_productSimulator.cil.c that has 13 procedures, 142 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-03-08 05:39:52,281 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-03-08 05:39:52,290 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@633b5b57, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-03-08 05:39:52,290 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-03-08 05:39:52,293 INFO L276 IsEmpty]: Start isEmpty. Operand has 142 states, 98 states have (on average 1.3571428571428572) internal successors, (133), 114 states have internal predecessors, (133), 30 states have call successors, (30), 12 states have call predecessors, (30), 12 states have return successors, (30), 25 states have call predecessors, (30), 30 states have call successors, (30) [2025-03-08 05:39:52,300 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2025-03-08 05:39:52,301 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:39:52,301 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:39:52,302 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:39:52,305 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:39:52,306 INFO L85 PathProgramCache]: Analyzing trace with hash 2121369497, now seen corresponding path program 1 times [2025-03-08 05:39:52,312 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:39:52,313 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [502171858] [2025-03-08 05:39:52,313 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:39:52,313 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:39:52,375 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 55 statements into 1 equivalence classes. [2025-03-08 05:39:52,419 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 55 of 55 statements. [2025-03-08 05:39:52,421 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:52,421 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:39:52,587 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-08 05:39:52,588 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:39:52,588 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [502171858] [2025-03-08 05:39:52,590 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [502171858] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:39:52,590 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:39:52,590 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-08 05:39:52,592 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [448256961] [2025-03-08 05:39:52,593 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:39:52,595 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-08 05:39:52,595 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:39:52,610 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-08 05:39:52,610 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:39:52,613 INFO L87 Difference]: Start difference. First operand has 142 states, 98 states have (on average 1.3571428571428572) internal successors, (133), 114 states have internal predecessors, (133), 30 states have call successors, (30), 12 states have call predecessors, (30), 12 states have return successors, (30), 25 states have call predecessors, (30), 30 states have call successors, (30) Second operand has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-03-08 05:39:52,647 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:39:52,648 INFO L93 Difference]: Finished difference Result 248 states and 341 transitions. [2025-03-08 05:39:52,649 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-08 05:39:52,650 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 55 [2025-03-08 05:39:52,650 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:39:52,655 INFO L225 Difference]: With dead ends: 248 [2025-03-08 05:39:52,655 INFO L226 Difference]: Without dead ends: 125 [2025-03-08 05:39:52,657 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:39:52,659 INFO L435 NwaCegarLoop]: 172 mSDtfsCounter, 20 mSDsluCounter, 148 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 24 SdHoareTripleChecker+Valid, 320 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:39:52,660 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [24 Valid, 320 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:39:52,670 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 125 states. [2025-03-08 05:39:52,695 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 125 to 125. [2025-03-08 05:39:52,696 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 125 states, 86 states have (on average 1.3372093023255813) internal successors, (115), 101 states have internal predecessors, (115), 27 states have call successors, (27), 11 states have call predecessors, (27), 11 states have return successors, (27), 22 states have call predecessors, (27), 27 states have call successors, (27) [2025-03-08 05:39:52,700 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 125 states to 125 states and 169 transitions. [2025-03-08 05:39:52,702 INFO L78 Accepts]: Start accepts. Automaton has 125 states and 169 transitions. Word has length 55 [2025-03-08 05:39:52,703 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:39:52,703 INFO L471 AbstractCegarLoop]: Abstraction has 125 states and 169 transitions. [2025-03-08 05:39:52,703 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-03-08 05:39:52,704 INFO L276 IsEmpty]: Start isEmpty. Operand 125 states and 169 transitions. [2025-03-08 05:39:52,706 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 60 [2025-03-08 05:39:52,706 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:39:52,706 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:39:52,706 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-03-08 05:39:52,706 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:39:52,707 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:39:52,707 INFO L85 PathProgramCache]: Analyzing trace with hash 1041976344, now seen corresponding path program 1 times [2025-03-08 05:39:52,707 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:39:52,707 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1396393977] [2025-03-08 05:39:52,707 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:39:52,707 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:39:52,724 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 59 statements into 1 equivalence classes. [2025-03-08 05:39:52,738 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 59 of 59 statements. [2025-03-08 05:39:52,738 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:52,738 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:39:52,838 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-08 05:39:52,838 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:39:52,838 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1396393977] [2025-03-08 05:39:52,839 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1396393977] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:39:52,839 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:39:52,839 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-08 05:39:52,839 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [347048636] [2025-03-08 05:39:52,839 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:39:52,840 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-08 05:39:52,840 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:39:52,841 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-08 05:39:52,841 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:39:52,841 INFO L87 Difference]: Start difference. First operand 125 states and 169 transitions. Second operand has 3 states, 3 states have (on average 11.333333333333334) internal successors, (34), 3 states have internal predecessors, (34), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-03-08 05:39:52,889 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:39:52,892 INFO L93 Difference]: Finished difference Result 327 states and 450 transitions. [2025-03-08 05:39:52,892 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-08 05:39:52,893 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.333333333333334) internal successors, (34), 3 states have internal predecessors, (34), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 59 [2025-03-08 05:39:52,893 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:39:52,895 INFO L225 Difference]: With dead ends: 327 [2025-03-08 05:39:52,898 INFO L226 Difference]: Without dead ends: 225 [2025-03-08 05:39:52,900 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:39:52,900 INFO L435 NwaCegarLoop]: 191 mSDtfsCounter, 136 mSDsluCounter, 136 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 136 SdHoareTripleChecker+Valid, 327 SdHoareTripleChecker+Invalid, 6 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:39:52,900 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [136 Valid, 327 Invalid, 6 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:39:52,901 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 225 states. [2025-03-08 05:39:52,927 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 225 to 222. [2025-03-08 05:39:52,930 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 222 states, 152 states have (on average 1.375) internal successors, (209), 181 states have internal predecessors, (209), 48 states have call successors, (48), 21 states have call predecessors, (48), 21 states have return successors, (48), 37 states have call predecessors, (48), 48 states have call successors, (48) [2025-03-08 05:39:52,932 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 222 states to 222 states and 305 transitions. [2025-03-08 05:39:52,935 INFO L78 Accepts]: Start accepts. Automaton has 222 states and 305 transitions. Word has length 59 [2025-03-08 05:39:52,935 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:39:52,935 INFO L471 AbstractCegarLoop]: Abstraction has 222 states and 305 transitions. [2025-03-08 05:39:52,936 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.333333333333334) internal successors, (34), 3 states have internal predecessors, (34), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-03-08 05:39:52,936 INFO L276 IsEmpty]: Start isEmpty. Operand 222 states and 305 transitions. [2025-03-08 05:39:52,938 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 64 [2025-03-08 05:39:52,940 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:39:52,940 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:39:52,940 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-03-08 05:39:52,940 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:39:52,940 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:39:52,941 INFO L85 PathProgramCache]: Analyzing trace with hash 1475388244, now seen corresponding path program 1 times [2025-03-08 05:39:52,941 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:39:52,941 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1558050185] [2025-03-08 05:39:52,941 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:39:52,941 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:39:52,951 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 63 statements into 1 equivalence classes. [2025-03-08 05:39:52,970 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 63 of 63 statements. [2025-03-08 05:39:52,973 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:52,974 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:39:53,096 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-08 05:39:53,097 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:39:53,097 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1558050185] [2025-03-08 05:39:53,097 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1558050185] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:39:53,097 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:39:53,097 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-08 05:39:53,097 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [198945958] [2025-03-08 05:39:53,098 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:39:53,098 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-08 05:39:53,098 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:39:53,098 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-08 05:39:53,099 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-08 05:39:53,099 INFO L87 Difference]: Start difference. First operand 222 states and 305 transitions. Second operand has 5 states, 5 states have (on average 7.6) internal successors, (38), 5 states have internal predecessors, (38), 1 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 1 states have call predecessors, (7), 1 states have call successors, (7) [2025-03-08 05:39:53,194 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:39:53,195 INFO L93 Difference]: Finished difference Result 540 states and 774 transitions. [2025-03-08 05:39:53,195 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-08 05:39:53,196 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.6) internal successors, (38), 5 states have internal predecessors, (38), 1 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 1 states have call predecessors, (7), 1 states have call successors, (7) Word has length 63 [2025-03-08 05:39:53,196 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:39:53,198 INFO L225 Difference]: With dead ends: 540 [2025-03-08 05:39:53,202 INFO L226 Difference]: Without dead ends: 341 [2025-03-08 05:39:53,203 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-03-08 05:39:53,204 INFO L435 NwaCegarLoop]: 165 mSDtfsCounter, 99 mSDsluCounter, 427 mSDsCounter, 0 mSdLazyCounter, 34 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 99 SdHoareTripleChecker+Valid, 592 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 34 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:39:53,204 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [99 Valid, 592 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 34 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:39:53,204 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 341 states. [2025-03-08 05:39:53,233 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 341 to 340. [2025-03-08 05:39:53,234 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 340 states, 238 states have (on average 1.3445378151260505) internal successors, (320), 271 states have internal predecessors, (320), 64 states have call successors, (64), 37 states have call predecessors, (64), 37 states have return successors, (84), 59 states have call predecessors, (84), 64 states have call successors, (84) [2025-03-08 05:39:53,237 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 340 states to 340 states and 468 transitions. [2025-03-08 05:39:53,238 INFO L78 Accepts]: Start accepts. Automaton has 340 states and 468 transitions. Word has length 63 [2025-03-08 05:39:53,238 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:39:53,238 INFO L471 AbstractCegarLoop]: Abstraction has 340 states and 468 transitions. [2025-03-08 05:39:53,238 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.6) internal successors, (38), 5 states have internal predecessors, (38), 1 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 1 states have call predecessors, (7), 1 states have call successors, (7) [2025-03-08 05:39:53,238 INFO L276 IsEmpty]: Start isEmpty. Operand 340 states and 468 transitions. [2025-03-08 05:39:53,242 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 84 [2025-03-08 05:39:53,244 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:39:53,244 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:39:53,245 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-03-08 05:39:53,245 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:39:53,245 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:39:53,245 INFO L85 PathProgramCache]: Analyzing trace with hash 537635131, now seen corresponding path program 1 times [2025-03-08 05:39:53,245 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:39:53,245 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [148772193] [2025-03-08 05:39:53,245 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:39:53,245 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:39:53,265 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 83 statements into 1 equivalence classes. [2025-03-08 05:39:53,271 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 83 of 83 statements. [2025-03-08 05:39:53,271 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:53,271 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:39:53,385 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-08 05:39:53,385 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:39:53,386 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [148772193] [2025-03-08 05:39:53,386 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [148772193] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:39:53,386 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:39:53,386 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-08 05:39:53,386 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1413992858] [2025-03-08 05:39:53,386 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:39:53,386 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-08 05:39:53,386 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:39:53,387 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-08 05:39:53,388 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-08 05:39:53,388 INFO L87 Difference]: Start difference. First operand 340 states and 468 transitions. Second operand has 5 states, 5 states have (on average 10.4) internal successors, (52), 5 states have internal predecessors, (52), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 2 states have call successors, (10) [2025-03-08 05:39:53,433 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:39:53,434 INFO L93 Difference]: Finished difference Result 663 states and 956 transitions. [2025-03-08 05:39:53,434 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-08 05:39:53,434 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 10.4) internal successors, (52), 5 states have internal predecessors, (52), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 2 states have call successors, (10) Word has length 83 [2025-03-08 05:39:53,435 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:39:53,437 INFO L225 Difference]: With dead ends: 663 [2025-03-08 05:39:53,437 INFO L226 Difference]: Without dead ends: 346 [2025-03-08 05:39:53,440 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-08 05:39:53,445 INFO L435 NwaCegarLoop]: 166 mSDtfsCounter, 0 mSDsluCounter, 491 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 657 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:39:53,445 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 657 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:39:53,446 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 346 states. [2025-03-08 05:39:53,467 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 346 to 346. [2025-03-08 05:39:53,470 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 346 states, 244 states have (on average 1.3360655737704918) internal successors, (326), 277 states have internal predecessors, (326), 64 states have call successors, (64), 37 states have call predecessors, (64), 37 states have return successors, (84), 59 states have call predecessors, (84), 64 states have call successors, (84) [2025-03-08 05:39:53,472 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 346 states to 346 states and 474 transitions. [2025-03-08 05:39:53,473 INFO L78 Accepts]: Start accepts. Automaton has 346 states and 474 transitions. Word has length 83 [2025-03-08 05:39:53,474 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:39:53,474 INFO L471 AbstractCegarLoop]: Abstraction has 346 states and 474 transitions. [2025-03-08 05:39:53,474 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 10.4) internal successors, (52), 5 states have internal predecessors, (52), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 2 states have call successors, (10) [2025-03-08 05:39:53,474 INFO L276 IsEmpty]: Start isEmpty. Operand 346 states and 474 transitions. [2025-03-08 05:39:53,475 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 84 [2025-03-08 05:39:53,475 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:39:53,476 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:39:53,476 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-03-08 05:39:53,476 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:39:53,477 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:39:53,477 INFO L85 PathProgramCache]: Analyzing trace with hash 1499249148, now seen corresponding path program 1 times [2025-03-08 05:39:53,477 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:39:53,477 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [457325901] [2025-03-08 05:39:53,477 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:39:53,477 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:39:53,486 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 83 statements into 1 equivalence classes. [2025-03-08 05:39:53,496 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 83 of 83 statements. [2025-03-08 05:39:53,497 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:53,497 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:39:53,587 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-08 05:39:53,587 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:39:53,587 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [457325901] [2025-03-08 05:39:53,587 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [457325901] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:39:53,587 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:39:53,588 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-08 05:39:53,588 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [478692547] [2025-03-08 05:39:53,588 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:39:53,588 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-08 05:39:53,588 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:39:53,589 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-08 05:39:53,589 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-08 05:39:53,589 INFO L87 Difference]: Start difference. First operand 346 states and 474 transitions. Second operand has 5 states, 5 states have (on average 10.4) internal successors, (52), 5 states have internal predecessors, (52), 3 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 3 states have call successors, (10) [2025-03-08 05:39:53,639 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:39:53,640 INFO L93 Difference]: Finished difference Result 677 states and 969 transitions. [2025-03-08 05:39:53,640 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-03-08 05:39:53,640 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 10.4) internal successors, (52), 5 states have internal predecessors, (52), 3 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 3 states have call successors, (10) Word has length 83 [2025-03-08 05:39:53,640 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:39:53,642 INFO L225 Difference]: With dead ends: 677 [2025-03-08 05:39:53,642 INFO L226 Difference]: Without dead ends: 354 [2025-03-08 05:39:53,645 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-03-08 05:39:53,646 INFO L435 NwaCegarLoop]: 179 mSDtfsCounter, 138 mSDsluCounter, 486 mSDsCounter, 0 mSdLazyCounter, 19 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 138 SdHoareTripleChecker+Valid, 665 SdHoareTripleChecker+Invalid, 21 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 19 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:39:53,647 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [138 Valid, 665 Invalid, 21 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 19 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:39:53,647 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 354 states. [2025-03-08 05:39:53,664 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 354 to 350. [2025-03-08 05:39:53,665 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 350 states, 248 states have (on average 1.3306451612903225) internal successors, (330), 281 states have internal predecessors, (330), 64 states have call successors, (64), 37 states have call predecessors, (64), 37 states have return successors, (84), 59 states have call predecessors, (84), 64 states have call successors, (84) [2025-03-08 05:39:53,667 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 350 states to 350 states and 478 transitions. [2025-03-08 05:39:53,668 INFO L78 Accepts]: Start accepts. Automaton has 350 states and 478 transitions. Word has length 83 [2025-03-08 05:39:53,668 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:39:53,668 INFO L471 AbstractCegarLoop]: Abstraction has 350 states and 478 transitions. [2025-03-08 05:39:53,668 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 10.4) internal successors, (52), 5 states have internal predecessors, (52), 3 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 3 states have call successors, (10) [2025-03-08 05:39:53,668 INFO L276 IsEmpty]: Start isEmpty. Operand 350 states and 478 transitions. [2025-03-08 05:39:53,670 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 84 [2025-03-08 05:39:53,670 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:39:53,671 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:39:53,671 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-03-08 05:39:53,671 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:39:53,671 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:39:53,671 INFO L85 PathProgramCache]: Analyzing trace with hash -1409514754, now seen corresponding path program 1 times [2025-03-08 05:39:53,671 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:39:53,672 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [648217766] [2025-03-08 05:39:53,672 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:39:53,672 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:39:53,681 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 83 statements into 1 equivalence classes. [2025-03-08 05:39:53,691 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 83 of 83 statements. [2025-03-08 05:39:53,692 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:53,692 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:39:53,773 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-08 05:39:53,774 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:39:53,775 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [648217766] [2025-03-08 05:39:53,775 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [648217766] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:39:53,775 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:39:53,775 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-03-08 05:39:53,775 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1814126850] [2025-03-08 05:39:53,775 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:39:53,775 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-03-08 05:39:53,775 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:39:53,776 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-03-08 05:39:53,776 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-08 05:39:53,776 INFO L87 Difference]: Start difference. First operand 350 states and 478 transitions. Second operand has 4 states, 4 states have (on average 13.0) internal successors, (52), 4 states have internal predecessors, (52), 4 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 3 states have call predecessors, (10), 4 states have call successors, (10) [2025-03-08 05:39:53,943 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:39:53,944 INFO L93 Difference]: Finished difference Result 1078 states and 1539 transitions. [2025-03-08 05:39:53,944 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-03-08 05:39:53,944 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 13.0) internal successors, (52), 4 states have internal predecessors, (52), 4 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 3 states have call predecessors, (10), 4 states have call successors, (10) Word has length 83 [2025-03-08 05:39:53,944 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:39:53,949 INFO L225 Difference]: With dead ends: 1078 [2025-03-08 05:39:53,949 INFO L226 Difference]: Without dead ends: 751 [2025-03-08 05:39:53,950 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-08 05:39:53,952 INFO L435 NwaCegarLoop]: 265 mSDtfsCounter, 207 mSDsluCounter, 233 mSDsCounter, 0 mSdLazyCounter, 97 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 207 SdHoareTripleChecker+Valid, 498 SdHoareTripleChecker+Invalid, 102 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 97 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-08 05:39:53,952 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [207 Valid, 498 Invalid, 102 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 97 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-08 05:39:53,953 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 751 states. [2025-03-08 05:39:53,993 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 751 to 739. [2025-03-08 05:39:53,995 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 739 states, 527 states have (on average 1.3282732447817838) internal successors, (700), 594 states have internal predecessors, (700), 130 states have call successors, (130), 79 states have call predecessors, (130), 81 states have return successors, (208), 122 states have call predecessors, (208), 130 states have call successors, (208) [2025-03-08 05:39:54,000 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 739 states to 739 states and 1038 transitions. [2025-03-08 05:39:54,001 INFO L78 Accepts]: Start accepts. Automaton has 739 states and 1038 transitions. Word has length 83 [2025-03-08 05:39:54,002 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:39:54,002 INFO L471 AbstractCegarLoop]: Abstraction has 739 states and 1038 transitions. [2025-03-08 05:39:54,002 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 13.0) internal successors, (52), 4 states have internal predecessors, (52), 4 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 3 states have call predecessors, (10), 4 states have call successors, (10) [2025-03-08 05:39:54,002 INFO L276 IsEmpty]: Start isEmpty. Operand 739 states and 1038 transitions. [2025-03-08 05:39:54,005 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 88 [2025-03-08 05:39:54,005 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:39:54,005 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:39:54,006 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-03-08 05:39:54,006 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:39:54,006 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:39:54,006 INFO L85 PathProgramCache]: Analyzing trace with hash 566048960, now seen corresponding path program 1 times [2025-03-08 05:39:54,006 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:39:54,006 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [166620203] [2025-03-08 05:39:54,006 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:39:54,006 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:39:54,017 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 87 statements into 1 equivalence classes. [2025-03-08 05:39:54,024 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 87 of 87 statements. [2025-03-08 05:39:54,025 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:54,025 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:39:54,071 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-08 05:39:54,071 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:39:54,071 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [166620203] [2025-03-08 05:39:54,072 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [166620203] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:39:54,072 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:39:54,072 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-08 05:39:54,072 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [640922133] [2025-03-08 05:39:54,072 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:39:54,072 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-08 05:39:54,073 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:39:54,073 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-08 05:39:54,073 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:39:54,073 INFO L87 Difference]: Start difference. First operand 739 states and 1038 transitions. Second operand has 3 states, 3 states have (on average 18.0) internal successors, (54), 3 states have internal predecessors, (54), 2 states have call successors, (12), 2 states have call predecessors, (12), 1 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) [2025-03-08 05:39:54,129 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:39:54,129 INFO L93 Difference]: Finished difference Result 1251 states and 1804 transitions. [2025-03-08 05:39:54,130 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-08 05:39:54,130 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 18.0) internal successors, (54), 3 states have internal predecessors, (54), 2 states have call successors, (12), 2 states have call predecessors, (12), 1 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) Word has length 87 [2025-03-08 05:39:54,131 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:39:54,143 INFO L225 Difference]: With dead ends: 1251 [2025-03-08 05:39:54,143 INFO L226 Difference]: Without dead ends: 1249 [2025-03-08 05:39:54,144 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:39:54,144 INFO L435 NwaCegarLoop]: 169 mSDtfsCounter, 142 mSDsluCounter, 137 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 142 SdHoareTripleChecker+Valid, 306 SdHoareTripleChecker+Invalid, 8 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:39:54,145 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [142 Valid, 306 Invalid, 8 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:39:54,146 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1249 states. [2025-03-08 05:39:54,229 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1249 to 1219. [2025-03-08 05:39:54,231 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1219 states, 859 states have (on average 1.3317811408614668) internal successors, (1144), 980 states have internal predecessors, (1144), 224 states have call successors, (224), 133 states have call predecessors, (224), 135 states have return successors, (397), 200 states have call predecessors, (397), 224 states have call successors, (397) [2025-03-08 05:39:54,239 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1219 states to 1219 states and 1765 transitions. [2025-03-08 05:39:54,241 INFO L78 Accepts]: Start accepts. Automaton has 1219 states and 1765 transitions. Word has length 87 [2025-03-08 05:39:54,241 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:39:54,241 INFO L471 AbstractCegarLoop]: Abstraction has 1219 states and 1765 transitions. [2025-03-08 05:39:54,241 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 18.0) internal successors, (54), 3 states have internal predecessors, (54), 2 states have call successors, (12), 2 states have call predecessors, (12), 1 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) [2025-03-08 05:39:54,242 INFO L276 IsEmpty]: Start isEmpty. Operand 1219 states and 1765 transitions. [2025-03-08 05:39:54,246 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 117 [2025-03-08 05:39:54,247 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:39:54,247 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:39:54,247 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-03-08 05:39:54,247 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:39:54,249 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:39:54,250 INFO L85 PathProgramCache]: Analyzing trace with hash 604662409, now seen corresponding path program 1 times [2025-03-08 05:39:54,251 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:39:54,251 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [875838296] [2025-03-08 05:39:54,251 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:39:54,251 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:39:54,261 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 116 statements into 1 equivalence classes. [2025-03-08 05:39:54,267 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 116 of 116 statements. [2025-03-08 05:39:54,267 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:54,268 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:39:54,300 INFO L134 CoverageAnalysis]: Checked inductivity of 65 backedges. 17 proven. 0 refuted. 0 times theorem prover too weak. 48 trivial. 0 not checked. [2025-03-08 05:39:54,302 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:39:54,302 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [875838296] [2025-03-08 05:39:54,302 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [875838296] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:39:54,302 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:39:54,302 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-03-08 05:39:54,302 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [605961955] [2025-03-08 05:39:54,302 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:39:54,302 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-03-08 05:39:54,303 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:39:54,303 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-03-08 05:39:54,303 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-08 05:39:54,303 INFO L87 Difference]: Start difference. First operand 1219 states and 1765 transitions. Second operand has 4 states, 4 states have (on average 19.25) internal successors, (77), 4 states have internal predecessors, (77), 4 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 3 states have call predecessors, (13), 4 states have call successors, (13) [2025-03-08 05:39:54,445 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:39:54,445 INFO L93 Difference]: Finished difference Result 1935 states and 2791 transitions. [2025-03-08 05:39:54,445 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-03-08 05:39:54,445 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 19.25) internal successors, (77), 4 states have internal predecessors, (77), 4 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 3 states have call predecessors, (13), 4 states have call successors, (13) Word has length 116 [2025-03-08 05:39:54,446 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:39:54,450 INFO L225 Difference]: With dead ends: 1935 [2025-03-08 05:39:54,451 INFO L226 Difference]: Without dead ends: 739 [2025-03-08 05:39:54,454 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-08 05:39:54,455 INFO L435 NwaCegarLoop]: 209 mSDtfsCounter, 192 mSDsluCounter, 142 mSDsCounter, 0 mSdLazyCounter, 71 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 192 SdHoareTripleChecker+Valid, 351 SdHoareTripleChecker+Invalid, 75 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 71 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-08 05:39:54,455 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [192 Valid, 351 Invalid, 75 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 71 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-08 05:39:54,456 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 739 states. [2025-03-08 05:39:54,525 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 739 to 718. [2025-03-08 05:39:54,527 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 718 states, 513 states have (on average 1.3177387914230019) internal successors, (676), 579 states have internal predecessors, (676), 125 states have call successors, (125), 77 states have call predecessors, (125), 79 states have return successors, (210), 114 states have call predecessors, (210), 125 states have call successors, (210) [2025-03-08 05:39:54,530 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 718 states to 718 states and 1011 transitions. [2025-03-08 05:39:54,531 INFO L78 Accepts]: Start accepts. Automaton has 718 states and 1011 transitions. Word has length 116 [2025-03-08 05:39:54,531 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:39:54,531 INFO L471 AbstractCegarLoop]: Abstraction has 718 states and 1011 transitions. [2025-03-08 05:39:54,531 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 19.25) internal successors, (77), 4 states have internal predecessors, (77), 4 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 3 states have call predecessors, (13), 4 states have call successors, (13) [2025-03-08 05:39:54,532 INFO L276 IsEmpty]: Start isEmpty. Operand 718 states and 1011 transitions. [2025-03-08 05:39:54,536 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 130 [2025-03-08 05:39:54,536 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:39:54,536 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:39:54,536 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-03-08 05:39:54,536 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:39:54,537 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:39:54,537 INFO L85 PathProgramCache]: Analyzing trace with hash -365492525, now seen corresponding path program 1 times [2025-03-08 05:39:54,537 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:39:54,537 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [919422354] [2025-03-08 05:39:54,537 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:39:54,538 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:39:54,547 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 129 statements into 1 equivalence classes. [2025-03-08 05:39:54,556 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 129 of 129 statements. [2025-03-08 05:39:54,556 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:54,556 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:39:54,674 INFO L134 CoverageAnalysis]: Checked inductivity of 79 backedges. 24 proven. 4 refuted. 0 times theorem prover too weak. 51 trivial. 0 not checked. [2025-03-08 05:39:54,674 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:39:54,674 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [919422354] [2025-03-08 05:39:54,675 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [919422354] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-08 05:39:54,675 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1844720505] [2025-03-08 05:39:54,675 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:39:54,675 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-08 05:39:54,675 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-08 05:39:54,677 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-08 05:39:54,678 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-03-08 05:39:54,729 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 129 statements into 1 equivalence classes. [2025-03-08 05:39:54,770 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 129 of 129 statements. [2025-03-08 05:39:54,770 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:54,770 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:39:54,772 INFO L256 TraceCheckSpWp]: Trace formula consists of 443 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-08 05:39:54,776 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-08 05:39:54,863 INFO L134 CoverageAnalysis]: Checked inductivity of 79 backedges. 34 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-08 05:39:54,864 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-08 05:39:54,864 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1844720505] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:39:54,864 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-08 05:39:54,864 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-08 05:39:54,864 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2009445623] [2025-03-08 05:39:54,864 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:39:54,865 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-08 05:39:54,865 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:39:54,865 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-08 05:39:54,865 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-08 05:39:54,865 INFO L87 Difference]: Start difference. First operand 718 states and 1011 transitions. Second operand has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 3 states have call successors, (18), 3 states have call predecessors, (18), 3 states have return successors, (17), 3 states have call predecessors, (17), 3 states have call successors, (17) [2025-03-08 05:39:54,939 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:39:54,939 INFO L93 Difference]: Finished difference Result 1657 states and 2399 transitions. [2025-03-08 05:39:54,939 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-08 05:39:54,940 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 3 states have call successors, (18), 3 states have call predecessors, (18), 3 states have return successors, (17), 3 states have call predecessors, (17), 3 states have call successors, (17) Word has length 129 [2025-03-08 05:39:54,940 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:39:54,945 INFO L225 Difference]: With dead ends: 1657 [2025-03-08 05:39:54,945 INFO L226 Difference]: Without dead ends: 962 [2025-03-08 05:39:54,947 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 133 GetRequests, 129 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-08 05:39:54,948 INFO L435 NwaCegarLoop]: 240 mSDtfsCounter, 85 mSDsluCounter, 94 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 85 SdHoareTripleChecker+Valid, 334 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:39:54,948 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [85 Valid, 334 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:39:54,949 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 962 states. [2025-03-08 05:39:55,027 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 962 to 962. [2025-03-08 05:39:55,028 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 962 states, 698 states have (on average 1.3051575931232091) internal successors, (911), 771 states have internal predecessors, (911), 153 states have call successors, (153), 108 states have call predecessors, (153), 110 states have return successors, (272), 142 states have call predecessors, (272), 153 states have call successors, (272) [2025-03-08 05:39:55,033 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 962 states to 962 states and 1336 transitions. [2025-03-08 05:39:55,036 INFO L78 Accepts]: Start accepts. Automaton has 962 states and 1336 transitions. Word has length 129 [2025-03-08 05:39:55,036 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:39:55,036 INFO L471 AbstractCegarLoop]: Abstraction has 962 states and 1336 transitions. [2025-03-08 05:39:55,036 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 3 states have call successors, (18), 3 states have call predecessors, (18), 3 states have return successors, (17), 3 states have call predecessors, (17), 3 states have call successors, (17) [2025-03-08 05:39:55,036 INFO L276 IsEmpty]: Start isEmpty. Operand 962 states and 1336 transitions. [2025-03-08 05:39:55,041 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 128 [2025-03-08 05:39:55,041 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:39:55,041 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:39:55,049 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2025-03-08 05:39:55,242 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-08 05:39:55,242 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:39:55,243 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:39:55,243 INFO L85 PathProgramCache]: Analyzing trace with hash -777740665, now seen corresponding path program 1 times [2025-03-08 05:39:55,243 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:39:55,243 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [491294490] [2025-03-08 05:39:55,243 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:39:55,243 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:39:55,252 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 127 statements into 1 equivalence classes. [2025-03-08 05:39:55,261 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 127 of 127 statements. [2025-03-08 05:39:55,261 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:55,261 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:39:55,372 INFO L134 CoverageAnalysis]: Checked inductivity of 77 backedges. 20 proven. 2 refuted. 0 times theorem prover too weak. 55 trivial. 0 not checked. [2025-03-08 05:39:55,372 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:39:55,372 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [491294490] [2025-03-08 05:39:55,372 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [491294490] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-08 05:39:55,372 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [93196207] [2025-03-08 05:39:55,373 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:39:55,373 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-08 05:39:55,373 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-08 05:39:55,374 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-08 05:39:55,376 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2025-03-08 05:39:55,428 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 127 statements into 1 equivalence classes. [2025-03-08 05:39:55,475 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 127 of 127 statements. [2025-03-08 05:39:55,475 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:55,475 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:39:55,479 INFO L256 TraceCheckSpWp]: Trace formula consists of 435 conjuncts, 11 conjuncts are in the unsatisfiable core [2025-03-08 05:39:55,482 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-08 05:39:55,656 INFO L134 CoverageAnalysis]: Checked inductivity of 77 backedges. 5 proven. 2 refuted. 0 times theorem prover too weak. 70 trivial. 0 not checked. [2025-03-08 05:39:55,656 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-08 05:39:55,826 INFO L134 CoverageAnalysis]: Checked inductivity of 77 backedges. 14 proven. 0 refuted. 0 times theorem prover too weak. 63 trivial. 0 not checked. [2025-03-08 05:39:55,827 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [93196207] provided 1 perfect and 1 imperfect interpolant sequences [2025-03-08 05:39:55,827 INFO L185 FreeRefinementEngine]: Found 1 perfect and 2 imperfect interpolant sequences. [2025-03-08 05:39:55,827 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [7, 5] total 10 [2025-03-08 05:39:55,827 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1808654355] [2025-03-08 05:39:55,827 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:39:55,827 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-03-08 05:39:55,827 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:39:55,828 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-03-08 05:39:55,828 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=24, Invalid=66, Unknown=0, NotChecked=0, Total=90 [2025-03-08 05:39:55,828 INFO L87 Difference]: Start difference. First operand 962 states and 1336 transitions. Second operand has 6 states, 6 states have (on average 12.166666666666666) internal successors, (73), 5 states have internal predecessors, (73), 2 states have call successors, (16), 2 states have call predecessors, (16), 2 states have return successors, (15), 3 states have call predecessors, (15), 2 states have call successors, (15) [2025-03-08 05:39:56,018 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:39:56,018 INFO L93 Difference]: Finished difference Result 2778 states and 3945 transitions. [2025-03-08 05:39:56,019 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-03-08 05:39:56,019 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 12.166666666666666) internal successors, (73), 5 states have internal predecessors, (73), 2 states have call successors, (16), 2 states have call predecessors, (16), 2 states have return successors, (15), 3 states have call predecessors, (15), 2 states have call successors, (15) Word has length 127 [2025-03-08 05:39:56,019 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:39:56,030 INFO L225 Difference]: With dead ends: 2778 [2025-03-08 05:39:56,030 INFO L226 Difference]: Without dead ends: 1839 [2025-03-08 05:39:56,034 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 262 GetRequests, 251 SyntacticMatches, 1 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 16 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=34, Invalid=98, Unknown=0, NotChecked=0, Total=132 [2025-03-08 05:39:56,035 INFO L435 NwaCegarLoop]: 167 mSDtfsCounter, 120 mSDsluCounter, 571 mSDsCounter, 0 mSdLazyCounter, 82 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 122 SdHoareTripleChecker+Valid, 738 SdHoareTripleChecker+Invalid, 86 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 82 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-08 05:39:56,035 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [122 Valid, 738 Invalid, 86 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 82 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-08 05:39:56,037 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1839 states. [2025-03-08 05:39:56,157 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1839 to 1835. [2025-03-08 05:39:56,159 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1835 states, 1322 states have (on average 1.2897125567322238) internal successors, (1705), 1465 states have internal predecessors, (1705), 297 states have call successors, (297), 212 states have call predecessors, (297), 215 states have return successors, (538), 272 states have call predecessors, (538), 297 states have call successors, (538) [2025-03-08 05:39:56,170 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1835 states to 1835 states and 2540 transitions. [2025-03-08 05:39:56,172 INFO L78 Accepts]: Start accepts. Automaton has 1835 states and 2540 transitions. Word has length 127 [2025-03-08 05:39:56,172 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:39:56,172 INFO L471 AbstractCegarLoop]: Abstraction has 1835 states and 2540 transitions. [2025-03-08 05:39:56,172 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 12.166666666666666) internal successors, (73), 5 states have internal predecessors, (73), 2 states have call successors, (16), 2 states have call predecessors, (16), 2 states have return successors, (15), 3 states have call predecessors, (15), 2 states have call successors, (15) [2025-03-08 05:39:56,172 INFO L276 IsEmpty]: Start isEmpty. Operand 1835 states and 2540 transitions. [2025-03-08 05:39:56,180 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 132 [2025-03-08 05:39:56,181 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:39:56,181 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:39:56,188 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2025-03-08 05:39:56,381 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2025-03-08 05:39:56,382 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:39:56,383 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:39:56,383 INFO L85 PathProgramCache]: Analyzing trace with hash 1326436296, now seen corresponding path program 1 times [2025-03-08 05:39:56,383 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:39:56,383 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1080316441] [2025-03-08 05:39:56,383 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:39:56,383 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:39:56,393 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 131 statements into 1 equivalence classes. [2025-03-08 05:39:56,404 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 131 of 131 statements. [2025-03-08 05:39:56,404 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:56,404 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-03-08 05:39:56,404 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-03-08 05:39:56,409 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 131 statements into 1 equivalence classes. [2025-03-08 05:39:56,426 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 131 of 131 statements. [2025-03-08 05:39:56,426 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:39:56,426 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-03-08 05:39:56,463 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-03-08 05:39:56,463 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-03-08 05:39:56,464 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-03-08 05:39:56,466 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2025-03-08 05:39:56,467 INFO L422 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:39:56,554 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-03-08 05:39:56,560 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 08.03 05:39:56 BoogieIcfgContainer [2025-03-08 05:39:56,560 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-03-08 05:39:56,561 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-03-08 05:39:56,561 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-03-08 05:39:56,561 INFO L274 PluginConnector]: Witness Printer initialized [2025-03-08 05:39:56,561 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 08.03 05:39:52" (3/4) ... [2025-03-08 05:39:56,562 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-03-08 05:39:56,654 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 104. [2025-03-08 05:39:56,740 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-03-08 05:39:56,740 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2025-03-08 05:39:56,740 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-03-08 05:39:56,741 INFO L158 Benchmark]: Toolchain (without parser) took 5353.78ms. Allocated memory was 167.8MB in the beginning and 243.3MB in the end (delta: 75.5MB). Free memory was 122.2MB in the beginning and 125.4MB in the end (delta: -3.2MB). Peak memory consumption was 68.3MB. Max. memory is 16.1GB. [2025-03-08 05:39:56,741 INFO L158 Benchmark]: CDTParser took 0.43ms. Allocated memory is still 201.3MB. Free memory is still 118.6MB. There was no memory consumed. Max. memory is 16.1GB. [2025-03-08 05:39:56,741 INFO L158 Benchmark]: CACSL2BoogieTranslator took 346.95ms. Allocated memory is still 167.8MB. Free memory was 121.8MB in the beginning and 102.1MB in the end (delta: 19.6MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-03-08 05:39:56,741 INFO L158 Benchmark]: Boogie Procedure Inliner took 36.49ms. Allocated memory is still 167.8MB. Free memory was 102.1MB in the beginning and 100.0MB in the end (delta: 2.2MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-03-08 05:39:56,741 INFO L158 Benchmark]: Boogie Preprocessor took 29.52ms. Allocated memory is still 167.8MB. Free memory was 100.0MB in the beginning and 98.2MB in the end (delta: 1.8MB). There was no memory consumed. Max. memory is 16.1GB. [2025-03-08 05:39:56,742 INFO L158 Benchmark]: IcfgBuilder took 412.61ms. Allocated memory is still 167.8MB. Free memory was 98.2MB in the beginning and 74.8MB in the end (delta: 23.4MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. [2025-03-08 05:39:56,742 INFO L158 Benchmark]: TraceAbstraction took 4343.99ms. Allocated memory was 167.8MB in the beginning and 243.3MB in the end (delta: 75.5MB). Free memory was 74.0MB in the beginning and 142.3MB in the end (delta: -68.3MB). Peak memory consumption was 1.2MB. Max. memory is 16.1GB. [2025-03-08 05:39:56,742 INFO L158 Benchmark]: Witness Printer took 179.50ms. Allocated memory is still 243.3MB. Free memory was 142.3MB in the beginning and 125.4MB in the end (delta: 16.9MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-03-08 05:39:56,743 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.43ms. Allocated memory is still 201.3MB. Free memory is still 118.6MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 346.95ms. Allocated memory is still 167.8MB. Free memory was 121.8MB in the beginning and 102.1MB in the end (delta: 19.6MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 36.49ms. Allocated memory is still 167.8MB. Free memory was 102.1MB in the beginning and 100.0MB in the end (delta: 2.2MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Preprocessor took 29.52ms. Allocated memory is still 167.8MB. Free memory was 100.0MB in the beginning and 98.2MB in the end (delta: 1.8MB). There was no memory consumed. Max. memory is 16.1GB. * IcfgBuilder took 412.61ms. Allocated memory is still 167.8MB. Free memory was 98.2MB in the beginning and 74.8MB in the end (delta: 23.4MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. * TraceAbstraction took 4343.99ms. Allocated memory was 167.8MB in the beginning and 243.3MB in the end (delta: 75.5MB). Free memory was 74.0MB in the beginning and 142.3MB in the end (delta: -68.3MB). Peak memory consumption was 1.2MB. Max. memory is 16.1GB. * Witness Printer took 179.50ms. Allocated memory is still 243.3MB. Free memory was 142.3MB in the beginning and 125.4MB in the end (delta: 16.9MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 168]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [168] - GenericResultAtLocation [Line: 507]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [507] - GenericResultAtLocation [Line: 609]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [609] - GenericResultAtLocation [Line: 686]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification2_spec.i","") [686] - GenericResultAtLocation [Line: 726]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [726] - GenericResultAtLocation [Line: 1092]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1092] - GenericResultAtLocation [Line: 1101]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1101] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 1097]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L50] int __SELECTED_FEATURE_base ; [L51] int __SELECTED_FEATURE_highWaterSensor ; [L52] int __SELECTED_FEATURE_lowWaterSensor ; [L53] int __SELECTED_FEATURE_methaneQuery ; [L54] int __SELECTED_FEATURE_methaneAlarm ; [L55] int __SELECTED_FEATURE_stopCommand ; [L56] int __SELECTED_FEATURE_startCommand ; [L57] int __GUIDSL_ROOT_PRODUCTION ; [L66] int waterLevel = 1; [L67] int methaneLevelCritical = 0; [L176] int pumpRunning = 0; [L177] int systemActive = 1; [L508] int cleanupTimeShifts = 4; [L688] int methAndRunningLastTime ; [L896] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; VAL [__GUIDSL_ROOT_PRODUCTION=0, __SELECTED_FEATURE_base=0, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L587] int retValue_acc ; [L588] int tmp ; [L592] CALL select_helpers() [L1133] __GUIDSL_ROOT_PRODUCTION = 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=0, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L592] RET select_helpers() [L593] CALL select_features() [L1118] __SELECTED_FEATURE_base = 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1119] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=16, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1119] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1119] __SELECTED_FEATURE_highWaterSensor = select_one() [L1120] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1120] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1120] __SELECTED_FEATURE_lowWaterSensor = select_one() [L1121] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1121] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1121] __SELECTED_FEATURE_methaneQuery = select_one() [L1122] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1122] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1122] __SELECTED_FEATURE_methaneAlarm = select_one() [L1123] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1123] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1123] __SELECTED_FEATURE_stopCommand = select_one() [L1124] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1124] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1124] __SELECTED_FEATURE_startCommand = select_one() [L593] RET select_features() [L594] CALL, EXPR valid_product() [L1138] int retValue_acc ; [L1141] retValue_acc = __SELECTED_FEATURE_base [L1142] return (retValue_acc); VAL [\result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L594] RET, EXPR valid_product() [L594] tmp = valid_product() [L596] COND TRUE \read(tmp) [L598] FCALL setup() [L599] CALL runTest() [L577] CALL __utac_acc__Specification2_spec__1() [L693] methAndRunningLastTime = 0 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L577] RET __utac_acc__Specification2_spec__1() [L578] CALL test() [L611] int splverifierCounter ; [L612] int tmp ; [L613] int tmp___0 ; [L614] int tmp___1 ; [L615] int tmp___2 ; [L618] splverifierCounter = 0 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L622] COND TRUE splverifierCounter < 4 [L628] tmp = __VERIFIER_nondet_int() [L630] COND TRUE \read(tmp) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L632] CALL waterRise() VAL [\old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L84] COND TRUE waterLevel < 2 [L85] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L632] RET waterRise() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L638] tmp___0 = __VERIFIER_nondet_int() [L640] COND TRUE \read(tmp___0) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L642] CALL changeMethaneLevel() VAL [\old(methaneLevelCritical)=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L96] COND FALSE !(\read(methaneLevelCritical)) [L99] methaneLevelCritical = 1 VAL [\old(methaneLevelCritical)=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L642] RET changeMethaneLevel() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L648] tmp___2 = __VERIFIER_nondet_int() [L650] COND FALSE !(\read(tmp___2)) [L660] tmp___1 = __VERIFIER_nondet_int() [L662] COND FALSE !(\read(tmp___1)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L675] CALL timeShift() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L184] COND FALSE !(\read(pumpRunning)) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L191] COND TRUE \read(systemActive) [L193] CALL processEnvironment() [L327] COND FALSE !(\read(__SELECTED_FEATURE_methaneAlarm)) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L334] CALL processEnvironment__before__methaneAlarm() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L284] COND FALSE !(\read(__SELECTED_FEATURE_lowWaterSensor)) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L291] CALL processEnvironment__before__lowWaterSensor() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L241] COND TRUE \read(__SELECTED_FEATURE_highWaterSensor) [L243] CALL processEnvironment__role__highWaterSensor() [L213] int tmp ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L216] COND TRUE ! pumpRunning [L218] CALL, EXPR isHighWaterLevel() [L447] int retValue_acc ; [L448] int tmp ; [L449] int tmp___0 ; [L453] CALL, EXPR isHighWaterSensorDry() [L146] int retValue_acc ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L149] COND FALSE !(waterLevel < 2) [L153] retValue_acc = 0 [L154] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L453] RET, EXPR isHighWaterSensorDry() [L453] tmp = isHighWaterSensorDry() [L455] COND FALSE !(\read(tmp)) [L458] tmp___0 = 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L460] retValue_acc = tmp___0 [L461] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L218] RET, EXPR isHighWaterLevel() [L218] tmp = isHighWaterLevel() [L220] COND TRUE \read(tmp) [L222] CALL activatePump() [L369] COND FALSE !(\read(__SELECTED_FEATURE_methaneQuery)) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L376] CALL activatePump__before__methaneQuery() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L344] pumpRunning = 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L376] RET activatePump__before__methaneQuery() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L222] RET activatePump() [L243] RET processEnvironment__role__highWaterSensor() [L291] RET processEnvironment__before__lowWaterSensor() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L334] RET processEnvironment__before__methaneAlarm() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L193] RET processEnvironment() [L199] CALL __utac_acc__Specification2_spec__2() [L698] int tmp ; [L699] int tmp___0 ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L703] CALL, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L105] int retValue_acc ; [L108] retValue_acc = methaneLevelCritical [L109] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L703] RET, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L703] tmp = isMethaneLevelCritical() [L705] COND TRUE \read(tmp) [L707] CALL, EXPR isPumpRunning() [L402] int retValue_acc ; [L405] retValue_acc = pumpRunning [L406] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L707] RET, EXPR isPumpRunning() [L707] tmp___0 = isPumpRunning() [L709] COND TRUE \read(tmp___0) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L710] COND FALSE !(\read(methAndRunningLastTime)) [L715] methAndRunningLastTime = 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L199] RET __utac_acc__Specification2_spec__2() [L675] RET timeShift() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L622] COND TRUE splverifierCounter < 4 [L628] tmp = __VERIFIER_nondet_int() [L630] COND FALSE !(\read(tmp)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L638] tmp___0 = __VERIFIER_nondet_int() [L640] COND FALSE !(\read(tmp___0)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L648] tmp___2 = __VERIFIER_nondet_int() [L650] COND FALSE !(\read(tmp___2)) [L660] tmp___1 = __VERIFIER_nondet_int() [L662] COND FALSE !(\read(tmp___1)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L675] CALL timeShift() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L184] COND TRUE \read(pumpRunning) [L186] CALL lowerWaterLevel() [L72] COND TRUE waterLevel > 0 [L73] waterLevel = waterLevel - 1 VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L186] RET lowerWaterLevel() [L191] COND TRUE \read(systemActive) [L193] CALL processEnvironment() [L327] COND FALSE !(\read(__SELECTED_FEATURE_methaneAlarm)) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L334] CALL processEnvironment__before__methaneAlarm() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L284] COND FALSE !(\read(__SELECTED_FEATURE_lowWaterSensor)) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L291] CALL processEnvironment__before__lowWaterSensor() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L241] COND TRUE \read(__SELECTED_FEATURE_highWaterSensor) [L243] CALL processEnvironment__role__highWaterSensor() [L213] int tmp ; VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L216] COND FALSE !(! pumpRunning) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L231] FCALL processEnvironment__before__highWaterSensor() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L243] RET processEnvironment__role__highWaterSensor() [L291] RET processEnvironment__before__lowWaterSensor() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L334] RET processEnvironment__before__methaneAlarm() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L193] RET processEnvironment() [L199] CALL __utac_acc__Specification2_spec__2() [L698] int tmp ; [L699] int tmp___0 ; VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L703] CALL, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L105] int retValue_acc ; [L108] retValue_acc = methaneLevelCritical [L109] return (retValue_acc); VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L703] RET, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L703] tmp = isMethaneLevelCritical() [L705] COND TRUE \read(tmp) [L707] CALL, EXPR isPumpRunning() [L402] int retValue_acc ; [L405] retValue_acc = pumpRunning [L406] return (retValue_acc); VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L707] RET, EXPR isPumpRunning() [L707] tmp___0 = isPumpRunning() [L709] COND TRUE \read(tmp___0) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L710] COND TRUE \read(methAndRunningLastTime) [L712] CALL __automaton_fail() [L1097] reach_error() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] - StatisticsResult: Ultimate Automizer benchmark data CFG has 13 procedures, 142 locations, 223 edges, 1 error locations. Started 1 CEGAR loops. OverallTime: 4.2s, OverallIterations: 11, TraceHistogramMax: 6, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 1.0s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1145 SdHoareTripleChecker+Valid, 0.4s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1139 mSDsluCounter, 4788 SdHoareTripleChecker+Invalid, 0.3s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2865 mSDsCounter, 33 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 333 IncrementalHoareTripleChecker+Invalid, 366 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 33 mSolverCounterUnsat, 1923 mSDtfsCounter, 333 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 436 GetRequests, 401 SyntacticMatches, 1 SemanticMatches, 34 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 18 ImplicationChecksByTransitivity, 0.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1835occurred in iteration=10, InterpolantAutomatonStates: 44, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.6s AutomataMinimizationTime, 10 MinimizatonAttempts, 75 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 1.4s InterpolantComputationTime, 1272 NumberOfCodeBlocks, 1272 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 1255 ConstructedInterpolants, 0 QuantifiedInterpolants, 2330 SizeOfPredicates, 1 NumberOfNonLiveVariables, 878 ConjunctsInSsa, 14 ConjunctsInUnsatCore, 13 InterpolantComputations, 10 PerfectInterpolantSequences, 761/769 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-03-08 05:39:56,762 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE