./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 551b0097 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c -s /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 45558e1c10008e5b16efe572a84fcf92b08797f54d586c51d45827b7e38254a6 --- Real Ultimate output --- This is Ultimate 0.3.0-?-551b009-m [2025-01-09 04:02:30,962 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-01-09 04:02:31,017 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-01-09 04:02:31,021 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-01-09 04:02:31,022 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-01-09 04:02:31,037 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-01-09 04:02:31,037 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-01-09 04:02:31,037 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-01-09 04:02:31,038 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-01-09 04:02:31,038 INFO L153 SettingsManager]: * Use memory slicer=true [2025-01-09 04:02:31,039 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-01-09 04:02:31,039 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-01-09 04:02:31,039 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-01-09 04:02:31,039 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-01-09 04:02:31,040 INFO L153 SettingsManager]: * Use SBE=true [2025-01-09 04:02:31,040 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-01-09 04:02:31,040 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-01-09 04:02:31,040 INFO L153 SettingsManager]: * sizeof long=4 [2025-01-09 04:02:31,040 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-01-09 04:02:31,040 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-01-09 04:02:31,040 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-01-09 04:02:31,040 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-01-09 04:02:31,041 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-01-09 04:02:31,041 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-01-09 04:02:31,041 INFO L153 SettingsManager]: * sizeof long double=12 [2025-01-09 04:02:31,041 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-01-09 04:02:31,041 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-01-09 04:02:31,041 INFO L153 SettingsManager]: * Use constant arrays=true [2025-01-09 04:02:31,041 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-01-09 04:02:31,041 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-01-09 04:02:31,041 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-01-09 04:02:31,041 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-01-09 04:02:31,041 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 04:02:31,041 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2025-01-09 04:02:31,041 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-01-09 04:02:31,041 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-01-09 04:02:31,041 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-01-09 04:02:31,041 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 04:02:31,042 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-01-09 04:02:31,042 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-01-09 04:02:31,042 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-01-09 04:02:31,042 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-01-09 04:02:31,042 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-01-09 04:02:31,042 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-01-09 04:02:31,042 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-01-09 04:02:31,042 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-01-09 04:02:31,042 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-01-09 04:02:31,042 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-01-09 04:02:31,042 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 45558e1c10008e5b16efe572a84fcf92b08797f54d586c51d45827b7e38254a6 [2025-01-09 04:02:31,257 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-01-09 04:02:31,262 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-01-09 04:02:31,265 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-01-09 04:02:31,265 INFO L270 PluginConnector]: Initializing CDTParser... [2025-01-09 04:02:31,266 INFO L274 PluginConnector]: CDTParser initialized [2025-01-09 04:02:31,267 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c [2025-01-09 04:02:32,343 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/921cfb699/5b07af7ed83c401487f987112ed82ebc/FLAG27111a0bc [2025-01-09 04:02:32,614 INFO L384 CDTParser]: Found 1 translation units. [2025-01-09 04:02:32,614 INFO L180 CDTParser]: Scanning /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c [2025-01-09 04:02:32,621 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/921cfb699/5b07af7ed83c401487f987112ed82ebc/FLAG27111a0bc [2025-01-09 04:02:32,933 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/921cfb699/5b07af7ed83c401487f987112ed82ebc [2025-01-09 04:02:32,935 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-01-09 04:02:32,936 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-01-09 04:02:32,937 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-01-09 04:02:32,937 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-01-09 04:02:32,941 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-01-09 04:02:32,942 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.01 04:02:32" (1/1) ... [2025-01-09 04:02:32,943 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@242ba109 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:32, skipping insertion in model container [2025-01-09 04:02:32,943 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.01 04:02:32" (1/1) ... [2025-01-09 04:02:32,970 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-01-09 04:02:33,133 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c[9333,9346] [2025-01-09 04:02:33,201 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-01-09 04:02:33,216 INFO L200 MainTranslator]: Completed pre-run [2025-01-09 04:02:33,222 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] [2025-01-09 04:02:33,223 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification4_spec.i","") [153] [2025-01-09 04:02:33,223 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [190] [2025-01-09 04:02:33,223 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [530] [2025-01-09 04:02:33,224 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [607] [2025-01-09 04:02:33,224 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [616] [2025-01-09 04:02:33,224 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [982] [2025-01-09 04:02:33,225 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1085] [2025-01-09 04:02:33,252 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_productSimulator.cil.c[9333,9346] [2025-01-09 04:02:33,283 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-01-09 04:02:33,307 INFO L204 MainTranslator]: Completed translation [2025-01-09 04:02:33,308 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:33 WrapperNode [2025-01-09 04:02:33,309 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-01-09 04:02:33,310 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-01-09 04:02:33,311 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-01-09 04:02:33,311 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-01-09 04:02:33,315 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:33" (1/1) ... [2025-01-09 04:02:33,328 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:33" (1/1) ... [2025-01-09 04:02:33,347 INFO L138 Inliner]: procedures = 63, calls = 121, calls flagged for inlining = 29, calls inlined = 26, statements flattened = 295 [2025-01-09 04:02:33,348 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-01-09 04:02:33,348 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-01-09 04:02:33,348 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-01-09 04:02:33,348 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-01-09 04:02:33,354 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:33" (1/1) ... [2025-01-09 04:02:33,355 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:33" (1/1) ... [2025-01-09 04:02:33,356 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:33" (1/1) ... [2025-01-09 04:02:33,373 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-01-09 04:02:33,373 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:33" (1/1) ... [2025-01-09 04:02:33,373 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:33" (1/1) ... [2025-01-09 04:02:33,376 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:33" (1/1) ... [2025-01-09 04:02:33,377 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:33" (1/1) ... [2025-01-09 04:02:33,380 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:33" (1/1) ... [2025-01-09 04:02:33,381 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:33" (1/1) ... [2025-01-09 04:02:33,384 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:33" (1/1) ... [2025-01-09 04:02:33,385 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-01-09 04:02:33,386 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2025-01-09 04:02:33,386 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2025-01-09 04:02:33,386 INFO L274 PluginConnector]: RCFGBuilder initialized [2025-01-09 04:02:33,387 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:33" (1/1) ... [2025-01-09 04:02:33,390 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-01-09 04:02:33,398 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-01-09 04:02:33,408 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-01-09 04:02:33,409 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-01-09 04:02:33,424 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-01-09 04:02:33,424 INFO L130 BoogieDeclarations]: Found specification of procedure activatePump__before__methaneQuery [2025-01-09 04:02:33,424 INFO L138 BoogieDeclarations]: Found implementation of procedure activatePump__before__methaneQuery [2025-01-09 04:02:33,424 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-01-09 04:02:33,424 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-01-09 04:02:33,424 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-01-09 04:02:33,425 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-01-09 04:02:33,425 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__highWaterSensor [2025-01-09 04:02:33,425 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__highWaterSensor [2025-01-09 04:02:33,425 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-01-09 04:02:33,425 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-01-09 04:02:33,425 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__methaneAlarm [2025-01-09 04:02:33,425 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__methaneAlarm [2025-01-09 04:02:33,425 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__lowWaterSensor [2025-01-09 04:02:33,425 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__lowWaterSensor [2025-01-09 04:02:33,425 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2025-01-09 04:02:33,425 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2025-01-09 04:02:33,425 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2025-01-09 04:02:33,425 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2025-01-09 04:02:33,425 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-01-09 04:02:33,425 INFO L130 BoogieDeclarations]: Found specification of procedure select_one [2025-01-09 04:02:33,425 INFO L138 BoogieDeclarations]: Found implementation of procedure select_one [2025-01-09 04:02:33,425 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-01-09 04:02:33,425 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-01-09 04:02:33,425 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-01-09 04:02:33,425 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-01-09 04:02:33,502 INFO L234 CfgBuilder]: Building ICFG [2025-01-09 04:02:33,503 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2025-01-09 04:02:33,750 INFO L? ?]: Removed 55 outVars from TransFormulas that were not future-live. [2025-01-09 04:02:33,750 INFO L283 CfgBuilder]: Performing block encoding [2025-01-09 04:02:33,762 INFO L307 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-01-09 04:02:33,762 INFO L312 CfgBuilder]: Removed 2 assume(true) statements. [2025-01-09 04:02:33,762 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 04:02:33 BoogieIcfgContainer [2025-01-09 04:02:33,763 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2025-01-09 04:02:33,764 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-01-09 04:02:33,764 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-01-09 04:02:33,768 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-01-09 04:02:33,768 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 09.01 04:02:32" (1/3) ... [2025-01-09 04:02:33,768 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@417c7721 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.01 04:02:33, skipping insertion in model container [2025-01-09 04:02:33,769 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.01 04:02:33" (2/3) ... [2025-01-09 04:02:33,769 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@417c7721 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.01 04:02:33, skipping insertion in model container [2025-01-09 04:02:33,769 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 04:02:33" (3/3) ... [2025-01-09 04:02:33,770 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec4_productSimulator.cil.c [2025-01-09 04:02:33,781 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-01-09 04:02:33,782 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec4_productSimulator.cil.c that has 12 procedures, 136 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-01-09 04:02:33,831 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-01-09 04:02:33,840 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@1f23c82, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-01-09 04:02:33,840 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-01-09 04:02:33,844 INFO L276 IsEmpty]: Start isEmpty. Operand has 136 states, 95 states have (on average 1.3578947368421053) internal successors, (129), 111 states have internal predecessors, (129), 28 states have call successors, (28), 11 states have call predecessors, (28), 11 states have return successors, (28), 23 states have call predecessors, (28), 28 states have call successors, (28) [2025-01-09 04:02:33,849 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2025-01-09 04:02:33,849 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:33,850 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:33,850 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:33,854 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:33,855 INFO L85 PathProgramCache]: Analyzing trace with hash 689787990, now seen corresponding path program 1 times [2025-01-09 04:02:33,860 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:33,860 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1154299093] [2025-01-09 04:02:33,862 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:33,863 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:33,922 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 49 statements into 1 equivalence classes. [2025-01-09 04:02:33,965 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 49 of 49 statements. [2025-01-09 04:02:33,965 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:33,965 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:34,139 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-01-09 04:02:34,141 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:34,141 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1154299093] [2025-01-09 04:02:34,141 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1154299093] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:34,142 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:34,142 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-01-09 04:02:34,143 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [36179835] [2025-01-09 04:02:34,144 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:34,147 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-01-09 04:02:34,148 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:34,181 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-01-09 04:02:34,182 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:02:34,184 INFO L87 Difference]: Start difference. First operand has 136 states, 95 states have (on average 1.3578947368421053) internal successors, (129), 111 states have internal predecessors, (129), 28 states have call successors, (28), 11 states have call predecessors, (28), 11 states have return successors, (28), 23 states have call predecessors, (28), 28 states have call successors, (28) Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2025-01-09 04:02:34,220 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:34,222 INFO L93 Difference]: Finished difference Result 237 states and 326 transitions. [2025-01-09 04:02:34,223 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-01-09 04:02:34,224 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) Word has length 49 [2025-01-09 04:02:34,225 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:34,232 INFO L225 Difference]: With dead ends: 237 [2025-01-09 04:02:34,232 INFO L226 Difference]: Without dead ends: 119 [2025-01-09 04:02:34,237 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:02:34,239 INFO L435 NwaCegarLoop]: 164 mSDtfsCounter, 21 mSDsluCounter, 139 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 25 SdHoareTripleChecker+Valid, 303 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:34,239 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [25 Valid, 303 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:34,248 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 119 states. [2025-01-09 04:02:34,269 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 119 to 119. [2025-01-09 04:02:34,270 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 119 states, 83 states have (on average 1.3373493975903614) internal successors, (111), 98 states have internal predecessors, (111), 25 states have call successors, (25), 10 states have call predecessors, (25), 10 states have return successors, (25), 20 states have call predecessors, (25), 25 states have call successors, (25) [2025-01-09 04:02:34,273 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 119 states to 119 states and 161 transitions. [2025-01-09 04:02:34,274 INFO L78 Accepts]: Start accepts. Automaton has 119 states and 161 transitions. Word has length 49 [2025-01-09 04:02:34,275 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:34,275 INFO L471 AbstractCegarLoop]: Abstraction has 119 states and 161 transitions. [2025-01-09 04:02:34,276 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2025-01-09 04:02:34,276 INFO L276 IsEmpty]: Start isEmpty. Operand 119 states and 161 transitions. [2025-01-09 04:02:34,277 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2025-01-09 04:02:34,277 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:34,277 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:34,277 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-01-09 04:02:34,278 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:34,278 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:34,278 INFO L85 PathProgramCache]: Analyzing trace with hash -572073984, now seen corresponding path program 1 times [2025-01-09 04:02:34,278 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:34,278 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [183904866] [2025-01-09 04:02:34,278 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:34,279 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:34,289 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 54 statements into 1 equivalence classes. [2025-01-09 04:02:34,302 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 54 of 54 statements. [2025-01-09 04:02:34,303 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:34,303 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:34,465 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-01-09 04:02:34,466 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:34,466 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [183904866] [2025-01-09 04:02:34,466 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [183904866] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:34,466 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:34,466 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2025-01-09 04:02:34,466 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1630416585] [2025-01-09 04:02:34,466 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:34,467 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2025-01-09 04:02:34,468 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:34,468 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2025-01-09 04:02:34,468 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=30, Unknown=0, NotChecked=0, Total=42 [2025-01-09 04:02:34,472 INFO L87 Difference]: Start difference. First operand 119 states and 161 transitions. Second operand has 7 states, 7 states have (on average 4.428571428571429) internal successors, (31), 7 states have internal predecessors, (31), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2025-01-09 04:02:34,846 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:34,846 INFO L93 Difference]: Finished difference Result 446 states and 616 transitions. [2025-01-09 04:02:34,847 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-01-09 04:02:34,847 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 4.428571428571429) internal successors, (31), 7 states have internal predecessors, (31), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) Word has length 54 [2025-01-09 04:02:34,847 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:34,850 INFO L225 Difference]: With dead ends: 446 [2025-01-09 04:02:34,850 INFO L226 Difference]: Without dead ends: 349 [2025-01-09 04:02:34,850 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=31, Invalid=59, Unknown=0, NotChecked=0, Total=90 [2025-01-09 04:02:34,853 INFO L435 NwaCegarLoop]: 174 mSDtfsCounter, 450 mSDsluCounter, 641 mSDsCounter, 0 mSdLazyCounter, 255 mSolverCounterSat, 96 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 450 SdHoareTripleChecker+Valid, 815 SdHoareTripleChecker+Invalid, 351 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 96 IncrementalHoareTripleChecker+Valid, 255 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:34,853 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [450 Valid, 815 Invalid, 351 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [96 Valid, 255 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2025-01-09 04:02:34,854 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 349 states. [2025-01-09 04:02:34,876 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 349 to 247. [2025-01-09 04:02:34,877 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 247 states, 175 states have (on average 1.3885714285714286) internal successors, (243), 207 states have internal predecessors, (243), 48 states have call successors, (48), 23 states have call predecessors, (48), 23 states have return successors, (49), 36 states have call predecessors, (49), 48 states have call successors, (49) [2025-01-09 04:02:34,879 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 247 states to 247 states and 340 transitions. [2025-01-09 04:02:34,879 INFO L78 Accepts]: Start accepts. Automaton has 247 states and 340 transitions. Word has length 54 [2025-01-09 04:02:34,879 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:34,879 INFO L471 AbstractCegarLoop]: Abstraction has 247 states and 340 transitions. [2025-01-09 04:02:34,879 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 4.428571428571429) internal successors, (31), 7 states have internal predecessors, (31), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2025-01-09 04:02:34,880 INFO L276 IsEmpty]: Start isEmpty. Operand 247 states and 340 transitions. [2025-01-09 04:02:34,881 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 59 [2025-01-09 04:02:34,881 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:34,881 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:34,881 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-01-09 04:02:34,881 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:34,882 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:34,882 INFO L85 PathProgramCache]: Analyzing trace with hash -1159131318, now seen corresponding path program 1 times [2025-01-09 04:02:34,882 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:34,882 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1889345509] [2025-01-09 04:02:34,882 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:34,882 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:34,900 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 58 statements into 1 equivalence classes. [2025-01-09 04:02:34,906 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 58 of 58 statements. [2025-01-09 04:02:34,907 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:34,907 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:35,109 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-01-09 04:02:35,110 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:35,110 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1889345509] [2025-01-09 04:02:35,110 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1889345509] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:35,110 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:35,110 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2025-01-09 04:02:35,110 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [670300771] [2025-01-09 04:02:35,110 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:35,110 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2025-01-09 04:02:35,110 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:35,111 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2025-01-09 04:02:35,111 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=56, Unknown=0, NotChecked=0, Total=72 [2025-01-09 04:02:35,111 INFO L87 Difference]: Start difference. First operand 247 states and 340 transitions. Second operand has 9 states, 9 states have (on average 3.888888888888889) internal successors, (35), 9 states have internal predecessors, (35), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2025-01-09 04:02:35,427 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:35,428 INFO L93 Difference]: Finished difference Result 897 states and 1311 transitions. [2025-01-09 04:02:35,428 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2025-01-09 04:02:35,428 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 3.888888888888889) internal successors, (35), 9 states have internal predecessors, (35), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) Word has length 58 [2025-01-09 04:02:35,428 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:35,433 INFO L225 Difference]: With dead ends: 897 [2025-01-09 04:02:35,433 INFO L226 Difference]: Without dead ends: 672 [2025-01-09 04:02:35,434 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 19 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=59, Invalid=181, Unknown=0, NotChecked=0, Total=240 [2025-01-09 04:02:35,435 INFO L435 NwaCegarLoop]: 156 mSDtfsCounter, 306 mSDsluCounter, 986 mSDsCounter, 0 mSdLazyCounter, 293 mSolverCounterSat, 98 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 306 SdHoareTripleChecker+Valid, 1142 SdHoareTripleChecker+Invalid, 391 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 98 IncrementalHoareTripleChecker+Valid, 293 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:35,435 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [306 Valid, 1142 Invalid, 391 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [98 Valid, 293 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2025-01-09 04:02:35,436 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 672 states. [2025-01-09 04:02:35,511 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 672 to 666. [2025-01-09 04:02:35,512 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 666 states, 472 states have (on average 1.3834745762711864) internal successors, (653), 563 states have internal predecessors, (653), 129 states have call successors, (129), 64 states have call predecessors, (129), 64 states have return successors, (161), 93 states have call predecessors, (161), 129 states have call successors, (161) [2025-01-09 04:02:35,516 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 666 states to 666 states and 943 transitions. [2025-01-09 04:02:35,517 INFO L78 Accepts]: Start accepts. Automaton has 666 states and 943 transitions. Word has length 58 [2025-01-09 04:02:35,517 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:35,517 INFO L471 AbstractCegarLoop]: Abstraction has 666 states and 943 transitions. [2025-01-09 04:02:35,518 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 3.888888888888889) internal successors, (35), 9 states have internal predecessors, (35), 2 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2025-01-09 04:02:35,518 INFO L276 IsEmpty]: Start isEmpty. Operand 666 states and 943 transitions. [2025-01-09 04:02:35,521 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2025-01-09 04:02:35,521 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:35,521 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:35,521 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-01-09 04:02:35,521 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:35,522 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:35,522 INFO L85 PathProgramCache]: Analyzing trace with hash 257769167, now seen corresponding path program 1 times [2025-01-09 04:02:35,522 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:35,522 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1969391342] [2025-01-09 04:02:35,522 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:35,522 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:35,536 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 60 statements into 1 equivalence classes. [2025-01-09 04:02:35,548 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 60 of 60 statements. [2025-01-09 04:02:35,552 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:35,553 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:35,625 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-01-09 04:02:35,625 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:35,625 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1969391342] [2025-01-09 04:02:35,626 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1969391342] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:35,626 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:35,626 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-01-09 04:02:35,626 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1079869508] [2025-01-09 04:02:35,626 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:35,627 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-01-09 04:02:35,627 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:35,627 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-01-09 04:02:35,628 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:02:35,628 INFO L87 Difference]: Start difference. First operand 666 states and 943 transitions. Second operand has 3 states, 3 states have (on average 12.333333333333334) internal successors, (37), 3 states have internal predecessors, (37), 1 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2025-01-09 04:02:35,712 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:35,713 INFO L93 Difference]: Finished difference Result 1554 states and 2318 transitions. [2025-01-09 04:02:35,713 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-01-09 04:02:35,713 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 12.333333333333334) internal successors, (37), 3 states have internal predecessors, (37), 1 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) Word has length 60 [2025-01-09 04:02:35,714 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:35,720 INFO L225 Difference]: With dead ends: 1554 [2025-01-09 04:02:35,720 INFO L226 Difference]: Without dead ends: 910 [2025-01-09 04:02:35,724 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-01-09 04:02:35,725 INFO L435 NwaCegarLoop]: 159 mSDtfsCounter, 100 mSDsluCounter, 92 mSDsCounter, 0 mSdLazyCounter, 13 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 100 SdHoareTripleChecker+Valid, 251 SdHoareTripleChecker+Invalid, 23 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 13 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:35,726 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [100 Valid, 251 Invalid, 23 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 13 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:35,728 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 910 states. [2025-01-09 04:02:35,804 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 910 to 897. [2025-01-09 04:02:35,806 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 897 states, 659 states have (on average 1.3338391502276177) internal successors, (879), 744 states have internal predecessors, (879), 141 states have call successors, (141), 92 states have call predecessors, (141), 96 states have return successors, (258), 139 states have call predecessors, (258), 141 states have call successors, (258) [2025-01-09 04:02:35,813 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 897 states to 897 states and 1278 transitions. [2025-01-09 04:02:35,814 INFO L78 Accepts]: Start accepts. Automaton has 897 states and 1278 transitions. Word has length 60 [2025-01-09 04:02:35,814 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:35,814 INFO L471 AbstractCegarLoop]: Abstraction has 897 states and 1278 transitions. [2025-01-09 04:02:35,815 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 12.333333333333334) internal successors, (37), 3 states have internal predecessors, (37), 1 states have call successors, (7), 2 states have call predecessors, (7), 1 states have return successors, (6), 1 states have call predecessors, (6), 1 states have call successors, (6) [2025-01-09 04:02:35,815 INFO L276 IsEmpty]: Start isEmpty. Operand 897 states and 1278 transitions. [2025-01-09 04:02:35,817 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 84 [2025-01-09 04:02:35,817 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:35,817 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:35,818 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-01-09 04:02:35,818 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:35,818 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:35,818 INFO L85 PathProgramCache]: Analyzing trace with hash 419126413, now seen corresponding path program 1 times [2025-01-09 04:02:35,818 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:35,818 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1228566186] [2025-01-09 04:02:35,818 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:35,819 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:35,827 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 83 statements into 1 equivalence classes. [2025-01-09 04:02:35,833 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 83 of 83 statements. [2025-01-09 04:02:35,833 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:35,833 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:35,910 INFO L134 CoverageAnalysis]: Checked inductivity of 63 backedges. 11 proven. 0 refuted. 0 times theorem prover too weak. 52 trivial. 0 not checked. [2025-01-09 04:02:35,911 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:35,911 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1228566186] [2025-01-09 04:02:35,911 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1228566186] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:35,911 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:35,911 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-01-09 04:02:35,911 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [275503703] [2025-01-09 04:02:35,911 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:35,911 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-01-09 04:02:35,911 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:35,912 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-01-09 04:02:35,912 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 04:02:35,912 INFO L87 Difference]: Start difference. First operand 897 states and 1278 transitions. Second operand has 5 states, 5 states have (on average 9.8) internal successors, (49), 5 states have internal predecessors, (49), 2 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) [2025-01-09 04:02:35,985 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:35,986 INFO L93 Difference]: Finished difference Result 899 states and 1279 transitions. [2025-01-09 04:02:35,986 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-01-09 04:02:35,986 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.8) internal successors, (49), 5 states have internal predecessors, (49), 2 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) Word has length 83 [2025-01-09 04:02:35,987 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:36,005 INFO L225 Difference]: With dead ends: 899 [2025-01-09 04:02:36,005 INFO L226 Difference]: Without dead ends: 897 [2025-01-09 04:02:36,006 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-01-09 04:02:36,006 INFO L435 NwaCegarLoop]: 157 mSDtfsCounter, 110 mSDsluCounter, 403 mSDsCounter, 0 mSdLazyCounter, 34 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 110 SdHoareTripleChecker+Valid, 560 SdHoareTripleChecker+Invalid, 40 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 34 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:36,006 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [110 Valid, 560 Invalid, 40 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 34 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:36,007 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 897 states. [2025-01-09 04:02:36,048 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 897 to 897. [2025-01-09 04:02:36,049 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 897 states, 659 states have (on average 1.3292867981790593) internal successors, (876), 744 states have internal predecessors, (876), 141 states have call successors, (141), 92 states have call predecessors, (141), 96 states have return successors, (258), 139 states have call predecessors, (258), 141 states have call successors, (258) [2025-01-09 04:02:36,054 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 897 states to 897 states and 1275 transitions. [2025-01-09 04:02:36,055 INFO L78 Accepts]: Start accepts. Automaton has 897 states and 1275 transitions. Word has length 83 [2025-01-09 04:02:36,055 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:36,055 INFO L471 AbstractCegarLoop]: Abstraction has 897 states and 1275 transitions. [2025-01-09 04:02:36,056 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.8) internal successors, (49), 5 states have internal predecessors, (49), 2 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) [2025-01-09 04:02:36,056 INFO L276 IsEmpty]: Start isEmpty. Operand 897 states and 1275 transitions. [2025-01-09 04:02:36,059 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 121 [2025-01-09 04:02:36,059 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:36,059 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:36,060 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-01-09 04:02:36,060 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:36,060 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:36,060 INFO L85 PathProgramCache]: Analyzing trace with hash -1971844026, now seen corresponding path program 1 times [2025-01-09 04:02:36,060 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:36,060 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1955805082] [2025-01-09 04:02:36,060 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:36,061 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:36,069 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 120 statements into 1 equivalence classes. [2025-01-09 04:02:36,074 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 120 of 120 statements. [2025-01-09 04:02:36,075 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:36,075 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:36,124 INFO L134 CoverageAnalysis]: Checked inductivity of 73 backedges. 18 proven. 0 refuted. 0 times theorem prover too weak. 55 trivial. 0 not checked. [2025-01-09 04:02:36,124 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:36,124 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1955805082] [2025-01-09 04:02:36,124 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1955805082] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:36,124 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-01-09 04:02:36,124 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-01-09 04:02:36,125 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [115497767] [2025-01-09 04:02:36,125 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:36,125 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-01-09 04:02:36,125 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:36,125 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-01-09 04:02:36,125 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 04:02:36,126 INFO L87 Difference]: Start difference. First operand 897 states and 1275 transitions. Second operand has 4 states, 4 states have (on average 18.5) internal successors, (74), 4 states have internal predecessors, (74), 4 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (14), 3 states have call predecessors, (14), 4 states have call successors, (14) [2025-01-09 04:02:36,224 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:36,224 INFO L93 Difference]: Finished difference Result 1391 states and 1973 transitions. [2025-01-09 04:02:36,225 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-01-09 04:02:36,225 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 18.5) internal successors, (74), 4 states have internal predecessors, (74), 4 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (14), 3 states have call predecessors, (14), 4 states have call successors, (14) Word has length 120 [2025-01-09 04:02:36,225 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:36,227 INFO L225 Difference]: With dead ends: 1391 [2025-01-09 04:02:36,228 INFO L226 Difference]: Without dead ends: 516 [2025-01-09 04:02:36,230 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-01-09 04:02:36,230 INFO L435 NwaCegarLoop]: 198 mSDtfsCounter, 185 mSDsluCounter, 137 mSDsCounter, 0 mSdLazyCounter, 65 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 185 SdHoareTripleChecker+Valid, 335 SdHoareTripleChecker+Invalid, 69 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 65 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:36,230 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [185 Valid, 335 Invalid, 69 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 65 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-01-09 04:02:36,231 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 516 states. [2025-01-09 04:02:36,267 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 516 to 510. [2025-01-09 04:02:36,268 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 510 states, 378 states have (on average 1.3148148148148149) internal successors, (497), 424 states have internal predecessors, (497), 78 states have call successors, (78), 51 states have call predecessors, (78), 53 states have return successors, (133), 78 states have call predecessors, (133), 78 states have call successors, (133) [2025-01-09 04:02:36,271 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 510 states to 510 states and 708 transitions. [2025-01-09 04:02:36,272 INFO L78 Accepts]: Start accepts. Automaton has 510 states and 708 transitions. Word has length 120 [2025-01-09 04:02:36,272 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:36,272 INFO L471 AbstractCegarLoop]: Abstraction has 510 states and 708 transitions. [2025-01-09 04:02:36,272 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 18.5) internal successors, (74), 4 states have internal predecessors, (74), 4 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (14), 3 states have call predecessors, (14), 4 states have call successors, (14) [2025-01-09 04:02:36,273 INFO L276 IsEmpty]: Start isEmpty. Operand 510 states and 708 transitions. [2025-01-09 04:02:36,275 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 128 [2025-01-09 04:02:36,275 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:36,275 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:36,276 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-01-09 04:02:36,276 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:36,276 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:36,276 INFO L85 PathProgramCache]: Analyzing trace with hash 658978775, now seen corresponding path program 1 times [2025-01-09 04:02:36,276 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:36,276 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [708226016] [2025-01-09 04:02:36,276 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:36,277 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:36,285 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 127 statements into 1 equivalence classes. [2025-01-09 04:02:36,291 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 127 of 127 statements. [2025-01-09 04:02:36,291 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:36,291 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:36,360 INFO L134 CoverageAnalysis]: Checked inductivity of 87 backedges. 14 proven. 11 refuted. 0 times theorem prover too weak. 62 trivial. 0 not checked. [2025-01-09 04:02:36,360 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:36,361 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [708226016] [2025-01-09 04:02:36,361 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [708226016] provided 0 perfect and 1 imperfect interpolant sequences [2025-01-09 04:02:36,361 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1696352035] [2025-01-09 04:02:36,361 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:36,361 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-01-09 04:02:36,361 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-01-09 04:02:36,363 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-01-09 04:02:36,365 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-01-09 04:02:36,416 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 127 statements into 1 equivalence classes. [2025-01-09 04:02:36,462 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 127 of 127 statements. [2025-01-09 04:02:36,462 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:36,462 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:36,470 INFO L256 TraceCheckSpWp]: Trace formula consists of 430 conjuncts, 7 conjuncts are in the unsatisfiable core [2025-01-09 04:02:36,480 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-01-09 04:02:36,669 INFO L134 CoverageAnalysis]: Checked inductivity of 87 backedges. 42 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-01-09 04:02:36,670 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-01-09 04:02:36,670 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1696352035] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:36,670 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-01-09 04:02:36,670 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [5] total 11 [2025-01-09 04:02:36,670 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1004699664] [2025-01-09 04:02:36,670 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:36,671 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2025-01-09 04:02:36,671 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:36,671 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2025-01-09 04:02:36,671 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=23, Invalid=87, Unknown=0, NotChecked=0, Total=110 [2025-01-09 04:02:36,671 INFO L87 Difference]: Start difference. First operand 510 states and 708 transitions. Second operand has 8 states, 8 states have (on average 10.75) internal successors, (86), 8 states have internal predecessors, (86), 6 states have call successors, (16), 5 states have call predecessors, (16), 5 states have return successors, (15), 5 states have call predecessors, (15), 6 states have call successors, (15) [2025-01-09 04:02:37,400 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:37,401 INFO L93 Difference]: Finished difference Result 1486 states and 2204 transitions. [2025-01-09 04:02:37,402 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2025-01-09 04:02:37,402 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 10.75) internal successors, (86), 8 states have internal predecessors, (86), 6 states have call successors, (16), 5 states have call predecessors, (16), 5 states have return successors, (15), 5 states have call predecessors, (15), 6 states have call successors, (15) Word has length 127 [2025-01-09 04:02:37,402 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:37,415 INFO L225 Difference]: With dead ends: 1486 [2025-01-09 04:02:37,415 INFO L226 Difference]: Without dead ends: 1136 [2025-01-09 04:02:37,417 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 139 GetRequests, 125 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 18 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=53, Invalid=187, Unknown=0, NotChecked=0, Total=240 [2025-01-09 04:02:37,418 INFO L435 NwaCegarLoop]: 157 mSDtfsCounter, 571 mSDsluCounter, 561 mSDsCounter, 0 mSdLazyCounter, 862 mSolverCounterSat, 203 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 610 SdHoareTripleChecker+Valid, 718 SdHoareTripleChecker+Invalid, 1065 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 203 IncrementalHoareTripleChecker+Valid, 862 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:37,418 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [610 Valid, 718 Invalid, 1065 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [203 Valid, 862 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2025-01-09 04:02:37,419 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1136 states. [2025-01-09 04:02:37,465 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1136 to 1122. [2025-01-09 04:02:37,467 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1122 states, 847 states have (on average 1.3105076741440378) internal successors, (1110), 935 states have internal predecessors, (1110), 158 states have call successors, (158), 109 states have call predecessors, (158), 116 states have return successors, (329), 164 states have call predecessors, (329), 158 states have call successors, (329) [2025-01-09 04:02:37,473 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1122 states to 1122 states and 1597 transitions. [2025-01-09 04:02:37,474 INFO L78 Accepts]: Start accepts. Automaton has 1122 states and 1597 transitions. Word has length 127 [2025-01-09 04:02:37,475 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:37,475 INFO L471 AbstractCegarLoop]: Abstraction has 1122 states and 1597 transitions. [2025-01-09 04:02:37,475 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 10.75) internal successors, (86), 8 states have internal predecessors, (86), 6 states have call successors, (16), 5 states have call predecessors, (16), 5 states have return successors, (15), 5 states have call predecessors, (15), 6 states have call successors, (15) [2025-01-09 04:02:37,477 INFO L276 IsEmpty]: Start isEmpty. Operand 1122 states and 1597 transitions. [2025-01-09 04:02:37,479 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 111 [2025-01-09 04:02:37,479 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:37,479 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:37,486 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2025-01-09 04:02:37,683 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6,2 /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-01-09 04:02:37,683 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:37,684 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:37,684 INFO L85 PathProgramCache]: Analyzing trace with hash 706898247, now seen corresponding path program 1 times [2025-01-09 04:02:37,684 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:37,684 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1255527012] [2025-01-09 04:02:37,684 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:37,684 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:37,696 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 110 statements into 1 equivalence classes. [2025-01-09 04:02:37,703 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 110 of 110 statements. [2025-01-09 04:02:37,704 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:37,704 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:37,781 INFO L134 CoverageAnalysis]: Checked inductivity of 69 backedges. 13 proven. 4 refuted. 0 times theorem prover too weak. 52 trivial. 0 not checked. [2025-01-09 04:02:37,781 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:37,781 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1255527012] [2025-01-09 04:02:37,781 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1255527012] provided 0 perfect and 1 imperfect interpolant sequences [2025-01-09 04:02:37,781 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1265023934] [2025-01-09 04:02:37,782 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:37,782 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-01-09 04:02:37,782 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-01-09 04:02:37,784 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-01-09 04:02:37,785 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2025-01-09 04:02:37,829 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 110 statements into 1 equivalence classes. [2025-01-09 04:02:37,862 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 110 of 110 statements. [2025-01-09 04:02:37,862 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:37,862 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:37,864 INFO L256 TraceCheckSpWp]: Trace formula consists of 385 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-01-09 04:02:37,866 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-01-09 04:02:37,921 INFO L134 CoverageAnalysis]: Checked inductivity of 69 backedges. 24 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-01-09 04:02:37,921 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-01-09 04:02:37,922 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1265023934] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:37,922 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-01-09 04:02:37,922 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-01-09 04:02:37,922 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1804908741] [2025-01-09 04:02:37,922 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:37,922 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-01-09 04:02:37,922 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:37,923 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-01-09 04:02:37,923 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-01-09 04:02:37,923 INFO L87 Difference]: Start difference. First operand 1122 states and 1597 transitions. Second operand has 3 states, 3 states have (on average 24.333333333333332) internal successors, (73), 3 states have internal predecessors, (73), 3 states have call successors, (14), 3 states have call predecessors, (14), 3 states have return successors, (13), 3 states have call predecessors, (13), 3 states have call successors, (13) [2025-01-09 04:02:37,985 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:37,986 INFO L93 Difference]: Finished difference Result 2318 states and 3381 transitions. [2025-01-09 04:02:37,986 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-01-09 04:02:37,986 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 24.333333333333332) internal successors, (73), 3 states have internal predecessors, (73), 3 states have call successors, (14), 3 states have call predecessors, (14), 3 states have return successors, (13), 3 states have call predecessors, (13), 3 states have call successors, (13) Word has length 110 [2025-01-09 04:02:37,987 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:37,993 INFO L225 Difference]: With dead ends: 2318 [2025-01-09 04:02:37,993 INFO L226 Difference]: Without dead ends: 1218 [2025-01-09 04:02:37,997 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 114 GetRequests, 110 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-01-09 04:02:37,998 INFO L435 NwaCegarLoop]: 223 mSDtfsCounter, 89 mSDsluCounter, 87 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 89 SdHoareTripleChecker+Valid, 310 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:37,998 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [89 Valid, 310 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:37,999 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1218 states. [2025-01-09 04:02:38,066 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1218 to 1200. [2025-01-09 04:02:38,068 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1200 states, 911 states have (on average 1.305159165751921) internal successors, (1189), 999 states have internal predecessors, (1189), 164 states have call successors, (164), 120 states have call predecessors, (164), 124 states have return successors, (323), 163 states have call predecessors, (323), 164 states have call successors, (323) [2025-01-09 04:02:38,074 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1200 states to 1200 states and 1676 transitions. [2025-01-09 04:02:38,076 INFO L78 Accepts]: Start accepts. Automaton has 1200 states and 1676 transitions. Word has length 110 [2025-01-09 04:02:38,076 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:38,076 INFO L471 AbstractCegarLoop]: Abstraction has 1200 states and 1676 transitions. [2025-01-09 04:02:38,076 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 24.333333333333332) internal successors, (73), 3 states have internal predecessors, (73), 3 states have call successors, (14), 3 states have call predecessors, (14), 3 states have return successors, (13), 3 states have call predecessors, (13), 3 states have call successors, (13) [2025-01-09 04:02:38,077 INFO L276 IsEmpty]: Start isEmpty. Operand 1200 states and 1676 transitions. [2025-01-09 04:02:38,079 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 113 [2025-01-09 04:02:38,079 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:38,079 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:38,085 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2025-01-09 04:02:38,279 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7,3 /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-01-09 04:02:38,280 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:38,280 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:38,280 INFO L85 PathProgramCache]: Analyzing trace with hash -1970713721, now seen corresponding path program 1 times [2025-01-09 04:02:38,281 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:38,281 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2124271985] [2025-01-09 04:02:38,281 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:38,281 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:38,290 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 112 statements into 1 equivalence classes. [2025-01-09 04:02:38,298 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 112 of 112 statements. [2025-01-09 04:02:38,298 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:38,298 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:38,351 INFO L134 CoverageAnalysis]: Checked inductivity of 71 backedges. 13 proven. 5 refuted. 0 times theorem prover too weak. 53 trivial. 0 not checked. [2025-01-09 04:02:38,351 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:38,351 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2124271985] [2025-01-09 04:02:38,352 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2124271985] provided 0 perfect and 1 imperfect interpolant sequences [2025-01-09 04:02:38,352 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [43892854] [2025-01-09 04:02:38,352 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:38,352 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-01-09 04:02:38,352 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-01-09 04:02:38,353 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-01-09 04:02:38,355 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2025-01-09 04:02:38,398 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 112 statements into 1 equivalence classes. [2025-01-09 04:02:38,430 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 112 of 112 statements. [2025-01-09 04:02:38,430 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:38,430 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:38,431 INFO L256 TraceCheckSpWp]: Trace formula consists of 386 conjuncts, 9 conjuncts are in the unsatisfiable core [2025-01-09 04:02:38,433 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-01-09 04:02:38,441 INFO L134 CoverageAnalysis]: Checked inductivity of 71 backedges. 17 proven. 0 refuted. 0 times theorem prover too weak. 54 trivial. 0 not checked. [2025-01-09 04:02:38,441 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-01-09 04:02:38,441 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [43892854] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:38,441 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-01-09 04:02:38,441 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [5] total 5 [2025-01-09 04:02:38,441 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [151995978] [2025-01-09 04:02:38,442 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:38,442 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-01-09 04:02:38,442 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:38,442 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-01-09 04:02:38,442 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 04:02:38,442 INFO L87 Difference]: Start difference. First operand 1200 states and 1676 transitions. Second operand has 5 states, 5 states have (on average 13.8) internal successors, (69), 5 states have internal predecessors, (69), 2 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 2 states have call predecessors, (13), 2 states have call successors, (13) [2025-01-09 04:02:38,525 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:38,525 INFO L93 Difference]: Finished difference Result 2236 states and 3317 transitions. [2025-01-09 04:02:38,526 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-01-09 04:02:38,526 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 13.8) internal successors, (69), 5 states have internal predecessors, (69), 2 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 2 states have call predecessors, (13), 2 states have call successors, (13) Word has length 112 [2025-01-09 04:02:38,526 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:38,532 INFO L225 Difference]: With dead ends: 2236 [2025-01-09 04:02:38,533 INFO L226 Difference]: Without dead ends: 1212 [2025-01-09 04:02:38,537 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 116 GetRequests, 113 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-01-09 04:02:38,540 INFO L435 NwaCegarLoop]: 158 mSDtfsCounter, 0 mSDsluCounter, 467 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 625 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:38,540 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 625 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:38,542 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1212 states. [2025-01-09 04:02:38,592 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1212 to 1212. [2025-01-09 04:02:38,594 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1212 states, 923 states have (on average 1.3011917659804983) internal successors, (1201), 1011 states have internal predecessors, (1201), 164 states have call successors, (164), 120 states have call predecessors, (164), 124 states have return successors, (323), 163 states have call predecessors, (323), 164 states have call successors, (323) [2025-01-09 04:02:38,600 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1212 states to 1212 states and 1688 transitions. [2025-01-09 04:02:38,601 INFO L78 Accepts]: Start accepts. Automaton has 1212 states and 1688 transitions. Word has length 112 [2025-01-09 04:02:38,601 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:38,601 INFO L471 AbstractCegarLoop]: Abstraction has 1212 states and 1688 transitions. [2025-01-09 04:02:38,602 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 13.8) internal successors, (69), 5 states have internal predecessors, (69), 2 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 2 states have call predecessors, (13), 2 states have call successors, (13) [2025-01-09 04:02:38,602 INFO L276 IsEmpty]: Start isEmpty. Operand 1212 states and 1688 transitions. [2025-01-09 04:02:38,604 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 113 [2025-01-09 04:02:38,605 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:38,605 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:38,611 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2025-01-09 04:02:38,809 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,4 /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-01-09 04:02:38,809 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:38,809 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:38,810 INFO L85 PathProgramCache]: Analyzing trace with hash -1930038971, now seen corresponding path program 1 times [2025-01-09 04:02:38,810 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:38,810 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [921573358] [2025-01-09 04:02:38,810 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:38,810 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:38,818 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 112 statements into 1 equivalence classes. [2025-01-09 04:02:38,824 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 112 of 112 statements. [2025-01-09 04:02:38,824 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:38,824 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:38,887 INFO L134 CoverageAnalysis]: Checked inductivity of 71 backedges. 13 proven. 5 refuted. 0 times theorem prover too weak. 53 trivial. 0 not checked. [2025-01-09 04:02:38,887 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:38,887 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [921573358] [2025-01-09 04:02:38,887 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [921573358] provided 0 perfect and 1 imperfect interpolant sequences [2025-01-09 04:02:38,887 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1632881436] [2025-01-09 04:02:38,888 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:38,888 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-01-09 04:02:38,888 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-01-09 04:02:38,889 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-01-09 04:02:38,891 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2025-01-09 04:02:38,937 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 112 statements into 1 equivalence classes. [2025-01-09 04:02:38,969 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 112 of 112 statements. [2025-01-09 04:02:38,969 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:38,969 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:38,970 INFO L256 TraceCheckSpWp]: Trace formula consists of 387 conjuncts, 4 conjuncts are in the unsatisfiable core [2025-01-09 04:02:38,972 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-01-09 04:02:38,989 INFO L134 CoverageAnalysis]: Checked inductivity of 71 backedges. 17 proven. 0 refuted. 0 times theorem prover too weak. 54 trivial. 0 not checked. [2025-01-09 04:02:38,989 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-01-09 04:02:38,989 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1632881436] provided 1 perfect and 0 imperfect interpolant sequences [2025-01-09 04:02:38,989 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-01-09 04:02:38,989 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [4] total 6 [2025-01-09 04:02:38,990 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1719585406] [2025-01-09 04:02:38,990 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-01-09 04:02:38,990 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-01-09 04:02:38,990 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:38,990 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-01-09 04:02:38,990 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2025-01-09 04:02:38,990 INFO L87 Difference]: Start difference. First operand 1212 states and 1688 transitions. Second operand has 4 states, 4 states have (on average 17.25) internal successors, (69), 4 states have internal predecessors, (69), 2 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 2 states have call predecessors, (13), 2 states have call successors, (13) [2025-01-09 04:02:39,036 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:39,036 INFO L93 Difference]: Finished difference Result 2097 states and 3013 transitions. [2025-01-09 04:02:39,036 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-01-09 04:02:39,037 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 17.25) internal successors, (69), 4 states have internal predecessors, (69), 2 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 2 states have call predecessors, (13), 2 states have call successors, (13) Word has length 112 [2025-01-09 04:02:39,037 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:39,042 INFO L225 Difference]: With dead ends: 2097 [2025-01-09 04:02:39,042 INFO L226 Difference]: Without dead ends: 1061 [2025-01-09 04:02:39,045 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 115 GetRequests, 111 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2025-01-09 04:02:39,045 INFO L435 NwaCegarLoop]: 159 mSDtfsCounter, 0 mSDsluCounter, 312 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 471 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:39,045 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 471 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-01-09 04:02:39,046 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1061 states. [2025-01-09 04:02:39,096 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1061 to 1061. [2025-01-09 04:02:39,097 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1061 states, 807 states have (on average 1.3023543990086741) internal successors, (1051), 883 states have internal predecessors, (1051), 147 states have call successors, (147), 106 states have call predecessors, (147), 106 states have return successors, (255), 138 states have call predecessors, (255), 147 states have call successors, (255) [2025-01-09 04:02:39,102 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1061 states to 1061 states and 1453 transitions. [2025-01-09 04:02:39,103 INFO L78 Accepts]: Start accepts. Automaton has 1061 states and 1453 transitions. Word has length 112 [2025-01-09 04:02:39,103 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:39,103 INFO L471 AbstractCegarLoop]: Abstraction has 1061 states and 1453 transitions. [2025-01-09 04:02:39,103 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 17.25) internal successors, (69), 4 states have internal predecessors, (69), 2 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 2 states have call predecessors, (13), 2 states have call successors, (13) [2025-01-09 04:02:39,104 INFO L276 IsEmpty]: Start isEmpty. Operand 1061 states and 1453 transitions. [2025-01-09 04:02:39,105 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 117 [2025-01-09 04:02:39,105 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:39,106 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:39,112 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2025-01-09 04:02:39,306 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2025-01-09 04:02:39,306 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:39,307 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:39,307 INFO L85 PathProgramCache]: Analyzing trace with hash 201156509, now seen corresponding path program 1 times [2025-01-09 04:02:39,307 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:39,307 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1642074160] [2025-01-09 04:02:39,307 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:39,307 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:39,313 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 116 statements into 1 equivalence classes. [2025-01-09 04:02:39,319 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 116 of 116 statements. [2025-01-09 04:02:39,319 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:39,319 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:39,494 INFO L134 CoverageAnalysis]: Checked inductivity of 71 backedges. 13 proven. 9 refuted. 0 times theorem prover too weak. 49 trivial. 0 not checked. [2025-01-09 04:02:39,494 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-01-09 04:02:39,495 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1642074160] [2025-01-09 04:02:39,495 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1642074160] provided 0 perfect and 1 imperfect interpolant sequences [2025-01-09 04:02:39,495 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1717345498] [2025-01-09 04:02:39,495 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-01-09 04:02:39,495 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-01-09 04:02:39,495 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2025-01-09 04:02:39,497 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-01-09 04:02:39,499 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2025-01-09 04:02:39,554 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 116 statements into 1 equivalence classes. [2025-01-09 04:02:39,592 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 116 of 116 statements. [2025-01-09 04:02:39,592 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:39,592 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-01-09 04:02:39,595 INFO L256 TraceCheckSpWp]: Trace formula consists of 396 conjuncts, 8 conjuncts are in the unsatisfiable core [2025-01-09 04:02:39,598 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-01-09 04:02:39,674 INFO L134 CoverageAnalysis]: Checked inductivity of 71 backedges. 17 proven. 9 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-01-09 04:02:39,675 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-01-09 04:02:39,807 INFO L134 CoverageAnalysis]: Checked inductivity of 71 backedges. 13 proven. 9 refuted. 0 times theorem prover too weak. 49 trivial. 0 not checked. [2025-01-09 04:02:39,807 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1717345498] provided 0 perfect and 2 imperfect interpolant sequences [2025-01-09 04:02:39,807 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2025-01-09 04:02:39,807 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [6, 6, 6] total 8 [2025-01-09 04:02:39,807 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [964648670] [2025-01-09 04:02:39,808 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2025-01-09 04:02:39,808 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2025-01-09 04:02:39,808 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-01-09 04:02:39,808 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2025-01-09 04:02:39,809 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-01-09 04:02:39,809 INFO L87 Difference]: Start difference. First operand 1061 states and 1453 transitions. Second operand has 8 states, 8 states have (on average 10.875) internal successors, (87), 8 states have internal predecessors, (87), 3 states have call successors, (18), 3 states have call predecessors, (18), 3 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) [2025-01-09 04:02:39,968 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-01-09 04:02:39,968 INFO L93 Difference]: Finished difference Result 1847 states and 2563 transitions. [2025-01-09 04:02:39,968 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2025-01-09 04:02:39,969 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 10.875) internal successors, (87), 8 states have internal predecessors, (87), 3 states have call successors, (18), 3 states have call predecessors, (18), 3 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) Word has length 116 [2025-01-09 04:02:39,969 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-01-09 04:02:39,974 INFO L225 Difference]: With dead ends: 1847 [2025-01-09 04:02:39,974 INFO L226 Difference]: Without dead ends: 1047 [2025-01-09 04:02:39,976 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 241 GetRequests, 226 SyntacticMatches, 5 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 19 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=40, Invalid=92, Unknown=0, NotChecked=0, Total=132 [2025-01-09 04:02:39,976 INFO L435 NwaCegarLoop]: 223 mSDtfsCounter, 186 mSDsluCounter, 860 mSDsCounter, 0 mSdLazyCounter, 110 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 186 SdHoareTripleChecker+Valid, 1083 SdHoareTripleChecker+Invalid, 114 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 110 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-01-09 04:02:39,977 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [186 Valid, 1083 Invalid, 114 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 110 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-01-09 04:02:39,977 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1047 states. [2025-01-09 04:02:40,018 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1047 to 996. [2025-01-09 04:02:40,019 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 996 states, 752 states have (on average 1.2898936170212767) internal successors, (970), 826 states have internal predecessors, (970), 142 states have call successors, (142), 101 states have call predecessors, (142), 101 states have return successors, (250), 130 states have call predecessors, (250), 142 states have call successors, (250) [2025-01-09 04:02:40,023 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 996 states to 996 states and 1362 transitions. [2025-01-09 04:02:40,025 INFO L78 Accepts]: Start accepts. Automaton has 996 states and 1362 transitions. Word has length 116 [2025-01-09 04:02:40,025 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-01-09 04:02:40,025 INFO L471 AbstractCegarLoop]: Abstraction has 996 states and 1362 transitions. [2025-01-09 04:02:40,025 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 10.875) internal successors, (87), 8 states have internal predecessors, (87), 3 states have call successors, (18), 3 states have call predecessors, (18), 3 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) [2025-01-09 04:02:40,025 INFO L276 IsEmpty]: Start isEmpty. Operand 996 states and 1362 transitions. [2025-01-09 04:02:40,028 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 151 [2025-01-09 04:02:40,028 INFO L210 NwaCegarLoop]: Found error trace [2025-01-09 04:02:40,028 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:40,035 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Forceful destruction successful, exit code 0 [2025-01-09 04:02:40,229 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2025-01-09 04:02:40,229 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-01-09 04:02:40,229 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-01-09 04:02:40,229 INFO L85 PathProgramCache]: Analyzing trace with hash 1922571146, now seen corresponding path program 2 times [2025-01-09 04:02:40,230 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-01-09 04:02:40,230 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [503143029] [2025-01-09 04:02:40,230 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-01-09 04:02:40,230 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-01-09 04:02:40,238 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 150 statements into 2 equivalence classes. [2025-01-09 04:02:40,249 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) and asserted 150 of 150 statements. [2025-01-09 04:02:40,249 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2025-01-09 04:02:40,249 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-01-09 04:02:40,249 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-01-09 04:02:40,253 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 150 statements into 1 equivalence classes. [2025-01-09 04:02:40,262 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 150 of 150 statements. [2025-01-09 04:02:40,262 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-01-09 04:02:40,262 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-01-09 04:02:40,305 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-01-09 04:02:40,305 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-01-09 04:02:40,306 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-01-09 04:02:40,307 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11 [2025-01-09 04:02:40,308 INFO L422 BasicCegarLoop]: Path program histogram: [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-01-09 04:02:40,377 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-01-09 04:02:40,379 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 09.01 04:02:40 BoogieIcfgContainer [2025-01-09 04:02:40,379 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-01-09 04:02:40,379 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-01-09 04:02:40,380 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-01-09 04:02:40,380 INFO L274 PluginConnector]: Witness Printer initialized [2025-01-09 04:02:40,380 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.01 04:02:33" (3/4) ... [2025-01-09 04:02:40,381 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-01-09 04:02:40,493 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 123. [2025-01-09 04:02:40,581 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-01-09 04:02:40,581 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.yml [2025-01-09 04:02:40,581 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-01-09 04:02:40,582 INFO L158 Benchmark]: Toolchain (without parser) took 7645.63ms. Allocated memory was 142.6MB in the beginning and 251.7MB in the end (delta: 109.1MB). Free memory was 110.9MB in the beginning and 115.7MB in the end (delta: -4.8MB). Peak memory consumption was 100.9MB. Max. memory is 16.1GB. [2025-01-09 04:02:40,582 INFO L158 Benchmark]: CDTParser took 0.19ms. Allocated memory is still 201.3MB. Free memory is still 122.7MB. There was no memory consumed. Max. memory is 16.1GB. [2025-01-09 04:02:40,582 INFO L158 Benchmark]: CACSL2BoogieTranslator took 372.16ms. Allocated memory is still 142.6MB. Free memory was 110.4MB in the beginning and 90.9MB in the end (delta: 19.5MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-01-09 04:02:40,582 INFO L158 Benchmark]: Boogie Procedure Inliner took 37.97ms. Allocated memory is still 142.6MB. Free memory was 90.9MB in the beginning and 88.9MB in the end (delta: 2.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-01-09 04:02:40,582 INFO L158 Benchmark]: Boogie Preprocessor took 37.36ms. Allocated memory is still 142.6MB. Free memory was 88.9MB in the beginning and 86.6MB in the end (delta: 2.3MB). There was no memory consumed. Max. memory is 16.1GB. [2025-01-09 04:02:40,582 INFO L158 Benchmark]: RCFGBuilder took 376.47ms. Allocated memory is still 142.6MB. Free memory was 86.6MB in the beginning and 65.1MB in the end (delta: 21.6MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. [2025-01-09 04:02:40,583 INFO L158 Benchmark]: TraceAbstraction took 6614.86ms. Allocated memory was 142.6MB in the beginning and 251.7MB in the end (delta: 109.1MB). Free memory was 64.2MB in the beginning and 135.3MB in the end (delta: -71.1MB). Peak memory consumption was 33.8MB. Max. memory is 16.1GB. [2025-01-09 04:02:40,583 INFO L158 Benchmark]: Witness Printer took 201.96ms. Allocated memory is still 251.7MB. Free memory was 135.3MB in the beginning and 115.7MB in the end (delta: 19.6MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-01-09 04:02:40,584 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.19ms. Allocated memory is still 201.3MB. Free memory is still 122.7MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 372.16ms. Allocated memory is still 142.6MB. Free memory was 110.4MB in the beginning and 90.9MB in the end (delta: 19.5MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 37.97ms. Allocated memory is still 142.6MB. Free memory was 90.9MB in the beginning and 88.9MB in the end (delta: 2.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Preprocessor took 37.36ms. Allocated memory is still 142.6MB. Free memory was 88.9MB in the beginning and 86.6MB in the end (delta: 2.3MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 376.47ms. Allocated memory is still 142.6MB. Free memory was 86.6MB in the beginning and 65.1MB in the end (delta: 21.6MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. * TraceAbstraction took 6614.86ms. Allocated memory was 142.6MB in the beginning and 251.7MB in the end (delta: 109.1MB). Free memory was 64.2MB in the beginning and 135.3MB in the end (delta: -71.1MB). Peak memory consumption was 33.8MB. Max. memory is 16.1GB. * Witness Printer took 201.96ms. Allocated memory is still 251.7MB. Free memory was 135.3MB in the beginning and 115.7MB in the end (delta: 19.6MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] - GenericResultAtLocation [Line: 153]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification4_spec.i","") [153] - GenericResultAtLocation [Line: 190]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [190] - GenericResultAtLocation [Line: 530]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [530] - GenericResultAtLocation [Line: 607]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [607] - GenericResultAtLocation [Line: 616]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [616] - GenericResultAtLocation [Line: 982]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [982] - GenericResultAtLocation [Line: 1085]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1085] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 612]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L50] int cleanupTimeShifts = 4; [L155] int __SELECTED_FEATURE_base ; [L156] int __SELECTED_FEATURE_highWaterSensor ; [L157] int __SELECTED_FEATURE_lowWaterSensor ; [L158] int __SELECTED_FEATURE_methaneQuery ; [L159] int __SELECTED_FEATURE_methaneAlarm ; [L160] int __SELECTED_FEATURE_stopCommand ; [L161] int __SELECTED_FEATURE_startCommand ; [L162] int __GUIDSL_ROOT_PRODUCTION ; [L200] int pumpRunning = 0; [L201] int systemActive = 1; [L786] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; [L983] int waterLevel = 1; [L984] int methaneLevelCritical = 0; VAL [__GUIDSL_ROOT_PRODUCTION=0, __SELECTED_FEATURE_base=0, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L131] int retValue_acc ; [L132] int tmp ; [L136] CALL select_helpers() [L1117] __GUIDSL_ROOT_PRODUCTION = 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=0, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L136] RET select_helpers() [L137] CALL select_features() [L1102] __SELECTED_FEATURE_base = 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1103] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=16, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1103] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1103] __SELECTED_FEATURE_highWaterSensor = select_one() [L1104] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] __SELECTED_FEATURE_lowWaterSensor = select_one() [L1105] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1105] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1105] __SELECTED_FEATURE_methaneQuery = select_one() [L1106] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1106] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1106] __SELECTED_FEATURE_methaneAlarm = select_one() [L1107] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1107] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1107] __SELECTED_FEATURE_stopCommand = select_one() [L1108] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1088] int retValue_acc ; [L1089] int choice = __VERIFIER_nondet_int(); [L1092] retValue_acc = choice [L1093] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1108] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1108] __SELECTED_FEATURE_startCommand = select_one() [L137] RET select_features() [L138] CALL, EXPR valid_product() [L1122] int retValue_acc ; [L1125] retValue_acc = __SELECTED_FEATURE_base [L1126] return (retValue_acc); VAL [\result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L138] RET, EXPR valid_product() [L138] tmp = valid_product() [L140] COND TRUE \read(tmp) [L142] FCALL setup() [L143] CALL runTest() [L122] CALL test() [L532] int splverifierCounter ; [L533] int tmp ; [L534] int tmp___0 ; [L535] int tmp___1 ; [L536] int tmp___2 ; [L539] splverifierCounter = 0 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L543] COND TRUE splverifierCounter < 4 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L549] tmp = __VERIFIER_nondet_int() [L551] COND TRUE \read(tmp) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L553] CALL waterRise() VAL [\old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1001] COND TRUE waterLevel < 2 [L1002] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L553] RET waterRise() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L559] tmp___0 = __VERIFIER_nondet_int() [L561] COND FALSE !(\read(tmp___0)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L569] tmp___2 = __VERIFIER_nondet_int() [L571] COND FALSE !(\read(tmp___2)) [L581] tmp___1 = __VERIFIER_nondet_int() [L583] COND FALSE !(\read(tmp___1)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L596] CALL timeShift() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L207] COND FALSE !(\read(pumpRunning)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L214] COND TRUE \read(systemActive) [L216] CALL processEnvironment() [L350] COND FALSE !(\read(__SELECTED_FEATURE_methaneAlarm)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L357] CALL processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L307] COND FALSE !(\read(__SELECTED_FEATURE_lowWaterSensor)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L314] CALL processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L264] COND TRUE \read(__SELECTED_FEATURE_highWaterSensor) [L266] CALL processEnvironment__role__highWaterSensor() [L236] int tmp ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L239] COND TRUE ! pumpRunning [L241] CALL, EXPR isHighWaterLevel() [L470] int retValue_acc ; [L471] int tmp ; [L472] int tmp___0 ; [L476] CALL, EXPR isHighWaterSensorDry() [L1063] int retValue_acc ; VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L1066] COND FALSE !(waterLevel < 2) [L1070] retValue_acc = 0 [L1071] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L476] RET, EXPR isHighWaterSensorDry() [L476] tmp = isHighWaterSensorDry() [L478] COND FALSE !(\read(tmp)) [L481] tmp___0 = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L483] retValue_acc = tmp___0 [L484] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L241] RET, EXPR isHighWaterLevel() [L241] tmp = isHighWaterLevel() [L243] COND TRUE \read(tmp) [L245] CALL activatePump() [L392] COND FALSE !(\read(__SELECTED_FEATURE_methaneQuery)) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L399] CALL activatePump__before__methaneQuery() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L367] pumpRunning = 1 VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L399] RET activatePump__before__methaneQuery() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L245] RET activatePump() [L266] RET processEnvironment__role__highWaterSensor() [L314] RET processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L357] RET processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L216] RET processEnvironment() [L222] CALL __utac_acc__Specification4_spec__1() [L166] int tmp ; [L167] int tmp___0 ; [L171] CALL, EXPR getWaterLevel() [L1054] int retValue_acc ; [L1057] retValue_acc = waterLevel [L1058] return (retValue_acc); VAL [\old(pumpRunning)=0, \old(waterLevel)=2, \result=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L171] RET, EXPR getWaterLevel() [L171] tmp = getWaterLevel() [L173] COND FALSE !(tmp == 0) VAL [\old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L222] RET __utac_acc__Specification4_spec__1() [L596] RET timeShift() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L543] COND TRUE splverifierCounter < 4 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L549] tmp = __VERIFIER_nondet_int() [L551] COND FALSE !(\read(tmp)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L559] tmp___0 = __VERIFIER_nondet_int() [L561] COND FALSE !(\read(tmp___0)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L569] tmp___2 = __VERIFIER_nondet_int() [L571] COND FALSE !(\read(tmp___2)) [L581] tmp___1 = __VERIFIER_nondet_int() [L583] COND FALSE !(\read(tmp___1)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L596] CALL timeShift() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=2] [L207] COND TRUE \read(pumpRunning) [L209] CALL lowerWaterLevel() [L989] COND TRUE waterLevel > 0 [L990] waterLevel = waterLevel - 1 VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L209] RET lowerWaterLevel() [L214] COND TRUE \read(systemActive) [L216] CALL processEnvironment() [L350] COND FALSE !(\read(__SELECTED_FEATURE_methaneAlarm)) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L357] CALL processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L307] COND FALSE !(\read(__SELECTED_FEATURE_lowWaterSensor)) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L314] CALL processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L264] COND TRUE \read(__SELECTED_FEATURE_highWaterSensor) [L266] CALL processEnvironment__role__highWaterSensor() [L236] int tmp ; VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L239] COND FALSE !(! pumpRunning) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L254] FCALL processEnvironment__before__highWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L266] RET processEnvironment__role__highWaterSensor() [L314] RET processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L357] RET processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L216] RET processEnvironment() [L222] CALL __utac_acc__Specification4_spec__1() [L166] int tmp ; [L167] int tmp___0 ; [L171] CALL, EXPR getWaterLevel() [L1054] int retValue_acc ; [L1057] retValue_acc = waterLevel [L1058] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L171] RET, EXPR getWaterLevel() [L171] tmp = getWaterLevel() [L173] COND FALSE !(tmp == 0) VAL [\old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L222] RET __utac_acc__Specification4_spec__1() [L596] RET timeShift() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L543] COND TRUE splverifierCounter < 4 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L549] tmp = __VERIFIER_nondet_int() [L551] COND FALSE !(\read(tmp)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L559] tmp___0 = __VERIFIER_nondet_int() [L561] COND FALSE !(\read(tmp___0)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L569] tmp___2 = __VERIFIER_nondet_int() [L571] COND FALSE !(\read(tmp___2)) [L581] tmp___1 = __VERIFIER_nondet_int() [L583] COND FALSE !(\read(tmp___1)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=1] [L596] CALL timeShift() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=1] [L207] COND TRUE \read(pumpRunning) [L209] CALL lowerWaterLevel() [L989] COND TRUE waterLevel > 0 [L990] waterLevel = waterLevel - 1 VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L209] RET lowerWaterLevel() [L214] COND TRUE \read(systemActive) [L216] CALL processEnvironment() [L350] COND FALSE !(\read(__SELECTED_FEATURE_methaneAlarm)) VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L357] CALL processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L307] COND FALSE !(\read(__SELECTED_FEATURE_lowWaterSensor)) VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L314] CALL processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L264] COND TRUE \read(__SELECTED_FEATURE_highWaterSensor) [L266] CALL processEnvironment__role__highWaterSensor() [L236] int tmp ; VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L239] COND FALSE !(! pumpRunning) VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L254] FCALL processEnvironment__before__highWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L266] RET processEnvironment__role__highWaterSensor() [L314] RET processEnvironment__before__lowWaterSensor() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L357] RET processEnvironment__before__methaneAlarm() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L216] RET processEnvironment() [L222] CALL __utac_acc__Specification4_spec__1() [L166] int tmp ; [L167] int tmp___0 ; [L171] CALL, EXPR getWaterLevel() [L1054] int retValue_acc ; [L1057] retValue_acc = waterLevel [L1058] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=1, \result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L171] RET, EXPR getWaterLevel() [L171] tmp = getWaterLevel() [L173] COND TRUE tmp == 0 [L175] CALL, EXPR isPumpRunning() [L425] int retValue_acc ; [L428] retValue_acc = pumpRunning [L429] return (retValue_acc); VAL [\old(pumpRunning)=1, \old(waterLevel)=1, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] [L175] RET, EXPR isPumpRunning() [L175] tmp___0 = isPumpRunning() [L177] COND TRUE \read(tmp___0) [L179] CALL __automaton_fail() [L612] reach_error() VAL [\old(pumpRunning)=1, \old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methaneLevelCritical=0, pumpRunning=1, systemActive=1, waterLevel=0] - StatisticsResult: Ultimate Automizer benchmark data CFG has 12 procedures, 136 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 6.5s, OverallIterations: 12, TraceHistogramMax: 6, PathProgramHistogramMax: 2, EmptinessCheckTime: 0.0s, AutomataDifference: 2.3s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2061 SdHoareTripleChecker+Valid, 1.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2018 mSDsluCounter, 6613 SdHoareTripleChecker+Invalid, 1.1s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 4685 mSDsCounter, 421 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1666 IncrementalHoareTripleChecker+Invalid, 2087 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 421 mSolverCounterUnsat, 1928 mSDtfsCounter, 1666 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 773 GetRequests, 702 SyntacticMatches, 5 SemanticMatches, 66 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 59 ImplicationChecksByTransitivity, 0.3s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1212occurred in iteration=9, InterpolantAutomatonStates: 66, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.6s AutomataMinimizationTime, 11 MinimizatonAttempts, 210 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 1.7s InterpolantComputationTime, 1728 NumberOfCodeBlocks, 1728 NumberOfCodeBlocksAsserted, 18 NumberOfCheckSat, 1677 ConstructedInterpolants, 0 QuantifiedInterpolants, 2594 SizeOfPredicates, 2 NumberOfNonLiveVariables, 1984 ConjunctsInSsa, 31 ConjunctsInUnsatCore, 17 InterpolantComputations, 10 PerfectInterpolantSequences, 1073/1125 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-01-09 04:02:40,600 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE