./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version e2fb8bed Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 45558e1c10008e5b16efe572a84fcf92b08797f54d586c51d45827b7e38254a6 --- Real Ultimate output --- This is Ultimate 0.3.0-?-e2fb8be-m [2025-03-08 05:41:14,612 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-03-08 05:41:14,695 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-03-08 05:41:14,701 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-03-08 05:41:14,703 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-03-08 05:41:14,724 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-03-08 05:41:14,725 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-03-08 05:41:14,725 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-03-08 05:41:14,725 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-03-08 05:41:14,725 INFO L153 SettingsManager]: * Use memory slicer=true [2025-03-08 05:41:14,726 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-03-08 05:41:14,726 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-03-08 05:41:14,726 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-03-08 05:41:14,727 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-03-08 05:41:14,727 INFO L153 SettingsManager]: * Use SBE=true [2025-03-08 05:41:14,727 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-03-08 05:41:14,727 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-03-08 05:41:14,727 INFO L153 SettingsManager]: * sizeof long=4 [2025-03-08 05:41:14,728 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-03-08 05:41:14,728 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-03-08 05:41:14,728 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-03-08 05:41:14,728 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-03-08 05:41:14,728 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-03-08 05:41:14,728 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-03-08 05:41:14,728 INFO L153 SettingsManager]: * sizeof long double=12 [2025-03-08 05:41:14,728 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-03-08 05:41:14,728 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-03-08 05:41:14,728 INFO L153 SettingsManager]: * Use constant arrays=true [2025-03-08 05:41:14,728 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-03-08 05:41:14,728 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-03-08 05:41:14,729 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-03-08 05:41:14,729 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-03-08 05:41:14,729 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-08 05:41:14,729 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-03-08 05:41:14,729 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-03-08 05:41:14,729 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-03-08 05:41:14,729 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-03-08 05:41:14,729 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-03-08 05:41:14,730 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-03-08 05:41:14,730 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-03-08 05:41:14,730 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-03-08 05:41:14,730 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-03-08 05:41:14,730 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-03-08 05:41:14,730 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 45558e1c10008e5b16efe572a84fcf92b08797f54d586c51d45827b7e38254a6 [2025-03-08 05:41:14,939 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-03-08 05:41:14,952 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-03-08 05:41:14,955 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-03-08 05:41:14,956 INFO L270 PluginConnector]: Initializing CDTParser... [2025-03-08 05:41:14,956 INFO L274 PluginConnector]: CDTParser initialized [2025-03-08 05:41:14,957 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c [2025-03-08 05:41:16,100 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/c2981ac2c/f667a519c3f04125b87059236ddab7f1/FLAGd3ab5ece9 [2025-03-08 05:41:16,335 INFO L384 CDTParser]: Found 1 translation units. [2025-03-08 05:41:16,335 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c [2025-03-08 05:41:16,347 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/c2981ac2c/f667a519c3f04125b87059236ddab7f1/FLAGd3ab5ece9 [2025-03-08 05:41:16,357 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/c2981ac2c/f667a519c3f04125b87059236ddab7f1 [2025-03-08 05:41:16,359 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-03-08 05:41:16,359 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-03-08 05:41:16,360 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-03-08 05:41:16,360 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-03-08 05:41:16,363 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-03-08 05:41:16,363 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.03 05:41:16" (1/1) ... [2025-03-08 05:41:16,364 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@67f22d3a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:41:16, skipping insertion in model container [2025-03-08 05:41:16,364 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.03 05:41:16" (1/1) ... [2025-03-08 05:41:16,388 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-03-08 05:41:16,536 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c[9333,9346] [2025-03-08 05:41:16,601 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-08 05:41:16,614 INFO L200 MainTranslator]: Completed pre-run [2025-03-08 05:41:16,619 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] [2025-03-08 05:41:16,620 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification4_spec.i","") [153] [2025-03-08 05:41:16,620 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [190] [2025-03-08 05:41:16,620 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [530] [2025-03-08 05:41:16,620 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [607] [2025-03-08 05:41:16,620 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [616] [2025-03-08 05:41:16,620 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [982] [2025-03-08 05:41:16,620 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1085] [2025-03-08 05:41:16,639 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c[9333,9346] [2025-03-08 05:41:16,657 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-08 05:41:16,672 INFO L204 MainTranslator]: Completed translation [2025-03-08 05:41:16,673 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:41:16 WrapperNode [2025-03-08 05:41:16,673 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-03-08 05:41:16,674 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-03-08 05:41:16,674 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-03-08 05:41:16,674 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-03-08 05:41:16,678 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:41:16" (1/1) ... [2025-03-08 05:41:16,690 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:41:16" (1/1) ... [2025-03-08 05:41:16,720 INFO L138 Inliner]: procedures = 63, calls = 121, calls flagged for inlining = 29, calls inlined = 26, statements flattened = 295 [2025-03-08 05:41:16,721 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-03-08 05:41:16,721 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-03-08 05:41:16,722 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-03-08 05:41:16,722 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-03-08 05:41:16,727 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:41:16" (1/1) ... [2025-03-08 05:41:16,728 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:41:16" (1/1) ... [2025-03-08 05:41:16,729 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:41:16" (1/1) ... [2025-03-08 05:41:16,751 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-03-08 05:41:16,751 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:41:16" (1/1) ... [2025-03-08 05:41:16,751 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:41:16" (1/1) ... [2025-03-08 05:41:16,755 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:41:16" (1/1) ... [2025-03-08 05:41:16,756 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:41:16" (1/1) ... [2025-03-08 05:41:16,757 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:41:16" (1/1) ... [2025-03-08 05:41:16,757 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:41:16" (1/1) ... [2025-03-08 05:41:16,759 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-03-08 05:41:16,759 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-03-08 05:41:16,759 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-03-08 05:41:16,759 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-03-08 05:41:16,760 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:41:16" (1/1) ... [2025-03-08 05:41:16,764 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-08 05:41:16,773 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-08 05:41:16,785 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-03-08 05:41:16,788 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-03-08 05:41:16,806 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-03-08 05:41:16,807 INFO L130 BoogieDeclarations]: Found specification of procedure activatePump__before__methaneQuery [2025-03-08 05:41:16,807 INFO L138 BoogieDeclarations]: Found implementation of procedure activatePump__before__methaneQuery [2025-03-08 05:41:16,807 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-03-08 05:41:16,807 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-03-08 05:41:16,807 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-03-08 05:41:16,807 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-03-08 05:41:16,807 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__highWaterSensor [2025-03-08 05:41:16,807 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__highWaterSensor [2025-03-08 05:41:16,807 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-03-08 05:41:16,807 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-03-08 05:41:16,807 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__methaneAlarm [2025-03-08 05:41:16,807 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__methaneAlarm [2025-03-08 05:41:16,807 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__lowWaterSensor [2025-03-08 05:41:16,807 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__lowWaterSensor [2025-03-08 05:41:16,807 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2025-03-08 05:41:16,807 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2025-03-08 05:41:16,807 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2025-03-08 05:41:16,807 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2025-03-08 05:41:16,807 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-03-08 05:41:16,807 INFO L130 BoogieDeclarations]: Found specification of procedure select_one [2025-03-08 05:41:16,807 INFO L138 BoogieDeclarations]: Found implementation of procedure select_one [2025-03-08 05:41:16,807 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-03-08 05:41:16,807 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-03-08 05:41:16,807 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-03-08 05:41:16,807 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-03-08 05:41:16,860 INFO L256 CfgBuilder]: Building ICFG [2025-03-08 05:41:16,862 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2025-03-08 05:41:16,956 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L1073-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~10#1; [2025-03-08 05:41:16,956 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L485-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~3#1; [2025-03-08 05:41:16,963 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L1094: #res := ~retValue_acc~12; [2025-03-08 05:41:17,016 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L430-1: isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~2#1; [2025-03-08 05:41:17,016 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L1059-1: getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~9#1; [2025-03-08 05:41:17,110 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L1127-1: valid_product_#res#1 := valid_product_~retValue_acc~13#1; [2025-03-08 05:41:17,111 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L150-1: main_#res#1 := main_~retValue_acc~0#1; [2025-03-08 05:41:17,149 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L1082-1: isLowWaterSensorDry_#res#1 := isLowWaterSensorDry_~retValue_acc~11#1; [2025-03-08 05:41:17,150 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L504-1: isLowWaterLevel_#res#1 := isLowWaterLevel_~retValue_acc~4#1; [2025-03-08 05:41:17,159 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L421: #res#1 := ~retValue_acc~1#1; [2025-03-08 05:41:17,159 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L1027-1: isMethaneLevelCritical_#res#1 := isMethaneLevelCritical_~retValue_acc~8#1; [2025-03-08 05:41:17,190 INFO L? ?]: Removed 55 outVars from TransFormulas that were not future-live. [2025-03-08 05:41:17,190 INFO L307 CfgBuilder]: Performing block encoding [2025-03-08 05:41:17,205 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-03-08 05:41:17,206 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2025-03-08 05:41:17,206 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 08.03 05:41:17 BoogieIcfgContainer [2025-03-08 05:41:17,206 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-03-08 05:41:17,208 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-03-08 05:41:17,208 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-03-08 05:41:17,211 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-03-08 05:41:17,211 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 08.03 05:41:16" (1/3) ... [2025-03-08 05:41:17,212 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@704f7d0c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.03 05:41:17, skipping insertion in model container [2025-03-08 05:41:17,212 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:41:16" (2/3) ... [2025-03-08 05:41:17,212 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@704f7d0c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.03 05:41:17, skipping insertion in model container [2025-03-08 05:41:17,212 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 08.03 05:41:17" (3/3) ... [2025-03-08 05:41:17,213 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec4_productSimulator.cil.c [2025-03-08 05:41:17,224 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-03-08 05:41:17,226 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec4_productSimulator.cil.c that has 12 procedures, 135 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-03-08 05:41:17,285 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-03-08 05:41:17,297 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@30768c93, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-03-08 05:41:17,297 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-03-08 05:41:17,300 INFO L276 IsEmpty]: Start isEmpty. Operand has 135 states, 94 states have (on average 1.3617021276595744) internal successors, (128), 110 states have internal predecessors, (128), 28 states have call successors, (28), 11 states have call predecessors, (28), 11 states have return successors, (28), 23 states have call predecessors, (28), 28 states have call successors, (28) [2025-03-08 05:41:17,307 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2025-03-08 05:41:17,308 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:41:17,309 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:41:17,309 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:41:17,312 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:41:17,313 INFO L85 PathProgramCache]: Analyzing trace with hash -2119081207, now seen corresponding path program 1 times [2025-03-08 05:41:17,319 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:41:17,320 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [637612529] [2025-03-08 05:41:17,320 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:41:17,320 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:41:17,384 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 49 statements into 1 equivalence classes. [2025-03-08 05:41:17,417 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 49 of 49 statements. [2025-03-08 05:41:17,417 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:41:17,418 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:41:17,538 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-08 05:41:17,539 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:41:17,539 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [637612529] [2025-03-08 05:41:17,539 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [637612529] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:41:17,539 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:41:17,540 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-08 05:41:17,541 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [544197474] [2025-03-08 05:41:17,541 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:41:17,543 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-08 05:41:17,544 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:41:17,573 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-08 05:41:17,574 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:41:17,576 INFO L87 Difference]: Start difference. First operand has 135 states, 94 states have (on average 1.3617021276595744) internal successors, (128), 110 states have internal predecessors, (128), 28 states have call successors, (28), 11 states have call predecessors, (28), 11 states have return successors, (28), 23 states have call predecessors, (28), 28 states have call successors, (28) Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2025-03-08 05:41:17,603 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:41:17,604 INFO L93 Difference]: Finished difference Result 235 states and 324 transitions. [2025-03-08 05:41:17,607 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-08 05:41:17,608 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) Word has length 49 [2025-03-08 05:41:17,609 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:41:17,614 INFO L225 Difference]: With dead ends: 235 [2025-03-08 05:41:17,614 INFO L226 Difference]: Without dead ends: 118 [2025-03-08 05:41:17,617 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:41:17,618 INFO L435 NwaCegarLoop]: 163 mSDtfsCounter, 20 mSDsluCounter, 139 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 24 SdHoareTripleChecker+Valid, 302 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:41:17,619 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [24 Valid, 302 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:41:17,628 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 118 states. [2025-03-08 05:41:17,644 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 118 to 118. [2025-03-08 05:41:17,645 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 118 states, 82 states have (on average 1.3414634146341464) internal successors, (110), 97 states have internal predecessors, (110), 25 states have call successors, (25), 10 states have call predecessors, (25), 10 states have return successors, (25), 20 states have call predecessors, (25), 25 states have call successors, (25) [2025-03-08 05:41:17,651 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 118 states to 118 states and 160 transitions. [2025-03-08 05:41:17,652 INFO L78 Accepts]: Start accepts. Automaton has 118 states and 160 transitions. Word has length 49 [2025-03-08 05:41:17,654 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:41:17,654 INFO L471 AbstractCegarLoop]: Abstraction has 118 states and 160 transitions. [2025-03-08 05:41:17,654 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2025-03-08 05:41:17,654 INFO L276 IsEmpty]: Start isEmpty. Operand 118 states and 160 transitions. [2025-03-08 05:41:17,656 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 54 [2025-03-08 05:41:17,657 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:41:17,657 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:41:17,657 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-03-08 05:41:17,658 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:41:17,658 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:41:17,659 INFO L85 PathProgramCache]: Analyzing trace with hash -2055118448, now seen corresponding path program 1 times [2025-03-08 05:41:17,659 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:41:17,659 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [720686717] [2025-03-08 05:41:17,659 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:41:17,659 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:41:17,679 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 53 statements into 1 equivalence classes. [2025-03-08 05:41:17,701 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 53 of 53 statements. [2025-03-08 05:41:17,702 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:41:17,702 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:41:17,856 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-08 05:41:17,856 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:41:17,856 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [720686717] [2025-03-08 05:41:17,856 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [720686717] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:41:17,856 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:41:17,856 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2025-03-08 05:41:17,856 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1078251605] [2025-03-08 05:41:17,857 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:41:17,857 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2025-03-08 05:41:17,857 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:41:17,859 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2025-03-08 05:41:17,860 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=30, Unknown=0, NotChecked=0, Total=42 [2025-03-08 05:41:17,860 INFO L87 Difference]: Start difference. First operand 118 states and 160 transitions. Second operand has 7 states, 7 states have (on average 4.285714285714286) internal successors, (30), 7 states have internal predecessors, (30), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2025-03-08 05:41:18,255 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:41:18,255 INFO L93 Difference]: Finished difference Result 441 states and 611 transitions. [2025-03-08 05:41:18,256 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-03-08 05:41:18,256 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 4.285714285714286) internal successors, (30), 7 states have internal predecessors, (30), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) Word has length 53 [2025-03-08 05:41:18,256 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:41:18,259 INFO L225 Difference]: With dead ends: 441 [2025-03-08 05:41:18,259 INFO L226 Difference]: Without dead ends: 345 [2025-03-08 05:41:18,260 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=31, Invalid=59, Unknown=0, NotChecked=0, Total=90 [2025-03-08 05:41:18,261 INFO L435 NwaCegarLoop]: 171 mSDtfsCounter, 547 mSDsluCounter, 583 mSDsCounter, 0 mSdLazyCounter, 253 mSolverCounterSat, 145 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 547 SdHoareTripleChecker+Valid, 754 SdHoareTripleChecker+Invalid, 398 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 145 IncrementalHoareTripleChecker+Valid, 253 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2025-03-08 05:41:18,261 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [547 Valid, 754 Invalid, 398 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [145 Valid, 253 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2025-03-08 05:41:18,262 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 345 states. [2025-03-08 05:41:18,285 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 345 to 244. [2025-03-08 05:41:18,286 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 244 states, 172 states have (on average 1.3953488372093024) internal successors, (240), 204 states have internal predecessors, (240), 48 states have call successors, (48), 23 states have call predecessors, (48), 23 states have return successors, (49), 36 states have call predecessors, (49), 48 states have call successors, (49) [2025-03-08 05:41:18,287 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 244 states to 244 states and 337 transitions. [2025-03-08 05:41:18,288 INFO L78 Accepts]: Start accepts. Automaton has 244 states and 337 transitions. Word has length 53 [2025-03-08 05:41:18,288 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:41:18,288 INFO L471 AbstractCegarLoop]: Abstraction has 244 states and 337 transitions. [2025-03-08 05:41:18,288 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 4.285714285714286) internal successors, (30), 7 states have internal predecessors, (30), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2025-03-08 05:41:18,289 INFO L276 IsEmpty]: Start isEmpty. Operand 244 states and 337 transitions. [2025-03-08 05:41:18,290 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2025-03-08 05:41:18,290 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:41:18,290 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:41:18,290 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-03-08 05:41:18,290 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:41:18,291 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:41:18,291 INFO L85 PathProgramCache]: Analyzing trace with hash -1207963756, now seen corresponding path program 1 times [2025-03-08 05:41:18,291 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:41:18,291 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [564983252] [2025-03-08 05:41:18,291 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:41:18,291 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:41:18,302 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 57 statements into 1 equivalence classes. [2025-03-08 05:41:18,326 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 57 of 57 statements. [2025-03-08 05:41:18,326 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:41:18,327 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:41:18,464 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-08 05:41:18,464 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:41:18,464 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [564983252] [2025-03-08 05:41:18,464 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [564983252] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:41:18,464 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:41:18,464 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2025-03-08 05:41:18,464 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1380286539] [2025-03-08 05:41:18,464 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:41:18,465 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2025-03-08 05:41:18,465 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:41:18,465 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2025-03-08 05:41:18,465 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=56, Unknown=0, NotChecked=0, Total=72 [2025-03-08 05:41:18,465 INFO L87 Difference]: Start difference. First operand 244 states and 337 transitions. Second operand has 9 states, 9 states have (on average 3.7777777777777777) internal successors, (34), 9 states have internal predecessors, (34), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2025-03-08 05:41:18,807 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:41:18,807 INFO L93 Difference]: Finished difference Result 885 states and 1299 transitions. [2025-03-08 05:41:18,807 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2025-03-08 05:41:18,807 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 3.7777777777777777) internal successors, (34), 9 states have internal predecessors, (34), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) Word has length 57 [2025-03-08 05:41:18,808 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:41:18,812 INFO L225 Difference]: With dead ends: 885 [2025-03-08 05:41:18,812 INFO L226 Difference]: Without dead ends: 663 [2025-03-08 05:41:18,813 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 19 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=59, Invalid=181, Unknown=0, NotChecked=0, Total=240 [2025-03-08 05:41:18,814 INFO L435 NwaCegarLoop]: 153 mSDtfsCounter, 304 mSDsluCounter, 973 mSDsCounter, 0 mSdLazyCounter, 291 mSolverCounterSat, 98 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 304 SdHoareTripleChecker+Valid, 1126 SdHoareTripleChecker+Invalid, 389 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 98 IncrementalHoareTripleChecker+Valid, 291 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2025-03-08 05:41:18,814 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [304 Valid, 1126 Invalid, 389 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [98 Valid, 291 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2025-03-08 05:41:18,815 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 663 states. [2025-03-08 05:41:18,874 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 663 to 657. [2025-03-08 05:41:18,877 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 657 states, 463 states have (on average 1.3909287257019438) internal successors, (644), 554 states have internal predecessors, (644), 129 states have call successors, (129), 64 states have call predecessors, (129), 64 states have return successors, (161), 93 states have call predecessors, (161), 129 states have call successors, (161) [2025-03-08 05:41:18,883 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 657 states to 657 states and 934 transitions. [2025-03-08 05:41:18,885 INFO L78 Accepts]: Start accepts. Automaton has 657 states and 934 transitions. Word has length 57 [2025-03-08 05:41:18,886 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:41:18,886 INFO L471 AbstractCegarLoop]: Abstraction has 657 states and 934 transitions. [2025-03-08 05:41:18,887 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 3.7777777777777777) internal successors, (34), 9 states have internal predecessors, (34), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2025-03-08 05:41:18,887 INFO L276 IsEmpty]: Start isEmpty. Operand 657 states and 934 transitions. [2025-03-08 05:41:18,889 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 60 [2025-03-08 05:41:18,890 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:41:18,890 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:41:18,890 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-03-08 05:41:18,890 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:41:18,890 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:41:18,891 INFO L85 PathProgramCache]: Analyzing trace with hash 1763801047, now seen corresponding path program 1 times [2025-03-08 05:41:18,891 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:41:18,891 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1292431218] [2025-03-08 05:41:18,891 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:41:18,891 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:41:18,900 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 59 statements into 1 equivalence classes. [2025-03-08 05:41:18,911 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 59 of 59 statements. [2025-03-08 05:41:18,911 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:41:18,911 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:41:18,967 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-08 05:41:18,968 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:41:18,968 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1292431218] [2025-03-08 05:41:18,968 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1292431218] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:41:18,968 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:41:18,968 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-08 05:41:18,968 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1306800007] [2025-03-08 05:41:18,968 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:41:18,969 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-08 05:41:18,969 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:41:18,969 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-08 05:41:18,969 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:41:18,970 INFO L87 Difference]: Start difference. First operand 657 states and 934 transitions. Second operand has 3 states, 3 states have (on average 12.0) internal successors, (36), 3 states have internal predecessors, (36), 1 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2025-03-08 05:41:19,054 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:41:19,054 INFO L93 Difference]: Finished difference Result 1530 states and 2294 transitions. [2025-03-08 05:41:19,055 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-08 05:41:19,055 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 12.0) internal successors, (36), 3 states have internal predecessors, (36), 1 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) Word has length 59 [2025-03-08 05:41:19,055 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:41:19,060 INFO L225 Difference]: With dead ends: 1530 [2025-03-08 05:41:19,061 INFO L226 Difference]: Without dead ends: 895 [2025-03-08 05:41:19,064 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:41:19,064 INFO L435 NwaCegarLoop]: 158 mSDtfsCounter, 100 mSDsluCounter, 91 mSDsCounter, 0 mSdLazyCounter, 13 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 100 SdHoareTripleChecker+Valid, 249 SdHoareTripleChecker+Invalid, 23 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 13 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:41:19,064 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [100 Valid, 249 Invalid, 23 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 13 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:41:19,066 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 895 states. [2025-03-08 05:41:19,148 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 895 to 882. [2025-03-08 05:41:19,150 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 882 states, 644 states have (on average 1.3416149068322982) internal successors, (864), 729 states have internal predecessors, (864), 141 states have call successors, (141), 92 states have call predecessors, (141), 96 states have return successors, (258), 139 states have call predecessors, (258), 141 states have call successors, (258) [2025-03-08 05:41:19,157 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 882 states to 882 states and 1263 transitions. [2025-03-08 05:41:19,158 INFO L78 Accepts]: Start accepts. Automaton has 882 states and 1263 transitions. Word has length 59 [2025-03-08 05:41:19,159 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:41:19,159 INFO L471 AbstractCegarLoop]: Abstraction has 882 states and 1263 transitions. [2025-03-08 05:41:19,159 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 12.0) internal successors, (36), 3 states have internal predecessors, (36), 1 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2025-03-08 05:41:19,159 INFO L276 IsEmpty]: Start isEmpty. Operand 882 states and 1263 transitions. [2025-03-08 05:41:19,162 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 82 [2025-03-08 05:41:19,162 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:41:19,162 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:41:19,162 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-03-08 05:41:19,162 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:41:19,163 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:41:19,163 INFO L85 PathProgramCache]: Analyzing trace with hash 1083662667, now seen corresponding path program 1 times [2025-03-08 05:41:19,164 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:41:19,164 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [313019999] [2025-03-08 05:41:19,164 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:41:19,164 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:41:19,178 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 81 statements into 1 equivalence classes. [2025-03-08 05:41:19,188 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 81 of 81 statements. [2025-03-08 05:41:19,188 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:41:19,188 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:41:19,281 INFO L134 CoverageAnalysis]: Checked inductivity of 62 backedges. 10 proven. 0 refuted. 0 times theorem prover too weak. 52 trivial. 0 not checked. [2025-03-08 05:41:19,283 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:41:19,283 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [313019999] [2025-03-08 05:41:19,283 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [313019999] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:41:19,283 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:41:19,283 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-08 05:41:19,283 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [83166914] [2025-03-08 05:41:19,283 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:41:19,284 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-08 05:41:19,284 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:41:19,284 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-08 05:41:19,286 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-08 05:41:19,286 INFO L87 Difference]: Start difference. First operand 882 states and 1263 transitions. Second operand has 5 states, 5 states have (on average 9.4) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) [2025-03-08 05:41:19,378 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:41:19,379 INFO L93 Difference]: Finished difference Result 884 states and 1264 transitions. [2025-03-08 05:41:19,381 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-08 05:41:19,381 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.4) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) Word has length 81 [2025-03-08 05:41:19,382 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:41:19,388 INFO L225 Difference]: With dead ends: 884 [2025-03-08 05:41:19,388 INFO L226 Difference]: Without dead ends: 882 [2025-03-08 05:41:19,389 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-03-08 05:41:19,389 INFO L435 NwaCegarLoop]: 156 mSDtfsCounter, 110 mSDsluCounter, 400 mSDsCounter, 0 mSdLazyCounter, 34 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 110 SdHoareTripleChecker+Valid, 556 SdHoareTripleChecker+Invalid, 40 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 34 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:41:19,390 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [110 Valid, 556 Invalid, 40 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 34 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:41:19,391 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 882 states. [2025-03-08 05:41:19,471 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 882 to 882. [2025-03-08 05:41:19,474 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 882 states, 644 states have (on average 1.3369565217391304) internal successors, (861), 729 states have internal predecessors, (861), 141 states have call successors, (141), 92 states have call predecessors, (141), 96 states have return successors, (258), 139 states have call predecessors, (258), 141 states have call successors, (258) [2025-03-08 05:41:19,480 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 882 states to 882 states and 1260 transitions. [2025-03-08 05:41:19,481 INFO L78 Accepts]: Start accepts. Automaton has 882 states and 1260 transitions. Word has length 81 [2025-03-08 05:41:19,482 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:41:19,482 INFO L471 AbstractCegarLoop]: Abstraction has 882 states and 1260 transitions. [2025-03-08 05:41:19,482 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.4) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) [2025-03-08 05:41:19,482 INFO L276 IsEmpty]: Start isEmpty. Operand 882 states and 1260 transitions. [2025-03-08 05:41:19,489 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 119 [2025-03-08 05:41:19,489 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:41:19,490 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:41:19,490 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-03-08 05:41:19,490 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:41:19,490 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:41:19,490 INFO L85 PathProgramCache]: Analyzing trace with hash -535306709, now seen corresponding path program 1 times [2025-03-08 05:41:19,491 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:41:19,491 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [70061606] [2025-03-08 05:41:19,491 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:41:19,491 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:41:19,501 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 118 statements into 1 equivalence classes. [2025-03-08 05:41:19,507 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 118 of 118 statements. [2025-03-08 05:41:19,507 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:41:19,507 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:41:19,542 INFO L134 CoverageAnalysis]: Checked inductivity of 72 backedges. 17 proven. 0 refuted. 0 times theorem prover too weak. 55 trivial. 0 not checked. [2025-03-08 05:41:19,542 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:41:19,542 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [70061606] [2025-03-08 05:41:19,542 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [70061606] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:41:19,543 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:41:19,543 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-03-08 05:41:19,543 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [320491870] [2025-03-08 05:41:19,543 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:41:19,543 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-03-08 05:41:19,543 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:41:19,544 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-03-08 05:41:19,544 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-08 05:41:19,544 INFO L87 Difference]: Start difference. First operand 882 states and 1260 transitions. Second operand has 4 states, 4 states have (on average 18.0) internal successors, (72), 4 states have internal predecessors, (72), 4 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (14), 3 states have call predecessors, (14), 4 states have call successors, (14) [2025-03-08 05:41:19,670 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:41:19,670 INFO L93 Difference]: Finished difference Result 1367 states and 1949 transitions. [2025-03-08 05:41:19,670 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-03-08 05:41:19,671 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 18.0) internal successors, (72), 4 states have internal predecessors, (72), 4 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (14), 3 states have call predecessors, (14), 4 states have call successors, (14) Word has length 118 [2025-03-08 05:41:19,671 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:41:19,674 INFO L225 Difference]: With dead ends: 1367 [2025-03-08 05:41:19,675 INFO L226 Difference]: Without dead ends: 507 [2025-03-08 05:41:19,678 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-08 05:41:19,679 INFO L435 NwaCegarLoop]: 196 mSDtfsCounter, 183 mSDsluCounter, 135 mSDsCounter, 0 mSdLazyCounter, 65 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 183 SdHoareTripleChecker+Valid, 331 SdHoareTripleChecker+Invalid, 69 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 65 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-08 05:41:19,679 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [183 Valid, 331 Invalid, 69 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 65 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-08 05:41:19,680 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 507 states. [2025-03-08 05:41:19,714 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 507 to 501. [2025-03-08 05:41:19,715 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 501 states, 369 states have (on average 1.3224932249322494) internal successors, (488), 415 states have internal predecessors, (488), 78 states have call successors, (78), 51 states have call predecessors, (78), 53 states have return successors, (133), 78 states have call predecessors, (133), 78 states have call successors, (133) [2025-03-08 05:41:19,719 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 501 states to 501 states and 699 transitions. [2025-03-08 05:41:19,720 INFO L78 Accepts]: Start accepts. Automaton has 501 states and 699 transitions. Word has length 118 [2025-03-08 05:41:19,720 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:41:19,720 INFO L471 AbstractCegarLoop]: Abstraction has 501 states and 699 transitions. [2025-03-08 05:41:19,721 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 18.0) internal successors, (72), 4 states have internal predecessors, (72), 4 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (14), 3 states have call predecessors, (14), 4 states have call successors, (14) [2025-03-08 05:41:19,721 INFO L276 IsEmpty]: Start isEmpty. Operand 501 states and 699 transitions. [2025-03-08 05:41:19,723 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 107 [2025-03-08 05:41:19,723 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:41:19,724 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:41:19,724 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-03-08 05:41:19,724 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:41:19,724 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:41:19,724 INFO L85 PathProgramCache]: Analyzing trace with hash 1765964299, now seen corresponding path program 1 times [2025-03-08 05:41:19,725 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:41:19,725 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [368921253] [2025-03-08 05:41:19,725 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:41:19,725 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:41:19,734 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 106 statements into 1 equivalence classes. [2025-03-08 05:41:19,740 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 106 of 106 statements. [2025-03-08 05:41:19,740 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:41:19,740 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:41:19,820 INFO L134 CoverageAnalysis]: Checked inductivity of 61 backedges. 3 proven. 0 refuted. 0 times theorem prover too weak. 58 trivial. 0 not checked. [2025-03-08 05:41:19,821 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:41:19,821 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [368921253] [2025-03-08 05:41:19,821 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [368921253] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:41:19,821 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:41:19,821 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-08 05:41:19,821 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1586806139] [2025-03-08 05:41:19,821 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:41:19,822 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-08 05:41:19,822 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:41:19,822 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-08 05:41:19,822 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-08 05:41:19,823 INFO L87 Difference]: Start difference. First operand 501 states and 699 transitions. Second operand has 5 states, 5 states have (on average 12.6) internal successors, (63), 5 states have internal predecessors, (63), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) [2025-03-08 05:41:19,861 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:41:19,861 INFO L93 Difference]: Finished difference Result 989 states and 1461 transitions. [2025-03-08 05:41:19,861 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-08 05:41:19,862 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 12.6) internal successors, (63), 5 states have internal predecessors, (63), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) Word has length 106 [2025-03-08 05:41:19,862 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:41:19,865 INFO L225 Difference]: With dead ends: 989 [2025-03-08 05:41:19,865 INFO L226 Difference]: Without dead ends: 510 [2025-03-08 05:41:19,866 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-08 05:41:19,867 INFO L435 NwaCegarLoop]: 157 mSDtfsCounter, 0 mSDsluCounter, 464 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 621 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:41:19,867 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 621 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:41:19,867 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 510 states. [2025-03-08 05:41:19,890 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 510 to 510. [2025-03-08 05:41:19,891 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 510 states, 378 states have (on average 1.3148148148148149) internal successors, (497), 424 states have internal predecessors, (497), 78 states have call successors, (78), 51 states have call predecessors, (78), 53 states have return successors, (133), 78 states have call predecessors, (133), 78 states have call successors, (133) [2025-03-08 05:41:19,893 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 510 states to 510 states and 708 transitions. [2025-03-08 05:41:19,894 INFO L78 Accepts]: Start accepts. Automaton has 510 states and 708 transitions. Word has length 106 [2025-03-08 05:41:19,894 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:41:19,894 INFO L471 AbstractCegarLoop]: Abstraction has 510 states and 708 transitions. [2025-03-08 05:41:19,894 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 12.6) internal successors, (63), 5 states have internal predecessors, (63), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) [2025-03-08 05:41:19,894 INFO L276 IsEmpty]: Start isEmpty. Operand 510 states and 708 transitions. [2025-03-08 05:41:19,896 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 107 [2025-03-08 05:41:19,896 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:41:19,896 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:41:19,896 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-03-08 05:41:19,896 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:41:19,897 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:41:19,897 INFO L85 PathProgramCache]: Analyzing trace with hash -272091990, now seen corresponding path program 1 times [2025-03-08 05:41:19,897 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:41:19,897 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [59605639] [2025-03-08 05:41:19,897 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:41:19,897 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:41:19,905 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 106 statements into 1 equivalence classes. [2025-03-08 05:41:19,910 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 106 of 106 statements. [2025-03-08 05:41:19,910 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:41:19,910 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:41:19,990 INFO L134 CoverageAnalysis]: Checked inductivity of 61 backedges. 3 proven. 0 refuted. 0 times theorem prover too weak. 58 trivial. 0 not checked. [2025-03-08 05:41:19,990 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:41:19,990 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [59605639] [2025-03-08 05:41:19,990 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [59605639] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:41:19,990 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:41:19,990 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2025-03-08 05:41:19,990 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [686277044] [2025-03-08 05:41:19,990 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:41:19,991 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2025-03-08 05:41:19,991 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:41:19,991 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2025-03-08 05:41:19,991 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2025-03-08 05:41:19,991 INFO L87 Difference]: Start difference. First operand 510 states and 708 transitions. Second operand has 7 states, 7 states have (on average 9.0) internal successors, (63), 7 states have internal predecessors, (63), 3 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (11), 3 states have call predecessors, (11), 3 states have call successors, (11) [2025-03-08 05:41:20,054 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:41:20,055 INFO L93 Difference]: Finished difference Result 922 states and 1335 transitions. [2025-03-08 05:41:20,055 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-03-08 05:41:20,055 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 9.0) internal successors, (63), 7 states have internal predecessors, (63), 3 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (11), 3 states have call predecessors, (11), 3 states have call successors, (11) Word has length 106 [2025-03-08 05:41:20,055 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:41:20,058 INFO L225 Difference]: With dead ends: 922 [2025-03-08 05:41:20,058 INFO L226 Difference]: Without dead ends: 434 [2025-03-08 05:41:20,060 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 6 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=27, Invalid=83, Unknown=0, NotChecked=0, Total=110 [2025-03-08 05:41:20,060 INFO L435 NwaCegarLoop]: 155 mSDtfsCounter, 147 mSDsluCounter, 614 mSDsCounter, 0 mSdLazyCounter, 30 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 147 SdHoareTripleChecker+Valid, 769 SdHoareTripleChecker+Invalid, 30 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 30 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:41:20,061 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [147 Valid, 769 Invalid, 30 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 30 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:41:20,061 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 434 states. [2025-03-08 05:41:20,080 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 434 to 434. [2025-03-08 05:41:20,081 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 434 states, 321 states have (on average 1.3177570093457944) internal successors, (423), 360 states have internal predecessors, (423), 68 states have call successors, (68), 43 states have call predecessors, (68), 44 states have return successors, (108), 65 states have call predecessors, (108), 68 states have call successors, (108) [2025-03-08 05:41:20,083 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 434 states to 434 states and 599 transitions. [2025-03-08 05:41:20,084 INFO L78 Accepts]: Start accepts. Automaton has 434 states and 599 transitions. Word has length 106 [2025-03-08 05:41:20,084 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:41:20,084 INFO L471 AbstractCegarLoop]: Abstraction has 434 states and 599 transitions. [2025-03-08 05:41:20,085 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 9.0) internal successors, (63), 7 states have internal predecessors, (63), 3 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (11), 3 states have call predecessors, (11), 3 states have call successors, (11) [2025-03-08 05:41:20,085 INFO L276 IsEmpty]: Start isEmpty. Operand 434 states and 599 transitions. [2025-03-08 05:41:20,088 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 117 [2025-03-08 05:41:20,088 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:41:20,088 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:41:20,088 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-03-08 05:41:20,088 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:41:20,089 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:41:20,089 INFO L85 PathProgramCache]: Analyzing trace with hash -1712226077, now seen corresponding path program 1 times [2025-03-08 05:41:20,089 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:41:20,089 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1356120171] [2025-03-08 05:41:20,089 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:41:20,089 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:41:20,100 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 116 statements into 1 equivalence classes. [2025-03-08 05:41:20,107 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 116 of 116 statements. [2025-03-08 05:41:20,107 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:41:20,107 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:41:20,216 INFO L134 CoverageAnalysis]: Checked inductivity of 72 backedges. 20 proven. 4 refuted. 0 times theorem prover too weak. 48 trivial. 0 not checked. [2025-03-08 05:41:20,216 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:41:20,216 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1356120171] [2025-03-08 05:41:20,217 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1356120171] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-08 05:41:20,217 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1887292012] [2025-03-08 05:41:20,217 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:41:20,217 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-08 05:41:20,217 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-08 05:41:20,219 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-08 05:41:20,221 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-03-08 05:41:20,274 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 116 statements into 1 equivalence classes. [2025-03-08 05:41:20,316 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 116 of 116 statements. [2025-03-08 05:41:20,316 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:41:20,316 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:41:20,319 INFO L256 TraceCheckSpWp]: Trace formula consists of 404 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-08 05:41:20,325 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-08 05:41:20,399 INFO L134 CoverageAnalysis]: Checked inductivity of 72 backedges. 27 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-08 05:41:20,401 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-08 05:41:20,401 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1887292012] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:41:20,401 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-08 05:41:20,401 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-08 05:41:20,402 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [669329627] [2025-03-08 05:41:20,402 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:41:20,402 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-08 05:41:20,402 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:41:20,402 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-08 05:41:20,402 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-08 05:41:20,403 INFO L87 Difference]: Start difference. First operand 434 states and 599 transitions. Second operand has 3 states, 3 states have (on average 25.0) internal successors, (75), 3 states have internal predecessors, (75), 3 states have call successors, (16), 3 states have call predecessors, (16), 3 states have return successors, (15), 3 states have call predecessors, (15), 3 states have call successors, (15) [2025-03-08 05:41:20,442 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:41:20,442 INFO L93 Difference]: Finished difference Result 1062 states and 1508 transitions. [2025-03-08 05:41:20,442 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-08 05:41:20,442 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 25.0) internal successors, (75), 3 states have internal predecessors, (75), 3 states have call successors, (16), 3 states have call predecessors, (16), 3 states have return successors, (15), 3 states have call predecessors, (15), 3 states have call successors, (15) Word has length 116 [2025-03-08 05:41:20,443 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:41:20,446 INFO L225 Difference]: With dead ends: 1062 [2025-03-08 05:41:20,446 INFO L226 Difference]: Without dead ends: 650 [2025-03-08 05:41:20,448 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 120 GetRequests, 116 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-08 05:41:20,448 INFO L435 NwaCegarLoop]: 227 mSDtfsCounter, 84 mSDsluCounter, 89 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 84 SdHoareTripleChecker+Valid, 316 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:41:20,448 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [84 Valid, 316 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:41:20,449 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 650 states. [2025-03-08 05:41:20,483 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 650 to 650. [2025-03-08 05:41:20,485 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 650 states, 486 states have (on average 1.3127572016460904) internal successors, (638), 536 states have internal predecessors, (638), 94 states have call successors, (94), 68 states have call predecessors, (94), 69 states have return successors, (166), 91 states have call predecessors, (166), 94 states have call successors, (166) [2025-03-08 05:41:20,488 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 650 states to 650 states and 898 transitions. [2025-03-08 05:41:20,490 INFO L78 Accepts]: Start accepts. Automaton has 650 states and 898 transitions. Word has length 116 [2025-03-08 05:41:20,490 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:41:20,490 INFO L471 AbstractCegarLoop]: Abstraction has 650 states and 898 transitions. [2025-03-08 05:41:20,490 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 25.0) internal successors, (75), 3 states have internal predecessors, (75), 3 states have call successors, (16), 3 states have call predecessors, (16), 3 states have return successors, (15), 3 states have call predecessors, (15), 3 states have call successors, (15) [2025-03-08 05:41:20,490 INFO L276 IsEmpty]: Start isEmpty. Operand 650 states and 898 transitions. [2025-03-08 05:41:20,493 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 119 [2025-03-08 05:41:20,493 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:41:20,494 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:41:20,501 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2025-03-08 05:41:20,698 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-08 05:41:20,698 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:41:20,698 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:41:20,699 INFO L85 PathProgramCache]: Analyzing trace with hash 459107787, now seen corresponding path program 1 times [2025-03-08 05:41:20,699 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:41:20,699 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [340307856] [2025-03-08 05:41:20,699 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:41:20,699 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:41:20,727 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 118 statements into 1 equivalence classes. [2025-03-08 05:41:20,732 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 118 of 118 statements. [2025-03-08 05:41:20,732 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:41:20,732 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:41:20,797 INFO L134 CoverageAnalysis]: Checked inductivity of 74 backedges. 20 proven. 5 refuted. 0 times theorem prover too weak. 49 trivial. 0 not checked. [2025-03-08 05:41:20,797 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:41:20,797 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [340307856] [2025-03-08 05:41:20,797 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [340307856] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-08 05:41:20,797 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1051768392] [2025-03-08 05:41:20,797 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:41:20,798 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-08 05:41:20,798 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-08 05:41:20,801 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-08 05:41:20,802 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2025-03-08 05:41:20,860 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 118 statements into 1 equivalence classes. [2025-03-08 05:41:20,906 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 118 of 118 statements. [2025-03-08 05:41:20,907 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:41:20,907 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:41:20,909 INFO L256 TraceCheckSpWp]: Trace formula consists of 405 conjuncts, 4 conjuncts are in the unsatisfiable core [2025-03-08 05:41:20,911 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-08 05:41:20,981 INFO L134 CoverageAnalysis]: Checked inductivity of 74 backedges. 29 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-08 05:41:20,983 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-08 05:41:20,983 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1051768392] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:41:20,983 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-08 05:41:20,983 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [5] total 6 [2025-03-08 05:41:20,983 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [280087237] [2025-03-08 05:41:20,983 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:41:20,984 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-08 05:41:20,984 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:41:20,984 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-08 05:41:20,984 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2025-03-08 05:41:20,984 INFO L87 Difference]: Start difference. First operand 650 states and 898 transitions. Second operand has 5 states, 5 states have (on average 15.4) internal successors, (77), 4 states have internal predecessors, (77), 3 states have call successors, (16), 4 states have call predecessors, (16), 4 states have return successors, (15), 3 states have call predecessors, (15), 3 states have call successors, (15) [2025-03-08 05:41:21,381 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:41:21,382 INFO L93 Difference]: Finished difference Result 1326 states and 1865 transitions. [2025-03-08 05:41:21,382 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-03-08 05:41:21,382 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 15.4) internal successors, (77), 4 states have internal predecessors, (77), 3 states have call successors, (16), 4 states have call predecessors, (16), 4 states have return successors, (15), 3 states have call predecessors, (15), 3 states have call successors, (15) Word has length 118 [2025-03-08 05:41:21,382 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:41:21,387 INFO L225 Difference]: With dead ends: 1326 [2025-03-08 05:41:21,388 INFO L226 Difference]: Without dead ends: 848 [2025-03-08 05:41:21,389 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 127 GetRequests, 120 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2025-03-08 05:41:21,390 INFO L435 NwaCegarLoop]: 156 mSDtfsCounter, 181 mSDsluCounter, 261 mSDsCounter, 0 mSdLazyCounter, 407 mSolverCounterSat, 69 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 191 SdHoareTripleChecker+Valid, 417 SdHoareTripleChecker+Invalid, 476 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 69 IncrementalHoareTripleChecker+Valid, 407 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2025-03-08 05:41:21,391 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [191 Valid, 417 Invalid, 476 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [69 Valid, 407 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2025-03-08 05:41:21,391 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 848 states. [2025-03-08 05:41:21,442 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 848 to 846. [2025-03-08 05:41:21,443 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 846 states, 638 states have (on average 1.2852664576802508) internal successors, (820), 700 states have internal predecessors, (820), 115 states have call successors, (115), 83 states have call predecessors, (115), 92 states have return successors, (230), 125 states have call predecessors, (230), 115 states have call successors, (230) [2025-03-08 05:41:21,447 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 846 states to 846 states and 1165 transitions. [2025-03-08 05:41:21,449 INFO L78 Accepts]: Start accepts. Automaton has 846 states and 1165 transitions. Word has length 118 [2025-03-08 05:41:21,449 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:41:21,449 INFO L471 AbstractCegarLoop]: Abstraction has 846 states and 1165 transitions. [2025-03-08 05:41:21,450 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 15.4) internal successors, (77), 4 states have internal predecessors, (77), 3 states have call successors, (16), 4 states have call predecessors, (16), 4 states have return successors, (15), 3 states have call predecessors, (15), 3 states have call successors, (15) [2025-03-08 05:41:21,450 INFO L276 IsEmpty]: Start isEmpty. Operand 846 states and 1165 transitions. [2025-03-08 05:41:21,453 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 115 [2025-03-08 05:41:21,453 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:41:21,454 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:41:21,461 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2025-03-08 05:41:21,655 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2025-03-08 05:41:21,656 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:41:21,656 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:41:21,656 INFO L85 PathProgramCache]: Analyzing trace with hash -165272119, now seen corresponding path program 1 times [2025-03-08 05:41:21,656 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:41:21,656 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1455673186] [2025-03-08 05:41:21,656 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:41:21,656 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:41:21,666 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 114 statements into 1 equivalence classes. [2025-03-08 05:41:21,680 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 114 of 114 statements. [2025-03-08 05:41:21,680 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:41:21,681 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:41:21,835 INFO L134 CoverageAnalysis]: Checked inductivity of 70 backedges. 12 proven. 9 refuted. 0 times theorem prover too weak. 49 trivial. 0 not checked. [2025-03-08 05:41:21,835 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:41:21,835 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1455673186] [2025-03-08 05:41:21,835 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1455673186] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-08 05:41:21,835 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1084683993] [2025-03-08 05:41:21,836 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:41:21,836 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-08 05:41:21,836 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-08 05:41:21,838 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-08 05:41:21,839 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2025-03-08 05:41:21,891 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 114 statements into 1 equivalence classes. [2025-03-08 05:41:21,926 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 114 of 114 statements. [2025-03-08 05:41:21,926 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:41:21,926 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:41:21,929 INFO L256 TraceCheckSpWp]: Trace formula consists of 396 conjuncts, 8 conjuncts are in the unsatisfiable core [2025-03-08 05:41:21,934 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-08 05:41:22,003 INFO L134 CoverageAnalysis]: Checked inductivity of 70 backedges. 16 proven. 9 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-08 05:41:22,003 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-08 05:41:22,162 INFO L134 CoverageAnalysis]: Checked inductivity of 70 backedges. 12 proven. 9 refuted. 0 times theorem prover too weak. 49 trivial. 0 not checked. [2025-03-08 05:41:22,162 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1084683993] provided 0 perfect and 2 imperfect interpolant sequences [2025-03-08 05:41:22,162 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2025-03-08 05:41:22,162 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [6, 6, 6] total 6 [2025-03-08 05:41:22,162 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1091067407] [2025-03-08 05:41:22,162 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2025-03-08 05:41:22,163 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-03-08 05:41:22,163 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:41:22,163 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-03-08 05:41:22,163 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2025-03-08 05:41:22,164 INFO L87 Difference]: Start difference. First operand 846 states and 1165 transitions. Second operand has 6 states, 6 states have (on average 13.666666666666666) internal successors, (82), 6 states have internal predecessors, (82), 3 states have call successors, (18), 3 states have call predecessors, (18), 3 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) [2025-03-08 05:41:22,351 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:41:22,351 INFO L93 Difference]: Finished difference Result 1583 states and 2255 transitions. [2025-03-08 05:41:22,351 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2025-03-08 05:41:22,352 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 13.666666666666666) internal successors, (82), 6 states have internal predecessors, (82), 3 states have call successors, (18), 3 states have call predecessors, (18), 3 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) Word has length 114 [2025-03-08 05:41:22,352 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:41:22,359 INFO L225 Difference]: With dead ends: 1583 [2025-03-08 05:41:22,359 INFO L226 Difference]: Without dead ends: 984 [2025-03-08 05:41:22,362 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 237 GetRequests, 224 SyntacticMatches, 5 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 10 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=30, Invalid=60, Unknown=0, NotChecked=0, Total=90 [2025-03-08 05:41:22,362 INFO L435 NwaCegarLoop]: 219 mSDtfsCounter, 186 mSDsluCounter, 629 mSDsCounter, 0 mSdLazyCounter, 96 mSolverCounterSat, 7 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 186 SdHoareTripleChecker+Valid, 848 SdHoareTripleChecker+Invalid, 103 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 7 IncrementalHoareTripleChecker+Valid, 96 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-08 05:41:22,362 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [186 Valid, 848 Invalid, 103 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [7 Valid, 96 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-08 05:41:22,364 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 984 states. [2025-03-08 05:41:22,408 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 984 to 789. [2025-03-08 05:41:22,410 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 789 states, 590 states have (on average 1.2779661016949153) internal successors, (754), 652 states have internal predecessors, (754), 110 states have call successors, (110), 77 states have call predecessors, (110), 88 states have return successors, (218), 113 states have call predecessors, (218), 110 states have call successors, (218) [2025-03-08 05:41:22,413 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 789 states to 789 states and 1082 transitions. [2025-03-08 05:41:22,415 INFO L78 Accepts]: Start accepts. Automaton has 789 states and 1082 transitions. Word has length 114 [2025-03-08 05:41:22,415 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:41:22,415 INFO L471 AbstractCegarLoop]: Abstraction has 789 states and 1082 transitions. [2025-03-08 05:41:22,416 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 13.666666666666666) internal successors, (82), 6 states have internal predecessors, (82), 3 states have call successors, (18), 3 states have call predecessors, (18), 3 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) [2025-03-08 05:41:22,416 INFO L276 IsEmpty]: Start isEmpty. Operand 789 states and 1082 transitions. [2025-03-08 05:41:22,419 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 148 [2025-03-08 05:41:22,420 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:41:22,420 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:41:22,427 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2025-03-08 05:41:22,624 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-08 05:41:22,624 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:41:22,624 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:41:22,625 INFO L85 PathProgramCache]: Analyzing trace with hash -658377432, now seen corresponding path program 2 times [2025-03-08 05:41:22,625 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:41:22,625 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [53809304] [2025-03-08 05:41:22,625 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-03-08 05:41:22,625 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:41:22,641 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 147 statements into 2 equivalence classes. [2025-03-08 05:41:22,658 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) and asserted 147 of 147 statements. [2025-03-08 05:41:22,658 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2025-03-08 05:41:22,658 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-03-08 05:41:22,658 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-03-08 05:41:22,665 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 147 statements into 1 equivalence classes. [2025-03-08 05:41:22,675 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 147 of 147 statements. [2025-03-08 05:41:22,675 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:41:22,675 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-03-08 05:41:22,715 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-03-08 05:41:22,715 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-03-08 05:41:22,716 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-03-08 05:41:22,717 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11 [2025-03-08 05:41:22,718 INFO L422 BasicCegarLoop]: Path program histogram: [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:41:22,808 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-03-08 05:41:22,814 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 08.03 05:41:22 BoogieIcfgContainer [2025-03-08 05:41:22,815 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-03-08 05:41:22,815 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-03-08 05:41:22,815 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-03-08 05:41:22,816 INFO L274 PluginConnector]: Witness Printer initialized [2025-03-08 05:41:22,816 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 08.03 05:41:17" (3/4) ... [2025-03-08 05:41:22,816 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-03-08 05:41:22,906 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 123. [2025-03-08 05:41:22,982 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-03-08 05:41:22,982 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2025-03-08 05:41:22,982 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-03-08 05:41:22,983 INFO L158 Benchmark]: Toolchain (without parser) took 6623.45ms. Allocated memory was 142.6MB in the beginning and 427.8MB in the end (delta: 285.2MB). Free memory was 113.7MB in the beginning and 261.3MB in the end (delta: -147.6MB). Peak memory consumption was 132.9MB. Max. memory is 16.1GB. [2025-03-08 05:41:22,983 INFO L158 Benchmark]: CDTParser took 0.15ms. Allocated memory is still 201.3MB. Free memory is still 125.8MB. There was no memory consumed. Max. memory is 16.1GB. [2025-03-08 05:41:22,983 INFO L158 Benchmark]: CACSL2BoogieTranslator took 313.04ms. Allocated memory is still 142.6MB. Free memory was 113.7MB in the beginning and 93.6MB in the end (delta: 20.1MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-03-08 05:41:22,983 INFO L158 Benchmark]: Boogie Procedure Inliner took 47.14ms. Allocated memory is still 142.6MB. Free memory was 93.6MB in the beginning and 91.7MB in the end (delta: 2.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-03-08 05:41:22,984 INFO L158 Benchmark]: Boogie Preprocessor took 37.56ms. Allocated memory is still 142.6MB. Free memory was 91.7MB in the beginning and 89.6MB in the end (delta: 2.0MB). There was no memory consumed. Max. memory is 16.1GB. [2025-03-08 05:41:22,984 INFO L158 Benchmark]: IcfgBuilder took 446.72ms. Allocated memory is still 142.6MB. Free memory was 89.6MB in the beginning and 67.0MB in the end (delta: 22.7MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-03-08 05:41:22,984 INFO L158 Benchmark]: TraceAbstraction took 5607.13ms. Allocated memory was 142.6MB in the beginning and 427.8MB in the end (delta: 285.2MB). Free memory was 66.5MB in the beginning and 282.2MB in the end (delta: -215.7MB). Peak memory consumption was 65.8MB. Max. memory is 16.1GB. [2025-03-08 05:41:22,984 INFO L158 Benchmark]: Witness Printer took 167.05ms. Allocated memory is still 427.8MB. Free memory was 282.2MB in the beginning and 261.3MB in the end (delta: 21.0MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-03-08 05:41:22,985 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.15ms. Allocated memory is still 201.3MB. Free memory is still 125.8MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 313.04ms. Allocated memory is still 142.6MB. Free memory was 113.7MB in the beginning and 93.6MB in the end (delta: 20.1MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 47.14ms. Allocated memory is still 142.6MB. Free memory was 93.6MB in the beginning and 91.7MB in the end (delta: 2.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Preprocessor took 37.56ms. Allocated memory is still 142.6MB. Free memory was 91.7MB in the beginning and 89.6MB in the end (delta: 2.0MB). There was no memory consumed. Max. memory is 16.1GB. * IcfgBuilder took 446.72ms. Allocated memory is still 142.6MB. Free memory was 89.6MB in the beginning and 67.0MB in the end (delta: 22.7MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 5607.13ms. Allocated memory was 142.6MB in the beginning and 427.8MB in the end (delta: 285.2MB). Free memory was 66.5MB in the beginning and 282.2MB in the end (delta: -215.7MB). Peak memory consumption was 65.8MB. Max. memory is 16.1GB. * Witness Printer took 167.05ms. Allocated memory is still 427.8MB. Free memory was 282.2MB in the beginning and 261.3MB in the end (delta: 21.0MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] - GenericResultAtLocation [Line: 153]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification4_spec.i","") [153] - GenericResultAtLocation [Line: 190]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [190] - GenericResultAtLocation [Line: 530]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [530] - GenericResultAtLocation [Line: 607]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [607] - GenericResultAtLocation [Line: 616]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [616] - GenericResultAtLocation [Line: 982]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [982] - GenericResultAtLocation [Line: 1085]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1085] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 612]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L50] int cleanupTimeShifts = 4; [L155] int __SELECTED_FEATURE_base ; [L156] int __SELECTED_FEATURE_highWaterSensor ; [L157] int __SELECTED_FEATURE_lowWaterSensor ; [L158] int __SELECTED_FEATURE_methaneQuery ; [L159] int __SELECTED_FEATURE_methaneAlarm ; [L160] int __SELECTED_FEATURE_stopCommand ; [L161] int __SELECTED_FEATURE_startCommand ; [L162] int __GUIDSL_ROOT_PRODUCTION ; [L200] int pumpRunning = 0; [L201] int systemActive = 1; [L786] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; [L983] int waterLevel = 1; [L984] int methaneLevelCritical = 0; VAL [__GUIDSL_ROOT_PRODUCTION=0, __SELECTED_FEATURE_base=0, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L131] int retValue_acc ; [L132] int tmp ; [L136] CALL select_helpers() [L1117] __GUIDSL_ROOT_PRODUCTION = 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=0, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L136] RET select_helpers() [L137] CALL select_features() [L1102] __SELECTED_FEATURE_base = 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1103] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=16, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1103] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1103] __SELECTED_FEATURE_highWaterSensor = select_one() [L1104] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] __SELECTED_FEATURE_lowWaterSensor = select_one() [L1105] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1105] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1105] __SELECTED_FEATURE_methaneQuery = select_one() [L1106] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1106] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1106] __SELECTED_FEATURE_methaneAlarm = select_one() [L1107] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1107] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1107] __SELECTED_FEATURE_stopCommand = select_one() [L1108] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1108] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1108] __SELECTED_FEATURE_startCommand = select_one() [L137] RET select_features() [L138] CALL, EXPR valid_product() [L1122] int retValue_acc ; [L1125] retValue_acc = __SELECTED_FEATURE_base [L1126] return (retValue_acc); VAL [\result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L138] RET, EXPR valid_product() [L138] tmp = valid_product() [L140] COND TRUE \read(tmp) [L142] FCALL setup() [L143] CALL runTest() [L122] CALL test() [L532] int splverifierCounter ; [L533] int tmp ; [L534] int tmp___0 ; [L535] int tmp___1 ; [L536] int tmp___2 ; [L539] splverifierCounter = 0 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L543] COND TRUE splverifierCounter < 4 [L549] tmp = __VERIFIER_nondet_int() [L551] COND TRUE \read(tmp) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L553] CALL waterRise() VAL [\old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1001] COND TRUE waterLevel < 2 [L1002] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L553] RET waterRise() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L559] tmp___0 = __VERIFIER_nondet_int() [L561] COND FALSE !(\read(tmp___0)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L569] tmp___2 = __VERIFIER_nondet_int() [L571] COND FALSE !(\read(tmp___2)) [L581] tmp___1 = __VERIFIER_nondet_int() [L583] COND FALSE !(\read(tmp___1)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L596] CALL timeShift() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L207] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L214] COND TRUE \read(systemActive) [L216] CALL processEnvironment() [L350] COND FALSE !(\read(__SELECTED_FEATURE_methaneAlarm)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L357] CALL processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L307] COND FALSE !(\read(__SELECTED_FEATURE_lowWaterSensor)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L314] CALL processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L264] COND TRUE \read(__SELECTED_FEATURE_highWaterSensor) [L266] CALL processEnvironment__role__highWaterSensor() [L236] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L239] COND TRUE ! pumpRunning [L241] CALL, EXPR isHighWaterLevel() [L470] int retValue_acc ; [L471] int tmp ; [L472] int tmp___0 ; [L476] CALL, EXPR isHighWaterSensorDry() [L1063] int retValue_acc ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L1066] COND FALSE !(waterLevel < 2) [L1070] retValue_acc = 0 [L1071] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L476] RET, EXPR isHighWaterSensorDry() [L476] tmp = isHighWaterSensorDry() [L478] COND FALSE !(\read(tmp)) [L481] tmp___0 = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L483] retValue_acc = tmp___0 [L484] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L241] RET, EXPR isHighWaterLevel() [L241] tmp = isHighWaterLevel() [L243] COND TRUE \read(tmp) [L245] CALL activatePump() [L392] COND FALSE !(\read(__SELECTED_FEATURE_methaneQuery)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L399] CALL activatePump__before__methaneQuery() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L367] pumpRunning = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L399] RET activatePump__before__methaneQuery() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L245] RET activatePump() [L266] RET processEnvironment__role__highWaterSensor() [L314] RET processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L357] RET processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L216] RET processEnvironment() [L222] CALL __utac_acc__Specification4_spec__1() [L166] int tmp ; [L167] int tmp___0 ; [L171] CALL, EXPR getWaterLevel() [L1054] int retValue_acc ; [L1057] retValue_acc = waterLevel [L1058] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L171] RET, EXPR getWaterLevel() [L171] tmp = getWaterLevel() [L173] COND FALSE !(tmp == 0) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L222] RET __utac_acc__Specification4_spec__1() [L596] RET timeShift() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L543] COND TRUE splverifierCounter < 4 [L549] tmp = __VERIFIER_nondet_int() [L551] COND FALSE !(\read(tmp)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L559] tmp___0 = __VERIFIER_nondet_int() [L561] COND FALSE !(\read(tmp___0)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L569] tmp___2 = __VERIFIER_nondet_int() [L571] COND FALSE !(\read(tmp___2)) [L581] tmp___1 = __VERIFIER_nondet_int() [L583] COND FALSE !(\read(tmp___1)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L596] CALL timeShift() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L207] COND TRUE \read(pumpRunning) [L209] CALL lowerWaterLevel() [L989] COND TRUE waterLevel > 0 [L990] waterLevel = waterLevel - 1 VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L209] RET lowerWaterLevel() [L214] COND TRUE \read(systemActive) [L216] CALL processEnvironment() [L350] COND FALSE !(\read(__SELECTED_FEATURE_methaneAlarm)) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L357] CALL processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L307] COND FALSE !(\read(__SELECTED_FEATURE_lowWaterSensor)) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L314] CALL processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L264] COND TRUE \read(__SELECTED_FEATURE_highWaterSensor) [L266] CALL processEnvironment__role__highWaterSensor() [L236] int tmp ; VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L239] COND FALSE !(! pumpRunning) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L254] FCALL processEnvironment__before__highWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L266] RET processEnvironment__role__highWaterSensor() [L314] RET processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L357] RET processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L216] RET processEnvironment() [L222] CALL __utac_acc__Specification4_spec__1() [L166] int tmp ; [L167] int tmp___0 ; [L171] CALL, EXPR getWaterLevel() [L1054] int retValue_acc ; [L1057] retValue_acc = waterLevel [L1058] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L171] RET, EXPR getWaterLevel() [L171] tmp = getWaterLevel() [L173] COND FALSE !(tmp == 0) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L222] RET __utac_acc__Specification4_spec__1() [L596] RET timeShift() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L543] COND TRUE splverifierCounter < 4 [L549] tmp = __VERIFIER_nondet_int() [L551] COND FALSE !(\read(tmp)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L559] tmp___0 = __VERIFIER_nondet_int() [L561] COND FALSE !(\read(tmp___0)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L569] tmp___2 = __VERIFIER_nondet_int() [L571] COND FALSE !(\read(tmp___2)) [L581] tmp___1 = __VERIFIER_nondet_int() [L583] COND FALSE !(\read(tmp___1)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L596] CALL timeShift() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L207] COND TRUE \read(pumpRunning) [L209] CALL lowerWaterLevel() [L989] COND TRUE waterLevel > 0 [L990] waterLevel = waterLevel - 1 VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L209] RET lowerWaterLevel() [L214] COND TRUE \read(systemActive) [L216] CALL processEnvironment() [L350] COND FALSE !(\read(__SELECTED_FEATURE_methaneAlarm)) VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L357] CALL processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L307] COND FALSE !(\read(__SELECTED_FEATURE_lowWaterSensor)) VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L314] CALL processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L264] COND TRUE \read(__SELECTED_FEATURE_highWaterSensor) [L266] CALL processEnvironment__role__highWaterSensor() [L236] int tmp ; VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L239] COND FALSE !(! pumpRunning) VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L254] FCALL processEnvironment__before__highWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L266] RET processEnvironment__role__highWaterSensor() [L314] RET processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L357] RET processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L216] RET processEnvironment() [L222] CALL __utac_acc__Specification4_spec__1() [L166] int tmp ; [L167] int tmp___0 ; [L171] CALL, EXPR getWaterLevel() [L1054] int retValue_acc ; [L1057] retValue_acc = waterLevel [L1058] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=1, \result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L171] RET, EXPR getWaterLevel() [L171] tmp = getWaterLevel() [L173] COND TRUE tmp == 0 [L175] CALL, EXPR isPumpRunning() [L425] int retValue_acc ; [L428] retValue_acc = pumpRunning [L429] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=1, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L175] RET, EXPR isPumpRunning() [L175] tmp___0 = isPumpRunning() [L177] COND TRUE \read(tmp___0) [L179] CALL __automaton_fail() [L612] reach_error() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] - StatisticsResult: Ultimate Automizer benchmark data CFG has 12 procedures, 135 locations, 212 edges, 1 error locations. Started 1 CEGAR loops. OverallTime: 5.5s, OverallIterations: 12, TraceHistogramMax: 6, PathProgramHistogramMax: 2, EmptinessCheckTime: 0.0s, AutomataDifference: 1.9s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1876 SdHoareTripleChecker+Valid, 1.1s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1862 mSDsluCounter, 6289 SdHoareTripleChecker+Invalid, 0.9s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 4378 mSDsCounter, 339 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1212 IncrementalHoareTripleChecker+Invalid, 1551 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 339 mSolverCounterUnsat, 1911 mSDtfsCounter, 1212 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 550 GetRequests, 483 SyntacticMatches, 5 SemanticMatches, 62 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 38 ImplicationChecksByTransitivity, 0.3s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=882occurred in iteration=4, InterpolantAutomatonStates: 63, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.5s AutomataMinimizationTime, 11 MinimizatonAttempts, 323 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 1.5s InterpolantComputationTime, 1472 NumberOfCodeBlocks, 1472 NumberOfCodeBlocksAsserted, 16 NumberOfCheckSat, 1424 ConstructedInterpolants, 0 QuantifiedInterpolants, 2318 SizeOfPredicates, 2 NumberOfNonLiveVariables, 1205 ConjunctsInSsa, 15 ConjunctsInUnsatCore, 15 InterpolantComputations, 10 PerfectInterpolantSequences, 902/938 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-03-08 05:41:23,006 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE