./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 8fc3dc66 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 4f3466b08a64c7fddf78a299dda71b27bda6ead813da06152b5ee1cea2f1c203 --- Real Ultimate output --- This is Ultimate 0.3.0-?-8fc3dc6-m [2025-03-16 18:48:26,447 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-03-16 18:48:26,498 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-03-16 18:48:26,501 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-03-16 18:48:26,502 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-03-16 18:48:26,525 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-03-16 18:48:26,525 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-03-16 18:48:26,525 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-03-16 18:48:26,526 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-03-16 18:48:26,526 INFO L153 SettingsManager]: * Use memory slicer=true [2025-03-16 18:48:26,526 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-03-16 18:48:26,526 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-03-16 18:48:26,526 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-03-16 18:48:26,526 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-03-16 18:48:26,526 INFO L153 SettingsManager]: * Use SBE=true [2025-03-16 18:48:26,527 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-03-16 18:48:26,527 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-03-16 18:48:26,527 INFO L153 SettingsManager]: * sizeof long=4 [2025-03-16 18:48:26,527 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-03-16 18:48:26,527 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-03-16 18:48:26,527 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-03-16 18:48:26,527 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-03-16 18:48:26,527 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-03-16 18:48:26,527 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-03-16 18:48:26,527 INFO L153 SettingsManager]: * sizeof long double=12 [2025-03-16 18:48:26,527 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-03-16 18:48:26,528 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-03-16 18:48:26,528 INFO L153 SettingsManager]: * Use constant arrays=true [2025-03-16 18:48:26,528 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-03-16 18:48:26,528 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-03-16 18:48:26,528 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-03-16 18:48:26,528 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-03-16 18:48:26,528 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-16 18:48:26,528 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-03-16 18:48:26,528 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-03-16 18:48:26,528 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-03-16 18:48:26,529 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-03-16 18:48:26,529 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-03-16 18:48:26,529 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-03-16 18:48:26,529 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-03-16 18:48:26,529 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-03-16 18:48:26,529 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-03-16 18:48:26,529 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-03-16 18:48:26,529 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 4f3466b08a64c7fddf78a299dda71b27bda6ead813da06152b5ee1cea2f1c203 [2025-03-16 18:48:26,758 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-03-16 18:48:26,766 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-03-16 18:48:26,767 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-03-16 18:48:26,768 INFO L270 PluginConnector]: Initializing CDTParser... [2025-03-16 18:48:26,768 INFO L274 PluginConnector]: CDTParser initialized [2025-03-16 18:48:26,769 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c [2025-03-16 18:48:27,929 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/dfd96242f/83727907193045b896a1178f1b5befd3/FLAGb2c54bc0a [2025-03-16 18:48:28,143 INFO L384 CDTParser]: Found 1 translation units. [2025-03-16 18:48:28,143 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c [2025-03-16 18:48:28,152 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/dfd96242f/83727907193045b896a1178f1b5befd3/FLAGb2c54bc0a [2025-03-16 18:48:28,163 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/dfd96242f/83727907193045b896a1178f1b5befd3 [2025-03-16 18:48:28,165 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-03-16 18:48:28,167 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-03-16 18:48:28,168 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-03-16 18:48:28,168 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-03-16 18:48:28,171 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-03-16 18:48:28,172 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.03 06:48:28" (1/1) ... [2025-03-16 18:48:28,172 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@3b52417c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.03 06:48:28, skipping insertion in model container [2025-03-16 18:48:28,173 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.03 06:48:28" (1/1) ... [2025-03-16 18:48:28,203 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-03-16 18:48:28,418 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c[20836,20849] [2025-03-16 18:48:28,428 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-16 18:48:28,441 INFO L200 MainTranslator]: Completed pre-run [2025-03-16 18:48:28,447 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2025-03-16 18:48:28,448 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [168] [2025-03-16 18:48:28,448 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [507] [2025-03-16 18:48:28,448 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [609] [2025-03-16 18:48:28,449 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification2_spec.i","") [686] [2025-03-16 18:48:28,449 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [726] [2025-03-16 18:48:28,449 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1092] [2025-03-16 18:48:28,449 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1101] [2025-03-16 18:48:28,492 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_productSimulator.cil.c[20836,20849] [2025-03-16 18:48:28,494 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-16 18:48:28,512 INFO L204 MainTranslator]: Completed translation [2025-03-16 18:48:28,512 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.03 06:48:28 WrapperNode [2025-03-16 18:48:28,513 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-03-16 18:48:28,513 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-03-16 18:48:28,513 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-03-16 18:48:28,514 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-03-16 18:48:28,518 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.03 06:48:28" (1/1) ... [2025-03-16 18:48:28,525 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.03 06:48:28" (1/1) ... [2025-03-16 18:48:28,544 INFO L138 Inliner]: procedures = 64, calls = 122, calls flagged for inlining = 28, calls inlined = 25, statements flattened = 282 [2025-03-16 18:48:28,546 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-03-16 18:48:28,546 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-03-16 18:48:28,546 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-03-16 18:48:28,546 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-03-16 18:48:28,552 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.03 06:48:28" (1/1) ... [2025-03-16 18:48:28,553 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.03 06:48:28" (1/1) ... [2025-03-16 18:48:28,555 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.03 06:48:28" (1/1) ... [2025-03-16 18:48:28,579 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2025-03-16 18:48:28,579 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.03 06:48:28" (1/1) ... [2025-03-16 18:48:28,580 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.03 06:48:28" (1/1) ... [2025-03-16 18:48:28,587 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.03 06:48:28" (1/1) ... [2025-03-16 18:48:28,587 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.03 06:48:28" (1/1) ... [2025-03-16 18:48:28,588 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.03 06:48:28" (1/1) ... [2025-03-16 18:48:28,590 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.03 06:48:28" (1/1) ... [2025-03-16 18:48:28,591 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-03-16 18:48:28,593 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-03-16 18:48:28,593 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-03-16 18:48:28,593 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-03-16 18:48:28,595 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.03 06:48:28" (1/1) ... [2025-03-16 18:48:28,598 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-16 18:48:28,608 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-16 18:48:28,617 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-03-16 18:48:28,619 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-03-16 18:48:28,636 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-03-16 18:48:28,636 INFO L130 BoogieDeclarations]: Found specification of procedure activatePump__before__methaneQuery [2025-03-16 18:48:28,637 INFO L138 BoogieDeclarations]: Found implementation of procedure activatePump__before__methaneQuery [2025-03-16 18:48:28,637 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2025-03-16 18:48:28,637 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2025-03-16 18:48:28,637 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2025-03-16 18:48:28,637 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2025-03-16 18:48:28,637 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2025-03-16 18:48:28,637 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2025-03-16 18:48:28,638 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__highWaterSensor [2025-03-16 18:48:28,638 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__highWaterSensor [2025-03-16 18:48:28,638 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2025-03-16 18:48:28,638 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2025-03-16 18:48:28,638 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__methaneAlarm [2025-03-16 18:48:28,638 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__methaneAlarm [2025-03-16 18:48:28,638 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__lowWaterSensor [2025-03-16 18:48:28,638 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__lowWaterSensor [2025-03-16 18:48:28,638 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2025-03-16 18:48:28,638 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2025-03-16 18:48:28,638 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2025-03-16 18:48:28,639 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2025-03-16 18:48:28,639 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-03-16 18:48:28,639 INFO L130 BoogieDeclarations]: Found specification of procedure select_one [2025-03-16 18:48:28,639 INFO L138 BoogieDeclarations]: Found implementation of procedure select_one [2025-03-16 18:48:28,639 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2025-03-16 18:48:28,639 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2025-03-16 18:48:28,639 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-03-16 18:48:28,639 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-03-16 18:48:28,708 INFO L256 CfgBuilder]: Building ICFG [2025-03-16 18:48:28,710 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2025-03-16 18:48:28,797 INFO L1322 $ProcedureCfgBuilder]: dead code at ProgramPoint L156-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~2#1; [2025-03-16 18:48:28,797 INFO L1322 $ProcedureCfgBuilder]: dead code at ProgramPoint L462-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~6#1; [2025-03-16 18:48:28,801 INFO L1322 $ProcedureCfgBuilder]: dead code at ProgramPoint L1110: #res := ~retValue_acc~12; [2025-03-16 18:48:28,844 INFO L1322 $ProcedureCfgBuilder]: dead code at ProgramPoint L407-1: isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~5#1; [2025-03-16 18:48:28,847 INFO L1322 $ProcedureCfgBuilder]: dead code at ProgramPoint L110: #res := ~retValue_acc~0; [2025-03-16 18:48:28,912 INFO L1322 $ProcedureCfgBuilder]: dead code at ProgramPoint L606-1: main_#res#1 := main_~retValue_acc~8#1; [2025-03-16 18:48:28,913 INFO L1322 $ProcedureCfgBuilder]: dead code at ProgramPoint L1143-1: valid_product_#res#1 := valid_product_~retValue_acc~13#1; [2025-03-16 18:48:28,935 INFO L1322 $ProcedureCfgBuilder]: dead code at ProgramPoint L481-1: isLowWaterLevel_#res#1 := isLowWaterLevel_~retValue_acc~7#1; [2025-03-16 18:48:28,935 INFO L1322 $ProcedureCfgBuilder]: dead code at ProgramPoint L165-1: isLowWaterSensorDry_#res#1 := isLowWaterSensorDry_~retValue_acc~3#1; [2025-03-16 18:48:28,939 INFO L1322 $ProcedureCfgBuilder]: dead code at ProgramPoint L398: #res := ~retValue_acc~4; [2025-03-16 18:48:28,961 INFO L? ?]: Removed 52 outVars from TransFormulas that were not future-live. [2025-03-16 18:48:28,962 INFO L307 CfgBuilder]: Performing block encoding [2025-03-16 18:48:28,972 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-03-16 18:48:28,973 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2025-03-16 18:48:28,973 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 16.03 06:48:28 BoogieIcfgContainer [2025-03-16 18:48:28,973 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-03-16 18:48:28,977 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-03-16 18:48:28,977 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-03-16 18:48:28,980 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-03-16 18:48:28,980 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 16.03 06:48:28" (1/3) ... [2025-03-16 18:48:28,980 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2ae2cdc3 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.03 06:48:28, skipping insertion in model container [2025-03-16 18:48:28,981 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.03 06:48:28" (2/3) ... [2025-03-16 18:48:28,981 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2ae2cdc3 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.03 06:48:28, skipping insertion in model container [2025-03-16 18:48:28,981 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 16.03 06:48:28" (3/3) ... [2025-03-16 18:48:28,982 INFO L128 eAbstractionObserver]: Analyzing ICFG minepump_spec2_productSimulator.cil.c [2025-03-16 18:48:28,992 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-03-16 18:48:28,993 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec2_productSimulator.cil.c that has 13 procedures, 133 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2025-03-16 18:48:29,040 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-03-16 18:48:29,047 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@71dcea83, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-03-16 18:48:29,047 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-03-16 18:48:29,050 INFO L276 IsEmpty]: Start isEmpty. Operand has 133 states, 89 states have (on average 1.3932584269662922) internal successors, (124), 105 states have internal predecessors, (124), 30 states have call successors, (30), 12 states have call predecessors, (30), 12 states have return successors, (30), 25 states have call predecessors, (30), 30 states have call successors, (30) [2025-03-16 18:48:29,056 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2025-03-16 18:48:29,056 INFO L210 NwaCegarLoop]: Found error trace [2025-03-16 18:48:29,056 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-16 18:48:29,057 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-16 18:48:29,060 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-16 18:48:29,060 INFO L85 PathProgramCache]: Analyzing trace with hash 287257142, now seen corresponding path program 1 times [2025-03-16 18:48:29,065 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-16 18:48:29,065 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [25702425] [2025-03-16 18:48:29,065 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-16 18:48:29,066 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-16 18:48:29,122 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 50 statements into 1 equivalence classes. [2025-03-16 18:48:29,156 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 50 of 50 statements. [2025-03-16 18:48:29,157 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-16 18:48:29,157 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-16 18:48:29,309 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-16 18:48:29,311 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-16 18:48:29,311 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [25702425] [2025-03-16 18:48:29,312 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [25702425] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-16 18:48:29,312 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-16 18:48:29,313 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-16 18:48:29,314 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [451909180] [2025-03-16 18:48:29,315 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-16 18:48:29,317 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-16 18:48:29,317 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-16 18:48:29,331 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-16 18:48:29,331 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-16 18:48:29,332 INFO L87 Difference]: Start difference. First operand has 133 states, 89 states have (on average 1.3932584269662922) internal successors, (124), 105 states have internal predecessors, (124), 30 states have call successors, (30), 12 states have call predecessors, (30), 12 states have return successors, (30), 25 states have call predecessors, (30), 30 states have call successors, (30) Second operand has 3 states, 3 states have (on average 8.0) internal successors, (24), 3 states have internal predecessors, (24), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-03-16 18:48:29,358 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-16 18:48:29,359 INFO L93 Difference]: Finished difference Result 237 states and 330 transitions. [2025-03-16 18:48:29,360 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-16 18:48:29,360 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.0) internal successors, (24), 3 states have internal predecessors, (24), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 50 [2025-03-16 18:48:29,361 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-16 18:48:29,366 INFO L225 Difference]: With dead ends: 237 [2025-03-16 18:48:29,366 INFO L226 Difference]: Without dead ends: 118 [2025-03-16 18:48:29,372 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-16 18:48:29,375 INFO L435 NwaCegarLoop]: 165 mSDtfsCounter, 18 mSDsluCounter, 143 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 22 SdHoareTripleChecker+Valid, 308 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-16 18:48:29,375 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [22 Valid, 308 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-16 18:48:29,385 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 118 states. [2025-03-16 18:48:29,411 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 118 to 118. [2025-03-16 18:48:29,412 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 118 states, 79 states have (on average 1.3670886075949367) internal successors, (108), 94 states have internal predecessors, (108), 27 states have call successors, (27), 11 states have call predecessors, (27), 11 states have return successors, (27), 22 states have call predecessors, (27), 27 states have call successors, (27) [2025-03-16 18:48:29,418 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 118 states to 118 states and 162 transitions. [2025-03-16 18:48:29,419 INFO L78 Accepts]: Start accepts. Automaton has 118 states and 162 transitions. Word has length 50 [2025-03-16 18:48:29,420 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-16 18:48:29,420 INFO L471 AbstractCegarLoop]: Abstraction has 118 states and 162 transitions. [2025-03-16 18:48:29,420 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.0) internal successors, (24), 3 states have internal predecessors, (24), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-03-16 18:48:29,420 INFO L276 IsEmpty]: Start isEmpty. Operand 118 states and 162 transitions. [2025-03-16 18:48:29,424 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2025-03-16 18:48:29,424 INFO L210 NwaCegarLoop]: Found error trace [2025-03-16 18:48:29,424 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-16 18:48:29,424 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2025-03-16 18:48:29,424 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-16 18:48:29,425 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-16 18:48:29,425 INFO L85 PathProgramCache]: Analyzing trace with hash -797323169, now seen corresponding path program 1 times [2025-03-16 18:48:29,425 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-16 18:48:29,425 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1739833814] [2025-03-16 18:48:29,425 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-16 18:48:29,425 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-16 18:48:29,445 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 54 statements into 1 equivalence classes. [2025-03-16 18:48:29,462 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 54 of 54 statements. [2025-03-16 18:48:29,463 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-16 18:48:29,463 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-16 18:48:29,580 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-16 18:48:29,580 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-16 18:48:29,580 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1739833814] [2025-03-16 18:48:29,584 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1739833814] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-16 18:48:29,584 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-16 18:48:29,584 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-16 18:48:29,584 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [469857900] [2025-03-16 18:48:29,584 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-16 18:48:29,585 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-16 18:48:29,585 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-16 18:48:29,585 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-16 18:48:29,585 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-16 18:48:29,585 INFO L87 Difference]: Start difference. First operand 118 states and 162 transitions. Second operand has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-03-16 18:48:29,622 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-16 18:48:29,622 INFO L93 Difference]: Finished difference Result 318 states and 441 transitions. [2025-03-16 18:48:29,625 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-16 18:48:29,625 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 54 [2025-03-16 18:48:29,625 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-16 18:48:29,627 INFO L225 Difference]: With dead ends: 318 [2025-03-16 18:48:29,627 INFO L226 Difference]: Without dead ends: 218 [2025-03-16 18:48:29,628 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-16 18:48:29,628 INFO L435 NwaCegarLoop]: 186 mSDtfsCounter, 135 mSDsluCounter, 135 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 135 SdHoareTripleChecker+Valid, 321 SdHoareTripleChecker+Invalid, 6 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-16 18:48:29,630 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [135 Valid, 321 Invalid, 6 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-16 18:48:29,632 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 218 states. [2025-03-16 18:48:29,650 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 218 to 215. [2025-03-16 18:48:29,651 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 215 states, 145 states have (on average 1.393103448275862) internal successors, (202), 174 states have internal predecessors, (202), 48 states have call successors, (48), 21 states have call predecessors, (48), 21 states have return successors, (48), 37 states have call predecessors, (48), 48 states have call successors, (48) [2025-03-16 18:48:29,652 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 215 states to 215 states and 298 transitions. [2025-03-16 18:48:29,655 INFO L78 Accepts]: Start accepts. Automaton has 215 states and 298 transitions. Word has length 54 [2025-03-16 18:48:29,655 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-16 18:48:29,655 INFO L471 AbstractCegarLoop]: Abstraction has 215 states and 298 transitions. [2025-03-16 18:48:29,655 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 2 states have call successors, (8), 2 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-03-16 18:48:29,655 INFO L276 IsEmpty]: Start isEmpty. Operand 215 states and 298 transitions. [2025-03-16 18:48:29,657 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2025-03-16 18:48:29,657 INFO L210 NwaCegarLoop]: Found error trace [2025-03-16 18:48:29,657 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-16 18:48:29,657 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2025-03-16 18:48:29,657 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-16 18:48:29,657 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-16 18:48:29,658 INFO L85 PathProgramCache]: Analyzing trace with hash 470611509, now seen corresponding path program 1 times [2025-03-16 18:48:29,658 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-16 18:48:29,658 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [414299891] [2025-03-16 18:48:29,658 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-16 18:48:29,658 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-16 18:48:29,670 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 57 statements into 1 equivalence classes. [2025-03-16 18:48:29,680 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 57 of 57 statements. [2025-03-16 18:48:29,681 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-16 18:48:29,681 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-16 18:48:29,768 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-16 18:48:29,768 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-16 18:48:29,768 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [414299891] [2025-03-16 18:48:29,768 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [414299891] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-16 18:48:29,768 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-16 18:48:29,768 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-16 18:48:29,768 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [259167741] [2025-03-16 18:48:29,768 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-16 18:48:29,768 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-16 18:48:29,769 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-16 18:48:29,769 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-16 18:48:29,769 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-16 18:48:29,769 INFO L87 Difference]: Start difference. First operand 215 states and 298 transitions. Second operand has 5 states, 5 states have (on average 6.4) internal successors, (32), 5 states have internal predecessors, (32), 2 states have call successors, (8), 1 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-03-16 18:48:29,865 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-16 18:48:29,866 INFO L93 Difference]: Finished difference Result 530 states and 764 transitions. [2025-03-16 18:48:29,866 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-16 18:48:29,866 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.4) internal successors, (32), 5 states have internal predecessors, (32), 2 states have call successors, (8), 1 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 57 [2025-03-16 18:48:29,867 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-16 18:48:29,869 INFO L225 Difference]: With dead ends: 530 [2025-03-16 18:48:29,869 INFO L226 Difference]: Without dead ends: 333 [2025-03-16 18:48:29,870 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-03-16 18:48:29,871 INFO L435 NwaCegarLoop]: 158 mSDtfsCounter, 123 mSDsluCounter, 412 mSDsCounter, 0 mSdLazyCounter, 34 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 123 SdHoareTripleChecker+Valid, 570 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 34 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-16 18:48:29,871 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [123 Valid, 570 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 34 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-16 18:48:29,872 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 333 states. [2025-03-16 18:48:29,906 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 333 to 332. [2025-03-16 18:48:29,910 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 332 states, 230 states have (on average 1.3565217391304347) internal successors, (312), 263 states have internal predecessors, (312), 64 states have call successors, (64), 37 states have call predecessors, (64), 37 states have return successors, (84), 59 states have call predecessors, (84), 64 states have call successors, (84) [2025-03-16 18:48:29,912 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 332 states to 332 states and 460 transitions. [2025-03-16 18:48:29,912 INFO L78 Accepts]: Start accepts. Automaton has 332 states and 460 transitions. Word has length 57 [2025-03-16 18:48:29,912 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-16 18:48:29,912 INFO L471 AbstractCegarLoop]: Abstraction has 332 states and 460 transitions. [2025-03-16 18:48:29,913 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.4) internal successors, (32), 5 states have internal predecessors, (32), 2 states have call successors, (8), 1 states have call predecessors, (8), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2025-03-16 18:48:29,913 INFO L276 IsEmpty]: Start isEmpty. Operand 332 states and 460 transitions. [2025-03-16 18:48:29,917 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 79 [2025-03-16 18:48:29,917 INFO L210 NwaCegarLoop]: Found error trace [2025-03-16 18:48:29,918 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-16 18:48:29,918 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2025-03-16 18:48:29,918 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-16 18:48:29,918 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-16 18:48:29,918 INFO L85 PathProgramCache]: Analyzing trace with hash -1581733948, now seen corresponding path program 1 times [2025-03-16 18:48:29,918 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-16 18:48:29,918 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1234736330] [2025-03-16 18:48:29,918 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-16 18:48:29,918 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-16 18:48:29,936 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 78 statements into 1 equivalence classes. [2025-03-16 18:48:29,946 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 78 of 78 statements. [2025-03-16 18:48:29,946 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-16 18:48:29,946 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-16 18:48:30,037 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-16 18:48:30,037 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-16 18:48:30,038 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1234736330] [2025-03-16 18:48:30,038 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1234736330] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-16 18:48:30,038 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-16 18:48:30,038 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-03-16 18:48:30,038 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2118490848] [2025-03-16 18:48:30,038 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-16 18:48:30,038 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-03-16 18:48:30,038 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-16 18:48:30,039 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-03-16 18:48:30,039 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-16 18:48:30,039 INFO L87 Difference]: Start difference. First operand 332 states and 460 transitions. Second operand has 4 states, 4 states have (on average 11.75) internal successors, (47), 4 states have internal predecessors, (47), 4 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 3 states have call predecessors, (10), 4 states have call successors, (10) [2025-03-16 18:48:30,276 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-16 18:48:30,276 INFO L93 Difference]: Finished difference Result 1204 states and 1746 transitions. [2025-03-16 18:48:30,276 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-03-16 18:48:30,276 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 11.75) internal successors, (47), 4 states have internal predecessors, (47), 4 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 3 states have call predecessors, (10), 4 states have call successors, (10) Word has length 78 [2025-03-16 18:48:30,277 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-16 18:48:30,285 INFO L225 Difference]: With dead ends: 1204 [2025-03-16 18:48:30,285 INFO L226 Difference]: Without dead ends: 890 [2025-03-16 18:48:30,288 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-16 18:48:30,290 INFO L435 NwaCegarLoop]: 271 mSDtfsCounter, 235 mSDsluCounter, 213 mSDsCounter, 0 mSdLazyCounter, 109 mSolverCounterSat, 7 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 235 SdHoareTripleChecker+Valid, 484 SdHoareTripleChecker+Invalid, 116 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 7 IncrementalHoareTripleChecker+Valid, 109 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2025-03-16 18:48:30,290 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [235 Valid, 484 Invalid, 116 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [7 Valid, 109 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2025-03-16 18:48:30,291 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 890 states. [2025-03-16 18:48:30,342 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 890 to 871. [2025-03-16 18:48:30,344 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 871 states, 615 states have (on average 1.3447154471544716) internal successors, (827), 695 states have internal predecessors, (827), 155 states have call successors, (155), 96 states have call predecessors, (155), 100 states have return successors, (259), 153 states have call predecessors, (259), 155 states have call successors, (259) [2025-03-16 18:48:30,349 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 871 states to 871 states and 1241 transitions. [2025-03-16 18:48:30,351 INFO L78 Accepts]: Start accepts. Automaton has 871 states and 1241 transitions. Word has length 78 [2025-03-16 18:48:30,352 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-16 18:48:30,352 INFO L471 AbstractCegarLoop]: Abstraction has 871 states and 1241 transitions. [2025-03-16 18:48:30,352 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 11.75) internal successors, (47), 4 states have internal predecessors, (47), 4 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 3 states have call predecessors, (10), 4 states have call successors, (10) [2025-03-16 18:48:30,353 INFO L276 IsEmpty]: Start isEmpty. Operand 871 states and 1241 transitions. [2025-03-16 18:48:30,355 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 79 [2025-03-16 18:48:30,356 INFO L210 NwaCegarLoop]: Found error trace [2025-03-16 18:48:30,356 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-16 18:48:30,356 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2025-03-16 18:48:30,356 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-16 18:48:30,357 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-16 18:48:30,357 INFO L85 PathProgramCache]: Analyzing trace with hash 1327029954, now seen corresponding path program 1 times [2025-03-16 18:48:30,357 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-16 18:48:30,357 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [124560293] [2025-03-16 18:48:30,357 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-16 18:48:30,358 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-16 18:48:30,372 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 78 statements into 1 equivalence classes. [2025-03-16 18:48:30,379 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 78 of 78 statements. [2025-03-16 18:48:30,380 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-16 18:48:30,380 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-16 18:48:30,442 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-16 18:48:30,442 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-16 18:48:30,442 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [124560293] [2025-03-16 18:48:30,442 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [124560293] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-16 18:48:30,442 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-16 18:48:30,442 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-16 18:48:30,442 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1371674758] [2025-03-16 18:48:30,442 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-16 18:48:30,443 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-16 18:48:30,443 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-16 18:48:30,443 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-16 18:48:30,443 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-16 18:48:30,443 INFO L87 Difference]: Start difference. First operand 871 states and 1241 transitions. Second operand has 5 states, 5 states have (on average 9.4) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 2 states have call successors, (10) [2025-03-16 18:48:30,500 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-16 18:48:30,500 INFO L93 Difference]: Finished difference Result 1742 states and 2635 transitions. [2025-03-16 18:48:30,501 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-16 18:48:30,501 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.4) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 2 states have call successors, (10) Word has length 78 [2025-03-16 18:48:30,501 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-16 18:48:30,506 INFO L225 Difference]: With dead ends: 1742 [2025-03-16 18:48:30,506 INFO L226 Difference]: Without dead ends: 889 [2025-03-16 18:48:30,510 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-16 18:48:30,511 INFO L435 NwaCegarLoop]: 159 mSDtfsCounter, 0 mSDsluCounter, 470 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 629 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-16 18:48:30,512 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 629 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-16 18:48:30,513 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 889 states. [2025-03-16 18:48:30,571 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 889 to 889. [2025-03-16 18:48:30,572 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 889 states, 633 states have (on average 1.334913112164297) internal successors, (845), 713 states have internal predecessors, (845), 155 states have call successors, (155), 96 states have call predecessors, (155), 100 states have return successors, (259), 153 states have call predecessors, (259), 155 states have call successors, (259) [2025-03-16 18:48:30,577 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 889 states to 889 states and 1259 transitions. [2025-03-16 18:48:30,578 INFO L78 Accepts]: Start accepts. Automaton has 889 states and 1259 transitions. Word has length 78 [2025-03-16 18:48:30,578 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-16 18:48:30,578 INFO L471 AbstractCegarLoop]: Abstraction has 889 states and 1259 transitions. [2025-03-16 18:48:30,579 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.4) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 2 states have call successors, (10) [2025-03-16 18:48:30,579 INFO L276 IsEmpty]: Start isEmpty. Operand 889 states and 1259 transitions. [2025-03-16 18:48:30,580 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 79 [2025-03-16 18:48:30,580 INFO L210 NwaCegarLoop]: Found error trace [2025-03-16 18:48:30,580 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-16 18:48:30,581 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-03-16 18:48:30,581 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-16 18:48:30,581 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-16 18:48:30,581 INFO L85 PathProgramCache]: Analyzing trace with hash -2006323325, now seen corresponding path program 1 times [2025-03-16 18:48:30,581 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-16 18:48:30,581 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [483071991] [2025-03-16 18:48:30,581 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-16 18:48:30,581 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-16 18:48:30,589 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 78 statements into 1 equivalence classes. [2025-03-16 18:48:30,593 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 78 of 78 statements. [2025-03-16 18:48:30,593 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-16 18:48:30,593 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-16 18:48:30,661 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-16 18:48:30,661 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-16 18:48:30,661 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [483071991] [2025-03-16 18:48:30,661 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [483071991] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-16 18:48:30,661 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-16 18:48:30,661 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-16 18:48:30,662 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [454408738] [2025-03-16 18:48:30,662 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-16 18:48:30,662 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-16 18:48:30,662 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-16 18:48:30,662 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-16 18:48:30,663 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-16 18:48:30,663 INFO L87 Difference]: Start difference. First operand 889 states and 1259 transitions. Second operand has 5 states, 5 states have (on average 9.4) internal successors, (47), 5 states have internal predecessors, (47), 3 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 3 states have call successors, (10) [2025-03-16 18:48:30,732 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-16 18:48:30,733 INFO L93 Difference]: Finished difference Result 1605 states and 2382 transitions. [2025-03-16 18:48:30,733 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-03-16 18:48:30,733 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.4) internal successors, (47), 5 states have internal predecessors, (47), 3 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 3 states have call successors, (10) Word has length 78 [2025-03-16 18:48:30,734 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-16 18:48:30,738 INFO L225 Difference]: With dead ends: 1605 [2025-03-16 18:48:30,738 INFO L226 Difference]: Without dead ends: 734 [2025-03-16 18:48:30,742 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2025-03-16 18:48:30,743 INFO L435 NwaCegarLoop]: 173 mSDtfsCounter, 137 mSDsluCounter, 473 mSDsCounter, 0 mSdLazyCounter, 19 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 137 SdHoareTripleChecker+Valid, 646 SdHoareTripleChecker+Invalid, 21 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 19 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-16 18:48:30,743 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [137 Valid, 646 Invalid, 21 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 19 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-16 18:48:30,744 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 734 states. [2025-03-16 18:48:30,775 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 734 to 726. [2025-03-16 18:48:30,777 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 726 states, 514 states have (on average 1.3365758754863812) internal successors, (687), 581 states have internal predecessors, (687), 130 states have call successors, (130), 79 states have call predecessors, (130), 81 states have return successors, (208), 122 states have call predecessors, (208), 130 states have call successors, (208) [2025-03-16 18:48:30,781 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 726 states to 726 states and 1025 transitions. [2025-03-16 18:48:30,782 INFO L78 Accepts]: Start accepts. Automaton has 726 states and 1025 transitions. Word has length 78 [2025-03-16 18:48:30,783 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-16 18:48:30,783 INFO L471 AbstractCegarLoop]: Abstraction has 726 states and 1025 transitions. [2025-03-16 18:48:30,783 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.4) internal successors, (47), 5 states have internal predecessors, (47), 3 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 2 states have call predecessors, (10), 3 states have call successors, (10) [2025-03-16 18:48:30,784 INFO L276 IsEmpty]: Start isEmpty. Operand 726 states and 1025 transitions. [2025-03-16 18:48:30,786 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 83 [2025-03-16 18:48:30,786 INFO L210 NwaCegarLoop]: Found error trace [2025-03-16 18:48:30,786 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-16 18:48:30,786 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-03-16 18:48:30,786 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-16 18:48:30,787 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-16 18:48:30,787 INFO L85 PathProgramCache]: Analyzing trace with hash 154282727, now seen corresponding path program 1 times [2025-03-16 18:48:30,787 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-16 18:48:30,787 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [536068162] [2025-03-16 18:48:30,787 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-16 18:48:30,787 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-16 18:48:30,797 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 82 statements into 1 equivalence classes. [2025-03-16 18:48:30,825 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 82 of 82 statements. [2025-03-16 18:48:30,826 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-16 18:48:30,826 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-16 18:48:30,878 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-16 18:48:30,879 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-16 18:48:30,879 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [536068162] [2025-03-16 18:48:30,879 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [536068162] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-16 18:48:30,879 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-16 18:48:30,879 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-16 18:48:30,879 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1574776717] [2025-03-16 18:48:30,879 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-16 18:48:30,879 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-16 18:48:30,879 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-16 18:48:30,880 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-16 18:48:30,880 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-16 18:48:30,880 INFO L87 Difference]: Start difference. First operand 726 states and 1025 transitions. Second operand has 3 states, 3 states have (on average 16.333333333333332) internal successors, (49), 3 states have internal predecessors, (49), 2 states have call successors, (12), 2 states have call predecessors, (12), 1 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) [2025-03-16 18:48:30,931 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-16 18:48:30,931 INFO L93 Difference]: Finished difference Result 1234 states and 1787 transitions. [2025-03-16 18:48:30,932 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-16 18:48:30,932 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 16.333333333333332) internal successors, (49), 3 states have internal predecessors, (49), 2 states have call successors, (12), 2 states have call predecessors, (12), 1 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) Word has length 82 [2025-03-16 18:48:30,932 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-16 18:48:30,938 INFO L225 Difference]: With dead ends: 1234 [2025-03-16 18:48:30,939 INFO L226 Difference]: Without dead ends: 1232 [2025-03-16 18:48:30,940 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-16 18:48:30,940 INFO L435 NwaCegarLoop]: 162 mSDtfsCounter, 136 mSDsluCounter, 135 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 136 SdHoareTripleChecker+Valid, 297 SdHoareTripleChecker+Invalid, 8 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-16 18:48:30,940 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [136 Valid, 297 Invalid, 8 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-16 18:48:30,942 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1232 states. [2025-03-16 18:48:30,994 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1232 to 1202. [2025-03-16 18:48:30,996 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1202 states, 842 states have (on average 1.338479809976247) internal successors, (1127), 963 states have internal predecessors, (1127), 224 states have call successors, (224), 133 states have call predecessors, (224), 135 states have return successors, (397), 200 states have call predecessors, (397), 224 states have call successors, (397) [2025-03-16 18:48:31,003 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1202 states to 1202 states and 1748 transitions. [2025-03-16 18:48:31,005 INFO L78 Accepts]: Start accepts. Automaton has 1202 states and 1748 transitions. Word has length 82 [2025-03-16 18:48:31,006 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-16 18:48:31,006 INFO L471 AbstractCegarLoop]: Abstraction has 1202 states and 1748 transitions. [2025-03-16 18:48:31,006 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 16.333333333333332) internal successors, (49), 3 states have internal predecessors, (49), 2 states have call successors, (12), 2 states have call predecessors, (12), 1 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) [2025-03-16 18:48:31,006 INFO L276 IsEmpty]: Start isEmpty. Operand 1202 states and 1748 transitions. [2025-03-16 18:48:31,011 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 111 [2025-03-16 18:48:31,012 INFO L210 NwaCegarLoop]: Found error trace [2025-03-16 18:48:31,012 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-16 18:48:31,012 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-03-16 18:48:31,012 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-16 18:48:31,013 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-16 18:48:31,015 INFO L85 PathProgramCache]: Analyzing trace with hash 597208319, now seen corresponding path program 1 times [2025-03-16 18:48:31,015 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-16 18:48:31,015 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1685100101] [2025-03-16 18:48:31,015 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-16 18:48:31,015 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-16 18:48:31,026 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 110 statements into 1 equivalence classes. [2025-03-16 18:48:31,034 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 110 of 110 statements. [2025-03-16 18:48:31,034 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-16 18:48:31,034 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-16 18:48:31,065 INFO L134 CoverageAnalysis]: Checked inductivity of 65 backedges. 17 proven. 0 refuted. 0 times theorem prover too weak. 48 trivial. 0 not checked. [2025-03-16 18:48:31,066 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-16 18:48:31,066 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1685100101] [2025-03-16 18:48:31,066 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1685100101] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-16 18:48:31,066 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-16 18:48:31,066 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-03-16 18:48:31,066 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [273245218] [2025-03-16 18:48:31,066 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-16 18:48:31,067 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-03-16 18:48:31,067 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-16 18:48:31,067 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-03-16 18:48:31,067 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-16 18:48:31,068 INFO L87 Difference]: Start difference. First operand 1202 states and 1748 transitions. Second operand has 4 states, 3 states have (on average 23.666666666666668) internal successors, (71), 4 states have internal predecessors, (71), 4 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 3 states have call predecessors, (13), 4 states have call successors, (13) [2025-03-16 18:48:31,216 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-16 18:48:31,217 INFO L93 Difference]: Finished difference Result 1906 states and 2762 transitions. [2025-03-16 18:48:31,217 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2025-03-16 18:48:31,217 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 23.666666666666668) internal successors, (71), 4 states have internal predecessors, (71), 4 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 3 states have call predecessors, (13), 4 states have call successors, (13) Word has length 110 [2025-03-16 18:48:31,217 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-16 18:48:31,222 INFO L225 Difference]: With dead ends: 1906 [2025-03-16 18:48:31,222 INFO L226 Difference]: Without dead ends: 722 [2025-03-16 18:48:31,226 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-16 18:48:31,226 INFO L435 NwaCegarLoop]: 202 mSDtfsCounter, 186 mSDsluCounter, 135 mSDsCounter, 0 mSdLazyCounter, 71 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 186 SdHoareTripleChecker+Valid, 337 SdHoareTripleChecker+Invalid, 75 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 71 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-16 18:48:31,226 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [186 Valid, 337 Invalid, 75 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 71 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-16 18:48:31,227 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 722 states. [2025-03-16 18:48:31,263 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 722 to 703. [2025-03-16 18:48:31,264 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 703 states, 498 states have (on average 1.3273092369477912) internal successors, (661), 564 states have internal predecessors, (661), 125 states have call successors, (125), 77 states have call predecessors, (125), 79 states have return successors, (210), 114 states have call predecessors, (210), 125 states have call successors, (210) [2025-03-16 18:48:31,268 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 703 states to 703 states and 996 transitions. [2025-03-16 18:48:31,269 INFO L78 Accepts]: Start accepts. Automaton has 703 states and 996 transitions. Word has length 110 [2025-03-16 18:48:31,269 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-16 18:48:31,269 INFO L471 AbstractCegarLoop]: Abstraction has 703 states and 996 transitions. [2025-03-16 18:48:31,270 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 23.666666666666668) internal successors, (71), 4 states have internal predecessors, (71), 4 states have call successors, (14), 2 states have call predecessors, (14), 2 states have return successors, (13), 3 states have call predecessors, (13), 4 states have call successors, (13) [2025-03-16 18:48:31,270 INFO L276 IsEmpty]: Start isEmpty. Operand 703 states and 996 transitions. [2025-03-16 18:48:31,273 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 125 [2025-03-16 18:48:31,273 INFO L210 NwaCegarLoop]: Found error trace [2025-03-16 18:48:31,273 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-16 18:48:31,273 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-03-16 18:48:31,273 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-16 18:48:31,274 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-16 18:48:31,274 INFO L85 PathProgramCache]: Analyzing trace with hash 1410243891, now seen corresponding path program 1 times [2025-03-16 18:48:31,274 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-16 18:48:31,274 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [536328633] [2025-03-16 18:48:31,274 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-16 18:48:31,274 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-16 18:48:31,282 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 124 statements into 1 equivalence classes. [2025-03-16 18:48:31,288 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 124 of 124 statements. [2025-03-16 18:48:31,288 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-16 18:48:31,288 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-16 18:48:31,396 INFO L134 CoverageAnalysis]: Checked inductivity of 79 backedges. 24 proven. 4 refuted. 0 times theorem prover too weak. 51 trivial. 0 not checked. [2025-03-16 18:48:31,396 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-16 18:48:31,396 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [536328633] [2025-03-16 18:48:31,396 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [536328633] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-16 18:48:31,396 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1849151430] [2025-03-16 18:48:31,396 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-16 18:48:31,396 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-16 18:48:31,396 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-16 18:48:31,398 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-16 18:48:31,401 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-03-16 18:48:31,459 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 124 statements into 1 equivalence classes. [2025-03-16 18:48:31,502 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 124 of 124 statements. [2025-03-16 18:48:31,502 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-16 18:48:31,502 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-16 18:48:31,505 INFO L256 TraceCheckSpWp]: Trace formula consists of 439 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-16 18:48:31,510 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-16 18:48:31,588 INFO L134 CoverageAnalysis]: Checked inductivity of 79 backedges. 34 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-16 18:48:31,589 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-16 18:48:31,589 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1849151430] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-16 18:48:31,589 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-16 18:48:31,589 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-16 18:48:31,589 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2048305872] [2025-03-16 18:48:31,589 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-16 18:48:31,589 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-16 18:48:31,590 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-16 18:48:31,590 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-16 18:48:31,590 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-16 18:48:31,590 INFO L87 Difference]: Start difference. First operand 703 states and 996 transitions. Second operand has 3 states, 3 states have (on average 26.333333333333332) internal successors, (79), 3 states have internal predecessors, (79), 3 states have call successors, (18), 3 states have call predecessors, (18), 3 states have return successors, (17), 3 states have call predecessors, (17), 3 states have call successors, (17) [2025-03-16 18:48:31,665 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-16 18:48:31,665 INFO L93 Difference]: Finished difference Result 1626 states and 2368 transitions. [2025-03-16 18:48:31,665 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-16 18:48:31,666 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 26.333333333333332) internal successors, (79), 3 states have internal predecessors, (79), 3 states have call successors, (18), 3 states have call predecessors, (18), 3 states have return successors, (17), 3 states have call predecessors, (17), 3 states have call successors, (17) Word has length 124 [2025-03-16 18:48:31,666 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-16 18:48:31,672 INFO L225 Difference]: With dead ends: 1626 [2025-03-16 18:48:31,672 INFO L226 Difference]: Without dead ends: 941 [2025-03-16 18:48:31,675 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 128 GetRequests, 124 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-16 18:48:31,676 INFO L435 NwaCegarLoop]: 231 mSDtfsCounter, 83 mSDsluCounter, 87 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 83 SdHoareTripleChecker+Valid, 318 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-16 18:48:31,676 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [83 Valid, 318 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-16 18:48:31,677 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 941 states. [2025-03-16 18:48:31,741 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 941 to 941. [2025-03-16 18:48:31,742 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 941 states, 677 states have (on average 1.3146233382570163) internal successors, (890), 750 states have internal predecessors, (890), 153 states have call successors, (153), 108 states have call predecessors, (153), 110 states have return successors, (272), 142 states have call predecessors, (272), 153 states have call successors, (272) [2025-03-16 18:48:31,747 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 941 states to 941 states and 1315 transitions. [2025-03-16 18:48:31,749 INFO L78 Accepts]: Start accepts. Automaton has 941 states and 1315 transitions. Word has length 124 [2025-03-16 18:48:31,749 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-16 18:48:31,749 INFO L471 AbstractCegarLoop]: Abstraction has 941 states and 1315 transitions. [2025-03-16 18:48:31,749 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 26.333333333333332) internal successors, (79), 3 states have internal predecessors, (79), 3 states have call successors, (18), 3 states have call predecessors, (18), 3 states have return successors, (17), 3 states have call predecessors, (17), 3 states have call successors, (17) [2025-03-16 18:48:31,749 INFO L276 IsEmpty]: Start isEmpty. Operand 941 states and 1315 transitions. [2025-03-16 18:48:31,753 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 123 [2025-03-16 18:48:31,753 INFO L210 NwaCegarLoop]: Found error trace [2025-03-16 18:48:31,754 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-16 18:48:31,761 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2025-03-16 18:48:31,958 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-16 18:48:31,958 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-16 18:48:31,959 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-16 18:48:31,959 INFO L85 PathProgramCache]: Analyzing trace with hash -818629193, now seen corresponding path program 1 times [2025-03-16 18:48:31,959 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-16 18:48:31,959 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [879975848] [2025-03-16 18:48:31,959 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-16 18:48:31,959 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-16 18:48:31,967 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 122 statements into 1 equivalence classes. [2025-03-16 18:48:31,974 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 122 of 122 statements. [2025-03-16 18:48:31,975 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-16 18:48:31,975 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-16 18:48:32,082 INFO L134 CoverageAnalysis]: Checked inductivity of 77 backedges. 20 proven. 2 refuted. 0 times theorem prover too weak. 55 trivial. 0 not checked. [2025-03-16 18:48:32,083 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-16 18:48:32,083 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [879975848] [2025-03-16 18:48:32,083 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [879975848] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-16 18:48:32,083 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2048329277] [2025-03-16 18:48:32,083 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-16 18:48:32,083 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-16 18:48:32,083 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-16 18:48:32,087 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-16 18:48:32,087 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2025-03-16 18:48:32,148 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 122 statements into 1 equivalence classes. [2025-03-16 18:48:32,191 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 122 of 122 statements. [2025-03-16 18:48:32,191 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-16 18:48:32,191 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-16 18:48:32,195 INFO L256 TraceCheckSpWp]: Trace formula consists of 431 conjuncts, 11 conjuncts are in the unsatisfiable core [2025-03-16 18:48:32,198 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-16 18:48:32,356 INFO L134 CoverageAnalysis]: Checked inductivity of 77 backedges. 5 proven. 2 refuted. 0 times theorem prover too weak. 70 trivial. 0 not checked. [2025-03-16 18:48:32,356 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-16 18:48:32,531 INFO L134 CoverageAnalysis]: Checked inductivity of 77 backedges. 14 proven. 0 refuted. 0 times theorem prover too weak. 63 trivial. 0 not checked. [2025-03-16 18:48:32,531 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2048329277] provided 1 perfect and 1 imperfect interpolant sequences [2025-03-16 18:48:32,532 INFO L185 FreeRefinementEngine]: Found 1 perfect and 2 imperfect interpolant sequences. [2025-03-16 18:48:32,532 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [7, 5] total 10 [2025-03-16 18:48:32,532 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1769680030] [2025-03-16 18:48:32,532 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-16 18:48:32,532 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-03-16 18:48:32,532 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-16 18:48:32,533 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-03-16 18:48:32,533 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=24, Invalid=66, Unknown=0, NotChecked=0, Total=90 [2025-03-16 18:48:32,533 INFO L87 Difference]: Start difference. First operand 941 states and 1315 transitions. Second operand has 6 states, 6 states have (on average 11.333333333333334) internal successors, (68), 5 states have internal predecessors, (68), 2 states have call successors, (16), 2 states have call predecessors, (16), 2 states have return successors, (15), 3 states have call predecessors, (15), 2 states have call successors, (15) [2025-03-16 18:48:32,750 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-16 18:48:32,751 INFO L93 Difference]: Finished difference Result 2725 states and 3892 transitions. [2025-03-16 18:48:32,751 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-03-16 18:48:32,751 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 11.333333333333334) internal successors, (68), 5 states have internal predecessors, (68), 2 states have call successors, (16), 2 states have call predecessors, (16), 2 states have return successors, (15), 3 states have call predecessors, (15), 2 states have call successors, (15) Word has length 122 [2025-03-16 18:48:32,751 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-16 18:48:32,760 INFO L225 Difference]: With dead ends: 2725 [2025-03-16 18:48:32,760 INFO L226 Difference]: Without dead ends: 1802 [2025-03-16 18:48:32,762 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 252 GetRequests, 241 SyntacticMatches, 1 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 16 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=34, Invalid=98, Unknown=0, NotChecked=0, Total=132 [2025-03-16 18:48:32,763 INFO L435 NwaCegarLoop]: 160 mSDtfsCounter, 118 mSDsluCounter, 548 mSDsCounter, 0 mSdLazyCounter, 82 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 120 SdHoareTripleChecker+Valid, 708 SdHoareTripleChecker+Invalid, 86 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 82 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-16 18:48:32,763 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [120 Valid, 708 Invalid, 86 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 82 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-16 18:48:32,764 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1802 states. [2025-03-16 18:48:32,852 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1802 to 1798. [2025-03-16 18:48:32,854 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1798 states, 1285 states have (on average 1.2980544747081713) internal successors, (1668), 1428 states have internal predecessors, (1668), 297 states have call successors, (297), 212 states have call predecessors, (297), 215 states have return successors, (538), 272 states have call predecessors, (538), 297 states have call successors, (538) [2025-03-16 18:48:32,861 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1798 states to 1798 states and 2503 transitions. [2025-03-16 18:48:32,864 INFO L78 Accepts]: Start accepts. Automaton has 1798 states and 2503 transitions. Word has length 122 [2025-03-16 18:48:32,864 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-16 18:48:32,864 INFO L471 AbstractCegarLoop]: Abstraction has 1798 states and 2503 transitions. [2025-03-16 18:48:32,864 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 11.333333333333334) internal successors, (68), 5 states have internal predecessors, (68), 2 states have call successors, (16), 2 states have call predecessors, (16), 2 states have return successors, (15), 3 states have call predecessors, (15), 2 states have call successors, (15) [2025-03-16 18:48:32,864 INFO L276 IsEmpty]: Start isEmpty. Operand 1798 states and 2503 transitions. [2025-03-16 18:48:32,871 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 131 [2025-03-16 18:48:32,871 INFO L210 NwaCegarLoop]: Found error trace [2025-03-16 18:48:32,871 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-16 18:48:32,878 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2025-03-16 18:48:33,075 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2025-03-16 18:48:33,076 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-16 18:48:33,077 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-16 18:48:33,077 INFO L85 PathProgramCache]: Analyzing trace with hash -956297322, now seen corresponding path program 1 times [2025-03-16 18:48:33,077 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-16 18:48:33,077 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [823990987] [2025-03-16 18:48:33,077 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-16 18:48:33,077 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-16 18:48:33,085 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 130 statements into 1 equivalence classes. [2025-03-16 18:48:33,092 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 130 of 130 statements. [2025-03-16 18:48:33,092 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-16 18:48:33,092 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-16 18:48:33,173 INFO L134 CoverageAnalysis]: Checked inductivity of 81 backedges. 24 proven. 5 refuted. 0 times theorem prover too weak. 52 trivial. 0 not checked. [2025-03-16 18:48:33,174 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-16 18:48:33,174 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [823990987] [2025-03-16 18:48:33,174 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [823990987] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-16 18:48:33,174 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [997351441] [2025-03-16 18:48:33,174 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-16 18:48:33,174 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-16 18:48:33,174 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-16 18:48:33,175 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-16 18:48:33,178 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2025-03-16 18:48:33,229 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 130 statements into 1 equivalence classes. [2025-03-16 18:48:33,272 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 130 of 130 statements. [2025-03-16 18:48:33,272 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-16 18:48:33,273 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-16 18:48:33,275 INFO L256 TraceCheckSpWp]: Trace formula consists of 450 conjuncts, 4 conjuncts are in the unsatisfiable core [2025-03-16 18:48:33,277 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-16 18:48:33,338 INFO L134 CoverageAnalysis]: Checked inductivity of 81 backedges. 36 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-16 18:48:33,338 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-16 18:48:33,338 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [997351441] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-16 18:48:33,339 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-16 18:48:33,339 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [5] total 6 [2025-03-16 18:48:33,339 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [861113072] [2025-03-16 18:48:33,339 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-16 18:48:33,339 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-16 18:48:33,339 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-16 18:48:33,339 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-16 18:48:33,340 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2025-03-16 18:48:33,340 INFO L87 Difference]: Start difference. First operand 1798 states and 2503 transitions. Second operand has 5 states, 5 states have (on average 16.6) internal successors, (83), 4 states have internal predecessors, (83), 3 states have call successors, (19), 4 states have call predecessors, (19), 4 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) [2025-03-16 18:48:33,885 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-16 18:48:33,885 INFO L93 Difference]: Finished difference Result 3999 states and 5733 transitions. [2025-03-16 18:48:33,885 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-03-16 18:48:33,886 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 16.6) internal successors, (83), 4 states have internal predecessors, (83), 3 states have call successors, (19), 4 states have call predecessors, (19), 4 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) Word has length 130 [2025-03-16 18:48:33,886 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-16 18:48:33,906 INFO L225 Difference]: With dead ends: 3999 [2025-03-16 18:48:33,906 INFO L226 Difference]: Without dead ends: 2551 [2025-03-16 18:48:33,913 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 139 GetRequests, 132 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2025-03-16 18:48:33,913 INFO L435 NwaCegarLoop]: 172 mSDtfsCounter, 198 mSDsluCounter, 263 mSDsCounter, 0 mSdLazyCounter, 430 mSolverCounterSat, 75 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 210 SdHoareTripleChecker+Valid, 435 SdHoareTripleChecker+Invalid, 505 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 75 IncrementalHoareTripleChecker+Valid, 430 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2025-03-16 18:48:33,914 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [210 Valid, 435 Invalid, 505 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [75 Valid, 430 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2025-03-16 18:48:33,916 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2551 states. [2025-03-16 18:48:34,060 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2551 to 2504. [2025-03-16 18:48:34,064 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2504 states, 1800 states have (on average 1.2783333333333333) internal successors, (2301), 1983 states have internal predecessors, (2301), 398 states have call successors, (398), 277 states have call predecessors, (398), 305 states have return successors, (867), 408 states have call predecessors, (867), 398 states have call successors, (867) [2025-03-16 18:48:34,076 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2504 states to 2504 states and 3566 transitions. [2025-03-16 18:48:34,079 INFO L78 Accepts]: Start accepts. Automaton has 2504 states and 3566 transitions. Word has length 130 [2025-03-16 18:48:34,079 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-16 18:48:34,079 INFO L471 AbstractCegarLoop]: Abstraction has 2504 states and 3566 transitions. [2025-03-16 18:48:34,079 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 16.6) internal successors, (83), 4 states have internal predecessors, (83), 3 states have call successors, (19), 4 states have call predecessors, (19), 4 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) [2025-03-16 18:48:34,079 INFO L276 IsEmpty]: Start isEmpty. Operand 2504 states and 3566 transitions. [2025-03-16 18:48:34,087 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 127 [2025-03-16 18:48:34,087 INFO L210 NwaCegarLoop]: Found error trace [2025-03-16 18:48:34,088 INFO L218 NwaCegarLoop]: trace histogram [6, 6, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-16 18:48:34,095 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2025-03-16 18:48:34,288 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-16 18:48:34,288 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-16 18:48:34,288 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-16 18:48:34,289 INFO L85 PathProgramCache]: Analyzing trace with hash 1018099256, now seen corresponding path program 1 times [2025-03-16 18:48:34,289 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-16 18:48:34,289 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1961287635] [2025-03-16 18:48:34,289 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-16 18:48:34,289 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-16 18:48:34,296 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 126 statements into 1 equivalence classes. [2025-03-16 18:48:34,304 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 126 of 126 statements. [2025-03-16 18:48:34,304 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-16 18:48:34,304 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-03-16 18:48:34,304 INFO L348 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2025-03-16 18:48:34,308 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 126 statements into 1 equivalence classes. [2025-03-16 18:48:34,321 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 126 of 126 statements. [2025-03-16 18:48:34,321 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-16 18:48:34,321 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is sat [2025-03-16 18:48:34,356 INFO L130 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2025-03-16 18:48:34,356 INFO L340 BasicCegarLoop]: Counterexample is feasible [2025-03-16 18:48:34,357 INFO L782 garLoopResultBuilder]: Registering result UNSAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2025-03-16 18:48:34,358 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11 [2025-03-16 18:48:34,360 INFO L422 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-16 18:48:34,438 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2025-03-16 18:48:34,444 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 16.03 06:48:34 BoogieIcfgContainer [2025-03-16 18:48:34,444 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2025-03-16 18:48:34,444 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2025-03-16 18:48:34,444 INFO L270 PluginConnector]: Initializing Witness Printer... [2025-03-16 18:48:34,445 INFO L274 PluginConnector]: Witness Printer initialized [2025-03-16 18:48:34,445 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 16.03 06:48:28" (3/4) ... [2025-03-16 18:48:34,445 INFO L140 WitnessPrinter]: Generating witness for reachability counterexample [2025-03-16 18:48:34,540 INFO L127 tionWitnessGenerator]: Generated YAML witness of length 104. [2025-03-16 18:48:34,607 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2025-03-16 18:48:34,608 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2025-03-16 18:48:34,608 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2025-03-16 18:48:34,608 INFO L158 Benchmark]: Toolchain (without parser) took 6441.71ms. Allocated memory was 167.8MB in the beginning and 268.4MB in the end (delta: 100.7MB). Free memory was 132.1MB in the beginning and 141.8MB in the end (delta: -9.6MB). Peak memory consumption was 89.8MB. Max. memory is 16.1GB. [2025-03-16 18:48:34,608 INFO L158 Benchmark]: CDTParser took 0.46ms. Allocated memory is still 201.3MB. Free memory is still 128.1MB. There was no memory consumed. Max. memory is 16.1GB. [2025-03-16 18:48:34,608 INFO L158 Benchmark]: CACSL2BoogieTranslator took 344.51ms. Allocated memory is still 167.8MB. Free memory was 131.7MB in the beginning and 111.9MB in the end (delta: 19.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-03-16 18:48:34,609 INFO L158 Benchmark]: Boogie Procedure Inliner took 32.59ms. Allocated memory is still 167.8MB. Free memory was 111.9MB in the beginning and 109.7MB in the end (delta: 2.2MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2025-03-16 18:48:34,609 INFO L158 Benchmark]: Boogie Preprocessor took 45.62ms. Allocated memory is still 167.8MB. Free memory was 109.7MB in the beginning and 108.0MB in the end (delta: 1.7MB). There was no memory consumed. Max. memory is 16.1GB. [2025-03-16 18:48:34,609 INFO L158 Benchmark]: IcfgBuilder took 380.20ms. Allocated memory is still 167.8MB. Free memory was 108.0MB in the beginning and 84.9MB in the end (delta: 23.1MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. [2025-03-16 18:48:34,609 INFO L158 Benchmark]: TraceAbstraction took 5467.38ms. Allocated memory was 167.8MB in the beginning and 268.4MB in the end (delta: 100.7MB). Free memory was 84.5MB in the beginning and 161.3MB in the end (delta: -76.8MB). Peak memory consumption was 22.7MB. Max. memory is 16.1GB. [2025-03-16 18:48:34,609 INFO L158 Benchmark]: Witness Printer took 163.26ms. Allocated memory is still 268.4MB. Free memory was 161.3MB in the beginning and 141.8MB in the end (delta: 19.6MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2025-03-16 18:48:34,613 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.46ms. Allocated memory is still 201.3MB. Free memory is still 128.1MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 344.51ms. Allocated memory is still 167.8MB. Free memory was 131.7MB in the beginning and 111.9MB in the end (delta: 19.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 32.59ms. Allocated memory is still 167.8MB. Free memory was 111.9MB in the beginning and 109.7MB in the end (delta: 2.2MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Preprocessor took 45.62ms. Allocated memory is still 167.8MB. Free memory was 109.7MB in the beginning and 108.0MB in the end (delta: 1.7MB). There was no memory consumed. Max. memory is 16.1GB. * IcfgBuilder took 380.20ms. Allocated memory is still 167.8MB. Free memory was 108.0MB in the beginning and 84.9MB in the end (delta: 23.1MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. * TraceAbstraction took 5467.38ms. Allocated memory was 167.8MB in the beginning and 268.4MB in the end (delta: 100.7MB). Free memory was 84.5MB in the beginning and 161.3MB in the end (delta: -76.8MB). Peak memory consumption was 22.7MB. Max. memory is 16.1GB. * Witness Printer took 163.26ms. Allocated memory is still 268.4MB. Free memory was 161.3MB in the beginning and 141.8MB in the end (delta: 19.6MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 168]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [168] - GenericResultAtLocation [Line: 507]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [507] - GenericResultAtLocation [Line: 609]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [609] - GenericResultAtLocation [Line: 686]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification2_spec.i","") [686] - GenericResultAtLocation [Line: 726]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [726] - GenericResultAtLocation [Line: 1092]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1092] - GenericResultAtLocation [Line: 1101]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1101] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - CounterExampleResult [Line: 1097]: a call to reach_error is reachable a call to reach_error is reachable We found a FailurePath: [L50] int __SELECTED_FEATURE_base ; [L51] int __SELECTED_FEATURE_highWaterSensor ; [L52] int __SELECTED_FEATURE_lowWaterSensor ; [L53] int __SELECTED_FEATURE_methaneQuery ; [L54] int __SELECTED_FEATURE_methaneAlarm ; [L55] int __SELECTED_FEATURE_stopCommand ; [L56] int __SELECTED_FEATURE_startCommand ; [L57] int __GUIDSL_ROOT_PRODUCTION ; [L66] int waterLevel = 1; [L67] int methaneLevelCritical = 0; [L176] int pumpRunning = 0; [L177] int systemActive = 1; [L508] int cleanupTimeShifts = 4; [L688] int methAndRunningLastTime ; [L896] static struct __ACC__ERR *head = (struct __ACC__ERR *)0; [L587] int retValue_acc ; [L588] int tmp ; [L592] CALL select_helpers() [L1133] __GUIDSL_ROOT_PRODUCTION = 1 [L592] RET select_helpers() [L593] CALL select_features() [L1118] __SELECTED_FEATURE_base = 1 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1119] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=16, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1119] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=0, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1119] __SELECTED_FEATURE_highWaterSensor = select_one() [L1120] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1120] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1120] __SELECTED_FEATURE_lowWaterSensor = select_one() [L1121] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1121] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1121] __SELECTED_FEATURE_methaneQuery = select_one() [L1122] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1122] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1122] __SELECTED_FEATURE_methaneAlarm = select_one() [L1123] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1123] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1123] __SELECTED_FEATURE_stopCommand = select_one() [L1124] CALL, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1104] int retValue_acc ; [L1105] int choice = __VERIFIER_nondet_int(); [L1108] retValue_acc = choice [L1109] return (retValue_acc); VAL [\result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1124] RET, EXPR select_one() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L1124] __SELECTED_FEATURE_startCommand = select_one() [L593] RET select_features() [L594] CALL, EXPR valid_product() [L1138] int retValue_acc ; [L1141] retValue_acc = __SELECTED_FEATURE_base [L1142] return (retValue_acc); VAL [\result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L594] RET, EXPR valid_product() [L594] tmp = valid_product() [L596] COND TRUE \read(tmp) [L598] FCALL setup() [L599] CALL runTest() [L577] CALL __utac_acc__Specification2_spec__1() [L693] methAndRunningLastTime = 0 [L577] RET __utac_acc__Specification2_spec__1() [L578] CALL test() [L611] int splverifierCounter ; [L612] int tmp ; [L613] int tmp___0 ; [L614] int tmp___1 ; [L615] int tmp___2 ; [L618] splverifierCounter = 0 VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L622] COND TRUE splverifierCounter < 4 [L628] tmp = __VERIFIER_nondet_int() [L630] COND TRUE \read(tmp) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=1] [L632] CALL waterRise() VAL [\old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=1] [L84] COND TRUE waterLevel < 2 [L85] waterLevel = waterLevel + 1 VAL [\old(waterLevel)=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L632] RET waterRise() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L638] tmp___0 = __VERIFIER_nondet_int() [L640] COND TRUE \read(tmp___0) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L642] CALL changeMethaneLevel() VAL [\old(methaneLevelCritical)=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=0, pumpRunning=0, systemActive=1, waterLevel=2] [L96] COND FALSE !(\read(methaneLevelCritical)) [L99] methaneLevelCritical = 1 VAL [\old(methaneLevelCritical)=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L642] RET changeMethaneLevel() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L648] tmp___2 = __VERIFIER_nondet_int() [L650] COND FALSE !(\read(tmp___2)) [L660] tmp___1 = __VERIFIER_nondet_int() [L662] COND FALSE !(\read(tmp___1)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, splverifierCounter=0, systemActive=1, waterLevel=2] [L675] CALL timeShift() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L184] COND FALSE !(\read(pumpRunning)) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L191] COND TRUE \read(systemActive) [L193] CALL processEnvironment() [L327] COND FALSE !(\read(__SELECTED_FEATURE_methaneAlarm)) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L334] CALL processEnvironment__before__methaneAlarm() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L284] COND FALSE !(\read(__SELECTED_FEATURE_lowWaterSensor)) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L291] CALL processEnvironment__before__lowWaterSensor() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L241] COND TRUE \read(__SELECTED_FEATURE_highWaterSensor) [L243] CALL processEnvironment__role__highWaterSensor() [L213] int tmp ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L216] COND TRUE ! pumpRunning [L218] CALL, EXPR isHighWaterLevel() [L447] int retValue_acc ; [L448] int tmp ; [L449] int tmp___0 ; [L453] CALL, EXPR isHighWaterSensorDry() [L146] int retValue_acc ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L149] COND FALSE !(waterLevel < 2) [L153] retValue_acc = 0 [L154] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=0, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L453] RET, EXPR isHighWaterSensorDry() [L453] tmp = isHighWaterSensorDry() [L455] COND FALSE !(\read(tmp)) [L458] tmp___0 = 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, tmp___0=1, waterLevel=2] [L460] retValue_acc = tmp___0 [L461] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L218] RET, EXPR isHighWaterLevel() [L218] tmp = isHighWaterLevel() [L220] COND TRUE \read(tmp) [L222] CALL activatePump() [L369] COND FALSE !(\read(__SELECTED_FEATURE_methaneQuery)) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L376] CALL activatePump__before__methaneQuery() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=0, systemActive=1, waterLevel=2] [L344] pumpRunning = 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L376] RET activatePump__before__methaneQuery() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L222] RET activatePump() [L243] RET processEnvironment__role__highWaterSensor() [L291] RET processEnvironment__before__lowWaterSensor() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L334] RET processEnvironment__before__methaneAlarm() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L193] RET processEnvironment() [L199] CALL __utac_acc__Specification2_spec__2() [L698] int tmp ; [L699] int tmp___0 ; VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L703] CALL, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L105] int retValue_acc ; [L108] retValue_acc = methaneLevelCritical [L109] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L703] RET, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L703] tmp = isMethaneLevelCritical() [L705] COND TRUE \read(tmp) [L707] CALL, EXPR isPumpRunning() [L402] int retValue_acc ; [L405] retValue_acc = pumpRunning [L406] return (retValue_acc); VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L707] RET, EXPR isPumpRunning() [L707] tmp___0 = isPumpRunning() [L709] COND TRUE \read(tmp___0) VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=0, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L710] COND FALSE !(\read(methAndRunningLastTime)) [L715] methAndRunningLastTime = 1 VAL [\old(methAndRunningLastTime)=0, \old(pumpRunning)=0, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L199] RET __utac_acc__Specification2_spec__2() [L675] RET timeShift() VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L622] COND TRUE splverifierCounter < 4 [L628] tmp = __VERIFIER_nondet_int() [L630] COND FALSE !(\read(tmp)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L638] tmp___0 = __VERIFIER_nondet_int() [L640] COND FALSE !(\read(tmp___0)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L648] tmp___2 = __VERIFIER_nondet_int() [L650] COND FALSE !(\read(tmp___2)) [L660] tmp___1 = __VERIFIER_nondet_int() [L662] COND FALSE !(\read(tmp___1)) VAL [__GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, splverifierCounter=0, systemActive=1, waterLevel=2] [L675] CALL timeShift() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=2] [L184] COND TRUE \read(pumpRunning) [L186] CALL lowerWaterLevel() [L72] COND TRUE waterLevel > 0 [L73] waterLevel = waterLevel - 1 VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L186] RET lowerWaterLevel() [L191] COND TRUE \read(systemActive) [L193] CALL processEnvironment() [L327] COND FALSE !(\read(__SELECTED_FEATURE_methaneAlarm)) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L334] CALL processEnvironment__before__methaneAlarm() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L284] COND FALSE !(\read(__SELECTED_FEATURE_lowWaterSensor)) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L291] CALL processEnvironment__before__lowWaterSensor() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L241] COND TRUE \read(__SELECTED_FEATURE_highWaterSensor) [L243] CALL processEnvironment__role__highWaterSensor() [L213] int tmp ; VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L216] COND FALSE !(! pumpRunning) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L231] FCALL processEnvironment__before__highWaterSensor() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L243] RET processEnvironment__role__highWaterSensor() [L291] RET processEnvironment__before__lowWaterSensor() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L334] RET processEnvironment__before__methaneAlarm() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L193] RET processEnvironment() [L199] CALL __utac_acc__Specification2_spec__2() [L698] int tmp ; [L699] int tmp___0 ; VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L703] CALL, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L105] int retValue_acc ; [L108] retValue_acc = methaneLevelCritical [L109] return (retValue_acc); VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L703] RET, EXPR isMethaneLevelCritical() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L703] tmp = isMethaneLevelCritical() [L705] COND TRUE \read(tmp) [L707] CALL, EXPR isPumpRunning() [L402] int retValue_acc ; [L405] retValue_acc = pumpRunning [L406] return (retValue_acc); VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, \result=1, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L707] RET, EXPR isPumpRunning() [L707] tmp___0 = isPumpRunning() [L709] COND TRUE \read(tmp___0) VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] [L710] COND TRUE \read(methAndRunningLastTime) [L712] CALL __automaton_fail() [L1097] reach_error() VAL [\old(methAndRunningLastTime)=1, \old(pumpRunning)=1, \old(waterLevel)=2, __GUIDSL_ROOT_PRODUCTION=1, __SELECTED_FEATURE_base=1, __SELECTED_FEATURE_highWaterSensor=16, __SELECTED_FEATURE_lowWaterSensor=0, __SELECTED_FEATURE_methaneAlarm=0, __SELECTED_FEATURE_methaneQuery=0, __SELECTED_FEATURE_startCommand=0, __SELECTED_FEATURE_stopCommand=0, cleanupTimeShifts=4, head={0:0}, methAndRunningLastTime=1, methaneLevelCritical=1, pumpRunning=1, systemActive=1, waterLevel=1] - StatisticsResult: Ultimate Automizer benchmark data CFG has 13 procedures, 133 locations, 214 edges, 1 error locations. Started 1 CEGAR loops. OverallTime: 5.3s, OverallIterations: 12, TraceHistogramMax: 6, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 1.7s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1387 SdHoareTripleChecker+Valid, 0.8s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1369 mSDsluCounter, 5053 SdHoareTripleChecker+Invalid, 0.6s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3014 mSDsCounter, 110 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 775 IncrementalHoareTripleChecker+Invalid, 885 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 110 mSolverCounterUnsat, 2039 mSDtfsCounter, 775 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 559 GetRequests, 517 SyntacticMatches, 1 SemanticMatches, 41 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 19 ImplicationChecksByTransitivity, 0.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=2504occurred in iteration=11, InterpolantAutomatonStates: 51, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.7s AutomataMinimizationTime, 11 MinimizatonAttempts, 131 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 1.4s InterpolantComputationTime, 1465 NumberOfCodeBlocks, 1465 NumberOfCodeBlocksAsserted, 15 NumberOfCheckSat, 1446 ConstructedInterpolants, 0 QuantifiedInterpolants, 2525 SizeOfPredicates, 1 NumberOfNonLiveVariables, 1320 ConjunctsInSsa, 18 ConjunctsInUnsatCore, 15 InterpolantComputations, 11 PerfectInterpolantSequences, 918/931 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available, ConComCheckerStatistics: No data available RESULT: Ultimate proved your program to be incorrect! [2025-03-16 18:48:34,633 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE